1.Optimization code for deploying k8s

2.Fix bugs for upgrade k8s version to v1.10.4

Change-Id: I6b17162574f4c4098eb6514cc067096e71f27f97
Signed-off-by: hu xinhui <xinhui_hu@foxmail.com>

diff --git a/build/build.yaml b/build/build.yaml
index a44026c..6694c8e 100644 (file)
--- a/build/build.yaml
+++ b/build/build.yaml
@@ -15,7 +15,7 @@ packages:
       - http://artifacts.opnfv.org/compass4nfv/package/master/ubuntu-16.04.3-server-amd64.iso
 
   - name: harbor-offline-installer-v1.5.0.tgz
-    description: "The package of harbor v1.5.5"
+    description: "The package of harbor v1.5.0"
     get_method: cached
     url:
       - http://192.168.137.222/download/harbor-offline-installer-v1.5.0.tgz
@@ -34,7 +34,7 @@ packages:
   - name: compass-tasks-k8s
     description: "compass task container integrated with kubespray"
     get_method: docker
-    url: huxinhui/compass-tasks-k8s:7.0.0
+    url: huxinhui/compass-tasks-k8s:7.0.1
 
   - name: compass-cobbler
     description: "cobbler container for compass"

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars.yml
deleted file mode 100644 (file)
index e13e33c..0000000
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-# Override default kubespray variables
-
-# Just a placeholder to satisfy ansible
-dummy_var: 0
-
-# helm_enabled: true

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/generate_inventories.py b/deploy/adapters/ansible/kubernetes/roles/kargo/files/generate_inventories.py
deleted file mode 100755 (executable)
index 8f83601..0000000
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/files/generate_inventories.py
+++ /dev/null
@@ -1,95 +0,0 @@
-##############################################################################\r
-# Copyright (c) 2016-2018 compass4nfv and others.\r
-#\r
-# All rights reserved. This program and the accompanying materials\r
-# are made available under the terms of the Apache License, Version 2.0\r
-# which accompanies this distribution, and is available at\r
-# http://www.apache.org/licenses/LICENSE-2.0\r
-##############################################################################\r
-\r
-import yaml\r
-import sys\r
-import os\r
-from jinja2 import Environment\r
-try:\r
-    import json\r
-except ImportError:\r
-    import simplejson as json\r
-\r
-INVENTORY_TEMPLATE = """\r
-[all]\r
-{% for host, vales in hostvars.iteritems() %}\r
-{{ host }} ansible_ssh_host={{ vales['ansible_ssh_host'] }} \\r
-ansible_ssh_pass=root  ansible_user=root\r
-{% endfor %}\r
-[kube-master]\r
-{% for host in kube_master %}\r
-{{ host }}\r
-{% endfor %}\r
-\r
-[etcd]\r
-{% for host in etcd %}\r
-{{ host }}\r
-{% endfor %}\r
-\r
-[kube-node]\r
-{% for host in kube_node %}\r
-{{ host }}\r
-{% endfor %}\r
-\r
-[k8s-cluster:children]\r
-kube-node\r
-kube-master\r
-\r
-[calico-rr]\r
-[vault]\r
-"""\r
-\r
-\r
-def _byteify(data, ignore_dicts=False):\r
-\r
-    if isinstance(data, unicode):\r
-        return data.encode('utf-8')\r
-    if isinstance(data, list):\r
-        return [_byteify(item, ignore_dicts=True) for item in data]\r
-    if isinstance(data, dict) and not ignore_dicts:\r
-        return {\r
-            _byteify(key, ignore_dicts=True):\r
-            _byteify(value, ignore_dicts=True)\r
-            for key, value in data.iteritems()\r
-        }\r
-    return data\r
-\r
-\r
-def load_inventory(inventory):\r
-    if not os.path.exists(inventory):\r
-        raise RuntimeError('file: %s not exist' % inventory)\r
-    with open(inventory, 'r') as fd:\r
-        return json.load(fd, object_hook=_byteify)\r
-\r
-\r
-def create_inventory_file(inventories_path,\r
-                          hostvars, kube_master, etcd, kube_node):\r
-    content = Environment().from_string(INVENTORY_TEMPLATE).render(\r
-              hostvars=hostvars, kube_master=kube_master,\r
-              etcd=etcd, kube_node=kube_node)\r
-    with open(inventories_path, 'w+') as f:\r
-        f.write(content)\r
-\r
-\r
-def main(inventories_path, local_inventory):\r
-    inventory_data = load_inventory(local_inventory)\r
-    hostvars = inventory_data['_meta']['hostvars']\r
-    kube_node = inventory_data['kube_node']['hosts']\r
-    kube_master = inventory_data['kube_master']['hosts']\r
-    etcd = inventory_data['etcd']['hosts']\r
-\r
-    create_inventory_file(inventories_path,\r
-                          hostvars, kube_master, etcd, kube_node)\r
-\r
-\r
-if __name__ == "__main__":\r
-    path = yaml.load(sys.argv[1])\r
-    local_inventory = yaml.load(sys.argv[2])\r
-\r
-    main(path, local_inventory)\r

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/mirrors.repo b/deploy/adapters/ansible/kubernetes/roles/kargo/files/mirrors.repo
deleted file mode 100644 (file)
index 4900db6..0000000
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/files/mirrors.repo
+++ /dev/null
@@ -1,32 +0,0 @@
-[base]\r
-name=CentOS-$releasever - Base\r
-mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra\r
-#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/\r
-gpgcheck=1\r
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\r
-\r
-#released updates\r
-[updates]\r
-name=CentOS-$releasever - Updates\r
-mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra\r
-#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/\r
-gpgcheck=1\r
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\r
-\r
-#additional packages that may be useful\r
-[extras]\r
-name=CentOS-$releasever - Extras\r
-mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra\r
-#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/\r
-gpgcheck=1\r
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\r
-\r
-#additional packages that extend functionality of existing packages\r
-[centosplus]\r
-name=CentOS-$releasever - Plus\r
-mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra\r
-#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/\r
-gpgcheck=1\r
-enabled=0\r
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\r
-\r

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/mirrors_aarch64.repo b/deploy/adapters/ansible/kubernetes/roles/kargo/files/mirrors_aarch64.repo
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/openssl.conf.j2 b/deploy/adapters/ansible/kubernetes/roles/kargo/files/openssl.conf.j2
deleted file mode 100644 (file)
index d998d4c..0000000
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/files/openssl.conf.j2
+++ /dev/null
@@ -1,34 +0,0 @@
-[req]
-req_extensions = v3_req
-distinguished_name = req_distinguished_name
-[req_distinguished_name]
-[ v3_req ]
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-subjectAltName = @alt_names
-[alt_names]
-DNS.1 = kubernetes
-DNS.2 = kubernetes.default
-DNS.3 = kubernetes.default.svc
-DNS.4 = kubernetes.default.svc.{{ dns_domain }}
-DNS.5 = localhost
-{% for host in groups['kube-master'] %}
-DNS.{{ 5 + loop.index }} = {{ host }}
-{% endfor %}
-{% if loadbalancer_apiserver is defined  and apiserver_loadbalancer_domain_name is defined %}
-{% set idx =  groups['kube-master'] | length | int + 5 + 1 %}
-DNS.{{ idx | string }} = {{ apiserver_loadbalancer_domain_name }}
-{% endif %}
-{% for host in groups['kube-master'] %}
-IP.{{ 2 * loop.index - 1 }} = {{ hostvars[host]['access_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}
-IP.{{ 2 * loop.index }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}
-{% endfor %}
-{% set idx =  groups['kube-master'] | length | int * 2 + 1 %}
-IP.{{ idx }} = {{ kube_apiserver_ip }}
-IP.{{ idx + 1 }} = 127.0.0.1
-{% if supplementary_addresses_in_ssl_keys is defined %}
-{% set is = idx + 1 %}
-{% for addr in supplementary_addresses_in_ssl_keys %}
-IP.{{ is + loop.index }} = {{ addr }}
-{% endfor %}
-{% endif %}

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
old mode 100644 (file)
new mode 100755 (executable)
index 89d8db8..512121e
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
@@ -7,166 +7,39 @@
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
 ---
-- name: clean local repo conf
-  file:
-    path: /etc/yum.repos.d
-    state: absent
-  run_once: "True"
-  when: ansible_os_family == 'RedHat'
-
-- name: create local repo conf dir
-  file:
-    path: /etc/yum.repos.d
-    state: directory
-  run_once: "True"
-  when: ansible_os_family == 'RedHat'
-
-- name: configure local mirror repo
-  copy:
-    src: "{{ item }}"
-    dest: /etc/yum.repos.d/mirrors.repo
-  with_first_found:
-    - mirrors_{{ ansible_architecture }}.repo
-    - mirrors.repo
-  run_once: "True"
-  when: ansible_os_family == 'RedHat'
-
-- name: clean local pip conf to use official pip repo
-  file:
-    path: /root/.pip/pip.conf
-    state: absent
-  run_once: "True"
-
-- name: install dependency for ansible update
-  yum:
-    name: "{{ item }}"
-    state: latest
-  with_items:
-    - git
-    - libffi-devel
-    - openssl-devel
-    - python-devel
-  run_once: "True"
-  when: ansible_os_family == 'RedHat'
-
-- name: update python packages
-  pip:
-    name: "{{ item }}"
-    state: latest
-  with_items:
-    - netaddr
-    - jinja2
-
-- name: copy inventories generate script
-  copy:
-    src: generate_inventories.py
-    dest: /tmp/generate_inventories.py
+- name: check the kubespray sample path
+  stat: path=/opt/kargo_k8s/inventory/sample
+  register: sample_stat
+
+- name: Move kubespray group_vars folder
+  command: mv /opt/kargo_k8s/inventory/sample/group_vars /opt/kargo_k8s/inventory/
+  when: sample_stat.stat.exists
+
+- name: generate kubespray inventory configure file
+  template:
+    src: "inventory.j2"
+    dest: "/opt/kargo_k8s/inventory/inventory.cfg"
   tags:
     - ansible
 
-- name: copy inventoriy.json file
-  copy:
-    src: "{{ run_dir }}/inventories/inventory.json"
-    dest: /tmp/inventory.json
-  tags:
-    - ansible
-
-- name: generate kargo inventories
-  shell: >
-    python /tmp/generate_inventories.py \
-           "/opt/kargo_k8s/inventory/inventory.cfg" \
-           "/tmp/inventory.json"
-  tags:
-    - ansible
-
-- name: configure target hosts
-  shell: |
-    cd /opt/kargo_k8s
-    ansible -i inventory/inventory.cfg -m ping all
-    ansible -i inventory/inventory.cfg all -m shell -a "rm /etc/yum.repos.d/*"
-    ansible -i inventory/inventory.cfg all -m copy -a \
-        "src=/etc/yum.repos.d/mirrors.repo dest=/etc/yum.repos.d"
-  tags:
-    - ansible
-
-- name: enable helm
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/k8s-cluster.yml
-    regexp: '^helm_enabled:'
-    line: 'helm_enabled: {{ helm_flag }}'
-
-- name: enable external lb | set lb domain_nam
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^## apiserver_loadbalancer_domain_name:'
-    line: 'apiserver_loadbalancer_domain_name: {{ apiserver_loadbalancer_domain_name }}'
-
-- name: enable external lb |
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#loadbalancer_apiserver:'
-    line: 'loadbalancer_apiserver:'
-
-- name: enable external lb | set vip address
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#  address: 1.2.3.4'
-    line: '  address: {{ vipaddress }}'
-
-- name: enable external lb | set vip port
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#  port: 1234'
-    line: '  port: {{ exlb_port }}'
-
-- name: enable internal lb
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#loadbalancer_apiserver_localhost: true'
-    line: 'loadbalancer_apiserver_localhost: true'
-
-- name: enable http proxy
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#http_proxy:'
-    line: 'http_proxy: {{ http_proxy }}'
-  when: http_proxy != ''
-
-- name: enable https proxy
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/all.yml
-    regexp: '^#https_proxy:'
-    line: 'https_proxy: {{ https_proxy }}'
-  when: https_proxy !=''
-
-- name: use the user name and password login the dashboard
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/k8s-cluster.yml
-    regexp: '^#kube_basic_auth: false'
-    line: 'kube_basic_auth: true'
-
-- name: add vip to ssl keys
-  lineinfile:
-    dest: /opt/kargo_k8s/inventory/sample/group_vars/k8s-cluster.yml
-    line: 'supplementary_addresses_in_ssl_keys: [{{ vipaddress }}]'
-
-- name: rm openssl file
-  file:
-    path: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2
-    state: absent
-
-- name: copy openssl.conf.j2
-  copy:
-    src: openssl.conf.j2
-    dest: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2
-
-- name: copy overrided variables
+- name: copy overrided variables for arm architecture
   copy:
     src: "{{ item }}"
     dest: /opt/kargo_k8s/extra-vars.yml
   with_first_found:
     - extra-vars-{{ ansible_architecture }}.yml
     - extra-vars.yml
+    - skip: true
+
+- name: copy overrided variables for kubespray
+  template:
+    src: "{{ item }}"
+    dest: "/opt/kargo_k8s/extra-vars.yml"
+  with_first_found:
+    - extra-vars-{{ ansible_architecture }}.yml.j2
+    - extra-vars.yml.j2
+  tags:
+    - ansible
 
 - name: copy 2flannel playbook to kargo
   copy:
@@ -277,9 +150,10 @@ kube-controller-manager.manifest.j2",
 
 - name: run kargo playbook
   shell: |
-    cd /opt/kargo_k8s
     ansible-playbook -i inventory/inventory.cfg cluster.yml \
                      -e "@extra-vars.yml" -b -v 2>&1  | tee kargo.log
+  args:
+    chdir: "/opt/kargo_k8s"
   tags:
     - ansible
 

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/templates/extra-vars.yml.j2 b/deploy/adapters/ansible/kubernetes/roles/kargo/templates/extra-vars.yml.j2
new file mode 100755 (executable)
index 0000000..1d7a2fa
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/templates/extra-vars.yml.j2
@@ -0,0 +1,40 @@
+---
+# Override default kubespray variables
+
+#dashboard_port: "{{dashboard_port|default('31746')}}"
+
+# kubespray configure
+apiserver_loadbalancer_domain_name: "{{ public_vip.ip  }}"
+loadbalancer_apiserver:
+  address: "{{ public_vip.ip  }}"
+  port: {{ loadbalancer_apiserver_port|default(8383) }}
+loadbalancer_apiserver_localhost: {{ loadbalancer_apiserver_localhost|default(true) }}
+
+kube_basic_auth: {{ kube_basic_auth |default(true) }}
+kube_network_plugin: {{ kube_network_plugin|default('calico') }}
+# Monitoring apps for k8s
+efk_enabled: {{ efk_enabled |default(true)}}
+# Helm deployment
+helm_enabled: {{ helm_enabled |default(true)}}
+# Istio deployment
+istio_enabled: {{ istio_enabled |default(false)}}
+supplementary_addresses_in_ssl_keys: ["{{ public_vip.ip  }}"]
+#storage
+local_volume_provisioner_enabled: {{local_volume_provisioner_enabled |default(false) }}
+# local_volume_provisioner_namespace: "system_namespace"
+# local_volume_provisioner_base_dir: /mnt/disks
+# local_volume_provisioner_mount_dir: /mnt/disks
+# local_volume_provisioner_storage_class: local-storage
+
+# CephFS provisioner deployment
+cephfs_provisioner_enabled: {{ cephfs_provisioner_enabled |default(false)}}
+# cephfs_provisioner_namespace: "cephfs-provisioner"
+# cephfs_provisioner_cluster: ceph
+# cephfs_provisioner_monitors: "172.24.0.1:6789,172.24.0.2:6789,172.24.0.3:6789"
+# cephfs_provisioner_admin_id: admin
+# cephfs_provisioner_secret: secret
+# cephfs_provisioner_storage_class: cephfs
+# cephfs_provisioner_reclaim_policy: Delete
+# cephfs_provisioner_claim_root: /volumes
+# cephfs_provisioner_deterministic_names: true
+

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/templates/inventory.j2 b/deploy/adapters/ansible/kubernetes/roles/kargo/templates/inventory.j2
new file mode 100644 (file)
index 0000000..0120ae1
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/templates/inventory.j2
@@ -0,0 +1,26 @@
+[all]
+{% for host, vales in hostvars.iteritems() %}
+{{ host }} ansible_ssh_host={{ vales['ansible_ssh_host'] }} ansible_ssh_pass=root  ansible_user=root
+{% endfor %}
+
+[kube-master]
+{% for host in hostvars[inventory_hostname]['groups']['kube_master'] %}
+{{ host }}
+{% endfor %}
+
+[etcd]
+{% for host in hostvars[inventory_hostname]['groups']['etcd'] %}
+{{ host }}
+{% endfor %}
+
+[kube-node]
+{% for host in hostvars[inventory_hostname]['groups']['kube_node'] %}
+{{ host }}
+{% endfor %}
+
+[k8s-cluster:children]
+kube-node
+kube-master
+
+[calico-rr]
+[vault]

diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
old mode 100644 (file)
new mode 100755 (executable)
index 8049095..af9c967
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
@@ -1,9 +1,3 @@
 ---
-helm_flag: true
-apiserver_loadbalancer_domain_name: "{{ public_vip.ip  }}"
-vipaddress: "{{ public_vip.ip  }}"
-exlb_port: 8383
-kubelet_fail_swap_on: false
-
 http_proxy: "{{ proxy }}"
 https_proxy: "{{ proxy }}"