netchecker: update images to 1.2.2 from Mirantis (#8074)
* netchecker: update images to 1.2.2 from Mirantis which is slightly less ancinet than the l23networks images * Netchecker: use local etcd instead of kubernetes v1beta1 crds which are no longer suported by kube 1.22+pull/8099/head
parent
6aac59394e
commit
6a5b87dda4
|
@ -1,7 +1,7 @@
|
||||||
# Network Checker Application
|
# Network Checker Application
|
||||||
|
|
||||||
With the ``deploy_netchecker`` var enabled (defaults to false), Kubespray deploys a
|
With the ``deploy_netchecker`` var enabled (defaults to false), Kubespray deploys a
|
||||||
Network Checker Application from the 3rd side `l23network/k8s-netchecker` docker
|
Network Checker Application from the 3rd side `mirantis/k8s-netchecker` docker
|
||||||
images. It consists of the server and agents trying to reach the server by usual
|
images. It consists of the server and agents trying to reach the server by usual
|
||||||
for Kubernetes applications network connectivity meanings. Therefore, this
|
for Kubernetes applications network connectivity meanings. Therefore, this
|
||||||
automatically verifies a pod to pod connectivity via the cluster IP and checks
|
automatically verifies a pod to pod connectivity via the cluster IP and checks
|
||||||
|
|
|
@ -479,11 +479,12 @@ pod_infra_image_repo: "{{ kube_image_repo }}/pause"
|
||||||
pod_infra_image_tag: "{{ pod_infra_version }}"
|
pod_infra_image_tag: "{{ pod_infra_version }}"
|
||||||
install_socat_image_repo: "{{ docker_image_repo }}/xueshanf/install-socat"
|
install_socat_image_repo: "{{ docker_image_repo }}/xueshanf/install-socat"
|
||||||
install_socat_image_tag: "latest"
|
install_socat_image_tag: "latest"
|
||||||
netcheck_version: "v1.0"
|
netcheck_version: "v1.2.2"
|
||||||
netcheck_agent_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-agent"
|
netcheck_agent_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-agent"
|
||||||
netcheck_agent_image_tag: "{{ netcheck_version }}"
|
netcheck_agent_image_tag: "{{ netcheck_version }}"
|
||||||
netcheck_server_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-server"
|
netcheck_server_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-server"
|
||||||
netcheck_server_image_tag: "{{ netcheck_version }}"
|
netcheck_server_image_tag: "{{ netcheck_version }}"
|
||||||
|
netcheck_etcd_image_tag: "v3.4.17"
|
||||||
weave_kube_image_repo: "{{ docker_image_repo }}/weaveworks/weave-kube"
|
weave_kube_image_repo: "{{ docker_image_repo }}/weaveworks/weave-kube"
|
||||||
weave_kube_image_tag: "{{ weave_version }}"
|
weave_kube_image_tag: "{{ weave_version }}"
|
||||||
weave_npc_image_repo: "{{ docker_image_repo }}/weaveworks/weave-npc"
|
weave_npc_image_repo: "{{ docker_image_repo }}/weaveworks/weave-npc"
|
||||||
|
|
|
@ -38,6 +38,10 @@ netchecker_server_cpu_limit: 100m
|
||||||
netchecker_server_memory_limit: 256M
|
netchecker_server_memory_limit: 256M
|
||||||
netchecker_server_cpu_requests: 50m
|
netchecker_server_cpu_requests: 50m
|
||||||
netchecker_server_memory_requests: 64M
|
netchecker_server_memory_requests: 64M
|
||||||
|
netchecker_etcd_cpu_limit: 200m
|
||||||
|
netchecker_etcd_memory_limit: 256M
|
||||||
|
netchecker_etcd_cpu_requests: 100m
|
||||||
|
netchecker_etcd_memory_requests: 128M
|
||||||
|
|
||||||
# SecurityContext when PodSecurityPolicy is enabled
|
# SecurityContext when PodSecurityPolicy is enabled
|
||||||
netchecker_agent_user: 1000
|
netchecker_agent_user: 1000
|
||||||
|
|
|
@ -6,10 +6,4 @@ metadata:
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["pods"]
|
resources: ["pods"]
|
||||||
verbs: ["list"]
|
verbs: ["list", "get"]
|
||||||
- apiGroups: ["apiextensions.k8s.io"]
|
|
||||||
resources: ["customresourcedefinitions"]
|
|
||||||
verbs: ['*']
|
|
||||||
- apiGroups: ["network-checker.ext"]
|
|
||||||
resources: ["agents"]
|
|
||||||
verbs: ['*']
|
|
||||||
|
|
|
@ -17,6 +17,9 @@ spec:
|
||||||
app: netchecker-server
|
app: netchecker-server
|
||||||
spec:
|
spec:
|
||||||
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
|
volumes:
|
||||||
|
- name: etcd-data
|
||||||
|
emptyDir: {}
|
||||||
containers:
|
containers:
|
||||||
- name: netchecker-server
|
- name: netchecker-server
|
||||||
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
|
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
|
||||||
|
@ -34,10 +37,34 @@ spec:
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8081
|
- containerPort: 8081
|
||||||
args:
|
args:
|
||||||
- "-v=5"
|
- -v=5
|
||||||
- "-logtostderr"
|
- -logtostderr
|
||||||
- "-kubeproxyinit"
|
- -kubeproxyinit=false
|
||||||
- "-endpoint=0.0.0.0:8081"
|
- -endpoint=0.0.0.0:8081
|
||||||
|
- -etcd-endpoints=http://127.0.0.1:2379
|
||||||
|
- name: etcd
|
||||||
|
image: "{{ etcd_image_repo }}:{{ netcheck_etcd_image_tag }}"
|
||||||
|
imagePullPolicy: {{ k8s_image_pull_policy }}
|
||||||
|
command:
|
||||||
|
- etcd
|
||||||
|
- --listen-client-urls=http://127.0.0.1:2379
|
||||||
|
- --advertise-client-urls=http://127.0.0.1:2379
|
||||||
|
- --data-dir=/var/lib/etcd
|
||||||
|
- --enable-v2
|
||||||
|
- --force-new-cluster
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /var/lib/etcd
|
||||||
|
name: etcd-data
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: {{ netchecker_etcd_cpu_limit }}
|
||||||
|
memory: {{ netchecker_etcd_memory_limit }}
|
||||||
|
requests:
|
||||||
|
cpu: {{ netchecker_etcd_cpu_requests }}
|
||||||
|
memory: {{ netchecker_etcd_memory_requests }}
|
||||||
|
securityContext:
|
||||||
|
runAsUser: {{ netchecker_server_user | default('0') }}
|
||||||
|
runAsGroup: {{ netchecker_server_group | default('0') }}
|
||||||
tolerations:
|
tolerations:
|
||||||
- effect: NoSchedule
|
- effect: NoSchedule
|
||||||
operator: Exists
|
operator: Exists
|
||||||
|
|
Loading…
Reference in New Issue