Merge branch 'dev' of https://github.com/Hello-Linux/kubeasz into dev

2018-07-27 17:31:53 +08:00 · 2018-07-27 17:31:53 +08:00 · 6a12ba7fcd
parent 72c31d8cca d4a130a59a
commit 6a12ba7fcd
18 changed files with 275 additions and 17 deletions
--- a/docs/op/config_guide.md
+++ b/docs/op/config_guide.md
@ -0,0 +1,19 @@
 # 个性化集群参数配置
 `kubeasz`创建集群主要在以下两个地方进行配置：
 - ansible hosts 文件（模板在examples目录）：集群主要节点定义和主要参数配置
 - roles/xxx/vars/main.yml 文件：其他参数配置或者部分组件参数配置
 这些文件都在.gitignore忽略范围，因此修改后项目目录能够保持`git status | clean`
 ## ansible hosts
 项目尽量保持`ansible hosts`简单、灵活，在[快速指南](../quickStart.md)或者[集群规划与安装概览](../00-集群规划和基础参数设定.md)已经介绍过，主要包括集群节点定义和集群范围的主要参数配置；目前提供三种集群部署模板。
 尽量保持配置项稳定。
 ## roles/xxx/vars/main.yml
 主要包括集群某个具体组件的个性化配置，具体组件的配置项可能会不断增加；项目初始时该配置与 roles/xxx/defaults/main.yml 一致，确保在不做任何配置情况下可以使用默认值创建集群；因 ansilbe 变量优先级关系，后续如果对 roles/xxx/vars/main.yml变量修改，那么它将覆盖默认配置。
--- a/manifests/nfs-provisioner/nfs-dynamic-storageclass.yaml
+++ b/manifests/nfs-provisioner/nfs-dynamic-storageclass.yaml
@ -1,6 +0,0 @@
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
  name: nfs-dynamic-class 
 #此处引用nfs-client-provisioner里面的 nfs-prov-1
 provisioner: nfs-prov-1
--- a/manifests/storage/alicloud-nas/alicloud-disk.yaml
+++ b/manifests/storage/alicloud-nas/alicloud-disk.yaml
@ -0,0 +1,99 @@
 kind: StorageClass
 apiVersion: storage.k8s.io/v1beta1
 metadata:
  name: alicloud-disk-common
 provisioner: alicloud/disk
 parameters:
  type: cloud
 ---
 kind: StorageClass
 apiVersion: storage.k8s.io/v1beta1
 metadata:
  name: alicloud-disk-efficiency
 provisioner: alicloud/disk
 parameters:
  type: cloud_efficiency
 ---
 kind: StorageClass
 apiVersion: storage.k8s.io/v1beta1
 metadata:
  name: alicloud-disk-ssd
 provisioner: alicloud/disk
 parameters:
  type: cloud_ssd
 ---
 kind: StorageClass
 apiVersion: storage.k8s.io/v1beta1
 metadata:
  name: alicloud-disk-available
 provisioner: alicloud/disk
 parameters:
  type: available
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: alicloud-disk-controller-runner
 rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: alicloud-disk-controller
  namespace: kube-system
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: run-alicloud-disk-controller
 subjects:
  - kind: ServiceAccount
    name: alicloud-disk-controller
    namespace: kube-system
 roleRef:
  kind: ClusterRole
  name: alicloud-disk-controller-runner
  apiGroup: rbac.authorization.k8s.io
 ---
 kind: Deployment
 apiVersion: extensions/v1beta1
 metadata:
  name: alicloud-disk-controller
  namespace: kube-system
 spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: alicloud-disk-controller
    spec:
      serviceAccount: alicloud-disk-controller
      containers:
        - name: alicloud-disk-controller
          image: registry.cn-hangzhou.aliyuncs.com/acs/alicloud-disk-controller:v1.9.3-ed710ce
          volumeMounts:
            - name: cloud-config
              mountPath: /etc/kubernetes/
            - name: logdir
              mountPath: /var/log/alicloud/
      volumes:
        - name: cloud-config
          hostPath:
            path: /etc/kubernetes/
        - name: logdir
          hostPath:
            path: /var/log/alicloud/
--- a/manifests/nfs-provisioner/test/test-claim.yaml
+++ b/manifests/nfs-provisioner/test/test-claim.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 metadata:
  name: test-claim
 spec:
-  storageClassName: nfs-dynamic-class
+  storageClassName: alicloud-nas
  accessModes:
    - ReadWriteMany
  resources:
--- a/manifests/nfs-provisioner/test/test-pod.yaml
+++ b/manifests/nfs-provisioner/test/test-pod.yaml
--- a/manifests/nfs-provisioner/test/test.yaml
+++ b/manifests/nfs-provisioner/test/test.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 metadata:
  name: test
 spec:
-  storageClassName: nfs-dynamic-class
+  storageClassName: alicloud-nas
  accessModes:
    - ReadWriteMany
  resources:
--- a/roles/cluster-addon/tasks/main.yml
+++ b/roles/cluster-addon/tasks/main.yml
@ -1,12 +1,12 @@
 #-------------kube-dns 插件参数初始化
 # kubedns.yaml文件中部分参数根据hosts文件设置而定，因此需要用template模块替换参数
 - name: 准备 kubedns的部署文件 kubedns.yaml
-  template: src=kubedns.yaml.j2 dest={{ base_dir }}/manifests/kubedns/kubedns.yaml
+  template: src=dns/kubedns.yaml.j2 dest={{ base_dir }}/manifests/kubedns/kubedns.yaml
  when: "hostvars[inventory_hostname]['group_names'].count('deploy') == 1"
 # coredns.yaml文件中部分参数根据hosts文件设置而定，因此需要用template模块替换参数
 - name: 准备 coredns的部署文件 coredns.yaml
-  template: src=coredns.yaml.j2 dest={{ base_dir }}/manifests/coredns/coredns.yaml
+  template: src=dns/coredns.yaml.j2 dest={{ base_dir }}/manifests/coredns/coredns.yaml
  when: "hostvars[inventory_hostname]['group_names'].count('deploy') == 1"
 - name: 获取所有已经创建的POD信息
--- a/roles/cluster-addon/templates/dns/coredns.yaml.j2
+++ b/roles/cluster-addon/templates/dns/coredns.yaml.j2
--- a/roles/cluster-addon/templates/dns/kubedns.yaml.j2
+++ b/roles/cluster-addon/templates/dns/kubedns.yaml.j2
--- a/roles/cluster-storage/cluster-storage.yml
+++ b/roles/cluster-storage/cluster-storage.yml
@ -0,0 +1,8 @@
 - hosts: deploy
  roles:
  - cluster-storage
  vars:
    storage_type: nfs
    storage_server: 172.16.3.86
    storage_path: /data/nfs
    storage_class_name: nfs-dynamic-class
--- a/roles/cluster-storage/defaults/main.yml
+++ b/roles/cluster-storage/defaults/main.yml
@ -0,0 +1,5 @@
 # 动态存储类型, 目前支持nfs和alicloud-nas
 storage_type: nfs
 storage_server: 172.16.3.86
 storage_path: /data/nfs
 storage_class_name: nfs-dynamic-class
--- a/roles/cluster-storage/tasks/main.yml
+++ b/roles/cluster-storage/tasks/main.yml
@ -0,0 +1,27 @@
 - block:
    - name: 准备部署nfs-client动态存储
      template:
        src: nfs/nfs-client-provisioner.yaml.j2
        dest: "{{ base_dir }}/manifests/storage/nfs/nfs-client-provisioner.yaml"
    - name: 开始部署nfs-client动态存储
      shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/storage/nfs/nfs-client-provisioner.yaml"
  when: 'storage_type == "nfs"'
 - block:
    - name: 准备部署alicloud-nas动态存储
      template:
        src: alicloud-nas/alicloud-nas.yaml.j2
        dest: "{{ base_dir }}/manifests/storage/alicloud-nas/alicloud-nas.yaml"
    - name: 开始部署alicloud-disk存储
      shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/storage/alicloud-nas/alicloud-disk.yaml"
    - name: 开始部署alicloud-nas动态存储
      shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/storage/alicloud-nas/alicloud-nas.yaml"
  when: 'storage_type == "alicloud-nas"'
 - block:
    - name: 准备部署动态存储类
      template:
        src: dynamic-storageclass.yaml.j2
        dest: "{{ base_dir }}/manifests/storage/dynamic-storageclass.yaml"
    - name: 开始部署动态存储类
      shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/storage/dynamic-storageclass.yaml"
--- a/roles/cluster-storage/templates/alicloud-nas/alicloud-nas.yaml.j2
+++ b/roles/cluster-storage/templates/alicloud-nas/alicloud-nas.yaml.j2
@ -0,0 +1,58 @@
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
  name: alicloud-nas
 provisioner: alicloud/nas
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: alicloud-nas-controller
  namespace: kube-system
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: run-alicloud-nas-controller
 subjects:
  - kind: ServiceAccount
    name: alicloud-nas-controller
    namespace: kube-system
 roleRef:
  kind: ClusterRole
  name: alicloud-disk-controller-runner
  apiGroup: rbac.authorization.k8s.io
 ---
 kind: Deployment
 apiVersion: apps/v1beta1
 metadata:
  name: alicloud-nas-controller
  namespace: kube-system
 spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: alicloud-nas-controller
    spec:
      serviceAccount: alicloud-nas-controller
      containers:
        - name: alicloud-nas-controller
          image: registry.cn-hangzhou.aliyuncs.com/acs/alicloud-nas-controller:v1.8.4
          volumeMounts:
          - mountPath: /persistentvolumes
            name: nfs-client-root
          env:
            - name: PROVISIONER_NAME
              value: alicloud/nas
            - name: NFS_SERVER
              value: {{ storage_server  }}
            - name: NFS_PATH
              value: {{ storage_path  }}
      volumes:
        - name: nfs-client-root
          nfs:
            server: {{ storage_server  }}
            path: {{ storage_path  }}
--- a/roles/cluster-storage/templates/dynamic-storageclass.yaml.j2
+++ b/roles/cluster-storage/templates/dynamic-storageclass.yaml.j2
@ -0,0 +1,5 @@
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
  name: {{ storage_class_name }} 
 provisioner: prov
--- a/roles/cluster-storage/templates/nfs/nfs-client-provisioner.yaml.j2
+++ b/roles/cluster-storage/templates/nfs/nfs-client-provisioner.yaml.j2
@ -67,15 +67,13 @@ spec:
          env:
            - name: PROVISIONER_NAME
              # 此处供应者名字供storageclass调用
-              value: nfs-prov-1
+              value: prov
            - name: NFS_SERVER
-              value: 10.1.241.230
+              value: {{ storage_server }}
            - name: NFS_PATH
-              value: /home/share/k8s-pv
+              value: {{ storage_path }}
      volumes:
        - name: nfs-client-root
          nfs:
-            server: 10.1.241.230
+            server: {{ storage_server  }}
-            path: /home/share/k8s-pv
+            path: {{ storage_path }}
 ---
--- a/roles/prepare/files/95-k8s-sysctl.conf
+++ b/roles/prepare/files/95-k8s-sysctl.conf
@ -2,3 +2,4 @@ net.ipv4.ip_forward = 1
 net.bridge.bridge-nf-call-iptables = 1
 net.bridge.bridge-nf-call-ip6tables = 1
 net.bridge.bridge-nf-call-arptables = 1
 vm.swappiness = 0
--- a/roles/prepare/tasks/main.yml
+++ b/roles/prepare/tasks/main.yml
@ -92,6 +92,18 @@
    regexp: 'kubectl completion'
    line: 'source <(kubectl completion bash)'
 # 禁用系统swap
 - name: 禁用系统 swap
  shell: "swapoff -a && sysctl -w vm.swappiness=0"
  ignore_errors: true
 - name: 删除fstab swap 相关配置 
  lineinfile:
    path: /etc/fstab
    regexp: 'swap'
    state: absent
    backup: 'yes'
 # 设置系统参数for k8s
 # 消除docker info 警告WARNING: bridge-nf-call-ip[6]tables is disabled
 - name: 设置系统参数
--- a/tools/init_vars.yml
+++ b/tools/init_vars.yml
@ -0,0 +1,32 @@
 # [可选]初始化集群设置脚本，使用请参考docs/op/config_guide.md
 # 如果创建集群时需要修改项目roles中默认配置，请执行本脚本后，编辑roles/xxx/vars/main.yml修改
 - hosts: deploy
  tasks:
  - name: 创建变量配置目录 roles/xxx/vars
    file: name={{ base_dir }}/roles/{{ item }}/vars state=directory
    with_items:
    - calico
    - cluster-addon
    - cluster-restore
    - flannel
    - helm
    - kube-node
    - kube-router
    - lb
  - name: 复制默认配置以备修改
    copy:
      src: "{{ base_dir }}/roles/{{ item }}/defaults/main.yml"
      dest: "{{ base_dir }}/roles/{{ item }}/vars/main.yml"
      force: "no"
    with_items:
    - calico
    - cluster-addon
    - cluster-restore
    - flannel
    - helm
    - kube-node
    - kube-router
    - lb