Initial commit

roles/addons/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for addons

roles/addons/files/es-rc.yaml

@@ -0,0 +1,40 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: elasticsearch-logging-v1
+  namespace: kube-system
+  labels:
+    k8s-app: elasticsearch-logging
+    version: v1
+    kubernetes.io/cluster-service: "true"
+spec:
+  replicas: 2
+  selector:
+    k8s-app: elasticsearch-logging
+    version: v1
+  template:
+    metadata:
+      labels:
+        k8s-app: elasticsearch-logging
+        version: v1
+        kubernetes.io/cluster-service: "true"
+    spec:
+      containers:
+      - image: gcr.io/google_containers/elasticsearch:1.7
+        name: elasticsearch-logging         
+        resources:
+          limits:
+            cpu: 100m
+        ports:
+        - containerPort: 9200
+          name: db
+          protocol: TCP
+        - containerPort: 9300
+          name: transport
+          protocol: TCP
+        volumeMounts:
+        - name: es-persistent-storage
+          mountPath: /data
+      volumes:
+      - name: es-persistent-storage
+        emptyDir: {}

roles/addons/files/es-svc.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: elasticsearch-logging
+  namespace: kube-system
+  labels:
+    k8s-app: elasticsearch-logging
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "Elasticsearch"
+spec:
+  ports:
+  - port: 9200
+    protocol: TCP
+    targetPort: db
+  selector:
+    k8s-app: elasticsearch-logging

roles/addons/files/grafana-service.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: monitoring-grafana
+  namespace: kube-system
+  labels: 
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "Grafana"
+spec: 
+  type: NodePort
+  ports: 
+    - port: 80
+      targetPort: 8080
+  selector: 
+    k8s-app: influxGrafana
+

roles/addons/files/heapster-controller.yaml

@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: monitoring-heapster-v8
+  namespace: kube-system
+  labels:
+    k8s-app: heapster
+    version: v8
+    kubernetes.io/cluster-service: "true"
+spec:
+  replicas: 1
+  selector:
+    k8s-app: heapster
+    version: v8
+  template:
+    metadata:
+      labels:
+        k8s-app: heapster
+        version: v8
+        kubernetes.io/cluster-service: "true"
+    spec:
+      containers:
+        - image: gcr.io/google_containers/heapster:v0.17.0
+          name: heapster
+          resources:
+            limits:
+              cpu: 100m
+              memory: 300Mi
+          command:
+            - /heapster
+            - --source=kubernetes:''
+            - --sink=influxdb:http://monitoring-influxdb:8086

roles/addons/files/heapster-service.yaml

@@ -0,0 +1,15 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: monitoring-heapster
+  namespace: kube-system
+  labels:
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "Heapster"
+spec: 
+  type: NodePort
+  ports: 
+    - port: 80
+      targetPort: 8082
+  selector: 
+    k8s-app: heapster

roles/addons/files/influxdb-grafana-controller.yaml

@@ -0,0 +1,53 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: monitoring-influx-grafana-v1
+  namespace: kube-system
+  labels: 
+    k8s-app: influxGrafana
+    version: v1
+    kubernetes.io/cluster-service: "true"
+spec: 
+  replicas: 1
+  selector: 
+    k8s-app: influxGrafana
+    version: v1
+  template: 
+    metadata: 
+      labels: 
+        k8s-app: influxGrafana
+        version: v1
+        kubernetes.io/cluster-service: "true"
+    spec: 
+      containers: 
+        - image: gcr.io/google_containers/heapster_influxdb:v0.3
+          name: influxdb
+          resources:
+            limits:
+              cpu: 100m
+              memory: 200Mi
+          ports: 
+            - containerPort: 8083
+              hostPort: 8083
+            - containerPort: 8086
+              hostPort: 8086
+          volumeMounts:
+          - name: influxdb-persistent-storage
+            mountPath: /data
+        - image: gcr.io/google_containers/heapster_grafana:v0.7
+          name: grafana
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+          env: 
+            - name: INFLUXDB_EXTERNAL_URL
+              value: /api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb:api/db/
+            - name: INFLUXDB_HOST
+              value: monitoring-influxdb
+            - name: INFLUXDB_PORT
+              value: "8086"
+      volumes:
+      - name: influxdb-persistent-storage
+        emptyDir: {}
+

roles/addons/files/influxdb-service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: monitoring-influxdb
+  namespace: kube-system
+  labels: 
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "InfluxDB"
+spec: 
+  ports: 
+    - name: http
+      port: 8083
+      targetPort: 8083
+    - name: api
+      port: 8086
+      targetPort: 8086
+  selector: 
+    k8s-app: influxGrafana
+

roles/addons/files/kibana-rc.yaml

@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: kibana-logging-v1
+  namespace: kube-system
+  labels:
+    k8s-app: kibana-logging
+    version: v1
+    kubernetes.io/cluster-service: "true"
+spec:
+  replicas: 1
+  selector:
+    k8s-app: kibana-logging
+    version: v1
+  template:
+    metadata:
+      labels:
+        k8s-app: kibana-logging
+        version: v1
+        kubernetes.io/cluster-service: "true"
+    spec:
+      containers:
+      - name: kibana-logging
+        image: gcr.io/google_containers/kibana:1.3
+        resources:
+          limits:
+            cpu: 100m
+        env:
+          - name: "ELASTICSEARCH_URL"
+            value: "http://elasticsearch-logging:9200"
+        ports:
+        - containerPort: 5601
+          name: ui
+          protocol: TCP

roles/addons/files/kibana-svc.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: kibana-logging
+  namespace: kube-system
+  labels:
+    k8s-app: kibana-logging
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "Kibana"
+spec:
+  type: NodePort
+  ports:
+  - port: 5601
+    protocol: TCP
+    targetPort: ui
+  selector:
+    k8s-app: kibana-logging

roles/addons/files/kube-system.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kube-system

roles/addons/files/kube-ui-rc.yaml

@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: kube-ui-v1
+  namespace: kube-system
+  labels:
+    k8s-app: kube-ui
+    version: v1
+    kubernetes.io/cluster-service: "true"
+spec:
+  replicas: 1
+  selector:
+    k8s-app: kube-ui
+    version: v1
+  template:
+    metadata:
+      labels:
+        k8s-app: kube-ui
+        version: v1
+        kubernetes.io/cluster-service: "true"
+    spec:
+      containers:
+      - name: kube-ui
+        image: gcr.io/google_containers/kube-ui:v1.1
+        resources:
+          limits:
+            cpu: 100m
+            memory: 50Mi
+        ports:
+        - containerPort: 8080
+        livenessProbe:
+          httpGet:
+            path: /
+            port: 8080
+          initialDelaySeconds: 30
+          timeoutSeconds: 5

roles/addons/files/kube-ui-svc.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: kube-ui
+  namespace: kube-system
+  labels:
+    k8s-app: kube-ui
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "KubeUI"
+spec:
+  type: NodePort
+  selector:
+    k8s-app: kube-ui
+  ports:
+  - port: 80
+    targetPort: 8080

roles/addons/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for addons

roles/addons/meta/main.yml

@@ -0,0 +1,4 @@
+---
+dependencies:
+  - { role: kubernetes/master }
+  - { role: kubernetes/common }

roles/addons/tasks/kube-ui.yml

@@ -0,0 +1,44 @@
+---
+- name: Kube-UI | Write pod file
+  copy:
+    src: kube-ui-rc.yaml
+    dest: "{{ kube_manifest_dir }}/kube-ui-rc.yaml"
+  register: kube_ui_rc_def
+  when: enable_ui
+  tags:
+    - addons
+    - kube-ui
+
+- name: Kube-UI | Write service file
+  copy:
+    src: kube-ui-svc.yaml
+    dest: "{{ kube_manifest_dir }}/kube-ui-svc.yaml"
+  register: kube_ui_svc_def
+  when: enable_ui
+  tags:
+    - addons
+    - kube-ui
+
+- name: Kube-UI | Create or update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: kube-ui-v1
+    filename: "{{ kube_manifest_dir }}/kube-ui-rc.yaml"
+    state: "{{ kube_ui_rc_def.changed | ternary('latest','present') }}"
+  when: enable_ui
+  tags:
+    - addons
+    - kube-ui
+
+- name: Kube-UI | Create or update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: kube-ui
+    filename: "{{ kube_manifest_dir }}/kube-ui-svc.yaml"
+    state: "{{ kube_ui_svc_def.changed | ternary('latest','present') }}"
+  when: enable_ui
+  tags:
+    - addons
+    - kube-ui

roles/addons/tasks/logging.yml

@@ -0,0 +1,88 @@
+---
+- name: Logging | Kibana | Write pod file
+  copy:
+    src: kibana-rc.yaml
+    dest: "{{ kube_manifest_dir }}/kibana-rc.yaml"
+  register: kibana_rc_def
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | Kibana | Write service file
+  copy:
+    src: kibana-svc.yaml
+    dest: "{{ kube_manifest_dir }}/kibana-svc.yaml"
+  register: kibana_svc_def
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | ES | Write pod file
+  copy:
+    src: es-rc.yaml
+    dest: "{{ kube_manifest_dir }}/es-rc.yaml"
+  register: es_rc_def
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | ES | Write service file
+  copy:
+    src: es-svc.yaml
+    dest: "{{ kube_manifest_dir }}/es-svc.yaml"
+  register: es_svc_def
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | ES | Create/update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: elasticsearch-logging-v1
+    filename: "{{ kube_manifest_dir }}/es-rc.yaml"
+    state: "{{ es_rc_def.changed | ternary('latest','present') }}"
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | ES | Create/update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: elasticsearch-logging
+    filename: "{{ kube_manifest_dir }}/es-svc.yaml"
+    state: "{{ es_svc_def.changed | ternary('latest','present') }}"
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | Kibana | Create/update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: kibana-logging-v1
+    filename: "{{ kube_manifest_dir }}/kibana-rc.yaml"
+    state: "{{ kibana_rc_def.changed | ternary('latest','present') }}"
+  when: enable_logging
+  tags:
+    - addons
+    - logging
+
+- name: Logging | Kibana | Create/update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: kibana-logging
+    filename: "{{ kube_manifest_dir }}/kibana-svc.yaml"
+    state: "{{ kibana_svc_def.changed | ternary('latest','present') }}"
+  when: enable_logging
+  tags:
+    - addons
+    - logging

roles/addons/tasks/main.yml

@@ -0,0 +1,45 @@
+---
+- name: create manifests directory
+  file: path={{ kube_manifest_dir }} state=directory
+
+- name: Write kube-system namespace manifest
+  copy:
+    src=kube-system.yaml
+    dest={{ kube_manifest_dir }}/kube-system.yaml
+
+- name: Create kube-system namespace
+  kube:
+    resource: ns
+    name: kube-system
+    filename: "{{ kube_manifest_dir }}/kube-system.yaml"
+    state: present
+  tags:
+    - addons
+  ignore_errors: yes
+
+- name: Run kube-gen-token script to create {{ kube_token_dir }}/known_tokens.csv
+  command: "{{ kube_script_dir }}/kube-gen-token.sh {{ item }}"
+  environment:
+    TOKEN_DIR: "{{ kube_token_dir }}"
+  with_items:
+    - "system:dns"
+    - "system:monitoring"
+    - "system:logging"
+  register: gentoken
+  changed_when: "'Added' in gentoken.stdout"
+  notify:
+    - restart apiserver
+  tags:
+    - addons
+
+- include: skydns.yml
+  when: dns_setup
+
+- include: kube-ui.yml
+  when: enable_ui
+
+- include: logging.yml
+  when: enable_logging
+
+- include: monitoring.yml
+  when: enable_monitoring

roles/addons/tasks/monitoring.yml

@@ -0,0 +1,111 @@
+---
+- name: Monitoring | Influxdb | Write controller file
+  copy:
+    src: influxdb-grafana-controller.yaml
+    dest: "{{ kube_manifest_dir }}/influxdb-grafana-controller.yaml"
+  register: influxdb_rc_def
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Influxdb | Write service file
+  copy:
+    src: influxdb-service.yaml
+    dest: "{{ kube_manifest_dir }}/influxdb-service.yaml"
+  register: influxdb_svc_def
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Grafana | Write service file
+  copy:
+    src: grafana-service.yaml
+    dest: "{{ kube_manifest_dir }}/grafana-service.yaml"
+  register: grafana_svc_def
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Heapster | Write controller file
+  copy:
+    src: heapster-controller.yaml
+    dest: "{{ kube_manifest_dir }}/heapster-controller.yaml"
+  register: heapster_rc_def
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Heapster | Write service file
+  copy:
+    src: heapster-service.yaml
+    dest: "{{ kube_manifest_dir }}/heapster-service.yaml"
+  register: heapster_svc_def
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Influxdb | Create/update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: monitoring-influx-grafana-v1
+    filename: "{{ kube_manifest_dir }}/influxdb-grafana-controller.yaml"
+    state: "{{ influxdb_rc_def.changed | ternary('latest','present') }}"
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Influxdb | Create/update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: monitoring-influxdb
+    filename: "{{ kube_manifest_dir }}/influxdb-service.yaml"
+    state: "{{ influxdb_svc_def.changed | ternary('latest','present') }}"
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Grafana | Create/update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: monitoring-grafana
+    filename: "{{ kube_manifest_dir }}/grafana-service.yaml"
+    state: "{{ grafana_svc_def.changed | ternary('latest','present') }}"
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Heapster | Create/update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: monitoring-heapster-v8
+    filename: "{{ kube_manifest_dir }}/heapster-controller.yaml"
+    state: "{{ heapster_rc_def.changed | ternary('latest','present') }}"
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+
+- name: Monitoring | Heapster | Create/update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: monitoring-heapster
+    filename: "{{ kube_manifest_dir }}/heapster-service.yaml"
+    state: "{{ heapster_svc_def.changed | ternary('latest','present') }}"
+  when: enable_monitoring
+  tags:
+    - addons
+    - monitoring
+

roles/addons/tasks/skydns.yml

@@ -0,0 +1,44 @@
+---
+- name: SkyDNS | Write pod file
+  template:
+    src: skydns-rc.yaml.j2
+    dest: "{{ kube_manifest_dir }}/skydns-rc.yaml"
+  register: dns_rc_def
+  when: dns_setup
+  tags:
+    - addons
+    - skydns
+
+- name: SkyDNS | Write service file
+  template:
+    src: skydns-svc.yaml.j2
+    dest: "{{ kube_manifest_dir }}/skydns-svc.yaml"
+  register: dns_svc_def
+  when: dns_setup
+  tags:
+    - addons
+    - skydns
+
+- name: SkyDNS | Create or update replication controller
+  kube:
+    namespace: kube-system
+    resource: rc
+    name: kube-dns-v8
+    filename: "{{ kube_manifest_dir }}/skydns-rc.yaml"
+    state: "{{ dns_rc_def.changed | ternary('latest','present') }}"
+  when: dns_setup
+  tags:
+    - addons
+    - skydns
+
+- name: SkyDNS | Create or update service
+  kube:
+    namespace: kube-system
+    resource: svc
+    name: kube-dns
+    filename: "{{ kube_manifest_dir }}/skydns-svc.yaml"
+    state: "{{ dns_svc_def.changed | ternary('latest','present') }}"
+  when: dns_setup
+  tags:
+    - addons
+    - skydns

roles/addons/templates/skydns-rc.yaml.j2

@@ -0,0 +1,91 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: kube-dns-v8
+  namespace: kube-system
+  labels:
+    k8s-app: kube-dns
+    version: v8
+    kubernetes.io/cluster-service: "true"
+spec:
+  replicas: {{ dns_replicas }}
+  selector:
+    k8s-app: kube-dns
+    version: v8
+  template:
+    metadata:
+      labels:
+        k8s-app: kube-dns
+        version: v8
+        kubernetes.io/cluster-service: "true"
+    spec:
+      containers:
+      - name: etcd
+        image: gcr.io/google_containers/etcd:2.0.9
+        resources:
+          limits:
+            cpu: 100m
+            memory: 50Mi
+        command:
+        - /usr/local/bin/etcd
+        - -data-dir
+        - /var/etcd/data
+        - -listen-client-urls
+        - http://127.0.0.1:2379,http://127.0.0.1:4001
+        - -advertise-client-urls
+        - http://127.0.0.1:2379,http://127.0.0.1:4001
+        - -initial-cluster-token
+        - skydns-etcd
+        volumeMounts:
+        - name: etcd-storage
+          mountPath: /var/etcd/data
+      - name: kube2sky
+        image: gcr.io/google_containers/kube2sky:1.11
+        resources:
+          limits:
+            cpu: 100m
+            memory: 50Mi
+        args:
+        # command = "/kube2sky"
+        - -domain={{ dns_domain }}
+      - name: skydns
+        image: gcr.io/google_containers/skydns:2015-03-11-001
+        resources:
+          limits:
+            cpu: 100m
+            memory: 50Mi
+        args:
+        # command = "/skydns"
+        - -machines=http://localhost:4001
+        - -addr=0.0.0.0:53
+        - -domain={{ dns_domain }}.
+        ports:
+        - containerPort: 53
+          name: dns
+          protocol: UDP
+        - containerPort: 53
+          name: dns-tcp
+          protocol: TCP
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8080
+            scheme: HTTP
+          initialDelaySeconds: 30
+          timeoutSeconds: 5
+      - name: healthz
+        image: gcr.io/google_containers/exechealthz:1.0
+        resources:
+          limits:
+            cpu: 10m
+            memory: 20Mi
+        args:
+        - -cmd=nslookup kubernetes.default.svc.{{ dns_domain }} localhost >/dev/null
+        - -port=8080
+        ports:
+        - containerPort: 8080
+          protocol: TCP
+      volumes:
+      - name: etcd-storage
+        emptyDir: {}
+      dnsPolicy: Default  # Don't use cluster DNS.

roles/addons/templates/skydns-svc.yaml.j2

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: kube-dns
+  namespace: kube-system
+  labels:
+    k8s-app: kube-dns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "KubeDNS"
+spec:
+  selector:
+    k8s-app: kube-dns
+  clusterIP:  {{ kube_dns_server }}
+  ports:
+  - name: dns
+    port: 53
+    protocol: UDP
+  - name: dns-tcp
+    port: 53
+    protocol: TCP