New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to K8s v1.8.3 and use native Openstack Neutron networking #8

Merged
merged 28 commits into from Mar 13, 2018

Conversation

Projects
None yet
3 participants
@zioproto
Contributor

zioproto commented Nov 15, 2017

Hello,
the biggest change is the use of Neutron networking. We pass the router UUID to the k8s master and drop weavenet. Each pod has a /24 network, and the neutron router is configured dynamically by the k8s master with routes to send the traffic for the pods to the right vm. This is an example for the router show after my deployment.

$ openstack router show b11216cb-a725-4006-9a55-7853d66e5894
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                                                                                                                                                                                                                 |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up          | UP                                                                                                                                                                                                                                                                                    |
| availability_zone_hints |                                                                                                                                                                                                                                                                                       |
| availability_zones      | nova                                                                                                                                                                                                                                                                                  |
| created_at              | 2017-06-21T06:54:20Z                                                                                                                                                                                                                                                                  |
| description             |                                                                                                                                                                                                                                                                                       |
| distributed             | False                                                                                                                                                                                                                                                                                 |
| flavor_id               | None                                                                                                                                                                                                                                                                                  |
| ha                      | False                                                                                                                                                                                                                                                                                 |
| id                      | b11216cb-a725-4006-9a55-7853d66e5894                                                                                                                                                                                                                                                  |
| name                    | k8s                                                                                                                                                                                                                                                                                   |
| project_id              | 8fcf0992e82943089de7dabe728b78fa                                                                                                                                                                                                                                                      |
| revision_number         | None                                                                                                                                                                                                                                                                                  |
| routes                  | destination='10.96.0.0/24', gateway='10.8.10.3'                                                                                                                                                                                                                                       |
|                         | destination='10.96.1.0/24', gateway='10.8.10.8'                                                                                                                                                                                                                                       |
|                         | destination='10.96.2.0/24', gateway='10.8.10.11'                                                                                                                                                                                                                                      |
|                         | destination='10.96.3.0/24', gateway='10.8.10.10'                                                                                                                                                                                                                                      |
| status                  | ACTIVE                                                                                                                                                                                                                                                                                |
| updated_at              | 2017-11-15T08:08:30Z                                                                                                                                                                                                                                                                  |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Because of a bug in the gopher cloud version embedded in K8s, we need at least k8s version v1.8.0 for the neutron intergration to work correctly. The fix landed in K8s with commit 74a3d89ad4ff1508a16bacb0c333a1f795c31470. Because of this I had to upgrade the K8s version to use this networking feature.

This is a big change to the playbook. I understand if you dont want to merge and keep weavenet :) But I like better without overlay so the Pods have MTU 1500 :)

zioproto and others added some commits Jun 15, 2017

Create security group for IPv6
If you are running the playbook from an IPv6 host and the Openstack instances
have IPv6 addresses the playbook will fail if you dont open IPv6.
Revert "Disable port security and do not manage security groups when …
…working with Kubenet networking"

This reverts commit cf9e665.
Merge pull request #1 from gryphius/os_fix_ca_crt_copy
fix copy ca.crt to nodes fails in non-default cluster name
Merge pull request #3 from gryphius/os_docker_version_1_13_1
update docker version to 1.13.1
Merge pull request #4 from gryphius/remove_1_7_0_workaround
remove obsolete 1.7.0 workaround
@ctrlaltdel

This comment has been minimized.

Show comment
Hide comment
@ctrlaltdel

ctrlaltdel Dec 12, 2017

Contributor

Thanks for the code, I'll give it a try and will merge it.

Contributor

ctrlaltdel commented Dec 12, 2017

Thanks for the code, I'll give it a try and will merge it.

@ctrlaltdel ctrlaltdel merged commit 0b26da1 into infraly:master Mar 13, 2018

@ctrlaltdel

This comment has been minimized.

Show comment
Hide comment
@ctrlaltdel

ctrlaltdel Mar 14, 2018

Contributor

Thanks for the contribution! And sorry for taking so long to merge it, I was waiting for some testing infrastructure to become ready... The plan now is to setup a public CI instead based on Travis.

Contributor

ctrlaltdel commented Mar 14, 2018

Thanks for the contribution! And sorry for taking so long to merge it, I was waiting for some testing infrastructure to become ready... The plan now is to setup a public CI instead based on Travis.

@zioproto

This comment has been minimized.

Show comment
Hide comment
@zioproto

zioproto Mar 14, 2018

Contributor

Sure, I will soon upgrade to v1.9.4 where there is a patch I contributed that fixes an IPv6 problem.

Contributor

zioproto commented Mar 14, 2018

Sure, I will soon upgrade to v1.9.4 where there is a patch I contributed that fixes an IPv6 problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment