From b1b71ac7132ff5ccebcfac8ca2bb2f7540025b13 Mon Sep 17 00:00:00 2001 From: wutianwei Date: Mon, 8 Jan 2018 17:17:17 +0800 Subject: deploy kubernetes in XCI This commit introduces kubespray into XCI. k8s install currently assumes k8s install and OpenStack install cannot coexist. If XCI_INSTALLER is set to "kubespray" and DEPLOY_SCENARIO is set to "k8-nosdn-nofeature" the xci-deploy.sh would install kubernetes instead of OpenStack. The version of kubernetes is beta release v1.9.0 currently according to the master of kubespray it only support the ubuntu now. Opensuse and centos still need to develop and test. This patch create the directory xci/installer/kubespray, the related files of kubespray would be placed to it. The xci/installer/$installer/playbooks/configure-localhost.yml was moved to xci/playbooks/configure-localhost.yml as a common yaml file. You can modify some parameters according your need in xci/installer/kubespray/files/k8s-cluster.yml to deploy cluster. When deploying kubernetes, it would download the kubespray to releng-xci/.cache/repos/kubespray. If your flavor is Ha, it will download haproxy_server and keepalived to xci/playbook/roles, which setup haproxy service for kubernetes. Change-Id: I24d521a735d7ee85fbe5af8c4def65f37586b843 Signed-off-by: wutianwei --- xci/installer/kubespray/playbooks/group_vars/all | 58 ++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 xci/installer/kubespray/playbooks/group_vars/all (limited to 'xci/installer/kubespray/playbooks/group_vars/all') diff --git a/xci/installer/kubespray/playbooks/group_vars/all b/xci/installer/kubespray/playbooks/group_vars/all new file mode 100644 index 00000000..06dccb68 --- /dev/null +++ b/xci/installer/kubespray/playbooks/group_vars/all @@ -0,0 +1,58 @@ +kube_require_packages: + - "python-netaddr" + - "dbus" + +keepalived_ubuntu_src: "uca" +keepalived_uca_apt_repo_url: "{{ uca_apt_repo_url | default('http://ubuntu-cloud.archive.canonical.com/ubuntu') }}" + +keepalived_sync_groups: + haproxy: + instances: + - external + +haproxy_keepalived_external_interface: "{{ interface }}" +haproxy_keepalived_authentication_password: 'keepalived' +keepalived_instances: + external: + interface: "{{ haproxy_keepalived_external_interface }}" + state: "BACKUP" + virtual_router_id: "{{ haproxy_keepalived_external_virtual_router_id | default ('10') }}" + priority: "{{ ((ansible_play_hosts|length-ansible_play_hosts.index(inventory_hostname))*100)-((ansible_play_hosts|length-ansible_play_hosts.index(inventory_hostname))*50) }}" + authentication_password: "{{ haproxy_keepalived_authentication_password }}" + vips: + - "{{ haproxy_keepalived_external_vip_cidr | default('192.168.122.222/32') }} dev {{ haproxy_keepalived_external_interface }}" + +haproxy_default_services: + - service: + haproxy_service_name: proxy-apiserver + haproxy_backend_nodes: "{{ groups['kube-master'] | default([]) }}" + haproxy_port: 8383 + haproxy_backend_port: 6443 + haproxy_balance_type: tcp + +haproxy_bind_on_non_local: "True" +haproxy_use_keepalived: "True" +keepalived_selinux_compile_rules: + - keepalived_ping + - keepalived_haproxy_pid_file + +# Ensure that the package state matches the global setting +haproxy_package_state: "latest" + +haproxy_whitelist_networks: + - 192.168.0.0/16 + - 172.16.0.0/12 + - 10.0.0.0/8 + +haproxy_galera_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_glance_registry_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_keystone_admin_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_nova_metadata_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_rabbitmq_management_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_repo_git_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_repo_cache_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_octavia_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_ssl: false + +internal_lb_vip_address: "192.168.122.222" +external_lb_vip_address: "{{ internal_lb_vip_address }}" -- cgit 1.2.3-korg