aboutsummaryrefslogtreecommitdiffstats
path: root/ansible/roles/init_kubeadm
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/init_kubeadm')
-rw-r--r--ansible/roles/init_kubeadm/defaults/main.yml27
-rw-r--r--ansible/roles/init_kubeadm/tasks/kubeadm.yml50
-rw-r--r--ansible/roles/init_kubeadm/tasks/kubectl.yml26
-rw-r--r--ansible/roles/init_kubeadm/tasks/main.yml70
-rw-r--r--ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j21
-rw-r--r--ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j218
-rw-r--r--ansible/roles/init_kubeadm/templates/crd-network.yaml.j213
-rw-r--r--ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2145
-rw-r--r--ansible/roles/init_kubeadm/templates/net-flannel.yaml.j210
-rw-r--r--ansible/roles/init_kubeadm/templates/roles.yaml.j216
10 files changed, 0 insertions, 376 deletions
diff --git a/ansible/roles/init_kubeadm/defaults/main.yml b/ansible/roles/init_kubeadm/defaults/main.yml
deleted file mode 100644
index 3d868398d..000000000
--- a/ansible/roles/init_kubeadm/defaults/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-# Copyright (c) 2018-2019 Intel Corporation.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-cmk_rbc_rules_url: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-rbac-rules.yaml
-cmk_serviceaccount: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-serviceaccount.yaml
-dpdk_devbind_path: "{{ INSTALL_BIN_PATH|default('/opt') }}"
-multus_config:
- name: node-cni-network
- type: multus
- kubeconfig: /etc/kubernetes/kubelet.conf
- delegates:
- - type: flannel
- delegate:
- isDefaultGateway: true
- hairpinMode: true
- masterplugin: true
diff --git a/ansible/roles/init_kubeadm/tasks/kubeadm.yml b/ansible/roles/init_kubeadm/tasks/kubeadm.yml
deleted file mode 100644
index 7c808a01c..000000000
--- a/ansible/roles/init_kubeadm/tasks/kubeadm.yml
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright (c) 2018-2019 Intel Corporation.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-- set_fact:
- service_cidr_param: --service-cidr={{ kubeadm_service_cidr }}
- when: 'kubeadm_service_cidr is defined'
-
-- set_fact:
- pod_network_cidr_param: --pod-network-cidr={{ kubeadm_pod_network_cidr }}
- when: 'kubeadm_pod_network_cidr is defined'
-
-- set_fact:
- kubernetes_version: --kubernetes-version {{ kubeadm_kubernetes_version }}
- when: 'kubeadm_kubernetes_version is defined'
-
-- name: Initialize Kubernetes cluster
- command: >
- kubeadm init {{ pod_network_cidr_param|default('') }}
- {{ service_cidr_param|default('') }} {{ kubernetes_version|default('') }}
- --ignore-preflight-errors=all
-
-- name: Create Kubernetes configuration dir
- file: path={{ ansible_env.HOME }}/.kube state=directory
-
-- name: Setup Kubernetes environment
- copy:
- src: /etc/kubernetes/admin.conf
- dest: "{{ ansible_env.HOME }}/.kube/config"
- remote_src: yes
-
-- name: Allow to schedule pods on the master
- command: kubectl taint nodes --all node-role.kubernetes.io/master-
-
-- name: Wait for kube-dns pod to be in running state
- command: kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o json
- register: result
- until: result.stdout|from_json|json_query('items[].status.phase|[0]') == "Running"
- retries: 30
- delay: 2
diff --git a/ansible/roles/init_kubeadm/tasks/kubectl.yml b/ansible/roles/init_kubeadm/tasks/kubectl.yml
deleted file mode 100644
index 3e9f2d71a..000000000
--- a/ansible/roles/init_kubeadm/tasks/kubectl.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-# Copyright (c) 2018-2019 Intel Corporation.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-- name: Generate temporary resource file
- tempfile: state=file prefix=kubectl.{{ item }}.
- register: config_file
-
-- name: Generate {{ item }} resource file
- template: src={{ item }}.j2 dest={{ config_file.path }}
-
-- name: Create {{ item }} resource
- command: kubectl create -f {{ config_file.path }}
-
-- name: Create Kubernetes configuration dir
- file: path={{ config_file.path }} state=absent
diff --git a/ansible/roles/init_kubeadm/tasks/main.yml b/ansible/roles/init_kubeadm/tasks/main.yml
deleted file mode 100644
index df7334ce1..000000000
--- a/ansible/roles/init_kubeadm/tasks/main.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright (c) 2018-2019 Intel Corporation.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-- name: Disable swap
- command: swapoff -a
- ignore_errors: true
-
-- name: Reset Kubernetes cluster
- command: kubeadm reset
-
-- name: Clean Kubernetes directories (w/o removing the folder itself)
- shell: rm -fr {{ item }}/*
- with_items:
- - /etc/kubernetes
- - /var/lib/cni
- - /etc/cmk
-
-- name: Create Multus CNI plugin dir
- file: path=/etc/cni/net.d state=directory
-
-- name: Configure Multus CNI plugin
- template: src=10-multus-cni.conf.j2 dest=/etc/cni/net.d/10-multus-cni.conf owner=root mode=0644
-
-- name: Change default kubelet cluster dns IP
- lineinfile:
- path: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
- regexp: '^(.*)--cluster-dns=([0-9\.]*)( +.*)$'
- line: '\1--cluster-dns={{ kubelet_cluster_dns_ip }}\3'
- backrefs: yes
- backup: yes
-
-- name: Systemd daemon reload
- command: systemctl daemon-reload
-
-- name: Restart kubelet
- service: name=kubelet state=restarted
-
-- name: Initialize kubeadm
- include: kubeadm.yml
-
-- name: Create CMK Kubernetes resources
- command: kubectl create -f {{ item }}
- with_items:
- - "{{ cmk_rbc_rules_url }}"
- - "{{ cmk_serviceaccount }}"
-
-- name: Create Kubernetes resources
- include: kubectl.yml
- with_items:
- - crd-network.yaml
- - net-flannel.yaml
- - roles.yaml
- - kube-flannel.yaml
- - cmk-init-pod.yaml
-
-- name: Create a ClusterRoleBinding for a particular ClusterRole
- command: >
- kubectl create clusterrolebinding multus-node-{{ ansible_hostname }}
- --clusterrole=multus-crd-overpowered --user=system:node:{{ ansible_hostname }}
diff --git a/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 b/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2
deleted file mode 100644
index a68afaf26..000000000
--- a/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2
+++ /dev/null
@@ -1 +0,0 @@
-{{ multus_config | to_nice_json }}
diff --git a/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 b/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2
deleted file mode 100644
index a4c735394..000000000
--- a/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- labels:
- app: cmk-cluster-init-pod
- name: cmk-cluster-init-pod
-spec:
- serviceAccountName: cmk-serviceaccount
- containers:
- - args:
- # Change this value to pass different options to cluster-init.
- - "/cmk/cmk.py cluster-init --host-list={{ ansible_hostname }} --saname=cmk-serviceaccount --cmk-img=si-docker.ir.intel.com/vcmts-ubuntu/cmk --num-dp-cores=4 --dp-mode=spread --num-cp-cores=1 --cp-mode=spread"
- command:
- - "/bin/bash"
- - "-c"
- image: si-docker.ir.intel.com/vcmts-ubuntu/cmk
- name: cmk-cluster-init-pod
- restartPolicy: Never
diff --git a/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 b/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2
deleted file mode 100644
index 180038b07..000000000
--- a/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2
+++ /dev/null
@@ -1,13 +0,0 @@
----
-apiVersion: "apiextensions.k8s.io/v1beta1"
-kind: CustomResourceDefinition
-metadata:
- name: networks.kubernetes.com
-spec:
- group: kubernetes.com
- version: v1
- scope: Namespaced
- names:
- plural: networks
- singular: network
- kind: Network
diff --git a/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2
deleted file mode 100644
index 4cf63d6ca..000000000
--- a/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2
+++ /dev/null
@@ -1,145 +0,0 @@
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: flannel
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes/status
- verbs:
- - patch
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: flannel
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: flannel
-subjects:
-- kind: ServiceAccount
- name: flannel
- namespace: kube-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: flannel
- namespace: kube-system
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: kube-flannel-cfg
- namespace: kube-system
- labels:
- tier: node
- app: flannel
-data:
- cni-conf.json: |
- {
- "name": "cbr0",
- "plugins": [
- {
- "type": "flannel",
- "delegate": {
- "hairpinMode": true,
- "isDefaultGateway": true
- }
- },
- {
- "type": "portmap",
- "capabilities": {
- "portMappings": true
- }
- }
- ]
- }
- net-conf.json: |
- {
- "Network": "{{ kubeadm_pod_network_cidr }}",
- "Backend": {
- "Type": "vxlan"
- }
- }
----
-apiVersion: extensions/v1beta1
-kind: DaemonSet
-metadata:
- name: kube-flannel-ds
- namespace: kube-system
- labels:
- tier: node
- app: flannel
-spec:
- template:
- metadata:
- labels:
- tier: node
- app: flannel
- spec:
- hostNetwork: true
- nodeSelector:
- beta.kubernetes.io/arch: amd64
- tolerations:
- - key: node-role.kubernetes.io/master
- operator: Exists
- effect: NoSchedule
- serviceAccountName: flannel
- containers:
- - name: kube-flannel
- image: quay.io/coreos/flannel:v0.10.0-amd64
- command:
- - /opt/bin/flanneld
- args:
- - --ip-masq
- - --kube-subnet-mgr
- resources:
- requests:
- cpu: "100m"
- memory: "50Mi"
- limits:
- cpu: "100m"
- memory: "50Mi"
- securityContext:
- privileged: true
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: run
- mountPath: /run
- - name: flannel-cfg
- mountPath: /etc/kube-flannel/
- volumes:
- - name: run
- hostPath:
- path: /run
- - name: cni
- hostPath:
- path: /etc/cni/net.d
- - name: flannel-cfg
- configMap:
- name: kube-flannel-cfg
diff --git a/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2
deleted file mode 100644
index b872cd613..000000000
--- a/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: "kubernetes.com/v1"
-kind: Network
-metadata:
- name: flannel
-plugin: flannel
-args: '[{
- "delegate": {
- "isDefaultGateway": true
- }
- }]'
diff --git a/ansible/roles/init_kubeadm/templates/roles.yaml.j2 b/ansible/roles/init_kubeadm/templates/roles.yaml.j2
deleted file mode 100644
index 635ba0c1e..000000000
--- a/ansible/roles/init_kubeadm/templates/roles.yaml.j2
+++ /dev/null
@@ -1,16 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: multus-crd-overpowered
-rules:
-- apiGroups:
- - '*'
- resources:
- - '*'
- verbs:
- - '*'
-- nonResourceURLs:
- - '*'
- verbs:
- - '*'