easzlab
/
kubeasz
mirror of https://github.com/easzlab/kubeasz.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: cilium 1.12.1 setup

pull/1186/head
jin.gjm 2022-09-13 16:34:21 +08:00
parent fe829da2fd
commit cfff66f0c6
5 changed files with 48 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ezdown
View File

@ -238,6 +238,7 @@ function get_k8s_bin() {
[[ -f "$BASE/bin/kubelet" ]] && { logger warn "kubernetes binaries existed"; return 0; }
logger info "downloading kubernetes: $K8S_BIN_VER binaries"
rm -rf "$BASE/k8s_bin_tmp"
docker ps -a |grep -q temp_k8s_bin && { logger debug "remove existing container"; docker rm -f temp_k8s_bin; }
docker pull easzlab/kubeasz-k8s-bin:"$K8S_BIN_VER" && \
logger debug "run a temporary container" && \
@ -254,6 +255,7 @@ function get_ext_bin() {
[[ -f "$BASE/bin/etcdctl" ]] && { logger warn "extra binaries existed"; return 0; }
logger info "downloading extral binaries kubeasz-ext-bin:$EXT_BIN_VER"
rm -rf "$BASE/extra_bin_tmp"
docker ps -a |grep -q temp_ext_bin && { logger debug "remove existing container"; docker rm -f temp_ext_bin; }
docker pull "easzlab/kubeasz-ext-bin:$EXT_BIN_VER" && \
logger debug "run a temporary container" && \
@ -413,14 +415,14 @@ function get_extra_images() {
docker pull cilium/hubble-ui-backend:v0.9.1 && \
docker pull cilium/hubble-ui:v0.9.1 && \
docker pull cilium/json-mock:v1.3.0 && \
docker pull quay.io/cilium/alpine-curl:v1.3.0 && \
docker pull centos:7 && \
docker save -o "$imageDir/cilium_$ciliumVer.tar" "cilium/cilium:v$ciliumVer" \
"cilium/operator-generic:v$ciliumVer" \
"cilium/hubble-relay:v$ciliumVer" \
cilium/hubble-ui-backend:v0.9.1 \
cilium/hubble-ui:v0.9.1 \
cilium/json-mock:v1.3.0 \
quay.io/cilium/alpine-curl:v1.3.0
centos:7
else
docker load -i "$imageDir/cilium_$ciliumVer.tar"
fi
@ -436,8 +438,8 @@ function get_extra_images() {
docker push easzlab.io.local:5000/cilium/hubble-ui:v0.9.1
docker tag cilium/json-mock:v1.3.0 easzlab.io.local:5000/cilium/json-mock:v1.3.0
docker push easzlab.io.local:5000/cilium/json-mock:v1.3.0
docker tag quay.io/cilium/alpine-curl:v1.3.0 easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
docker push easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
docker tag centos:7 easzlab.io.local:5000/centos:7
docker push easzlab.io.local:5000/centos:7
# prometheus chart
if [[ ! -f "$imageDir/prometheus-chart_$promChartVer.tar" ]];then

6
roles/cilium/templates/values.yaml.j2
View File

@ -34,7 +34,11 @@ hubble:
tag: "v{{ cilium_ver }}"
useDigest: false
ui:
enabled: {%- if cilium_hubble_ui_enabled -%}true{%- else -%}false{%- endif -%}
{% if cilium_hubble_ui_enabled %}
enabled: true
{% else %}
enabled: false
{% endif %}
backend:
image:
repository: "easzlab.io.local:5000/cilium/hubble-ui-backend"

48
roles/cluster-addon/templates/cilium-check/connectivity-check.yaml.j2
View File

@ -197,10 +197,10 @@ spec:
containers:
- name: pod-to-a-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -253,10 +253,10 @@ spec:
containers:
- name: pod-to-external-1111-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -309,24 +309,24 @@ spec:
containers:
- name: pod-to-a-denied-cnp-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
timeoutSeconds: 7
exec:
command:
- ash
- sh
- -c
- '! curl -s --fail --connect-timeout 5 -o /dev/null echo-a:8080/private'
livenessProbe:
timeoutSeconds: 7
exec:
command:
- ash
- sh
- -c
- '! curl -s --fail --connect-timeout 5 -o /dev/null echo-a:8080/private'
selector:
@ -355,10 +355,10 @@ spec:
containers:
- name: pod-to-a-allowed-cnp-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -411,10 +411,10 @@ spec:
containers:
- name: pod-to-external-fqdn-allow-baidu-cnp-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -467,10 +467,10 @@ spec:
containers:
- name: pod-to-b-multi-node-clusterip-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -533,10 +533,10 @@ spec:
containers:
- name: pod-to-b-multi-node-headless-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -599,10 +599,10 @@ spec:
containers:
- name: host-to-b-multi-node-clusterip-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -666,10 +666,10 @@ spec:
containers:
- name: host-to-b-multi-node-headless-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -733,10 +733,10 @@ spec:
containers:
- name: pod-to-b-multi-node-nodeport-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:
@ -799,10 +799,10 @@ spec:
containers:
- name: pod-to-b-intra-node-nodeport-container
ports: []
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command:
- /bin/ash
- /bin/sh
- -c
- sleep 1000000000
readinessProbe:

8
roles/cluster-addon/templates/dns/nodelocaldns-ipvs.yaml.j2
View File

@ -62,7 +62,7 @@ data:
}
reload
loop
bind {{ LOCAL_DNS_CACHE }}
bind {{ LOCAL_DNS_CACHE }}
forward . {{ CLUSTER_DNS_SVC_IP }} {
force_tcp
}
@ -74,7 +74,7 @@ data:
cache 30
reload
loop
bind {{ LOCAL_DNS_CACHE }}
bind {{ LOCAL_DNS_CACHE }}
forward . {{ CLUSTER_DNS_SVC_IP }} {
force_tcp
}
@ -85,7 +85,7 @@ data:
cache 30
reload
loop
bind {{ LOCAL_DNS_CACHE }}
bind {{ LOCAL_DNS_CACHE }}
forward . {{ CLUSTER_DNS_SVC_IP }} {
force_tcp
}
@ -96,7 +96,7 @@ data:
cache 30
reload
loop
bind {{ LOCAL_DNS_CACHE }}
bind {{ LOCAL_DNS_CACHE }}
forward . __PILLAR__UPSTREAM__SERVERS__
prometheus :9253
}

18
roles/cluster-addon/templates/network-check/network-check.yaml.j2
View File

@ -19,7 +19,7 @@ spec:
spec:
containers:
- name: test01-pod-to-container
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server:8080/public"]
restartPolicy: OnFailure
@ -44,7 +44,7 @@ spec:
spec:
containers:
- name: test02-pod-to-node-nodeport
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server-host-headless:31314/public"]
restartPolicy: OnFailure
@ -79,7 +79,7 @@ spec:
topologyKey: kubernetes.io/hostname
containers:
- name: test03-pod-to-multi-node-clusterip
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server:8080/public"]
restartPolicy: OnFailure
@ -114,7 +114,7 @@ spec:
topologyKey: kubernetes.io/hostname
containers:
- name: test04-pod-to-multi-node-headless
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server-headless:8080/public"]
restartPolicy: OnFailure
@ -149,7 +149,7 @@ spec:
topologyKey: kubernetes.io/hostname
containers:
- name: test05-pod-to-multi-node-nodeport
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server-host-headless:31314/public"]
restartPolicy: OnFailure
@ -174,7 +174,7 @@ spec:
spec:
containers:
- name: test06-pod-to-external-1111
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 1.1.1.1"]
restartPolicy: OnFailure
@ -199,7 +199,7 @@ spec:
spec:
containers:
- name: test07-pod-to-external-fqdn-baidu
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 www.baidu.com"]
restartPolicy: OnFailure
@ -236,7 +236,7 @@ spec:
hostNetwork: true
containers:
- name: test08-host-to-multi-node-clusterip
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server:8080/public"]
restartPolicy: OnFailure
@ -273,7 +273,7 @@ spec:
hostNetwork: true
containers:
- name: test09-host-to-multi-node-headless
image: easzlab.io.local:5000/cilium/alpine-curl:v1.3.0
image: easzlab.io.local:5000/centos:7
imagePullPolicy: IfNotPresent
command: ["sh","-c","curl -sS --fail --connect-timeout 5 echo-server-headless:8080/public"]
restartPolicy: OnFailure