mirror of https://github.com/easzlab/kubeasz.git
update kube-router v1.5.4
parent
94839ffccb
commit
b8b88fdb92
|
@ -160,7 +160,6 @@ FIREWALL_ENABLE: true
|
|||
|
||||
# [kube-router]kube-router 镜像版本
|
||||
kube_router_ver: "__kube_router__"
|
||||
busybox_ver: "1.28.4"
|
||||
|
||||
|
||||
############################
|
||||
|
|
10
ezctl
10
ezctl
|
@ -239,15 +239,15 @@ function setup() {
|
|||
|
||||
k8s_ver=$(bin/kube-apiserver --version|cut -d' ' -f2)
|
||||
etcd_ver=v$(bin/etcd --version|grep 'etcd Version'|cut -d' ' -f3)
|
||||
network_cni=$(grep CLUSTER_NETWORK "clusters/$1/hosts"|cut -d'"' -f2)
|
||||
network_cni_ver=$(grep "${network_cni}Ver" ezdown|cut -d'=' -f2|head -n1)
|
||||
network_cni=$(grep CLUSTER_NETWORK "clusters/$1/hosts"|cut -d'"' -f2|sed 's/-//g')
|
||||
network_cni_ver=$(grep -i "${network_cni}Ver" ezdown|cut -d'=' -f2|head -n1)
|
||||
|
||||
cat <<EOF
|
||||
*** Component Version *********************
|
||||
*******************************************
|
||||
* kubernetes: ${k8s_ver}
|
||||
* etcd: ${etcd_ver}
|
||||
* ${network_cni}: ${network_cni_ver}
|
||||
* kubernetes: ${k8s_ver}
|
||||
* etcd: ${etcd_ver}
|
||||
* ${network_cni}: ${network_cni_ver}
|
||||
*******************************************
|
||||
EOF
|
||||
|
||||
|
|
14
ezdown
14
ezdown
|
@ -33,7 +33,7 @@ pauseVer=3.9
|
|||
# images not downloaded by default(only download with '-X')
|
||||
ciliumVer=1.13.2
|
||||
flannelVer=v0.21.4
|
||||
kubeRouterVer=v0.3.1
|
||||
kubeRouterVer=v1.5.4
|
||||
kubeOvnVer=v1.11.5
|
||||
nfsProvisionerVer=v4.0.2
|
||||
promChartVer=45.23.0
|
||||
|
@ -479,6 +479,18 @@ function get_extra_images() {
|
|||
docker push "easzlab.io.local:5000/kubeovn/kube-ovn:$kubeOvnVer"
|
||||
;;
|
||||
|
||||
# kube-router images
|
||||
kube-router)
|
||||
if [[ ! -f "$imageDir/kube-router_$kubeRouterVer.tar" ]];then
|
||||
docker pull "cloudnativelabs/kube-router:$kubeRouterVer" && \
|
||||
docker save -o "$imageDir/kube-router_$kubeRouterVer.tar" "cloudnativelabs/kube-router:$kubeRouterVer"
|
||||
else
|
||||
docker load -i "$imageDir/kube-router_$kubeRouterVer.tar"
|
||||
fi
|
||||
docker tag "cloudnativelabs/kube-router:$kubeRouterVer" "easzlab.io.local:5000/cloudnativelabs/kube-router:$kubeRouterVer"
|
||||
docker push "easzlab.io.local:5000/cloudnativelabs/kube-router:$kubeRouterVer"
|
||||
;;
|
||||
|
||||
# network-check images
|
||||
network-check)
|
||||
if [[ ! -f "$imageDir/network-check.tar" ]];then
|
||||
|
|
|
@ -1,18 +1,14 @@
|
|||
- name: 准备配置 kube-router DaemonSet (without IPVS)
|
||||
template: src=kuberouter.yaml.j2 dest={{ cluster_dir }}/yml/kube-router.yaml
|
||||
run_once: true
|
||||
connection: local
|
||||
- block:
|
||||
- name: 准备配置 kube-router DaemonSet
|
||||
template: src=kuberouter.yaml.j2 dest={{ cluster_dir }}/yml/kube-router.yaml
|
||||
|
||||
- name: 删除 kube-router DaemonSet
|
||||
shell: "{{ base_dir }}/bin/kubectl delete -f {{ cluster_dir }}/yml/kube-router.yaml || echo true; sleep 3"
|
||||
run_once: true
|
||||
connection: local
|
||||
tags: force_change_certs
|
||||
when: 'CHANGE_CA|bool'
|
||||
- name: 删除 kube-router DaemonSet
|
||||
shell: "{{ base_dir }}/bin/kubectl delete -f {{ cluster_dir }}/yml/kube-router.yaml || echo true; sleep 3"
|
||||
when: 'CHANGE_CA|bool'
|
||||
|
||||
# 只需单节点执行一次
|
||||
- name: 运行 kube-router DaemonSet
|
||||
shell: "{{ base_dir }}/bin/kubectl apply -f {{ cluster_dir }}/yml/kube-router.yaml"
|
||||
# 只需单节点执行一次
|
||||
- name: 运行 kube-router DaemonSet
|
||||
shell: "{{ base_dir }}/bin/kubectl apply -f {{ cluster_dir }}/yml/kube-router.yaml"
|
||||
run_once: true
|
||||
connection: local
|
||||
tags: force_change_certs
|
||||
|
|
|
@ -25,7 +25,7 @@ data:
|
|||
}
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
labels:
|
||||
|
@ -37,17 +37,18 @@ spec:
|
|||
selector:
|
||||
matchLabels:
|
||||
k8s-app: kube-router
|
||||
tier: node
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: kube-router
|
||||
tier: node
|
||||
spec:
|
||||
priorityClassName: system-cluster-critical
|
||||
priorityClassName: system-node-critical
|
||||
serviceAccountName: kube-router
|
||||
containers:
|
||||
- name: kube-router
|
||||
image: cloudnativelabs/kube-router:{{ kube_router_ver }}
|
||||
image: easzlab.io.local:5000/cloudnativelabs/kube-router:{{ kube_router_ver }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "--hostname-override=RT-{{ inventory_hostname }}"
|
||||
|
@ -55,6 +56,7 @@ spec:
|
|||
- "--run-router=true"
|
||||
- "--run-firewall={{ FIREWALL_ENABLE }}"
|
||||
- "--run-service-proxy=false"
|
||||
- "--bgp-graceful-restart=true"
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
|
@ -80,9 +82,12 @@ spec:
|
|||
readOnly: true
|
||||
- name: cni-conf-dir
|
||||
mountPath: /etc/cni/net.d
|
||||
- name: xtables-lock
|
||||
mountPath: /run/xtables.lock
|
||||
readOnly: false
|
||||
initContainers:
|
||||
- name: install-cni
|
||||
image: busybox:{{ busybox_ver }}
|
||||
image: easzlab.io.local:5000/cloudnativelabs/kube-router:{{ kube_router_ver }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
|
@ -100,16 +105,14 @@ spec:
|
|||
- mountPath: /etc/cni/net.d
|
||||
name: cni-conf-dir
|
||||
- mountPath: /etc/kube-router
|
||||
name: kube-router-cfg
|
||||
name: kube-router-cfg
|
||||
hostNetwork: true
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node.kubernetes.io/not-ready
|
||||
- effect: NoExecute
|
||||
operator: Exists
|
||||
volumes:
|
||||
- name: lib-modules
|
||||
|
@ -121,6 +124,10 @@ spec:
|
|||
- name: kube-router-cfg
|
||||
configMap:
|
||||
name: kube-router-cfg
|
||||
- name: xtables-lock
|
||||
hostPath:
|
||||
path: /run/xtables.lock
|
||||
type: FileOrCreate
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
|
@ -131,7 +138,7 @@ metadata:
|
|||
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: kube-router
|
||||
namespace: kube-system
|
||||
|
@ -156,10 +163,18 @@ rules:
|
|||
- list
|
||||
- get
|
||||
- watch
|
||||
- apiGroups:
|
||||
- extensions
|
||||
resources:
|
||||
- networkpolicies
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: kube-router
|
||||
roleRef:
|
||||
|
|
Loading…
Reference in New Issue