airship/promenade
Code Issues Proposed changes
promenade/docs/source/configuration/kubernetes-network.rst
Mark Burnett 95643147c5 Migrate to self hosted using charts 
This change includes several interconnected features:

* Migration to Deckhand-based configuration.  This is integrated here,
  because new configuration data were needed, so it would have been
  wasted effort to either implement it in the old format or to update
  the old configuration data to Dechkand format.
* Failing faster with stronger validation.  Migration to Deckhand
  configuration was a good opportunity to add schema validation, which
  is a requirement in the near term anyway.  Additionally, rendering
  all templates up front adds an additional layer of "fail-fast".
* Separation of certificate generation and configuration assembly into
  different commands.  Combined with Deckhand substitution, this creates
  a much clearer distinction between Promenade configuration and
  deployable secrets.
* Migration of components to charts.  This is a key step that will
  enable support for dynamic node management.  Additionally, this paves
  the way for significant configurability in component deployment.
* Version of kubelet is configurable & controlled via download url.
* Restructuring templates to be more intuitive.  Many of the templates
  require changes or deletion due to the migration to charts.
* Installation of pre-configured useful tools on hosts, including calicoctl.
* DNS is now provided by coredns, which is highly configurable.

Change-Id: I9f2d8da6346f4308be5083a54764ce6035a2e10c
2017-10-17 13:29:46 -05:00

1.9 KiB
Raw Blame History

Kubernetes Network

Configuration for Kubernetes networking during bootstrapping and for the kubelet.

Sample Document

schema: promenade/KubernetesNetwork/v1
metadata:
  schema: metadata/Document/v1
  name: kubernetes-network
  layeringDefinition:
    abstract: false
    layer: site
data:
  dns:
    cluster_domain: cluster.local
    service_ip: 10.96.0.10
    bootstrap_validation_checks:
      - calico-etcd.kube-system.svc.cluster.local
      - kubernetes-etcd.kube-system.svc.cluster.local
      - kubernetes.default.svc.cluster.local
    upstream_servers:
      - 8.8.8.8
      - 8.8.4.4

  kubernetes:
    pod_cidr: 10.97.0.0/16
    service_cidr: 10.96.0.0/16
    service_ip: 10.96.0.1

  etcd:
    service_ip: 10.96.0.2

  hosts_entries:
    - ip: 192.168.77.1
      names:
        - registry

  proxy:
    url: http://proxy.example.com:8080
    additional_no_proxy:
      - 192.168.77.1

DNS

The data in the dns key is used for bootstrapping and kubelet configuration of cluster and host-level DNS, which is provided by coredns.

bootstrap_validation_checks

Domain names to resolve during the genesis and join processes for validation.

cluster_domain

The Kubernetes cluster domain. Used by the kubelet.

service_ip

The IP to use for cluster DNS. Used by the kubelet.

upstream_servers

Upstream DNS servers to be configured in /etc/resolv.conf.

Kubernetes

The kubernetes key contains:

pod_cidr

The CIDR from which the Kubernetes Controller Manager assigns pod IPs.

service_cidr

The CIDR from which the Kubernetes Controller Manager assigns service IPs.

service_ip

The in-cluster Kubernetes service IP.