Skip to content

Commit

Permalink
Update entrypoint scripts and document to align with new CLI (#1097)
Browse files Browse the repository at this point in the history 
* Update entrypoint scripts and document to align with new CLI

Update entrypoint scripts for k8s, docker v2plugin to align with new CLI, 
update documents, k8s config yaml. Drive by update vagrantfile, kubeadm_test, utils/configs.go to make codes more readable.
This commit also makes netplugin and netmaster to use etcd at http://127.0.0.1:2379
if neither etcd or consul endpoints are provided. Also make v2plugin by default as netplugin role.
For `startcontiv.sh`, the entrypoint script for v2plugin, it changed ovs-db creating to reuse
the logic from k8s `ovsInit.sh`, which doesn't drop db files on every restarting.

Signed-off-by: Wei Tie <wtie@cisco.com>
  • Loading branch information
@tiewei
tiewei committed Dec 8, 2017
1 parent 51e5f6f commit 38d2d9f
Show file tree
Hide file tree
Showing 16 changed files with 648 additions and 376 deletions.
4 changes: 2 additions & 2 deletions install/HowtoSetupContiv.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ COMMANDS:
GLOBAL OPTIONS:
--consul-endpoints value, --consul value a comma-delimited list of netplugin consul endpoints [$CONTIV_NETPLUGIN_CONSUL_ENDPOINTS]
--ctrl-ip value set netplugin control ip for control plane communication (default: <host-ip-from-local-resolver>) [$CONTIV_NETPLUGIN_CONTROL_IP]
--etcd-endpoints value, --etcd value a comma-delimited list of netplugin etcd endpoints [$CONTIV_NETPLUGIN_ETCD_ENDPOINTS]
--etcd-endpoints value, --etcd value a comma-delimited list of netplugin etcd endpoints (default: http://127.0.0.1:2379) [$CONTIV_NETPLUGIN_ETCD_ENDPOINTS]
--fwdmode value, --forward-mode value set netplugin forwarding network mode, options: [bridge, routing] [$CONTIV_NETPLUGIN_FORWARD_MODE]
--host value, --host-label value set netplugin host to identify itself (default: <host-name-reported-by-the-kernel>) [$CONTIV_NETPLUGIN_HOST]
--log-level value set netplugin log level, options: [DEBUG, INFO, WARN, ERROR] (default: "INFO") [$CONTIV_NETPLUGIN_LOG_LEVEL]
Expand Down Expand Up @@ -73,7 +73,7 @@ COMMANDS:
GLOBAL OPTIONS:
--consul-endpoints value, --consul value a comma-delimited list of netmaster consul endpoints [$CONTIV_NETMASTER_CONSUL_ENDPOINTS]
--etcd-endpoints value, --etcd value a comma-delimited list of netmaster etcd endpoints [$CONTIV_NETMASTER_ETCD_ENDPOINTS]
--etcd-endpoints value, --etcd value a comma-delimited list of netmaster etcd endpoints (default: http://127.0.0.1:2379) [$CONTIV_NETMASTER_ETCD_ENDPOINTS]
--external-address value, --listen-url value set netmaster external address to listen on, used for general API service (default: "0.0.0.0:9999") [$CONTIV_NETMASTER_EXTERNAL_ADDRESS]
--fwdmode value, --forward-mode value set netmaster forwarding network mode, options: [bridge, routing] [$CONTIV_NETMASTER_FORWARD_MODE]
--infra value, --infra-type value set netmaster infra type, options [aci, default] (default: "default") [$CONTIV_NETMASTER_INFRA]
Expand Down
12 changes: 6 additions & 6 deletions install/k8s/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,17 @@ Install kubernetes 1.6 or higher using http://kubernetes.io/docs/getting-started
* Replace all instances of `__NETMASTER_IP__` in contiv/contiv.yaml with the master IP.
* Replace `__VLAN_IF__` with the data plane interface.
If there is no requirement to create vlan based networks there is no need for a seperate data interface and `__VLAN_IF__` can be set to "". If vlan based networks are to be created then a separate data interface is mandatory which can be set appropriately.
* Optional: Replace the contiv version(v0.1-11-30-2016.20-08-20.UTC) with the desired release/test version.
* Optional: Replace the contiv version(1.1.7) with the desired release/test version.
* Optional ACI only steps:
- Replace __APIC_xxx__ fields with their corresponding values.
- Default value for __APIC_EPG_BRIDGE_DOMAIN__ is "not_specified"
- Default value for __APIC_CONTRACTS_UNRESTRICTED_MODE__ is "no"
- Password based authentication: When using password based authentication, APIC_CERT_DN fields must be deleted.
- Certificate based authentication:
- When using certificate based authentication, APIC_PASSWORD can be empty.
- Copy the certificate to a file named aci.key.
- Create a secret by running the following on the management node
```sh
- Certificate based authentication:
- When using certificate based authentication, APIC_PASSWORD can be empty.
- Copy the certificate to a file named aci.key.
- Create a secret by running the following on the management node
```sh
kubectl create secret generic aci.key --from-file=<path name of aci.key file> -n kube-system
```
* On the management node, run
Expand Down
90 changes: 70 additions & 20 deletions install/k8s/contiv/contiv.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,21 @@ metadata:
name: contiv-config
namespace: kube-system
data:
contiv_mode: kubernetes
contiv_fwdmode: routing
contiv_netmode: vxlan
# The location of your cluster store. This is set to the
# avdertise-client value below from the contiv-etcd service.
# Change it to an external etcd/consul instance if required.
cluster_store: "etcd://__NETMASTER_IP__:6666"
contiv_etcd: "http://__NETMASTER_IP__:6666"
# The CNI network configuration to install on each node.
cni_config: |-
contiv_cni_config: |-
{
"cniVersion": "0.1.0",
"name": "contiv-net",
"type": "contivk8s"
}
config: |-
contiv_k8s_config: |-
{
"K8S_API_SERVER": "https://__NETMASTER_IP__:6443",
"K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
Expand All @@ -29,7 +32,7 @@ data:
}
---

# This manifest installs the Contiv etcd on the kubeadm master.
# This manifest installs the Contiv etcd on the kubeadm master.
# If using an external etcd instance, this can be deleted. This uses a DaemonSet
# to force it to run on the master even when the master isn't schedulable, and uses
# nodeSelector to ensure it only runs on the master.
Expand Down Expand Up @@ -95,31 +98,46 @@ spec:
# container programs network policy and routes on each
# host.
- name: contiv-netplugin
image: contiv/netplugin:v1.0.0-alpha-01-28-2017.10-23-11.UTC
args:
- -pkubernetes
image: contiv/netplugin:1.1.7
env:
- name: VLAN_IF
- name: CONTIV_ROLE
value: netplugin
- name: CONTIV_NETPLUGIN_VLAN_UPLINKS
value: __VLAN_IF__
- name: VTEP_IP
- name: CONTIV_NETPLUGIN_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_mode
- name: CONTIV_NETPLUGIN_VTEP_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: CONTIV_ETCD
- name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
name: contiv-config
key: cluster_store
key: contiv_etcd
- name: CONTIV_CNI_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: cni_config
- name: CONTIV_CONFIG
key: contiv_cni_config
- name: CONTIV_K8S_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: config
key: contiv_k8s_config
- name: CONTIV_NETPLUGIN_FORWARD_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_fwdmode
- name: CONTIV_NETPLUGIN_NET_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_netmode
securityContext:
privileged: true
volumeMounts:
Expand All @@ -135,6 +153,9 @@ spec:
- mountPath: /var/contiv
name: var-contiv
readOnly: false
- mountPath: /var/log/contiv
name: var-log-contiv
readOnly: false
- mountPath: /etc/kubernetes/pki
name: etc-kubernetes-pki
readOnly: false
Expand Down Expand Up @@ -174,6 +195,9 @@ spec:
- name: etc-cni-dir
hostPath:
path: /etc/cni/net.d/
- name: var-log-contiv
hostPath:
path: /var/log/contiv
---

# This manifest deploys the Contiv API Server on Kubernetes.
Expand Down Expand Up @@ -209,16 +233,35 @@ spec:
hostPID: true
containers:
- name: contiv-netmaster
image: contiv/netplugin:v1.0.0-alpha-01-28-2017.10-23-11.UTC
args:
- -m
- -pkubernetes
image: contiv/netplugin:1.1.7
env:
- name: CONTIV_ETCD
- name: CONTIV_ROLE
value: netmaster
- name: CONTIV_NETMASTER_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_mode
- name: CONTIV_NETMASTER_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_etcd
- name: CONTIV_K8S_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_k8s_config
- name: CONTIV_NETMASTER_FORWARD_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: cluster_store
key: contiv_fwdmode
- name: CONTIV_NETMASTER_NET_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_netmode
securityContext:
privileged: true
volumeMounts:
Expand All @@ -231,6 +274,9 @@ spec:
- mountPath: /var/run
name: var-run
readOnly: false
- mountPath: /var/log/contiv
name: var-log-contiv
readOnly: false
- mountPath: /var/contiv
name: var-contiv
readOnly: false
Expand All @@ -240,6 +286,7 @@ spec:
- mountPath: /opt/cni/bin
name: cni-bin-dir
readOnly: false

volumes:
# Used by contiv-netmaster
- name: etc-openvswitch
Expand All @@ -260,4 +307,7 @@ spec:
- name: cni-bin-dir
hostPath:
path: /opt/cni/bin
- name: var-log-contiv
hostPath:
path: /var/log/contiv
---
Loading

0 comments on commit 38d2d9f

Please sign in to comment.