added initial bootkube rendering

enxebre · Mar 2, 2018 · a9a940d · a9a940d
1 parent a8ed54d
commit a9a940d
Show file tree

Hide file tree

Showing 10 changed files with 192 additions and 122 deletions.
diff --git a/config.tf b/config.tf
@@ -71,6 +71,7 @@ variable "tectonic_container_images" {
     awscli                               = "quay.io/coreos/awscli:025a357f05242fdad6a81e8a6b520098aa65a600"
     gcloudsdk                            = "google/cloud-sdk:178.0.0-alpine"
     bootkube                             = "quay.io/coreos/bootkube:v0.10.0"
+    tnc_bootstrap                        = "quay.io/coreos/tectonic-node-controller-dev:fad3a8e284e2c414fdf1713c7e0ae9d1e1e487ba"
     etcd                                 = "quay.io/coreos/etcd:v3.2.14"
     hyperkube                            = "quay.io/coreos/hyperkube:v1.9.1_coreos.0"
     kube_core_renderer                   = "quay.io/coreos/kube-core-renderer-dev:6c49ce4da9fc36966812381891b4f558aa53097b"

diff --git a/modules/aws/master-asg/master.tf b/modules/aws/master-asg/master.tf
@@ -61,7 +61,7 @@ resource "aws_autoscaling_group" "masters" {
 
 data "ignition_config" "ncg_master" {
   append {
-    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ignition?profile=master"
+    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ign/v1/role/master"
   }
 
   files = ["${data.ignition_file.kubelet_master_kubeconfig.id}"]

diff --git a/modules/aws/worker-asg/worker.tf b/modules/aws/worker-asg/worker.tf
@@ -27,7 +27,7 @@ data "aws_ami" "coreos_ami" {
 
 data "ignition_config" "ncg_worker" {
   append {
-    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ignition?profile=worker"
+    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ign/v1/role/worker"
   }
 
   files = ["${data.ignition_file.kubelet_worker_kubeconfig.id}"]

diff --git a/modules/bootkube-ut2/assets.tf b/modules/bootkube-ut2/assets.tf
@@ -18,6 +18,7 @@ resource "template_dir" "bootkube" {
 
   vars {
     tectonic_network_operator_image = "${var.container_images["tectonic_network_operator"]}"
+    tnc_bootstrap_image             = "${var.container_images["tnc_bootstrap"]}"
 
     kco_config = "${indent(4, chomp(data.template_file.kco-config_yaml.rendered))}"
 
@@ -46,6 +47,25 @@ resource "template_dir" "bootkube" {
     etcd_ca_cert     = "${base64encode(var.etcd_ca_cert_pem)}"
     etcd_client_cert = "${base64encode(var.etcd_client_cert_pem)}"
     etcd_client_key  = "${base64encode(var.etcd_client_key_pem)}"
+
+    http_proxy               = "${var.http_proxy}"
+    https_proxy              = "${var.https_proxy}"
+    no_proxy                 = "${join(",", var.no_proxy)}"
+    kubelet_image_url        = "${replace(var.container_images["hyperkube"],var.image_re,"$1")}"
+    kubelet_image_tag        = "${replace(var.container_images["hyperkube"],var.image_re,"$2")}"
+    iscsi_enabled            = "${var.iscsi_enabled}"
+    kubeconfig_fetch_cmd     = "${var.kubeconfig_fetch_cmd != "" ? "ExecStartPre=${var.kubeconfig_fetch_cmd}" : ""}"
+    tectonic_torcx_image_url = "${replace(var.container_images["tectonic_torcx"],var.image_re,"$1")}"
+    tectonic_torcx_image_tag = "${replace(var.container_images["tectonic_torcx"],var.image_re,"$2")}"
+    torcx_skip_setup         = "false"
+    torcx_store_url          = "${var.torcx_store_url}"
+    bootstrap_upgrade_cl     = "${var.bootstrap_upgrade_cl}"
+    node_label               = "${var.kubelet_node_label}"
+    node_taints_param        = "${var.kubelet_node_taints != "" ? "--register-with-taints=${var.kubelet_node_taints}" : ""}"
+    cluster_dns_ip           = "${var.kube_dns_service_ip}"
+    cloud_provider           = "${var.cloud_provider}"
+    debug_config             = "${var.kubelet_debug_config}"
+    cluster_name             = "${var.cluster_name}"
   }
 }
 
@@ -150,3 +170,4 @@ data "ignition_systemd_unit" "bootkube_path_unit" {
   enabled = true
   content = "${data.template_file.bootkube_path_unit.rendered}"
 }
+
diff --git a/modules/bootkube-ut2/resources/manifests/cluster-config.yaml b/modules/bootkube-ut2/resources/manifests/cluster-config.yaml
@@ -13,3 +13,24 @@ data:
     networkProfile: ${tectonic_networking}
     calicoConfig:
       mtu: ${calico_mtu}
+  tnc-config: |
+    HTTPProxy: "${http_proxy}"
+    HTTPSProxy: "${https_proxy}"
+    NoProxy: "${no_proxy}"
+    KubeletImageUrl: "${kubelet_image_url}"
+    KubeletImageTag: "${kubelet_image_tag}"
+    IscsiEnabled: "${iscsi_enabled}"
+    KubeconfigFetchCmd: "${kubeconfig_fetch_cmd}"
+    TectonicTorcxImageURL: "${tectonic_torcx_image_url}"
+    TectonicTorcxImageTag: "${tectonic_torcx_image_tag}"
+    BootstrapUpgradeCl: "${bootstrap_upgrade_cl}"
+    TorcxStoreULL: "${torcx_store_url}"
+    TorcxSkipSetup: "${torcx_skip_setup}"
+    NodeLabel: "${node_label}"
+    NodeTaintsParam: "${node_taints_param}"
+    ClusterDNSIP: "${cluster_dns_ip}"
+    CloudProvider: "${cloud_provider}"
+    CloudProviderConfig: "${cloud_provider_config}"
+    DebugConfig: "${debug_config}"
+    ClusterName: "${cluster_name}"
+
diff --git a/modules/bootkube-ut2/resources/manifests/ncg-config.yaml b/modules/bootkube-ut2/resources/manifests/ncg-config.yaml
diff --git a/modules/bootkube-ut2/resources/manifests/ncg.yaml b/modules/bootkube-ut2/resources/manifests/ncg.yaml
diff --git a/modules/bootkube-ut2/resources/manifests/tectonic-node-controller.yaml b/modules/bootkube-ut2/resources/manifests/tectonic-node-controller.yaml
@@ -0,0 +1,70 @@
+apiVersion: apps/v1beta2
+kind: DaemonSet
+metadata:
+  name: tectonic-node-controller
+  namespace: tectonic-system
+  labels:
+    k8s-app: tectonic-node-controller
+    managed-by-channel-operator: "true"
+spec:
+  selector:
+    matchLabels:
+      k8s-app: tectonic-node-controller
+  updateStrategy:
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        k8s-app: tectonic-node-controller
+        tectonic-app-version-name: tectonic-network
+    spec:
+      containers:
+      - name: tectonic-node-controller
+        image: ${tnc_bootstrap_image}
+        command:
+        - /bootstrap
+        - --config=/etc/cluster-config
+        - --port=45900
+        - --cert=/opt/tectonic/tls/root-ca.crt
+        - --key=/opt/tectonic/tls/root-ca.key
+        resources:
+          limits:
+            cpu: 20m
+            memory: 50Mi
+          requests:
+            cpu: 20m
+            memory: 50Mi
+        volumeMounts:
+        - name: cluster-config
+          mountPath: /etc/cluster-config
+        - name: ssl-certs
+          mountPath: /opt/tectonic/tls
+      hostNetwork: true
+      restartPolicy: Always
+      imagePullSecrets:
+      - name: coreos-pull-secret
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+      volumes:
+      - name: cluster-config
+        configMap:
+          name: cluster-config-v1
+          items:
+          - key: tnc-config
+            path: tnc-config
+      - name: ssl-certs
+        hostPath:
+          path: /opt/tectonic/tls
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      tolerations:
+      - key: "node-role.kubernetes.io/master"
+        operator: "Exists"
+        effect: "NoSchedule"
+  updateStrategy:
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
diff --git a/modules/bootkube-ut2/variables.tf b/modules/bootkube-ut2/variables.tf
@@ -187,3 +187,72 @@ variable "ncg_config_master" {
   description = "configures the network to be used in the cluster"
   type        = "string"
 }
+
+variable "http_proxy" {
+  type        = "string"
+  description = "HTTP proxy address."
+}
+
+variable "https_proxy" {
+  type        = "string"
+  description = "HTTPS proxy address."
+}
+
+variable "no_proxy" {
+  type        = "list"
+  description = "List of local endpoints that will not use HTTP proxy."
+}
+
+variable "iscsi_enabled" {
+  type    = "string"
+  default = false
+}
+
+variable "kubeconfig_fetch_cmd" {
+  type        = "string"
+  description = "(optional) The command that fetches `/etc/kubernetes/kubeconfig`."
+  default     = ""
+}
+
+variable "bootstrap_upgrade_cl" {
+  type        = "string"
+  description = "(optional) Whether to trigger a ContainerLinux OS upgrade during the bootstrap process."
+  default     = "true"
+}
+
+variable "torcx_store_url" {
+  type        = "string"
+  description = "(optional) URL template for torcx store. Leave empty to use the default CoreOS endpoint."
+  default     = ""
+}
+
+variable "kubelet_node_taints" {
+  type        = "string"
+  description = "(optional) Taints that Kubelet will apply on the node"
+  default     = ""
+}
+
+variable "kube_dns_service_ip" {
+  type        = "string"
+  description = "Service IP used to reach kube-dns"
+}
+
+variable "kubelet_debug_config" {
+  type        = "string"
+  default     = ""
+  description = "internal debug flags for the kubelet (used in CI only)"
+}
+
+variable "kubelet_node_label" {
+  type        = "string"
+  description = "Label that Kubelet will apply on the node"
+}
+
+variable "image_re" {
+  description = <<EOF
+(internal) Regular expression used to extract repo and tag components from image strings
+EOF
+
+  type = "string"
+}
+
diff --git a/steps/assets/tectonic.tf b/steps/assets/tectonic.tf
@@ -75,6 +75,14 @@ module "bootkube" {
   cloud_config_path   = ""
   tectonic_networking = "${var.tectonic_networking}"
   calico_mtu          = "1480"
+
+  # ignition bootstrapping variables
+  no_proxy                  = "${var.tectonic_no_proxy}"
+  http_proxy                = "${var.tectonic_http_proxy_address}"
+  https_proxy               = "${var.tectonic_https_proxy_address}"
+  image_re                  = "${var.tectonic_image_re}"
+  kube_dns_service_ip       = "${module.bootkube.kube_dns_service_ip}"
+  kubelet_node_label        = "node-role.kubernetes.io/master"
 }
 
 module "tectonic" {