prepare release v1102-r1

2018-05-06 23:10:14 +08:00 · 2018-05-06 23:10:14 +08:00 · 9a8a729e08
parent 2f3f9d023d
commit 9a8a729e08
7 changed files with 63 additions and 44 deletions
--- a/99.clean.yml
+++ b/99.clean.yml
@ -23,7 +23,7 @@
    - "/var/lib/kube-proxy/"
    - "/etc/systemd/system/kubelet.service"
    - "/etc/systemd/system/kube-proxy.service"
-    - "/root/local/kube-system/"
+    - "/opt/kube/kube-system/"

 # 清理 kube-master 相关
 - hosts:
@ -72,7 +72,6 @@
    - "/var/log/calico/"
    - "/var/lib/docker/"
    - "/var/run/docker/"
-    - "/root/local/kube-system/"
    - "/etc/systemd/system/calico-node.service"
    - "/etc/systemd/system/docker.service"
    - "/etc/systemd/system/docker.service.requires/"
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-# 利用Ansible部署kubernetes集群
+# 使用ansible-playbook部署kubernetes集群

 ![docker](./pics/docker.jpg) ![kube](./pics/kube.jpg) ![ansible](./pics/ansible.jpg)

@ -6,22 +6,19 @@

 **集群特性：`TLS` 双向认证、`RBAC` 授权、多`Master`高可用、支持`Network Policy`**

-**注意：** 为提高集群网络插件安装的灵活性，使用`DaemonSet Pod`方式运行网络插件，目前支持`Calico` `flannel`可选
+项目基于`Ubuntu 16.04/CentOS 7`，其他系统需要读者自行替换部分命令；你可能需要掌握基础`kubernetes` `docker` `linux shell` 知识，关于`ansible`建议阅读 [ansible超快入门](http://weiweidefeng.blog.51cto.com/1957995/1895261) 基本够用。

-文档基于`Ubuntu 16.04/CentOS 7`，其他系统需要读者自行替换部分命令；由于使用经验有限和简化脚本考虑，已经尽量避免`ansible-playbook`的高级特性和复杂逻辑。
-
-你可能需要掌握基础`kubernetes` `docker` `linux shell` 知识，关于`ansible`建议阅读 [ansible超快入门](http://weiweidefeng.blog.51cto.com/1957995/1895261) 基本够用。
-
-请阅读[项目分支说明](branch.md)，欢迎提`Issues`和`PRs`参与维护项目。
+请阅读[项目分支说明](branch.md)，欢迎提`Issues`和[PRs](docs/mixes/HowToContribute.md)参与维护项目。

 ## 组件版本

- kubernetes	v1.10.0
- etcd		v3.3.2
+- kubernetes	v1.10.2
+- etcd		v3.3.4
 - docker	18.03.0-ce
- calico/node	v3.0.4
+- calico	v3.0.6
 - flannel	v0.10.0
-  - 附：集群用到的所有二进制文件已打包好供下载 [https://pan.baidu.com/s/1c4RFaA](https://pan.baidu.com/s/1c4RFaA)
+**注1：** 集群用到的所有二进制文件已打包好供下载 [https://pan.baidu.com/s/1c4RFaA](https://pan.baidu.com/s/1c4RFaA)
+**注2：** 为提高集群网络插件安装的灵活性，使用`DaemonSet Pod`方式运行网络插件，目前支持`Calico` `flannel`可选

 ## 快速指南

@ -47,17 +44,15 @@

 请根据这份 [目录](docs/guide/index.md) 阅读你所感兴趣的内容，尚在更新中...

-## 推荐阅读
-
- [rootsongjc-Kubernetes指南](https://github.com/rootsongjc/kubernetes-handbook) 原理和实践指南。
- [feisky-Kubernetes指南](https://github.com/feiskyer/kubernetes-handbook/blob/master/zh/SUMMARY.md) 原理和部署章节。
- [opsnull-安装教程](https://github.com/opsnull/follow-me-install-kubernetes-cluster) 二进制手工部署。
-
 ## 沟通交流

 - 微信群：k8s&kubeasz实践，搜索微信号`badtobone`，请备注（城市-github用户名），验证通过会加入群聊。
+- 推荐阅读：[rootsongjc-Kubernetes指南](https://github.com/rootsongjc/kubernetes-handbook) [feisky-Kubernetes指南](https://github.com/feiskyer/kubernetes-handbook/blob/master/zh/SUMMARY.md) [opsnull-安装教程](https://github.com/opsnull/follow-me-install-kubernetes-cluster)

-Copyright 2017 gjmzj (jmgaozz@163.com)
+## 贡献&致谢

-Apache License 2.0，详情见 [LICENSE](LICENSE) 文件。
+感谢所有为项目提交 `Issues`和`PRs` 的贡献者！

+- [如何贡献](docs/mixes/HowToContribute.md)
+
+Copyright 2017 gjmzj (jmgaozz@163.com) Apache License 2.0，详情见 [LICENSE](LICENSE) 文件。
--- a/bin/VERSION.md
+++ b/bin/VERSION.md
@ -1,5 +1,5 @@
 # 主要组件版本

-+ kubernetes	v1.10.0
-+ etcd		v3.3.2
+ kubernetes	v1.10.2
+ etcd		v3.3.4
 + docker	18.03.0-ce
--- a/docs/mixes/HowToContribute.md
+++ b/docs/mixes/HowToContribute.md
@ -0,0 +1,19 @@
+# 为项目`kubeasz`提交`pull request`
+
+首先请核对下本地git config配置的用户名和邮箱与你github上的注册用户和邮箱一致，否则即使`pull request`被接受，贡献者列表中也看不到自己的名字，设置命令：
+
+``` bash
+$ git config --global user.email "you@example.com"
+$ git config --global user.name "Your Name"
+```
+
+- 1. 登陆github，在本项目页面点击`fork`到自己仓库
+- 2. clone 自己的仓库到本地：`git clone https://github.com/xxx/kubeasz.git`
+- 3. 在 master 分支添加原始仓库为上游分支：`git remote add upstream https://github.com/gjmzj/kubeasz.git`
+- 4. 在本地新建开发分支：`git checkout -b dev`
+- 5. 在开发分支修改代码并提交：`git add .`, `git commit -am 'xx变更说明'`
+- 6. 切换至 master 分支，同步原始仓库：`git checkout master`， `git pull upstream master`
+- 7. 切换至 dev 分支，合并本地 master 分支（已经和原始仓库同步），可能需要解冲突：`git checkout dev`, `git merge master`
+- 8. 提交本地 dev 分支到自己的远程 dev 仓库：`git push origin dev`
+- 9. 在github自己仓库页面，点击`Compare & pull request`给原始仓库发 pull request 请求
+- a. 等待原作者回复（接受/拒绝）
--- a/roles/calico/tasks/main.yml
+++ b/roles/calico/tasks/main.yml
@ -2,7 +2,7 @@
  file: name={{ item }} state=directory
  with_items:
  - /etc/calico/ssl
-  - /root/local/kube-system/calico 
+  - /opt/kube/kube-system/calico 

 - name: 复制CA 证书到calico 证书目录
  copy: src={{ ca_dir }}/ca.pem dest=/etc/calico/ssl/ca.pem
@ -22,10 +22,10 @@
  shell: "cd /etc/calico/ssl && cp ca.pem etcd-ca && cp calico.pem etcd-cert && cp calico-key.pem etcd-key"

 - name: 准备 calico DaemonSet yaml文件
-  template: src=calico.yaml.j2 dest=/root/local/kube-system/calico/calico.yaml
+  template: src=calico.yaml.j2 dest=/opt/kube/kube-system/calico/calico.yaml

 - name: 准备 calico rbac文件 
-  template: src=calico-rbac.yaml.j2 dest=/root/local/kube-system/calico/calico-rbac.yaml
+  template: src=calico-rbac.yaml.j2 dest=/opt/kube/kube-system/calico/calico-rbac.yaml

 - name: 获取所有已经创建的POD信息
  command: "{{ bin_dir }}/kubectl get pod --all-namespaces"
@ -34,7 +34,7 @@

 # 只需单节点执行一次
 - name: 运行 calico网络
-  shell: "{{ bin_dir }}/kubectl create -f /root/local/kube-system/calico/ && sleep 5"
+  shell: "{{ bin_dir }}/kubectl create -f /opt/kube/kube-system/calico/ && sleep 5"
  run_once: true
  when: '"calico" not in pod_info.stdout'

--- a/roles/calico/templates/calico.yaml.j2
+++ b/roles/calico/templates/calico.yaml.j2
@ -1,9 +1,9 @@
-# Calico Version v3.0.4
-# https://docs.projectcalico.org/v3.0/releases#v3.0.4
+# Calico Version v3.0.6
+# https://docs.projectcalico.org/v3.0/releases#v3.0.6
 # This manifest includes the following component versions:
-#   calico/node:v3.0.4
-#   calico/cni:v2.0.3
-#   calico/kube-controllers:v2.0.2
+#   calico/node:v3.0.6
+#   calico/cni:v2.0.5
+#   calico/kube-controllers:v2.0.4

 # This ConfigMap is used to configure a self-hosted Calico installation.
 kind: ConfigMap
@ -82,11 +82,17 @@ spec:
        k8s-app: calico-node
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
-        scheduler.alpha.kubernetes.io/tolerations: |
-          [{"key": "dedicated", "value": "master", "effect": "NoSchedule" },
-           {"key":"CriticalAddonsOnly", "operator":"Exists"}]
    spec:
      hostNetwork: true
+      tolerations:
+        # Make sure calico/node gets scheduled on all nodes.
+        - effect: NoSchedule
+          operator: Exists
+        # Mark the pod as a critical add-on for rescheduling.
+        - key: CriticalAddonsOnly
+          operator: Exists
+        - effect: NoExecute
+          operator: Exists
      serviceAccountName: calico-node
      # Minimize downtime during a rolling upgrade or deletion; tell Kubernetes to do a "force
      # deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods.
@ -96,8 +102,8 @@ spec:
        # container programs network policy and routes on each
        # host.
        - name: calico-node
-          #image: quay.io/calico/node:v3.0.4
-          image: calico/node:v3.0.4
+          #image: quay.io/calico/node:v3.0.6
+          image: calico/node:v3.0.6
          env:
            # The location of the Calico etcd cluster.
            - name: ETCD_ENDPOINTS
@ -193,8 +199,8 @@ spec:
        # This container installs the Calico CNI binaries
        # and CNI network config file on each node.
        - name: install-cni
-          #image: quay.io/calico/cni:v2.0.3
-          image: calico/cni:v2.0.3
+          #image: quay.io/calico/cni:v2.0.5
+          image: calico/cni:v2.0.5
          command: ["/install-cni.sh"]
          env:
            # Name of the CNI config file to create.
@ -276,8 +282,8 @@ spec:
      serviceAccountName: calico-kube-controllers
      containers:
        - name: calico-kube-controllers
-          #image: quay.io/calico/kube-controllers:v2.0.2
-          image: calico/kube-controllers:v2.0.2
+          #image: quay.io/calico/kube-controllers:v2.0.4
+          image: calico/kube-controllers:v2.0.4
          env:
            # The location of the Calico etcd cluster.
            - name: ETCD_ENDPOINTS
--- a/roles/flannel/tasks/main.yml
+++ b/roles/flannel/tasks/main.yml
@ -2,7 +2,7 @@
  file: name={{ item }} state=directory
  with_items:
  - /etc/cni/net.d
-  - /root/local/kube-system/flannel
+  - /opt/kube/kube-system/flannel

 - name: 下载flannel cni plugins
  copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
@ -14,7 +14,7 @@
  - portmap

 - name: 准备 flannel DaemonSet yaml文件
-  template: src=kube-flannel.yaml.j2 dest=/root/local/kube-system/flannel/kube-flannel.yaml
+  template: src=kube-flannel.yaml.j2 dest=/opt/kube/kube-system/flannel/kube-flannel.yaml

 - name: 获取所有已经创建的POD信息
  command: "{{ bin_dir }}/kubectl get pod --all-namespaces"
@ -23,7 +23,7 @@

 # 只需单节点执行一次
 - name: 运行 flannel网络
-  shell: "{{ bin_dir }}/kubectl create -f /root/local/kube-system/flannel/ && sleep 5"
+  shell: "{{ bin_dir }}/kubectl create -f /opt/kube/kube-system/flannel/ && sleep 5"
  run_once: true
  when: '"flannel" not in pod_info.stdout'