Merge pull request #3200 from pablodav/feature/k8s_win_v1.11

Required support to start working on windows node support
pull/3172/head
k8s-ci-robot 2018-09-03 04:51:23 -07:00 committed by GitHub
commit db11394711
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 85 additions and 1 deletions

View File

@ -94,6 +94,7 @@
roles: roles:
- { role: kubespray-defaults} - { role: kubespray-defaults}
- { role: kubernetes-apps/rotate_tokens, tags: rotate_tokens, when: "secret_changed|default(false)" } - { role: kubernetes-apps/rotate_tokens, tags: rotate_tokens, when: "secret_changed|default(false)" }
- { role: win_nodes/kubernetes_patch, tags: win_nodes, when: "kubeadm_enabled" }
- hosts: kube-master - hosts: kube-master
any_errors_fatal: "{{ any_errors_fatal | default(true) }}" any_errors_fatal: "{{ any_errors_fatal | default(true) }}"

View File

@ -52,3 +52,6 @@ spec:
- --default-params={"linear":{"nodesPerReplica":{{ dnsmasq_nodes_per_replica }},"preventSinglePointFailure":true}} - --default-params={"linear":{"nodesPerReplica":{{ dnsmasq_nodes_per_replica }},"preventSinglePointFailure":true}}
- --logtostderr=true - --logtostderr=true
- --v={{ kube_log_level }} - --v={{ kube_log_level }}
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux

View File

@ -24,6 +24,9 @@ spec:
tolerations: tolerations:
- effect: NoSchedule - effect: NoSchedule
operator: Exists operator: Exists
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: dnsmasq - name: dnsmasq
image: "{{ dnsmasq_image_repo }}:{{ dnsmasq_image_tag }}" image: "{{ dnsmasq_image_repo }}:{{ dnsmasq_image_tag }}"

View File

@ -138,6 +138,15 @@
msg: "{{available_packages}}" msg: "{{available_packages}}"
when: docker_task_result|failed when: docker_task_result|failed
# This is required to ensure any apt upgrade will not break kubernetes
- name: Set docker pin priority to apt_preferences on Debian family
template:
src: "apt_preferences.d/debian_docker.j2"
dest: "/etc/apt/preferences.d/docker"
owner: "root"
mode: 0644
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
- name: ensure service is started if docker packages are already present - name: ensure service is started if docker packages are already present
service: service:
name: docker name: docker

View File

@ -0,0 +1,3 @@
Package: docker-ce
Pin: version {{ docker_version }}.*
Pin-Priority: 1001

View File

@ -6,7 +6,6 @@
- facts - facts
- include_tasks: "gen_certs_{{ cert_management }}.yml" - include_tasks: "gen_certs_{{ cert_management }}.yml"
when:
tags: tags:
- etcd-secrets - etcd-secrets

View File

@ -28,6 +28,9 @@ spec:
labels: labels:
k8s-app: kubedns-autoscaler k8s-app: kubedns-autoscaler
spec: spec:
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
tolerations: tolerations:
- effect: NoSchedule - effect: NoSchedule
operator: Equal operator: Equal

View File

@ -27,6 +27,9 @@ spec:
annotations: annotations:
scheduler.alpha.kubernetes.io/critical-pod: '' scheduler.alpha.kubernetes.io/critical-pod: ''
spec: spec:
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
tolerations: tolerations:
- key: "CriticalAddonsOnly" - key: "CriticalAddonsOnly"
operator: "Exists" operator: "Exists"

View File

@ -15,6 +15,9 @@ spec:
tolerations: tolerations:
- effect: NoSchedule - effect: NoSchedule
operator: Exists operator: Exists
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: netchecker-agent - name: netchecker-agent
image: "{{ agent_img }}" image: "{{ agent_img }}"

View File

@ -13,6 +13,9 @@ spec:
app: netchecker-agent-hostnet app: netchecker-agent-hostnet
spec: spec:
hostNetwork: True hostNetwork: True
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
{% if kube_version | version_compare('v1.6', '>=') %} {% if kube_version | version_compare('v1.6', '>=') %}
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
{% endif %} {% endif %}

View File

@ -29,6 +29,9 @@ spec:
spec: spec:
priorityClassName: system-node-critical priorityClassName: system-node-critical
serviceAccountName: efk serviceAccountName: efk
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: fluentd-es - name: fluentd-es
image: "{{ fluentd_image_repo }}:{{ fluentd_image_tag }}" image: "{{ fluentd_image_repo }}:{{ fluentd_image_tag }}"

View File

@ -42,3 +42,6 @@ spec:
requests: requests:
cpu: 10m cpu: 10m
memory: 20Mi memory: 20Mi
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux

View File

@ -121,6 +121,7 @@
--ignore-preflight-errors=all --ignore-preflight-errors=all
--allow-experimental-upgrades --allow-experimental-upgrades
--allow-release-candidate-upgrades --allow-release-candidate-upgrades
--force
register: kubeadm_upgrade register: kubeadm_upgrade
# Retry is because upload config sometimes fails # Retry is because upload config sometimes fails
retries: 3 retries: 3

View File

@ -12,6 +12,9 @@ spec:
{% if kube_version | version_compare('v1.6', '>=') %} {% if kube_version | version_compare('v1.6', '>=') %}
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
{% endif %} {% endif %}
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: kube-proxy - name: kube-proxy
image: {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} image: {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }}

View File

@ -7,6 +7,9 @@ metadata:
k8s-app: kube-nginx k8s-app: kube-nginx
spec: spec:
hostNetwork: true hostNetwork: true
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: nginx-proxy - name: nginx-proxy
image: {{ nginx_image_repo }}:{{ nginx_image_tag }} image: {{ nginx_image_repo }}:{{ nginx_image_tag }}

View File

@ -53,6 +53,9 @@ spec:
k8s-app: flannel k8s-app: flannel
spec: spec:
serviceAccountName: flannel serviceAccountName: flannel
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
containers: containers:
- name: kube-flannel - name: kube-flannel
image: {{ flannel_image_repo }}:{{ flannel_image_tag }} image: {{ flannel_image_repo }}:{{ flannel_image_tag }}

View File

@ -0,0 +1,3 @@
---
kubernetes_user_manifests_path: "{{ ansible_env.HOME }}/kube-manifests"

View File

@ -0,0 +1 @@
{"spec":{"template":{"spec":{"nodeSelector":{"beta.kubernetes.io/os":"linux"}}}}}

View File

@ -0,0 +1,34 @@
---
- name: Ensure that user manifests directory exists
file:
path: "{{ kubernetes_user_manifests_path }}/kubernetes"
state: directory
recurse: yes
tags: [init, cni]
- name: Apply kube-proxy nodeselector
block:
- name: Copy kube-proxy daemonset nodeselector patch
copy:
src: nodeselector-os-linux-patch.json
dest: "{{ kubernetes_user_manifests_path }}/nodeselector-os-linux-patch.json"
# Due to https://github.com/kubernetes/kubernetes/issues/58212 we cannot rely on exit code for "kubectl patch"
- name: Check current nodeselector for kube-proxy daemonset
shell: kubectl get ds kube-proxy --namespace=kube-system -o jsonpath='{.spec.template.spec.nodeSelector.beta\.kubernetes\.io/os}'
register: current_kube_proxy_state
- name: Apply nodeselector patch for kube-proxy daemonset
shell: kubectl patch ds kube-proxy --namespace=kube-system --type=strategic -p "$(cat nodeselector-os-linux-patch.json)"
args:
chdir: "{{ kubernetes_user_manifests_path }}"
register: patch_kube_proxy_state
when: current_kube_proxy_state.stdout | trim | lower != "linux"
- debug: msg={{ patch_kube_proxy_state.stdout_lines }}
when: patch_kube_proxy_state is not skipped
- debug: msg={{ patch_kube_proxy_state.stderr_lines }}
when: patch_kube_proxy_state is not skipped
tags: init