diff options
author | Christian Pointner <equinox@spreadspace.org> | 2019-10-11 00:46:13 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2019-10-11 00:46:13 +0200 |
commit | 901486a82273b55308576e33bcc56f88b29b855f (patch) | |
tree | 6cd5a7f0ab20cdb7c437aa07909a2c25892a141f /roles/kubernetes | |
parent | added role for containerd and improve kubernetes/base (diff) |
added kubernetes/standalone role
Diffstat (limited to 'roles/kubernetes')
-rw-r--r-- | roles/kubernetes/base/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/kubernetes/standalone/defaults/main.yml | 12 | ||||
-rw-r--r-- | roles/kubernetes/standalone/handlers/main.yml | 6 | ||||
-rw-r--r-- | roles/kubernetes/standalone/tasks/main.yml | 34 | ||||
-rw-r--r-- | roles/kubernetes/standalone/templates/cni.conflist.j2 | 23 | ||||
-rw-r--r-- | roles/kubernetes/standalone/templates/kubelet-config.yml.j2 | 24 | ||||
-rw-r--r-- | roles/kubernetes/standalone/templates/kubelet.service.override.j2 | 9 |
7 files changed, 110 insertions, 1 deletions
diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml index 375bb63e..731be48b 100644 --- a/roles/kubernetes/base/tasks/main.yml +++ b/roles/kubernetes/base/tasks/main.yml @@ -45,7 +45,6 @@ selection: hold - name: configure crictl to use containerd - when: kubernetes_container_runtime == 'containerd' loop: - zsh - bash @@ -54,7 +53,9 @@ create: yes marker: "### {mark} ANSIBLE MANAGED BLOCK for crictl ###" content: | + {% if kubernetes_container_runtime == 'containerd' %} alias crictl="crictl --runtime-endpoint unix:///run/containerd/containerd.sock" + {% endif %} {% if item == 'zsh' %} ## TODO: see https://github.com/kubernetes-sigs/cri-tools/issues/435 autoload -U +X bashcompinit && bashcompinit diff --git a/roles/kubernetes/standalone/defaults/main.yml b/roles/kubernetes/standalone/defaults/main.yml new file mode 100644 index 00000000..fb48cf2b --- /dev/null +++ b/roles/kubernetes/standalone/defaults/main.yml @@ -0,0 +1,12 @@ +--- +kubernetes_standalone_address: 127.0.0.1 +kubernetes_standalone_port: 10250 +kubernetes_standalone_readonly_port: 0 + +kubernetes_standalone_healthz_address: 127.0.0.1 +kubernetes_standalone_healthz_port: 0 + +kubernetes_standalone_max_pods: 10 + +kubernetes_standalone_pod_cidr: 192.168.255.0/24 +kubernetes_standalone_resolv_conf: /etc/resolv.conf diff --git a/roles/kubernetes/standalone/handlers/main.yml b/roles/kubernetes/standalone/handlers/main.yml new file mode 100644 index 00000000..26438551 --- /dev/null +++ b/roles/kubernetes/standalone/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart kubelet + systemd: + name: kubelet.service + state: restarted + daemon_reload: yes diff --git a/roles/kubernetes/standalone/tasks/main.yml b/roles/kubernetes/standalone/tasks/main.yml new file mode 100644 index 00000000..e377e4b9 --- /dev/null +++ b/roles/kubernetes/standalone/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: create systemd override directory for kubelet + file: + path: /etc/systemd/system/kubelet.service.d + state: directory + +- name: install systemd override for kubelet + template: + src: kubelet.service.override.j2 + dest: /etc/systemd/system/kubelet.service.d/standalone.conf + notify: restart kubelet + +- name: install kubelet config + template: + src: kubelet-config.yml.j2 + dest: /etc/kubernetes/kubelet.yml + notify: restart kubelet + +- name: make sure kubelet is enabled and running + systemd: + name: kubelet.service + state: started + enabled: yes + daemon_reload: yes + +- name: create cni config directory + file: + name: /etc/cni/net.d + state: directory + +- name: install cni config + template: + src: cni.conflist.j2 + dest: /etc/cni/net.d/kube-standalone.conflist diff --git a/roles/kubernetes/standalone/templates/cni.conflist.j2 b/roles/kubernetes/standalone/templates/cni.conflist.j2 new file mode 100644 index 00000000..0b641097 --- /dev/null +++ b/roles/kubernetes/standalone/templates/cni.conflist.j2 @@ -0,0 +1,23 @@ +{ + "cniVersion": "0.3.1", + "name": "kube-standalone", + "plugins": [ + { + "type": "bridge", + "bridge": "kube-bridge", + "isDefaultGateway": true, + "ipMasq": true, + "hairpinMode": false, + "ipam": { + "type": "host-local", + "subnet": "{{ kubernetes_standalone_pod_cidr }}" + } + }, { + "type": "portmap", + "capabilities": { + "portMappings": true, + "snat": true + } + } + ] +} diff --git a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 new file mode 100644 index 00000000..78aec0c4 --- /dev/null +++ b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 @@ -0,0 +1,24 @@ +{# https://godoc.org/k8s.io/kubelet/config/v1beta1#KubeletConfiguration #} +{# #} +kind: KubeletConfiguration +apiVersion: kubelet.config.k8s.io/v1beta1 +staticPodPath: /etc/kubernetes/manifests +address: {{ kubernetes_standalone_address }} +port: {{ kubernetes_standalone_port }} +readOnlyPort: {{ kubernetes_standalone_readonly_port }} +healthzBindAdress: {{ kubernetes_standalone_healthz_address }} +healthzPort: {{ kubernetes_standalone_healthz_port }} +authentication: + anonymous: + enabled: true + webhook: + enabled: false +authorization: + mode: AlwaysAllow +Maxpods: {{ kubernetes_standalone_max_pods }} +makeIPTablesUtilChains: false +hairpinMode: none +resolvConf: {{ kubernetes_standalone_resolv_conf }} +enableControllerAttachDetach: false +featureGates: + RuntimeClass: false diff --git a/roles/kubernetes/standalone/templates/kubelet.service.override.j2 b/roles/kubernetes/standalone/templates/kubelet.service.override.j2 new file mode 100644 index 00000000..3a88ccd2 --- /dev/null +++ b/roles/kubernetes/standalone/templates/kubelet.service.override.j2 @@ -0,0 +1,9 @@ +[Service] +ExecStart= +ExecStart=/usr/bin/kubelet \ + --config=/etc/kubernetes/kubelet.yml \ +{% if kubernetes_container_runtime == 'containerd' %} + --container-runtime=remote \ + --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ +{% endif %} + --cloud-provider= |