Merge pull request #19489 from cloudnativeapps/vsphere-support-1

Auto commit by PR queue bot
2016-01-26 22:27:55 -08:00
parent 603931f237 f7db2c6e99
commit 86dd321c73
16 changed files with 360 additions and 59 deletions
--- a/cluster/saltbase/salt/docker/docker.list
+++ b/cluster/saltbase/salt/docker/docker.list
@@ -0,0 +1 @@
+deb https://apt.dockerproject.org/repo debian-{{ salt['grains.get']('oscodename') }} main
--- a/cluster/saltbase/salt/docker/init.sls
+++ b/cluster/saltbase/salt/docker/init.sls
@@ -1,7 +1,7 @@
 {% if pillar.get('is_systemd') %}
-{% set environment_file = '/etc/sysconfig/docker' %}
+  {% set environment_file = '/etc/sysconfig/docker' %}
 {% else %}
-{% set environment_file = '/etc/default/docker' %}
+  {% set environment_file = '/etc/default/docker' %}
 {% endif %}

 bridge-utils:
@@ -47,6 +47,96 @@ docker:
      - pkg: docker-io

 {% endif %}
+{% elif grains.cloud is defined and grains.cloud == 'vsphere' and grains.os == 'Debian' and grains.osrelease_info[0] >=8 %}
+
+{% if pillar.get('is_systemd') %}
+
+{{ pillar.get('systemd_system_path') }}/docker.service:
+  file.managed:
+    - source: salt://docker/docker.service
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: 644
+    - defaults:
+        environment_file: {{ environment_file }}
+
+# The docker service.running block below doesn't work reliably
+# Instead we run our script which e.g. does a systemd daemon-reload
+# But we keep the service block below, so it can be used by dependencies
+# TODO: Fix this
+fix-service-docker:
+  cmd.wait:
+    - name: /opt/kubernetes/helpers/services bounce docker
+    - watch:
+      - file: {{ pillar.get('systemd_system_path') }}/docker.service
+      - file: {{ environment_file }}
+{% endif %}
+
+{{ environment_file }}:
+  file.managed:
+    - source: salt://docker/docker-defaults
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: 644
+    - makedirs: true
+    - require:
+      - pkg: docker-engine
+
+'apt-key':
+   cmd.run:
+     - name: 'apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D'
+     - unless: 'apt-key finger | grep "5811 8E89"'
+
+'apt-update':
+  cmd.wait:
+    - name: '/usr/bin/apt-get update -y'
+    - require:
+       - cmd : 'apt-key'
+
+lxc-docker:
+  pkg:
+    - purged
+
+docker-io:
+  pkg:
+    - purged
+
+cbr0:
+  network.managed:
+    - enabled: True
+    - type: bridge
+    - proto: dhcp
+    - ports: none
+    - bridge: cbr0
+    - delay: 0
+    - bypassfirewall: True
+    - require_in:
+      - service: docker
+
+/etc/apt/sources.list.d/docker.list:
+  file.managed:
+    - source: salt://docker/docker.list
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: 644
+    - require:
+      - cmd: 'apt-update'
+
+docker-engine:
+   pkg:
+     - installed
+     - require:
+       - file: /etc/apt/sources.list.d/docker.list
+docker:
+   service.running:
+     - enable: True
+     - require:
+       - file: {{ environment_file }}
+     - watch:
+       - file: {{ environment_file }}

 {% else %}

@@ -216,3 +306,4 @@ docker:
      - pkg: docker-upgrade
 {% endif %}
 {% endif %} # end grains.os_family != 'RedHat'
+
--- a/cluster/saltbase/salt/kube-addons/init.sls
+++ b/cluster/saltbase/salt/kube-addons/init.sls
@@ -133,7 +133,7 @@ addon-dir-create:
 {% endif %}

 {% if pillar.get('enable_node_logging', '').lower() == 'true'
-   and pillar.get('logging_destination').lower() == 'elasticsearch'
+   and pillar.get('logging_destination', '').lower() == 'elasticsearch'
   and pillar.get('enable_cluster_logging', '').lower() == 'true' %}
 /etc/kubernetes/addons/fluentd-elasticsearch:
  file.recurse:
--- a/cluster/saltbase/salt/kube-apiserver/init.sls
+++ b/cluster/saltbase/salt/kube-apiserver/init.sls
@@ -1,5 +1,5 @@
 {% if grains.cloud is defined %}
-{% if grains.cloud in ['aws', 'gce', 'vagrant'] %}
+{% if grains.cloud in ['aws', 'gce', 'vagrant', 'vsphere'] %}
 # TODO: generate and distribute tokens on other cloud providers.
 /srv/kubernetes/known_tokens.csv:
  file.managed:
@@ -9,7 +9,7 @@
 {% endif %}
 {% endif %}

-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ]  %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ,'vsphere']  %}
 /srv/kubernetes/basic_auth.csv:
  file.managed:
    - source: salt://kube-apiserver/basic_auth.csv
--- a/cluster/saltbase/salt/kube-apiserver/kube-apiserver.manifest
+++ b/cluster/saltbase/salt/kube-apiserver/kube-apiserver.manifest
@@ -9,7 +9,7 @@
 {% set cloud_config_volume = "" -%}

 {% if grains.cloud is defined -%}
-  {% if grains.cloud != 'vagrant' -%}
+  {% if grains.cloud not in ['vagrant', 'vsphere'] -%}
    {% set cloud_provider = "--cloud-provider=" + grains.cloud -%}
  {% endif -%}

@@ -57,7 +57,7 @@
 {% set client_ca_file = "" -%}

 {% set secure_port = "6443" -%}
-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ]    %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere' ]    %}
  {% set secure_port = "443" -%}
  {% set client_ca_file = "--client-ca-file=/srv/kubernetes/ca.crt" -%}
 {% endif -%}
@@ -71,12 +71,12 @@
 {% endif -%}

 {% if grains.cloud is defined -%}
-{% if grains.cloud in [ 'aws', 'gce', 'vagrant' ] -%}
+{% if grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere' ] -%}
    {% set token_auth_file = "--token-auth-file=/srv/kubernetes/known_tokens.csv" -%}
 {% endif -%}
 {% endif -%}

-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant']  %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere']  %}
  {% set basic_auth_file = "--basic-auth-file=/srv/kubernetes/basic_auth.csv" -%}
 {% endif -%}

--- a/cluster/saltbase/salt/kube-controller-manager/kube-controller-manager.manifest
+++ b/cluster/saltbase/salt/kube-controller-manager/kube-controller-manager.manifest
@@ -27,7 +27,7 @@
 {% set cloud_config_volume = "" -%}

 {% if grains.cloud is defined -%}
-  {% if grains.cloud != 'vagrant' -%}
+  {% if grains.cloud not in ['vagrant', 'vsphere'] -%}
    {% set cloud_provider = "--cloud-provider=" + grains.cloud -%}
  {% endif -%}
  {% set service_account_key = "--service-account-private-key-file=/srv/kubernetes/server.key" -%}
@@ -41,7 +41,7 @@

 {% set root_ca_file = "" -%}

-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ]    %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere' ]    %}
   {% set root_ca_file = "--root-ca-file=/srv/kubernetes/ca.crt" -%}
 {% endif -%}

--- a/cluster/saltbase/salt/kube-proxy/kube-proxy.manifest
+++ b/cluster/saltbase/salt/kube-proxy/kube-proxy.manifest
@@ -5,7 +5,7 @@
  {% set ips = salt['mine.get']('roles:kubernetes-master', 'network.ip_addrs', 'grain').values() -%}
  {% set api_servers = "--master=https://" + ips[0][0] -%}
 {% endif -%}
-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ]  %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere' ]  %}
  {% set api_servers_with_port = api_servers -%}
 {% else -%}
  {% set api_servers_with_port = api_servers + ":6443" -%}
--- a/cluster/saltbase/salt/kubelet/default
+++ b/cluster/saltbase/salt/kubelet/default
@@ -16,7 +16,7 @@
 {% endif -%}

 # TODO: remove nginx for other cloud providers.
-{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ]  %}
+{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere' ]  %}
  {% set api_servers_with_port = api_servers -%}
 {% else -%}
  {% set api_servers_with_port = api_servers + ":6443" -%}
@@ -27,7 +27,7 @@
 {% set debugging_handlers = "--enable-debugging-handlers=true" -%}

 {% if grains['roles'][0] == 'kubernetes-master' -%}
-  {% if grains.cloud in ['aws', 'gce', 'vagrant'] -%}
+  {% if grains.cloud in ['aws', 'gce', 'vagrant', 'vsphere'] -%}

    # Unless given a specific directive, disable registration for the kubelet
    # running on the master.
@@ -46,7 +46,7 @@
 {% endif -%}

 {% set cloud_provider = "" -%}
-{% if grains.cloud is defined and grains.cloud != 'vagrant' -%}
+{% if grains.cloud is defined and grains.cloud not in ['vagrant', 'vsphere'] -%}
  {% set cloud_provider = "--cloud-provider=" + grains.cloud -%}
 {% endif -%}

@@ -105,7 +105,11 @@
 {% set cgroup_root = "" -%}
 {% if grains['os_family'] == 'Debian' -%}
  {% set system_container = "--system-container=/system" -%}
-  {% set cgroup_root = "--cgroup-root=/" -%}
+  {% if pillar.get('is_systemd') %}
+    {% set cgroup_root = "--cgroup-root=docker" -%}
+  {% else %}
+    {% set cgroup_root = "--cgroup-root=/" -%}
+  {% endif %}
 {% endif -%}
 {% if grains['oscodename'] == 'vivid' -%}
  {% set cgroup_root = "--cgroup-root=docker" -%}
--- a/cluster/saltbase/salt/static-routes/if-down
+++ b/cluster/saltbase/salt/static-routes/if-down
@@ -3,8 +3,14 @@
 [ "$IFACE" == "eth0" ] || exit 0

 {% for host, ip_addrs in salt['mine.get']('roles:kubernetes-pool', 'network.ip_addrs', 'grain').items() %}
-{% if ip_addrs[0] != salt['network.ip_addrs']('eth0')[0] %}
-{% set cidr = salt['mine.get'](host, 'grains.items')[host]['cbr-cidr'] %}
-route del -net {{ cidr }}
-{% endif %}
+  {% set network_ipaddr = None %}
+  {% if salt['network.ip_addrs']('eth0') is defined %}
+    {% set network_ipaddr = salt['network.ip_addrs']('eth0')[0] %}
+  {% elif salt['network.ip_addrs']('local') is defined %}
+    {% set network_ipaddr = salt['network.ip_addrs']('local')[0] %}
+  {% endif %}
+  {% if network_ipaddr is defined and ip_addrs[0] != network_ipaddr %}
+    {% set cidr = salt['mine.get'](host, 'grains.items')[host]['cbr-cidr'] %}
+      route del -net {{ cidr }}
+  {% endif %}
 {% endfor %}
--- a/cluster/saltbase/salt/static-routes/if-up
+++ b/cluster/saltbase/salt/static-routes/if-up
@@ -3,8 +3,14 @@
 [ "$IFACE" == "eth0" ] || exit 0

 {% for host, ip_addrs in salt['mine.get']('roles:kubernetes-pool', 'network.ip_addrs', 'grain').items() %}
-{% if ip_addrs[0] != salt['network.ip_addrs']('eth0')[0] %}
-{% set cidr = salt['mine.get'](host, 'grains.items')[host]['cbr-cidr'] %}
-route add -net {{ cidr }} gw {{ ip_addrs[0] }}
-{% endif %}
+  {% set network_ipaddr = None %}
+  {% if salt['network.ip_addrs']('eth0') %}
+    {% set network_ipaddr = salt['network.ip_addrs']('eth0')[0] %}
+  {% elif salt['network.ip_addrs']('local') %}
+    {% set network_ipaddr = salt['network.ip_addrs']('local').first %}
+  {% endif %}
+  {% if network_ipaddr and ip_addrs[0] != network_ipaddr %}
+    {% set cidr = salt['mine.get'](host, 'grains.items')[host]['cbr-cidr'] %}
+      route add -net {{ cidr }} gw {{ ip_addrs[0] }}
+  {% endif %}
 {% endfor %}
--- a/cluster/saltbase/salt/top.sls
+++ b/cluster/saltbase/salt/top.sls
@@ -51,7 +51,7 @@ base:
    - kube-controller-manager
    - kube-scheduler
    - supervisor
-{% if grains['cloud'] is defined and not grains.cloud in [ 'aws', 'gce', 'vagrant' ] %}
+{% if grains['cloud'] is defined and not grains.cloud in [ 'aws', 'gce', 'vagrant', 'vsphere'] %}
    - nginx
 {% endif %}
    - cadvisor
@@ -69,7 +69,7 @@ base:
    - logrotate
 {% endif %}
    - kube-addons
-{% if grains['cloud'] is defined and grains['cloud'] in [ 'vagrant', 'gce', 'aws' ] %}
+{% if grains['cloud'] is defined and grains['cloud'] in [ 'vagrant', 'gce', 'aws', 'vsphere' ] %}
    - docker
    - kubelet
 {% endif %}
				`@@ -0,0 +1 @@`
				`deb https://apt.dockerproject.org/repo debian-{{ salt['grains.get']('oscodename') }} main`