netchecker: update images to 1.2.2 from Mirantis (#8074)
* netchecker: update images to 1.2.2 from Mirantis which is slightly less ancinet than the l23networks images * Netchecker: use local etcd instead of kubernetes v1beta1 crds which are no longer suported by kube 1.22+pull/8099/head
parent
6aac59394e
commit
6a5b87dda4
|
@ -1,7 +1,7 @@
|
|||
# Network Checker Application
|
||||
|
||||
With the ``deploy_netchecker`` var enabled (defaults to false), Kubespray deploys a
|
||||
Network Checker Application from the 3rd side `l23network/k8s-netchecker` docker
|
||||
Network Checker Application from the 3rd side `mirantis/k8s-netchecker` docker
|
||||
images. It consists of the server and agents trying to reach the server by usual
|
||||
for Kubernetes applications network connectivity meanings. Therefore, this
|
||||
automatically verifies a pod to pod connectivity via the cluster IP and checks
|
||||
|
|
|
@ -479,11 +479,12 @@ pod_infra_image_repo: "{{ kube_image_repo }}/pause"
|
|||
pod_infra_image_tag: "{{ pod_infra_version }}"
|
||||
install_socat_image_repo: "{{ docker_image_repo }}/xueshanf/install-socat"
|
||||
install_socat_image_tag: "latest"
|
||||
netcheck_version: "v1.0"
|
||||
netcheck_agent_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-agent"
|
||||
netcheck_version: "v1.2.2"
|
||||
netcheck_agent_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-agent"
|
||||
netcheck_agent_image_tag: "{{ netcheck_version }}"
|
||||
netcheck_server_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-server"
|
||||
netcheck_server_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-server"
|
||||
netcheck_server_image_tag: "{{ netcheck_version }}"
|
||||
netcheck_etcd_image_tag: "v3.4.17"
|
||||
weave_kube_image_repo: "{{ docker_image_repo }}/weaveworks/weave-kube"
|
||||
weave_kube_image_tag: "{{ weave_version }}"
|
||||
weave_npc_image_repo: "{{ docker_image_repo }}/weaveworks/weave-npc"
|
||||
|
|
|
@ -38,6 +38,10 @@ netchecker_server_cpu_limit: 100m
|
|||
netchecker_server_memory_limit: 256M
|
||||
netchecker_server_cpu_requests: 50m
|
||||
netchecker_server_memory_requests: 64M
|
||||
netchecker_etcd_cpu_limit: 200m
|
||||
netchecker_etcd_memory_limit: 256M
|
||||
netchecker_etcd_cpu_requests: 100m
|
||||
netchecker_etcd_memory_requests: 128M
|
||||
|
||||
# SecurityContext when PodSecurityPolicy is enabled
|
||||
netchecker_agent_user: 1000
|
||||
|
|
|
@ -6,10 +6,4 @@ metadata:
|
|||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["list"]
|
||||
- apiGroups: ["apiextensions.k8s.io"]
|
||||
resources: ["customresourcedefinitions"]
|
||||
verbs: ['*']
|
||||
- apiGroups: ["network-checker.ext"]
|
||||
resources: ["agents"]
|
||||
verbs: ['*']
|
||||
verbs: ["list", "get"]
|
||||
|
|
|
@ -17,6 +17,9 @@ spec:
|
|||
app: netchecker-server
|
||||
spec:
|
||||
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||
volumes:
|
||||
- name: etcd-data
|
||||
emptyDir: {}
|
||||
containers:
|
||||
- name: netchecker-server
|
||||
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
|
||||
|
@ -34,10 +37,34 @@ spec:
|
|||
ports:
|
||||
- containerPort: 8081
|
||||
args:
|
||||
- "-v=5"
|
||||
- "-logtostderr"
|
||||
- "-kubeproxyinit"
|
||||
- "-endpoint=0.0.0.0:8081"
|
||||
- -v=5
|
||||
- -logtostderr
|
||||
- -kubeproxyinit=false
|
||||
- -endpoint=0.0.0.0:8081
|
||||
- -etcd-endpoints=http://127.0.0.1:2379
|
||||
- name: etcd
|
||||
image: "{{ etcd_image_repo }}:{{ netcheck_etcd_image_tag }}"
|
||||
imagePullPolicy: {{ k8s_image_pull_policy }}
|
||||
command:
|
||||
- etcd
|
||||
- --listen-client-urls=http://127.0.0.1:2379
|
||||
- --advertise-client-urls=http://127.0.0.1:2379
|
||||
- --data-dir=/var/lib/etcd
|
||||
- --enable-v2
|
||||
- --force-new-cluster
|
||||
volumeMounts:
|
||||
- mountPath: /var/lib/etcd
|
||||
name: etcd-data
|
||||
resources:
|
||||
limits:
|
||||
cpu: {{ netchecker_etcd_cpu_limit }}
|
||||
memory: {{ netchecker_etcd_memory_limit }}
|
||||
requests:
|
||||
cpu: {{ netchecker_etcd_cpu_requests }}
|
||||
memory: {{ netchecker_etcd_memory_requests }}
|
||||
securityContext:
|
||||
runAsUser: {{ netchecker_server_user | default('0') }}
|
||||
runAsGroup: {{ netchecker_server_group | default('0') }}
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
|
|
Loading…
Reference in New Issue