Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update entrypoint scripts and document to align with new CLI #1097

Merged
merged 5 commits into from
Dec 8, 2017
Merged

Update entrypoint scripts and document to align with new CLI #1097

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e4106df
Update entrypoint scripts and document to align with new CLI
tiewei Dec 1, 2017
17c06d2
don't mount contiv scripts dir
tiewei Dec 6, 2017
6f997d9
Update on review
tiewei Dec 6, 2017
6ba7a7e
Set default to use etcd at http://127.0.0.1:2379
tiewei Dec 7, 2017
773186c
Fix CONTIV_LOG_DIR condition
tiewei Dec 7, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions install/k8s/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,17 @@ Install kubernetes 1.6 or higher using http://kubernetes.io/docs/getting-started
* Replace all instances of `__NETMASTER_IP__` in contiv/contiv.yaml with the master IP.
* Replace `__VLAN_IF__` with the data plane interface.
If there is no requirement to create vlan based networks there is no need for a seperate data interface and `__VLAN_IF__` can be set to "". If vlan based networks are to be created then a separate data interface is mandatory which can be set appropriately.
* Optional: Replace the contiv version(v0.1-11-30-2016.20-08-20.UTC) with the desired release/test version.
* Optional: Replace the contiv version(1.1.7) with the desired release/test version.
* Optional ACI only steps:
- Replace __APIC_xxx__ fields with their corresponding values.
- Default value for __APIC_EPG_BRIDGE_DOMAIN__ is "not_specified"
- Default value for __APIC_CONTRACTS_UNRESTRICTED_MODE__ is "no"
- Password based authentication: When using password based authentication, APIC_CERT_DN fields must be deleted.
- Certificate based authentication:
- When using certificate based authentication, APIC_PASSWORD can be empty.
- Copy the certificate to a file named aci.key.
- Create a secret by running the following on the management node
```sh
- Certificate based authentication:
- When using certificate based authentication, APIC_PASSWORD can be empty.
- Copy the certificate to a file named aci.key.
- Create a secret by running the following on the management node
```sh
kubectl create secret generic aci.key --from-file=<path name of aci.key file> -n kube-system
```
* On the management node, run
Expand Down
90 changes: 70 additions & 20 deletions install/k8s/contiv/contiv.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,21 @@ metadata:
name: contiv-config
namespace: kube-system
data:
contiv_mode: kubernetes
contiv_fwdmode: routing
contiv_netmode: vxlan
# The location of your cluster store. This is set to the
# avdertise-client value below from the contiv-etcd service.
# Change it to an external etcd/consul instance if required.
cluster_store: "etcd://__NETMASTER_IP__:6666"
contiv_etcd: "http://__NETMASTER_IP__:6666"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

were changing these three to have contiv_ necessary since we're in a contiv.yaml file? for example I see that calico doesn't namespace:
https://github.com/projectcalico/calico/blob/master/v2.6/getting-started/kubernetes/installation/hosted/calico.yaml#L19

same q for other deployments like contiv_devtest.yaml

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's just to make it more readable, it's useful when we split the yaml file to several yamls

# The CNI network configuration to install on each node.
cni_config: |-
contiv_cni_config: |-
{
"cniVersion": "0.1.0",
"name": "contiv-net",
"type": "contivk8s"
}
config: |-
contiv_k8s_config: |-
{
"K8S_API_SERVER": "https://__NETMASTER_IP__:6443",
"K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
Expand All @@ -29,7 +32,7 @@ data:
}
---

# This manifest installs the Contiv etcd on the kubeadm master.
# This manifest installs the Contiv etcd on the kubeadm master.
# If using an external etcd instance, this can be deleted. This uses a DaemonSet
# to force it to run on the master even when the master isn't schedulable, and uses
# nodeSelector to ensure it only runs on the master.
Expand Down Expand Up @@ -95,31 +98,46 @@ spec:
# container programs network policy and routes on each
# host.
- name: contiv-netplugin
image: contiv/netplugin:v1.0.0-alpha-01-28-2017.10-23-11.UTC
args:
- -pkubernetes
image: contiv/netplugin:1.1.7
env:
- name: VLAN_IF
- name: CONTIV_ROLE
value: netplugin
- name: CONTIV_NETPLUGIN_VLAN_UPLINKS
value: __VLAN_IF__
- name: VTEP_IP
- name: CONTIV_NETPLUGIN_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_mode
- name: CONTIV_NETPLUGIN_VTEP_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: CONTIV_ETCD
- name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
name: contiv-config
key: cluster_store
key: contiv_etcd
- name: CONTIV_CNI_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: cni_config
- name: CONTIV_CONFIG
key: contiv_cni_config
- name: CONTIV_K8S_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: config
key: contiv_k8s_config
- name: CONTIV_NETPLUGIN_FORWARD_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_fwdmode
- name: CONTIV_NETPLUGIN_NET_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_netmode
securityContext:
privileged: true
volumeMounts:
Expand All @@ -135,6 +153,9 @@ spec:
- mountPath: /var/contiv
name: var-contiv
readOnly: false
- mountPath: /var/log/contiv
name: var-log-contiv
readOnly: false
- mountPath: /etc/kubernetes/pki
name: etc-kubernetes-pki
readOnly: false
Expand Down Expand Up @@ -174,6 +195,9 @@ spec:
- name: etc-cni-dir
hostPath:
path: /etc/cni/net.d/
- name: var-log-contiv
hostPath:
path: /var/log/contiv
---

# This manifest deploys the Contiv API Server on Kubernetes.
Expand Down Expand Up @@ -209,16 +233,35 @@ spec:
hostPID: true
containers:
- name: contiv-netmaster
image: contiv/netplugin:v1.0.0-alpha-01-28-2017.10-23-11.UTC
args:
- -m
- -pkubernetes
image: contiv/netplugin:1.1.7
env:
- name: CONTIV_ETCD
- name: CONTIV_ROLE
value: netmaster
- name: CONTIV_NETMASTER_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_mode
- name: CONTIV_NETMASTER_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_etcd
- name: CONTIV_K8S_CONFIG
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_k8s_config
- name: CONTIV_NETMASTER_FORWARD_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: cluster_store
key: contiv_fwdmode
- name: CONTIV_NETMASTER_NET_MODE
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_netmode
securityContext:
privileged: true
volumeMounts:
Expand All @@ -231,6 +274,9 @@ spec:
- mountPath: /var/run
name: var-run
readOnly: false
- mountPath: /var/log/contiv
name: var-log-contiv
readOnly: false
- mountPath: /var/contiv
name: var-contiv
readOnly: false
Expand All @@ -240,6 +286,7 @@ spec:
- mountPath: /opt/cni/bin
name: cni-bin-dir
readOnly: false

volumes:
# Used by contiv-netmaster
- name: etc-openvswitch
Expand All @@ -260,4 +307,7 @@ spec:
- name: cni-bin-dir
hostPath:
path: /opt/cni/bin
- name: var-log-contiv
hostPath:
path: /var/log/contiv
---
Loading