forked from openshift/openshift-ansible
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Change-Id: Ia58fa2f020f8e51ddfff36de53b285a3a5051809 Signed-off-by: Antoni Segura Puimedon <celebdor@gmail.com>
- Loading branch information
Showing
11 changed files
with
304 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- | ||
- name: Download delorean repos | ||
become: yes | ||
get_url: | ||
url: "{{ item }}" | ||
mode: 0644 | ||
dest: /etc/yum.repos.d | ||
with_items: | ||
- "https://trunk.rdoproject.org/centos7-master/current/delorean.repo" | ||
- "https://trunk.rdoproject.org/centos7/delorean-deps.repo" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
--- | ||
- name: Include common Kuryr role | ||
include_role: | ||
name: kuryr_common | ||
|
||
- name: Install Kuryr CNI | ||
become: yes | ||
yum: | ||
name: openstack-kuryr-kubernetes-controller | ||
state: present | ||
|
||
- name: Configure kuryr controller | ||
become: yes | ||
template: | ||
src: kuryr.conf.j2 | ||
dest: /etc/kuryr/kuryr.conf | ||
mode: 0640 | ||
owner: root | ||
group: root | ||
|
||
- name: Get Kuryr controller started | ||
become: yes | ||
systemd: | ||
name: kuryr-controller | ||
state: started | ||
enabled: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
# Kuryr conf directory | ||
kuryr_config_dir: /etc/kuryr | ||
|
||
# Whether to run the cni plugin in debug mode | ||
kuryr_cni_debug: "false" | ||
|
||
# The version of cni binaries | ||
cni_version: v0.5.1 | ||
|
||
# Path to bin dir (where kuryr execs get installed) | ||
bin_dir: /usr/bin | ||
|
||
# Path to the cni binaries | ||
cni_bin_dir: /opt/cni/bin | ||
|
||
# URL for cni binaries | ||
cni_bin_url_base: "https://github.com/containernetworking/cni/releases/download/" | ||
cni_bin_url: "{{ cni_bin_url_base }}/{{ cni_version }}/cni-{{ cni_version }}.tgz" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
{ | ||
"cniVersion": "0.3.0", | ||
"type": "loopback" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
--- | ||
- name: Include common Kuryr role | ||
include_role: | ||
name: kuryr_common | ||
|
||
- name: Create CNI extraction tempdir | ||
command: mktemp -d | ||
register: cni_tmpdir | ||
|
||
- name: Download CNI | ||
get_url: | ||
url: "{{ cni_bin_url }}" | ||
mode: 0644 | ||
dest: "{{ cni_tmpdir.stdout }}" | ||
register: downloaded_tarball | ||
|
||
- name: Extract CNI | ||
unarchive: | ||
src: "{{ downloaded_tarball.dest }}" | ||
dest: "{{ cni_tmpdir.stdout }}" | ||
remote_src: yes | ||
when: downloaded_tarball.changed | ||
|
||
- name: Create CNI bin directory | ||
file: | ||
state: directory | ||
path: "{{ cni_bin_dir }}" | ||
mode: 0755 | ||
owner: root | ||
group: root | ||
recurse: yes | ||
|
||
- name: Get loopback cni plugin installed | ||
copy: | ||
src: "{{ cni_tmpdir.stdout }}/loopback" | ||
dest: "{{ cni_bin_dir }}/loopback" | ||
remote_src: True | ||
mode: 0755 | ||
|
||
- name: Ensure CNI net.d exists | ||
file: | ||
path: /etc/cni/net.d | ||
recurse: yes | ||
state: directory | ||
|
||
- name: Install Kuryr CNI conf | ||
become: yes | ||
template: | ||
src: 10-kuryr.conf.j2 | ||
dest: /etc/cni/net.d/10-kuryr.conf | ||
mode: 0644 | ||
owner: root | ||
group: root | ||
|
||
- name: Install Kuryr CNI | ||
become: yes | ||
yum: name=openstack-kuryr-kubernetes-cni state=present | ||
|
||
- name: Symlink Kuryr CNI binary to where K8s expects it | ||
become: yes | ||
file: | ||
src: "{{ bin_dir }}/kuryr-cni" | ||
dest: "{{ cni_bin_dir }}/kuryr-cni" | ||
state: link | ||
owner: root | ||
group: root | ||
|
||
- name: Configure kuryr CNI | ||
become: yes | ||
template: | ||
src: cni.conf.j2 | ||
dest: /etc/kuryr/cni.conf | ||
mode: 0640 | ||
owner: root | ||
group: root | ||
|
||
- name: Check for node config | ||
stat: "path=/etc/sysconfig/{{ openshift.common.service_type }}-node" | ||
register: node_config_check | ||
|
||
- name: Configure OpenShift node with disabled service proxy | ||
lineinfile: | ||
dest: "{{ node_config_check.stat.path }}" | ||
regexp: '^OPTIONS="?(.*?)"?$' | ||
backrefs: yes | ||
backup: yes | ||
line: 'OPTIONS="\1 --disable proxy"' | ||
when: node_config_check.stat.isreg | ||
|
||
- name: force node restart to disable the proxy | ||
service: | ||
name: "{{ openshift.common.service_type }}-node" | ||
state: restarted |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
{ | ||
"cniVersion": "0.3.0", | ||
"name": "kuryr", | ||
"type": "kuryr-cni", | ||
"kuryr_conf": "{{ kuryr_config_dir }}/cni.conf", | ||
"debug": {{ kuryr_cni_debug }} | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
[DEFAULT] | ||
|
||
# | ||
# From kuryr_kubernetes | ||
# | ||
# If set to true, the logging level will be set to DEBUG instead of the default | ||
# INFO level. (boolean value) | ||
# Note: This option can be changed without restarting. | ||
#debug = false | ||
|
||
# The name of a logging configuration file. This file is appended to any | ||
# existing logging configuration files. For details about logging configuration | ||
# files, see the Python logging module documentation. Note that when logging | ||
# configuration files are used then all logging configuration is set in the | ||
# configuration file and other logging configuration options are ignored (for | ||
# example, logging_context_format_string). (string value) | ||
# Note: This option can be changed without restarting. | ||
# Deprecated group/name - [DEFAULT]/log_config | ||
#log_config_append = <None> | ||
|
||
# Defines the format string for %%(asctime)s in log records. Default: | ||
# %(default)s . This option is ignored if log_config_append is set. (string | ||
# value) | ||
#log_date_format = %Y-%m-%d %H:%M:%S | ||
|
||
# (Optional) Name of log file to send logging output to. If no default is set, | ||
# logging will go to stderr as defined by use_stderr. This option is ignored if | ||
# log_config_append is set. (string value) | ||
# Deprecated group/name - [DEFAULT]/logfile | ||
log_file = /var/log/kuryr/cni.log | ||
|
||
# (Optional) The base directory used for relative log_file paths. This option | ||
# is ignored if log_config_append is set. (string value) | ||
# Deprecated group/name - [DEFAULT]/logdir | ||
#log_dir = <None> | ||
|
||
# Uses logging handler designed to watch file system. When log file is moved or | ||
# removed this handler will open a new log file with specified path | ||
# instantaneously. It makes sense only if log_file option is specified and | ||
# Linux platform is used. This option is ignored if log_config_append is set. | ||
# (boolean value) | ||
#watch_log_file = false | ||
|
||
# Use syslog for logging. Existing syslog format is DEPRECATED and will be | ||
# changed later to honor RFC5424. This option is ignored if log_config_append | ||
# is set. (boolean value) | ||
#use_syslog = false | ||
|
||
# Syslog facility to receive log lines. This option is ignored if | ||
# log_config_append is set. (string value) | ||
#syslog_log_facility = LOG_USER | ||
|
||
# Log output to standard error. This option is ignored if log_config_append is | ||
# set. (boolean value) | ||
#use_stderr = true | ||
|
||
# Format string to use for log messages with context. (string value) | ||
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s | ||
|
||
# Format string to use for log messages when context is undefined. (string | ||
# value) | ||
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s | ||
|
||
# Additional data to append to log message when logging level for the message | ||
# is DEBUG. (string value) | ||
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d | ||
|
||
# Prefix each line of exception output with this format. (string value) | ||
#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s | ||
|
||
# Defines the format string for %(user_identity)s that is used in | ||
# logging_context_format_string. (string value) | ||
#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s | ||
|
||
# List of package logging levels in logger=LEVEL pairs. This option is ignored | ||
# if log_config_append is set. (list value) | ||
#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO | ||
|
||
# Enables or disables publication of error events. (boolean value) | ||
#publish_errors = false | ||
|
||
# The format for an instance that is passed with the log message. (string | ||
# value) | ||
#instance_format = "[instance: %(uuid)s] " | ||
|
||
# The format for an instance UUID that is passed with the log message. (string | ||
# value) | ||
#instance_uuid_format = "[instance: %(uuid)s] " | ||
|
||
# Enables or disables fatal status of deprecations. (boolean value) | ||
#fatal_deprecations = false | ||
|
||
|
||
[binding] | ||
|
||
driver = kuryr.lib.binding.drivers.vlan | ||
link_iface = {{ kuryr_cni_link_interface }} | ||
|
||
[kubernetes] | ||
|
||
# | ||
# From kuryr_kubernetes | ||
# | ||
|
||
# The root URL of the Kubernetes API (string value) | ||
api_root = {{ openshift_node_master_api_url }} | ||
|
||
# Absolute path to client cert to connect to HTTPS K8S_API (string value) | ||
ssl_client_crt_file = {{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.cert | ||
|
||
# Absolute path client key file to connect to HTTPS K8S_API (string value) | ||
ssl_client_key_file = {{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.key | ||
|
||
# Absolute path to ca cert file to connect to HTTPS K8S_API (string value) | ||
ssl_ca_crt_file = {{ openshift.common.config_base }}/node/ca.crt | ||
|
||
# HTTPS K8S_API server identity verification (boolean value) | ||
# TODO (apuimedo): Make configurable | ||
ssl_verify_server_crt = True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters