easzlab
/
kubeasz
mirror of https://github.com/easzlab/kubeasz.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update kube-router v1.5.4

pull/1282/head
gjmzj 2023-05-16 16:07:22 +08:00
parent 94839ffccb
commit b8b88fdb92
5 changed files with 54 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
example/config.yml
View File

@ -160,7 +160,6 @@ FIREWALL_ENABLE: true
# [kube-router]kube-router 镜像版本
kube_router_ver: "__kube_router__"
busybox_ver: "1.28.4"
############################

10
ezctl
View File

@ -239,15 +239,15 @@ function setup() {
k8s_ver=$(bin/kube-apiserver --version|cut -d' ' -f2)
etcd_ver=v$(bin/etcd --version|grep 'etcd Version'|cut -d' ' -f3)
network_cni=$(grep CLUSTER_NETWORK "clusters/$1/hosts"|cut -d'"' -f2)
network_cni_ver=$(grep "${network_cni}Ver" ezdown|cut -d'=' -f2|head -n1)
network_cni=$(grep CLUSTER_NETWORK "clusters/$1/hosts"|cut -d'"' -f2|sed 's/-//g')
network_cni_ver=$(grep -i "${network_cni}Ver" ezdown|cut -d'=' -f2|head -n1)
cat <<EOF
*** Component Version *********************
*******************************************
* kubernetes: ${k8s_ver}
* etcd: ${etcd_ver}
* ${network_cni}: ${network_cni_ver}
* kubernetes: ${k8s_ver}
* etcd: ${etcd_ver}
* ${network_cni}: ${network_cni_ver}
*******************************************
EOF

14
ezdown
View File

@ -33,7 +33,7 @@ pauseVer=3.9
# images not downloaded by default(only download with '-X')
ciliumVer=1.13.2
flannelVer=v0.21.4
kubeRouterVer=v0.3.1
kubeRouterVer=v1.5.4
kubeOvnVer=v1.11.5
nfsProvisionerVer=v4.0.2
promChartVer=45.23.0
@ -479,6 +479,18 @@ function get_extra_images() {
docker push "easzlab.io.local:5000/kubeovn/kube-ovn:$kubeOvnVer"
;;
# kube-router images
kube-router)
if [[ ! -f "$imageDir/kube-router_$kubeRouterVer.tar" ]];then
docker pull "cloudnativelabs/kube-router:$kubeRouterVer" && \
docker save -o "$imageDir/kube-router_$kubeRouterVer.tar" "cloudnativelabs/kube-router:$kubeRouterVer"
else
docker load -i "$imageDir/kube-router_$kubeRouterVer.tar"
fi
docker tag "cloudnativelabs/kube-router:$kubeRouterVer" "easzlab.io.local:5000/cloudnativelabs/kube-router:$kubeRouterVer"
docker push "easzlab.io.local:5000/cloudnativelabs/kube-router:$kubeRouterVer"
;;
# network-check images
network-check)
if [[ ! -f "$imageDir/network-check.tar" ]];then

22
roles/kube-router/tasks/main.yml
View File

@ -1,18 +1,14 @@
- name: 准备配置 kube-router DaemonSet (without IPVS)
template: src=kuberouter.yaml.j2 dest={{ cluster_dir }}/yml/kube-router.yaml
run_once: true
connection: local
- block:
- name: 准备配置 kube-router DaemonSet
template: src=kuberouter.yaml.j2 dest={{ cluster_dir }}/yml/kube-router.yaml
- name: 删除 kube-router DaemonSet
shell: "{{ base_dir }}/bin/kubectl delete -f {{ cluster_dir }}/yml/kube-router.yaml || echo true; sleep 3"
run_once: true
connection: local
tags: force_change_certs
when: 'CHANGE_CA|bool'
- name: 删除 kube-router DaemonSet
shell: "{{ base_dir }}/bin/kubectl delete -f {{ cluster_dir }}/yml/kube-router.yaml || echo true; sleep 3"
when: 'CHANGE_CA|bool'
# 只需单节点执行一次
- name: 运行 kube-router DaemonSet
shell: "{{ base_dir }}/bin/kubectl apply -f {{ cluster_dir }}/yml/kube-router.yaml"
# 只需单节点执行一次
- name: 运行 kube-router DaemonSet
shell: "{{ base_dir }}/bin/kubectl apply -f {{ cluster_dir }}/yml/kube-router.yaml"
run_once: true
connection: local
tags: force_change_certs

39
roles/kube-router/templates/kuberouter.yaml.j2
View File

@ -25,7 +25,7 @@ data:
}
---
apiVersion: apps/v1
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
@ -37,17 +37,18 @@ spec:
selector:
matchLabels:
k8s-app: kube-router
tier: node
template:
metadata:
labels:
k8s-app: kube-router
tier: node
spec:
priorityClassName: system-cluster-critical
priorityClassName: system-node-critical
serviceAccountName: kube-router
containers:
- name: kube-router
image: cloudnativelabs/kube-router:{{ kube_router_ver }}
image: easzlab.io.local:5000/cloudnativelabs/kube-router:{{ kube_router_ver }}
imagePullPolicy: IfNotPresent
args:
- "--hostname-override=RT-{{ inventory_hostname }}"
@ -55,6 +56,7 @@ spec:
- "--run-router=true"
- "--run-firewall={{ FIREWALL_ENABLE }}"
- "--run-service-proxy=false"
- "--bgp-graceful-restart=true"
env:
- name: NODE_NAME
valueFrom:
@ -80,9 +82,12 @@ spec:
readOnly: true
- name: cni-conf-dir
mountPath: /etc/cni/net.d
- name: xtables-lock
mountPath: /run/xtables.lock
readOnly: false
initContainers:
- name: install-cni
image: busybox:{{ busybox_ver }}
image: easzlab.io.local:5000/cloudnativelabs/kube-router:{{ kube_router_ver }}
imagePullPolicy: IfNotPresent
command:
- /bin/sh
@ -100,16 +105,14 @@ spec:
- mountPath: /etc/cni/net.d
name: cni-conf-dir
- mountPath: /etc/kube-router
name: kube-router-cfg
name: kube-router-cfg
hostNetwork: true
tolerations:
- effect: NoSchedule
operator: Exists
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node.kubernetes.io/not-ready
- effect: NoExecute
operator: Exists
volumes:
- name: lib-modules
@ -121,6 +124,10 @@ spec:
- name: kube-router-cfg
configMap:
name: kube-router-cfg
- name: xtables-lock
hostPath:
path: /run/xtables.lock
type: FileOrCreate
---
apiVersion: v1
@ -131,7 +138,7 @@ metadata:
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kube-router
namespace: kube-system
@ -156,10 +163,18 @@ rules:
- list
- get
- watch
- apiGroups:
- extensions
resources:
- networkpolicies
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kube-router
roleRef: