Run etcd as pod

9 years ago · 5c15d14f12
10 changed files with 70 additions and 99 deletions
--- a/cluster.yml
+++ b/cluster.yml
@ -6,15 +6,12 @@

 - hosts: k8s-cluster
  roles:
-    - { role: etcd, tags: etcd }
    - { role: docker, tags: docker }
+    - { role: kubernetes/node, tags: node }
+    - { role: etcd, tags: etcd }
    - { role: dnsmasq, tags: dnsmasq }
    - { role: network_plugin, tags: ['calico', 'flannel', 'network'] }

 - hosts: kube-master
  roles:
    - { role: kubernetes/master, tags: master }
-
- hosts: kube-node
-  roles:
-    - { role: kubernetes/node, tags: node }
--- a/roles/apps/k8s-kube-logstash
+++ b/roles/apps/k8s-kube-logstash
@ -1 +1 @@
-Subproject commit 340d1a5ec75e7b7c43783dc7a1c02aa7d5991dbe
+Subproject commit 256fa156e46d623ab0a7a60efdc7bac535cea8d7
--- a/roles/etcd/handlers/main.yml
+++ b/roles/etcd/handlers/main.yml
@ -1,14 +0,0 @@
---
- name: reload systemd
-  command: systemctl daemon-reload
-
- name: restart reloaded-etcd2
-  service:
-    name: etcd2
-    state: restarted
-
- name: restart etcd2
-  command: /bin/true
-  notify:
-    - reload systemd
-    - restart reloaded-etcd2
--- a/roles/etcd/tasks/configure.yml
+++ b/roles/etcd/tasks/configure.yml
@ -1,16 +0,0 @@
---
- name: Copy etcd2.service systemd file
-  template:
-    src: systemd-etcd2.service.j2
-    dest: /lib/systemd/system/etcd2.service
-    backup: yes
-  notify:
-    - restart etcd2
-
- name: Create etcd2 environment vars file
-  template:
-    src: etcd2-environment.j2
-    dest: /etc/etcd2-environment
-
- name: Ensure etcd2 is running
-  service: name=etcd2 state=started enabled=yes
--- a/roles/etcd/tasks/install.yml
+++ b/roles/etcd/tasks/install.yml
@ -1,23 +0,0 @@
---
- name: Create etcd user
-  user: name=etcd shell=/bin/nologin home=/var/lib/etcd2
-
- name: Install etcd binaries
-  copy:
-     src={{ local_release_dir }}/etcd/bin/{{ item }}
-     dest={{ bin_dir }}
-     owner=etcd
-     mode=0755
-  with_items:
-    - etcdctl
-    - etcd
-  notify: restart etcd2
-
- name: Create etcd2 binary symlink
-  file: src=/usr/local/bin/etcd dest=/usr/local/bin/etcd2 state=link
-
- name: install required python module 'httplib2'
-  apt:
-    name: "python-httplib2"
-    state: present
-  when: inventory_hostname == groups['kube-master'][0] or inventory_hostname == groups['etcd'][0]
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@ -1,3 +1,13 @@
 ---
- include: install.yml
- include: configure.yml
+- name: ETCD2 | Stop etcd2 service
+  service: name=etcd state=stopped
+  ignore_errors: yes
+
+- name: ETCD2 | create etcd pod template
+  template: src=etcd-pod.yml dest=/etc/kubernetes/manifests/etcd-pod.manifest
+
+- name: ETCD2 | Check for etcd2 port
+  wait_for:
+    port: 2379
+    delay: 5
+    timeout: 20
--- a/roles/etcd/templates/etcd-pod.yml
+++ b/roles/etcd/templates/etcd-pod.yml
@ -0,0 +1,54 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: etcd
+  namespace: kube-system
+spec:
+  hostNetwork: true
+  containers:
+    - name: etcd
+      image: quay.io/coreos/etcd:v2.2.2
+      resources:
+        limits:
+          cpu: 100m
+          memory: 256M
+      args:
+{% if inventory_hostname in groups['etcd'] %}
+        - --name
+        - etcd-{{inventory_hostname}}-master
+        - --advertise-client-urls
+        - "http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379"
+        - --listen-peer-urls
+        - http://0.0.0.0:2380
+        - --initial-advertise-peer-urls
+        - http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2380
+        - --data-dir
+        - /var/etcd/data
+        - --initial-cluster-state
+        - new
+{% else %}
+        - --proxy
+        - 'on'
+{% endif %}
+        - --listen-client-urls
+        - "http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address)  }}:2379,http://127.0.0.1:2379"
+        - --initial-cluster
+        - "{% for host in groups['etcd'] %}etcd-{{host}}-master=http://{{ hostvars[host]['ip'] | default( hostvars[host]['ansible_default_ipv4']['address'])   }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
+        - --initial-cluster-token
+        - etcd-k8s-cluster
+      ports:
+        - name: etcd-client
+          containerPort: 2379
+          hostPort: 2379
+        - name: etcd-peer
+          containerPort: 2380
+          hostPort: 2380
+      volumeMounts:
+        - name: varetcd
+          mountPath: /var/etcd
+          readOnly: false
+  volumes:
+    - name: varetcd
+      hostPath:
+        path: /containers/pods/etcd-{{inventory_hostname}}/rootfs/var/etcd
--- a/roles/etcd/templates/etcd2-environment.j2
+++ b/roles/etcd/templates/etcd2-environment.j2
@ -1,20 +0,0 @@
-ETCD_DATA_DIR="/var/lib/etcd2"
-{% if inventory_hostname in groups['etcd'] %}
-{% set etcd = {} %}
-{% for host in groups['etcd'] %}
-{% if inventory_hostname == host %}
-{% set _dummy = etcd.update({'name':"master"+loop.index|string}) %}
-{% endif %}
-{% endfor %}
-ETCD_ADVERTISE_CLIENT_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379"
-ETCD_INITIAL_ADVERTISE_PEER_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address)  }}:2380"
-ETCD_INITIAL_CLUSTER="{% for host in groups['etcd'] %}master{{ loop.index|string }}=http://{{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
-ETCD_INITIAL_CLUSTER_STATE="new"
-ETCD_INITIAL_CLUSTER_TOKEN="k8s_etcd"
-ETCD_LISTEN_CLIENT_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address)  }}:2379,http://127.0.0.1:2379"
-ETCD_LISTEN_PEER_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address)  }}:2380"
-ETCD_NAME="{{ etcd.name }}"
-{% else  %}
-ETCD_INITIAL_CLUSTER="{% for host in groups['etcd'] %}master{{ loop.index|string }}=http://{{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
-ETCD_LISTEN_CLIENT_URLS="http://127.0.0.1:23799"
-{% endif %}
--- a/roles/etcd/templates/systemd-etcd2.service.j2
+++ b/roles/etcd/templates/systemd-etcd2.service.j2
@ -1,18 +0,0 @@
-[Unit]
-Description=etcd2
-Conflicts=etcd.service
-
-[Service]
-User=etcd
-EnvironmentFile=/etc/etcd2-environment
-{% if inventory_hostname in groups['etcd'] %}
-ExecStart={{ bin_dir }}/etcd2
-{% else %}
-ExecStart={{ bin_dir }}/etcd2 -proxy on
-{% endif %}
-Restart=always
-RestartSec=10s
-LimitNOFILE=40000
-
-[Install]
-WantedBy=multi-user.target
--- a/roles/kubernetes/master/tasks/main.yml
+++ b/roles/kubernetes/master/tasks/main.yml
@ -48,6 +48,7 @@
  wait_for:
    port: "{{kube_apiserver_insecure_port}}"
    delay: 10
+    timeout: 60

 - name: Create 'kube-system' namespace
  uri: