Merge pull request #133 from Smana/weave_network_plugin

weave network plugin
pull/178/head
Smaine Kahlouch 2016-02-10 18:39:48 +01:00
commit 09851621de
14 changed files with 230 additions and 14 deletions

View File

@ -1,4 +1,4 @@
[![Build Status](https://travis-ci.org/ansibl8s/setup-kubernetes.svg)](https://travis-ci.org/ansibl8s/setup-kubernetes) [![Build Status](https://travis-ci.org/kubespray/setup-kubernetes.svg)](https://travis-ci.org/kubespray/setup-kubernetes)
kubernetes-ansible kubernetes-ansible
======== ========
@ -27,6 +27,7 @@ in order to avoid any issue during deployment you should disable your firewall
* [etcd](https://github.com/coreos/etcd/releases) v2.2.4 * [etcd](https://github.com/coreos/etcd/releases) v2.2.4
* [calicoctl](https://github.com/projectcalico/calico-docker/releases) v0.16.0 * [calicoctl](https://github.com/projectcalico/calico-docker/releases) v0.16.0
* [flanneld](https://github.com/coreos/flannel/releases) v0.5.5 * [flanneld](https://github.com/coreos/flannel/releases) v0.5.5
* [weave](http://weave.works/) v1.4.4
* [docker](https://www.docker.com/) v1.9.1 * [docker](https://www.docker.com/) v1.9.1
Quickstart Quickstart
@ -143,12 +144,14 @@ In order to do so, some variables have to be used '**loadbalancer_apiserver**' a
### Network Plugin ### Network Plugin
You can choose between 2 network plugins. Only one must be chosen. You can choose between 3 network plugins. Only one must be chosen.
* **flannel**: gre/vxlan (layer 2) networking. ([official docs](https://github.com/coreos/flannel)) * **flannel**: gre/vxlan (layer 2) networking. ([official docs](https://github.com/coreos/flannel))
* **calico**: bgp (layer 3) networking. ([official docs](http://docs.projectcalico.org/en/0.13/)) * **calico**: bgp (layer 3) networking. ([official docs](http://docs.projectcalico.org/en/0.13/))
* **weave**: Weave is a lightweight container overlay network that doesn't require an external K/V database cluster. ([official docs](http://weave.works/docs/))
The choice is defined with the variable **kube_network_plugin** The choice is defined with the variable **kube_network_plugin**

View File

@ -46,7 +46,7 @@ cluster_name: cluster.local
# but don't know about that address themselves. # but don't know about that address themselves.
# access_ip: 1.1.1.1 # access_ip: 1.1.1.1
# Choose network plugin (calico or flannel) # Choose network plugin (calico, weave or flannel)
kube_network_plugin: calico kube_network_plugin: calico
# Kubernetes internal network for services, unused block of space. # Kubernetes internal network for services, unused block of space.

View File

@ -6,6 +6,7 @@ kube_version: v1.1.4
etcd_version: v2.2.4 etcd_version: v2.2.4
calico_version: v0.16.0 calico_version: v0.16.0
calico_cni_version: v1.0.0 calico_cni_version: v1.0.0
weave_version: v1.4.4
# Download URL's # Download URL's
kube_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/amd64" kube_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/amd64"
@ -13,11 +14,13 @@ etcd_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_ver
calico_download_url: "https://github.com/Metaswitch/calico-docker/releases/download/{{calico_version}}/calicoctl" calico_download_url: "https://github.com/Metaswitch/calico-docker/releases/download/{{calico_version}}/calicoctl"
calico_cni_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico" calico_cni_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico"
calico_cni_ipam_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico-ipam" calico_cni_ipam_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico-ipam"
weave_download_url: "https://github.com/weaveworks/weave/releases/download/{{weave_version}}/weave"
# Checksums # Checksums
calico_checksum: "cfbbcad4b3b7d79be9a25bcdc153ec1d139eecd54840914a363b0710eebc5c51" calico_checksum: "cfbbcad4b3b7d79be9a25bcdc153ec1d139eecd54840914a363b0710eebc5c51"
calico_cni_checksum: "cfbb95d4416cb65845a188f3bd991fff232bd5ce3463b2919d586ab77967aecd" calico_cni_checksum: "cfbb95d4416cb65845a188f3bd991fff232bd5ce3463b2919d586ab77967aecd"
calico_cni_ipam_checksum: "93ebf8756b26314e1e3f612f1e824418cbb0a8df2942664422e697bcb109fbb2" calico_cni_ipam_checksum: "93ebf8756b26314e1e3f612f1e824418cbb0a8df2942664422e697bcb109fbb2"
weave_checksum: "152942c330f87ab475d87d9311b91674b90f25ea685bd4e04e0495d5fe09a957"
etcd_checksum: "6c4e5cdeaaac1a70b8f06b5dd6b82c37ff19993c9bca81248975610e555c4b9b" etcd_checksum: "6c4e5cdeaaac1a70b8f06b5dd6b82c37ff19993c9bca81248975610e555c4b9b"
kubectl_checksum: "873ba19926d17a3287dc8639ea1434fe3cd0cb4e61d82101ba754922cfc7a633" kubectl_checksum: "873ba19926d17a3287dc8639ea1434fe3cd0cb4e61d82101ba754922cfc7a633"
kubelet_checksum: "f2d1eae3fa6e304f6cbc9b2621e4b86fc3bcb4e74a15d35f58bf00e45c706e0a" kubelet_checksum: "f2d1eae3fa6e304f6cbc9b2621e4b86fc3bcb4e74a15d35f58bf00e45c706e0a"
@ -45,6 +48,13 @@ downloads:
owner: "root" owner: "root"
mode: "0755" mode: "0755"
- name: weave
dest: weave/bin/weave
url: "{{weave_download_url}}"
sha256: "{{ weave_checksum }}"
owner: "root"
mode: "0755"
- name: etcd - name: etcd
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz" dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
sha256: "{{ etcd_checksum }}" sha256: "{{ etcd_checksum }}"

View File

@ -25,10 +25,12 @@ KUBELET_ARGS="--kubeconfig={{ kube_config_dir}}/kubelet.kubeconfig --config={{ k
{% endif %} {% endif %}
{% if kube_network_plugin is defined and kube_network_plugin == "calico" %} {% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
KUBELET_NETWORK_PLUGIN="--network_plugin=cni --network-plugin-dir=/etc/cni/net.d" KUBELET_NETWORK_PLUGIN="--network_plugin=cni --network-plugin-dir=/etc/cni/net.d"
{% elif kube_network_plugin is defined and kube_network_plugin == "weave" %}
DOCKER_SOCKET="--docker-endpoint=unix:/var/run/weave/weave.sock"
{% endif %} {% endif %}
# Should this cluster be allowed to run privileged docker containers # Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=true" KUBE_ALLOW_PRIV="--allow_privileged=true"
{% if init_system == "sysvinit" %} {% if init_system == "sysvinit" %}
DAEMON_ARGS="$KUBE_LOGGING $KUBE_LOG_LEVEL $KUBE_ALLOW_PRIV $KUBELET_API_SERVER $KUBELET_ADDRESS \ DAEMON_ARGS="$KUBE_LOGGING $KUBE_LOG_LEVEL $KUBE_ALLOW_PRIV $KUBELET_API_SERVER $KUBELET_ADDRESS \
$KUBELET_HOSTNAME $KUBELET_REGISTER_NODE $KUBELET_ARGS $KUBELET_ARGS $KUBELET_NETWORK_PLUGIN" $KUBELET_HOSTNAME $KUBELET_REGISTER_NODE $KUBELET_ARGS $DOCKER_SOCKET $KUBELET_ARGS $KUBELET_NETWORK_PLUGIN"
{% endif %} {% endif %}

View File

@ -18,6 +18,7 @@ ExecStart={{ bin_dir }}/kubelet \
$KUBELET_HOSTNAME \ $KUBELET_HOSTNAME \
$KUBE_ALLOW_PRIV \ $KUBE_ALLOW_PRIV \
$KUBELET_ARGS \ $KUBELET_ARGS \
$DOCKER_SOCKET \
$KUBELET_REGISTER_NODE \ $KUBELET_REGISTER_NODE \
$KUBELET_NETWORK_PLUGIN $KUBELET_NETWORK_PLUGIN
Restart=on-failure Restart=on-failure

View File

@ -4,3 +4,5 @@ dependencies:
when: kube_network_plugin == 'calico' when: kube_network_plugin == 'calico'
- role: network_plugin/flannel - role: network_plugin/flannel
when: kube_network_plugin == 'flannel' when: kube_network_plugin == 'flannel'
- role: network_plugin/weave
when: kube_network_plugin == 'weave'

View File

@ -0,0 +1,48 @@
---
- name: restart docker
command: /bin/true
notify:
- reload systemd
- reload docker
- name : reload systemd
shell: systemctl daemon-reload
when: init_system == "systemd"
- name: restart weave
command: /bin/true
notify:
- reload systemd
- reload weave
- name: restart weaveproxy
command: /bin/true
notify:
- reload systemd
- reload weaveproxy
- name: restart weaveexpose
command: /bin/true
notify:
- reload systemd
- reload weaveexpose
- name: reload docker
service:
name: docker
state: restarted
- name: reload weave
service:
name: weave
state: restarted
- name: reload weaveproxy
service:
name: weaveproxy
state: restarted
- name: reload weaveexpose
service:
name: weaveexpose
state: restarted

View File

@ -0,0 +1,64 @@
---
- name: Set docker daemon options
template:
src: docker
dest: "/etc/default/docker"
owner: root
group: root
mode: 0644
notify:
- restart docker
- name: Write docker.service systemd file
template:
src: systemd-docker.service
dest: /lib/systemd/system/docker.service
notify: restart docker
when: init_system == "systemd"
- meta: flush_handlers
- name: Weave | Install weave
command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave"
changed_when: false
- name: Weave | pull weave images
shell: "{{ bin_dir }}/weave setup"
changed_when: false
- name: Weave | set perms
file: path="{{ bin_dir }}/weave" mode=0755 state=file
- name: Weave | Set options
template:
src: weave.j2
dest: "/etc/weave.env"
owner: root
group: root
mode: 0644
notify:
- restart systemd-weave
- name: Weave | Write weave systemd init file
template: src=weave.service.j2 dest=/etc/systemd/system/weave.service
when: init_system == "systemd"
notify: restart systemd-weave
- name: Weave | Write weaveproxy systemd init file
template: src=weaveproxy.service.j2 dest=/etc/systemd/system/weaveproxy.service
when: init_system == "systemd"
notify: restart systemd-weaveproxy
- name: Weave | Write weaveexpose systemd init file
template: src=weaveexpose.service.j2 dest=/etc/systemd/system/weaveexpose.service
when: init_system == "systemd"
notify: restart systemd-weaveexpose
- name: Weave | Enable weave
service: name=weave enabled=yes state=started
- name: Weave | Enable weaveproxy
service: name=weaveproxy enabled=yes state=started
- name: Weave | Enable weaveexpose
service: name=weaveexpose enabled=yes state=started

View File

@ -0,0 +1,2 @@
# Deployed by Ansible
DOCKER_OPTS=""

View File

@ -0,0 +1,28 @@
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
After=network.target
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
Requires=docker.socket
{% endif %}
[Service]
Type=notify
EnvironmentFile=-/etc/default/docker
Environment=GOTRACEBACK=crash
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
MountFlags=slave
TimeoutStartSec=1min
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,6 @@
WEAVE_PEERS="{% for host in groups['k8s-cluster'] %}{{ hostvars[host]['access_ip'] | default(hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address'])) }}{% if not loop.last %} {% endif %}{% endfor %}"
WEAVEPROXY_ARGS="--rewrite-inspect --without-dns"
WEAVE_SUBNET="--ipalloc-range {{ kube_pods_subnet }}"
{% if weave_password is defined %}
WEAVE_PASSWORD="{{ weave_password }}"
{% endif %}

View File

@ -0,0 +1,16 @@
[Unit]
Description=Weave Network
Documentation=http://docs.weave.works/weave/latest_release/
Requires=docker.service
After=docker.service
[Service]
EnvironmentFile=-/etc/weave.env
ExecStartPre={{ bin_dir }}/weave launch-router \
$WEAVE_SUBNET \
$WEAVE_PEERS
ExecStart=/usr/bin/docker attach weave
ExecStop={{ bin_dir }}/weave stop-router
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,18 @@
[Unit]
Documentation=http://docs.weave.works/
Requires=docker.service
Requires=weave.service
After=weave.service
After=docker.service
[Service]
Type=oneshot
RemainAfterExit=yes
TimeoutStartSec=0
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStart={{ bin_dir }}/weave expose
ExecStop={{ bin_dir }}/weave hide
[Install]
WantedBy=weave-network.target

View File

@ -0,0 +1,16 @@
[Unit]
Description=Weave proxy for Docker API
Documentation=http://docs.weave.works/
Requires=docker.service
After=docker.service
[Service]
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStartPre={{ bin_dir }}/weave launch-proxy $WEAVEPROXY_ARGS
ExecStart=/usr/bin/docker attach weaveproxy
Restart=on-failure
ExecStop=/opt/bin/weave stop-proxy
[Install]
WantedBy=weave-network.target