richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #880 from bradbeam/weave-kube 

Weave kube
pull/951/head
Matthew Mosesohn 8 years ago
committed by GitHub
parent
e4eda88ca9 a11b9d28bd
commit
6463a01e04
13 changed files with 161 additions and 149 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      .gitlab-ci.yml
  2. 29
      roles/download/defaults/main.yml
  3. 3
      roles/kubernetes-apps/network_plugin/meta/main.yml
  4. 24
      roles/kubernetes-apps/network_plugin/weave/tasks/main.yml
  5. 2
      roles/network_plugin/weave/defaults/main.yml
  6. 36
      roles/network_plugin/weave/handlers/main.yml
  7. 5
      roles/network_plugin/weave/meta/main.yml
  8. 46
      roles/network_plugin/weave/tasks/main.yml
  9. 104
      roles/network_plugin/weave/templates/weave-kube.yml.j2
  10. 7
      roles/network_plugin/weave/templates/weave.j2
  11. 18
      roles/network_plugin/weave/templates/weave.service.j2
  12. 16
      roles/network_plugin/weave/templates/weaveexpose.service.j2
  13. 17
      roles/network_plugin/weave/templates/weaveproxy.service.j2

3
.gitlab-ci.yml
View File

@ -54,6 +54,7 @@ before_script:
LOG_LEVEL: "-vv" LOG_LEVEL: "-vv"
ETCD_DEPLOYMENT: "docker" ETCD_DEPLOYMENT: "docker"
KUBELET_DEPLOYMENT: "docker" KUBELET_DEPLOYMENT: "docker"
WEAVE_CPU_LIMIT: "100m"
MAGIC: "ci check this" MAGIC: "ci check this"
.gce: &gce .gce: &gce
@ -114,6 +115,8 @@ before_script:
-e kubelet_deployment_type=${KUBELET_DEPLOYMENT} -e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
-e local_release_dir=${PWD}/downloads -e local_release_dir=${PWD}/downloads
-e resolvconf_mode=${RESOLVCONF_MODE} -e resolvconf_mode=${RESOLVCONF_MODE}
-e weave_cpu_requests=${WEAVE_CPU_LIMIT}
-e weave_cpu_limit=${WEAVE_CPU_LIMIT}
cluster.yml cluster.yml

29
roles/download/defaults/main.yml
View File

@ -23,16 +23,14 @@ etcd_version: v3.0.6
# after migration to container download # after migration to container download
calico_version: "v1.0.0" calico_version: "v1.0.0"
calico_cni_version: "v1.5.5" calico_cni_version: "v1.5.5"
weave_version: v1.6.1
weave_version: 1.8.2
flannel_version: v0.6.2 flannel_version: v0.6.2
pod_infra_version: 3.0 pod_infra_version: 3.0
# Download URL's # Download URL's
etcd_download_url: "https://storage.googleapis.com/kargo/{{etcd_version}}_etcd" etcd_download_url: "https://storage.googleapis.com/kargo/{{etcd_version}}_etcd"
weave_download_url: "https://storage.googleapis.com/kargo/{{weave_version}}_weave"
# Checksums # Checksums
weave_checksum: "9bf9d6e5a839e7bcbb28cc00c7acae9d09284faa3e7a3720ca9c2b9e93c68580"
etcd_checksum: "385afd518f93e3005510b7aaa04d38ee4a39f06f5152cd33bb86d4f0c94c7485" etcd_checksum: "385afd518f93e3005510b7aaa04d38ee4a39f06f5152cd33bb86d4f0c94c7485"
# Containers # Containers
@ -66,6 +64,10 @@ netcheck_kubectl_tag: v0.18.0-120-gaeb4ac55ad12b1-dirty
netcheck_agent_img_repo: "quay.io/l23network/mcp-netchecker-agent" netcheck_agent_img_repo: "quay.io/l23network/mcp-netchecker-agent"
netcheck_server_img_repo: "quay.io/l23network/mcp-netchecker-server" netcheck_server_img_repo: "quay.io/l23network/mcp-netchecker-server"
netcheck_kubectl_img_repo: "gcr.io/google_containers/kubectl" netcheck_kubectl_img_repo: "gcr.io/google_containers/kubectl"
weave_kube_image_repo: "weaveworks/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "weaveworks/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
nginx_image_repo: nginx nginx_image_repo: nginx
nginx_image_tag: 1.11.4-alpine nginx_image_tag: 1.11.4-alpine
@ -100,15 +102,6 @@ downloads:
tag: "{{ netcheck_kubectl_tag }}" tag: "{{ netcheck_kubectl_tag }}"
sha256: "{{ netcheck_kubectl_digest_checksum|default(None) }}" sha256: "{{ netcheck_kubectl_digest_checksum|default(None) }}"
enabled: "{{ deploy_netchecker|bool }}" enabled: "{{ deploy_netchecker|bool }}"
weave:
dest: weave/bin/weave
version: "{{weave_version}}"
source_url: "{{weave_download_url}}"
url: "{{weave_download_url}}"
sha256: "{{ weave_checksum }}"
owner: "root"
mode: "0755"
enabled: "{{ kube_network_plugin == 'weave' }}"
etcd: etcd:
version: "{{etcd_version}}" version: "{{etcd_version}}"
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz" dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
@ -163,6 +156,18 @@ downloads:
tag: "{{ calico_rr_image_tag }}" tag: "{{ calico_rr_image_tag }}"
sha256: "{{ calico_rr_digest_checksum|default(None) }}" sha256: "{{ calico_rr_digest_checksum|default(None) }}"
enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr}} and kube_network_plugin == 'calico'" enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr}} and kube_network_plugin == 'calico'"
weave_kube:
container: true
repo: "{{ weave_kube_image_repo }}"
tag: "{{ weave_kube_image_tag }}"
sha256: "{{ weave_kube_digest_checksum|default(None) }}"
enabled: "{{ kube_network_plugin == 'weave' }}"
weave_npc:
container: true
repo: "{{ weave_npc_image_repo }}"
tag: "{{ weave_npc_image_tag }}"
sha256: "{{ weave_npc_digest_checksum|default(None) }}"
enabled: "{{ kube_network_plugin == 'weave' }}"
pod_infra: pod_infra:
container: true container: true
repo: "{{ pod_infra_image_repo }}" repo: "{{ pod_infra_image_repo }}"

3
roles/kubernetes-apps/network_plugin/meta/main.yml
View File

@ -3,3 +3,6 @@ dependencies:
- role: kubernetes-apps/network_plugin/canal - role: kubernetes-apps/network_plugin/canal
when: kube_network_plugin == 'canal' when: kube_network_plugin == 'canal'
tags: canal tags: canal
- role: kubernetes-apps/network_plugin/weave
when: kube_network_plugin == 'weave'
tags: weave

24
roles/kubernetes-apps/network_plugin/weave/tasks/main.yml
View File

@ -0,0 +1,24 @@
- name: Weave | Start Resources
run_once: true
kube:
name: "weave-kube"
kubectl: "{{ bin_dir }}/kubectl"
filename: "{{ kube_config_dir }}/weave-kube.yml"
resource: "ds"
namespace: "{{system_namespace}}"
state: "{{ item | ternary('latest','present') }}"
with_items: "{{ weave_manifest.changed }}"
- name: "Weave | wait for weave to become available"
uri:
url: http://127.0.0.1:6784/status
return_content: yes
register: weave_status
retries: 10
delay: "{{ retry_stagger | random + 3 }}"
until: weave_status.status == 200
- name: "Weave | check if weave is ready"
fail:
when: "'Status: ready' not in weave_status.content"

2
roles/network_plugin/weave/defaults/main.yml
View File

@ -2,3 +2,5 @@
# Limits # Limits
weave_memory_limit: 500M weave_memory_limit: 500M
weave_cpu_limit: 300m weave_cpu_limit: 300m
weave_memory_requests: 300M
weave_cpu_requests: 200m

36
roles/network_plugin/weave/handlers/main.yml
View File

@ -1,36 +0,0 @@
---
- name: restart weave
command: /bin/true
notify:
- Weave | reload systemd
- reload weave
- name : Weave | reload systemd
shell: systemctl daemon-reload
- name: restart weaveproxy
command: /bin/true
notify:
- Weave | reload systemd
- reload weaveproxy
- name: restart weaveexpose
command: /bin/true
notify:
- Weave | reload systemd
- reload weaveexpose
- name: reload weave
service:
name: weave
state: restarted
- name: reload weaveproxy
service:
name: weaveproxy
state: restarted
- name: reload weaveexpose
service:
name: weaveexpose
state: restarted

5
roles/network_plugin/weave/meta/main.yml
View File

@ -1,5 +1,8 @@
--- ---
dependencies: dependencies:
- role: download - role: download
file: "{{ downloads.weave }}"
file: "{{ downloads.weave_kube }}"
tags: download
- role: download
file: "{{ downloads.weave_npc }}"
tags: download tags: download

46
roles/network_plugin/weave/tasks/main.yml
View File

@ -8,46 +8,8 @@
changed_when: false changed_when: false
tags: [hyperkube, upgrade] tags: [hyperkube, upgrade]
- name: Weave | Install weave
command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave"
changed_when: false
- name: Weave | pull weave images
shell: "{{ bin_dir }}/weave setup"
changed_when: false
- name: Weave | set perms
file: path="{{ bin_dir }}/weave" mode=0755 state=file
- name: Weave | Set options
- name: Weave | Create weave-kube manifest
template: template:
src: weave.j2
dest: "/etc/weave.env"
owner: root
group: root
mode: 0644
notify:
- restart weave
- name: Weave | Write weave systemd init file
template: src=weave.service.j2 dest=/etc/systemd/system/weave.service
notify: restart weave
- name: Weave | Write weaveproxy systemd init file
template: src=weaveproxy.service.j2 dest=/etc/systemd/system/weaveproxy.service
notify: restart weaveproxy
- name: Weave | Write weaveexpose systemd init file
template: src=weaveexpose.service.j2 dest=/etc/systemd/system/weaveexpose.service
notify: restart weaveexpose
- meta: flush_handlers
- name: Weave | Enable weave
service: name=weave enabled=yes state=started
- name: Weave | Enable weaveproxy
service: name=weaveproxy enabled=yes state=started
- name: Weave | Enable weaveexpose
service: name=weaveexpose enabled=yes state=started
src: weave-kube.yml.j2
dest: "{{ kube_config_dir }}/weave-kube.yml"
register: weave_manifest

104
roles/network_plugin/weave/templates/weave-kube.yml.j2
View File

@ -0,0 +1,104 @@
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: weave-net
namespace: {{ system_namespace }}
labels:
version: {{ weave_version }}
spec:
template:
metadata:
labels:
name: weave-net
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
hostNetwork: true
hostPID: true
containers:
- name: weave
image: {{ weave_kube_image_repo }}:{{ weave_kube_image_tag }}
imagePullPolicy: Always
command:
- /home/weave/launch.sh
env:
- name: IPALLOC_RANGE
value: {{ kube_pods_subnet }}
{% if weave_checkpoint_disable is defined %}
- name: CHECKPOINT_DISABLE
value: {{ weave_checkpoint_disable }}
{% endif %}
{% if weave_expect_npc is defined %}
- name: EXPECT_NPC
value: {{ weave_expect_npc }}
{% endif %}
{% if weave_kube_peers is defined %}
- name: KUBE_PEERS
value: {{ weave_kube_peers }}
{% endif %}
{% if weave_ipalloc_init is defined %}
- name: IPALLOC_INIT
value: {{ weave_ipalloc_init }}
{% endif %}
{% if weave_expose_ip is defined %}
- name: WEAVE_EXPOSE_IP
value: {{ weave_expose_ip }}
{% endif %}
livenessProbe:
initialDelaySeconds: 30
httpGet:
host: 127.0.0.1
path: /status
port: 6784
securityContext:
privileged: true
volumeMounts:
- name: weavedb
mountPath: /weavedb
- name: cni-bin
mountPath: /opt
- name: cni-bin2
mountPath: /host_home
- name: cni-conf
mountPath: /etc
resources:
requests:
cpu: {{ weave_cpu_requests }}
memory: {{ weave_memory_requests }}
limits:
cpu: {{ weave_cpu_limit }}
memory: {{ weave_memory_limit }}
- name: weave-npc
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
imagePullPolicy: Always
resources:
requests:
cpu: {{ weave_cpu_requests }}
memory: {{ weave_memory_requests }}
limits:
cpu: {{ weave_cpu_limit }}
memory: {{ weave_memory_limit }}
securityContext:
privileged: true
restartPolicy: Always
volumes:
- name: weavedb
emptyDir: {}
- name: cni-bin
hostPath:
path: /opt
- name: cni-bin2
hostPath:
path: /home
- name: cni-conf
hostPath:
path: /etc

7
roles/network_plugin/weave/templates/weave.j2
View File

@ -1,7 +0,0 @@
WEAVE_DOCKER_ARGS="--memory={{ weave_memory_limit|regex_replace('Mi', 'M') }} --cpu-shares={{ weave_cpu_limit|regex_replace('m', '') }}"
WEAVE_PEERS="{% for host in groups['k8s-cluster'] %}{{ hostvars[host]['access_ip'] | default(hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address'])) }}{% if not loop.last %} {% endif %}{% endfor %}"
WEAVEPROXY_ARGS="--rewrite-inspect --without-dns"
WEAVE_SUBNET="--ipalloc-range {{ kube_pods_subnet }}"
{% if weave_password is defined %}
WEAVE_PASSWORD="{{ weave_password }}"
{% endif %}

18
roles/network_plugin/weave/templates/weave.service.j2
View File

@ -1,18 +0,0 @@
[Unit]
Description=Weave Network
Documentation=http://docs.weave.works/weave/latest_release/
Wants=docker.socket
After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.env
ExecStartPre=-{{ docker_bin_dir }}/docker rm -f weave
ExecStartPre={{ bin_dir }}/weave launch-router \
$WEAVE_SUBNET \
$WEAVE_PEERS
ExecStart={{ docker_bin_dir }}/docker attach weave
ExecStop={{ bin_dir }}/weave stop
Restart=on-failure
[Install]
WantedBy=multi-user.target

16
roles/network_plugin/weave/templates/weaveexpose.service.j2
View File

@ -1,16 +0,0 @@
[Unit]
Documentation=http://docs.weave.works/
Wants=docker.socket weave.service
After=docker.service docker.socket weave.service
[Service]
Type=oneshot
RemainAfterExit=yes
TimeoutStartSec=0
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStart={{ bin_dir }}/weave expose
ExecStop={{ bin_dir }}/weave hide
[Install]
WantedBy=weave-network.target

17
roles/network_plugin/weave/templates/weaveproxy.service.j2
View File

@ -1,17 +0,0 @@
[Unit]
Description=Weave proxy for Docker API
Documentation=http://docs.weave.works/
Wants=docker.socket
After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStartPre=-{{ docker_bin_dir }}/docker rm -f weaveproxy
ExecStartPre={{ bin_dir }}/weave launch-proxy $WEAVEPROXY_ARGS
ExecStart={{ docker_bin_dir }}/docker attach weaveproxy
Restart=on-failure
ExecStop={{ bin_dir }}/weave stop-proxy
[Install]
WantedBy=weave-network.target
Write Preview
Loading…
Cancel
Save