mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-04-09 03:59:23 -02:30
contiv 1.2.1
This commit is contained in:
Erwan Miran
@@ -35,16 +35,19 @@ spec:
|
||||
- --listen-address=0.0.0.0:{{ contiv_api_proxy_port }}
|
||||
- --tls-key-file=/var/contiv/auth_proxy_key.pem
|
||||
- --tls-certificate=/var/contiv/auth_proxy_cert.pem
|
||||
- --data-store-driver=$(STORE_DRIVER)
|
||||
- --data-store-address=$(CONTIV_ETCD)
|
||||
- --netmaster-address=127.0.0.1:{{ contiv_netmaster_port }}
|
||||
env:
|
||||
- name: NO_NETMASTER_STARTUP_CHECK
|
||||
value: "0"
|
||||
- name: STORE_DRIVER
|
||||
value: etcd
|
||||
- name: CONTIV_ETCD
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: cluster_store
|
||||
key: contiv_etcd
|
||||
securityContext:
|
||||
privileged: false
|
||||
volumeMounts:
|
||||
|
||||
@@ -7,20 +7,22 @@ metadata:
|
||||
name: contiv-config
|
||||
namespace: kube-system
|
||||
data:
|
||||
# The location of your cluster store. This is set to the
|
||||
# avdertise-client value below from the contiv-etcd service.
|
||||
# Change it to an external etcd/consul instance if required.
|
||||
cluster_store: "etcd://127.0.0.1:{{ contiv_etcd_listen_port }}"
|
||||
# The CNI network configuration to install on each node.
|
||||
cni_config: |-
|
||||
contiv_netmaster_loglevel: {{ contiv_netmaster_loglevel }}
|
||||
contiv_netplugin_loglevel: {{ contiv_netplugin_loglevel }}
|
||||
contiv_ovsdb_server_extra_flags: "--verbose={{ contiv_ovsdb_server_loglevel }}"
|
||||
contiv_ovs_vswitchd_extra_flags: "--verbose={{ contiv_ovs_vswitchd_loglevel }}"
|
||||
contiv_fwdmode: {{ contiv_fwd_mode }}
|
||||
contiv_netmode: {{ contiv_net_mode }}
|
||||
contiv_etcd: "http://127.0.0.1:{{ contiv_etcd_listen_port }}"
|
||||
contiv_cni_config: |-
|
||||
{
|
||||
"cniVersion": "{{ contiv_cni_version }}",
|
||||
"name": "contiv-net",
|
||||
"type": "contivk8s"
|
||||
}
|
||||
config: |-
|
||||
contiv_k8s_config: |-
|
||||
{
|
||||
"K8S_API_SERVER": "{{ kube_apiserver_endpoint }}",
|
||||
"K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
|
||||
"K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
|
||||
"K8S_KEY": "",
|
||||
"K8S_CERT": "",
|
||||
|
||||
@@ -19,6 +19,8 @@ spec:
|
||||
spec:
|
||||
hostNetwork: true
|
||||
hostPID: true
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/node: "true"
|
||||
containers:
|
||||
- name: contiv-etcd-proxy
|
||||
image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
|
||||
|
||||
@@ -13,6 +13,7 @@ rules:
|
||||
- namespaces
|
||||
- networkpolicies
|
||||
verbs:
|
||||
- get
|
||||
- watch
|
||||
- list
|
||||
- update
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# This manifest deploys the Contiv API Server on Kubernetes.
|
||||
---
|
||||
kind: DaemonSet
|
||||
apiVersion: extensions/v1beta1
|
||||
metadata:
|
||||
@@ -31,20 +31,31 @@ spec:
|
||||
containers:
|
||||
- name: contiv-netmaster
|
||||
image: {{ contiv_image_repo }}:{{ contiv_image_tag }}
|
||||
args:
|
||||
- -m
|
||||
- -pkubernetes
|
||||
env:
|
||||
- name: CONTIV_ETCD
|
||||
- name: CONTIV_ROLE
|
||||
value: netmaster
|
||||
- name: CONTIV_NETMASTER_MODE
|
||||
value: kubernetes
|
||||
- name: CONTIV_NETMASTER_ETCD_ENDPOINTS
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: cluster_store
|
||||
- name: CONTIV_CONFIG
|
||||
key: contiv_etcd
|
||||
- name: CONTIV_NETMASTER_FORWARD_MODE
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: config
|
||||
key: contiv_fwdmode
|
||||
- name: CONTIV_NETMASTER_NET_MODE
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: contiv_netmode
|
||||
- name: CONTIV_NETMASTER_LOG_LEVEL
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: contiv_netmaster_loglevel
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
---
|
||||
# This manifest installs contiv-netplugin container, as well
|
||||
# as the Contiv CNI plugins and network config on
|
||||
# each master and worker node in a Kubernetes cluster.
|
||||
@@ -27,73 +28,99 @@ spec:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
serviceAccountName: contiv-netplugin
|
||||
initContainers:
|
||||
- name: contiv-netplugin-init
|
||||
image: {{ contiv_init_image_repo }}:{{ contiv_init_image_tag }}
|
||||
env:
|
||||
- name: CONTIV_ROLE
|
||||
value: netplugin
|
||||
- name: CONTIV_MODE
|
||||
value: kubernetes
|
||||
- name: CONTIV_K8S_CONFIG
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: contiv_k8s_config
|
||||
- name: CONTIV_CNI_CONFIG
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: contiv_cni_config
|
||||
volumeMounts:
|
||||
- mountPath: /var/contiv
|
||||
name: var-contiv
|
||||
readOnly: false
|
||||
- mountPath: /etc/cni/net.d/
|
||||
name: etc-cni-dir
|
||||
readOnly: false
|
||||
- name: contiv-cni
|
||||
image: {{ contiv_image_repo }}:{{ contiv_version }}
|
||||
command: ["cp", "/contiv/bin/contivk8s", "/opt/cni/bin/contivk8s"]
|
||||
volumeMounts:
|
||||
- mountPath: /opt/cni/bin
|
||||
name: cni-bin-dir
|
||||
readOnly: false
|
||||
containers:
|
||||
# Runs netplugin container on each Kubernetes node. This
|
||||
# container programs network policy and routes on each
|
||||
# host.
|
||||
- name: contiv-netplugin
|
||||
image: {{ contiv_image_repo }}:{{ contiv_image_tag }}
|
||||
args:
|
||||
- -pkubernetes
|
||||
- -x
|
||||
env:
|
||||
- name: VLAN_IF
|
||||
value: {{ contiv_vlan_interface }}
|
||||
- name: VTEP_IP
|
||||
- name: CONTIV_NETPLUGIN_VLAN_UPLINKS
|
||||
value: {{ contiv_vlan_interface }}
|
||||
- name: CONTIV_NETPLUGIN_VXLAN_PORT
|
||||
value: "{{ contiv_vxlan_port }}"
|
||||
- name: CONTIV_ROLE
|
||||
value: netplugin
|
||||
- name: CONTIV_NETPLUGIN_MODE
|
||||
value: kubernetes
|
||||
- name: CONTIV_NETPLUGIN_VTEP_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.podIP
|
||||
- name: CONTIV_ETCD
|
||||
- name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: cluster_store
|
||||
- name: CONTIV_CNI_CONFIG
|
||||
key: contiv_etcd
|
||||
- name: CONTIV_NETPLUGIN_FORWARD_MODE
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: cni_config
|
||||
- name: CONTIV_CONFIG
|
||||
key: contiv_fwdmode
|
||||
- name: CONTIV_NETPLUGIN_NET_MODE
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: config
|
||||
key: contiv_netmode
|
||||
- name: CONTIV_NETPLUGIN_LOG_LEVEL
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: contiv-config
|
||||
key: contiv_netplugin_loglevel
|
||||
resources:
|
||||
requests:
|
||||
cpu: 250m
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
- mountPath: /etc/openvswitch
|
||||
name: etc-openvswitch
|
||||
readOnly: false
|
||||
- mountPath: /lib/modules
|
||||
name: lib-modules
|
||||
readOnly: false
|
||||
- mountPath: /var/run
|
||||
name: var-run
|
||||
readOnly: false
|
||||
- mountPath: /var/contiv
|
||||
name: var-contiv
|
||||
readOnly: false
|
||||
- mountPath: /opt/cni/bin
|
||||
name: cni-bin-dir
|
||||
readOnly: false
|
||||
- mountPath: /etc/cni/net.d/
|
||||
name: etc-cni-dir
|
||||
readOnly: false
|
||||
volumes:
|
||||
# Used by contiv-netplugin
|
||||
- name: etc-openvswitch
|
||||
hostPath:
|
||||
path: /etc/openvswitch
|
||||
- name: lib-modules
|
||||
hostPath:
|
||||
path: /lib/modules
|
||||
- name: var-run
|
||||
hostPath:
|
||||
path: /var/run
|
||||
- name: var-contiv
|
||||
hostPath:
|
||||
path: /var/contiv
|
||||
# Used to install CNI.
|
||||
- name: cni-bin-dir
|
||||
hostPath:
|
||||
path: /opt/cni/bin
|
||||
|
||||
Reference in New Issue
Block a user