porkadot 0.2.0 → 0.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/hack/gen-storage-version-migrator.sh +7 -0
- data/hack/storage-version-migrator/kustomization.yaml +13 -0
- data/lib/porkadot/assets.rb +9 -0
- data/lib/porkadot/assets/etcd.rb +1 -1
- data/lib/porkadot/assets/etcd/etcd-server.yaml.erb +2 -0
- data/lib/porkadot/assets/kubelet/config.yaml.erb +3 -0
- data/lib/porkadot/assets/kubelet/install-deps.sh.erb +11 -0
- data/lib/porkadot/assets/kubelet/install-pkgs.sh.erb +25 -2
- data/lib/porkadot/assets/kubelet/kubelet.service.erb +3 -1
- data/lib/porkadot/assets/kubernetes.rb +4 -1
- data/lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb +209 -0
- data/lib/porkadot/assets/kubernetes/manifests/dns-horizontal-autoscaler.yaml.erb +110 -0
- data/lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb +52 -431
- data/lib/porkadot/assets/kubernetes/manifests/kube-scheduler.yaml.erb +1 -1
- data/lib/porkadot/assets/kubernetes/manifests/kubelet-rubber-stamp.yaml.erb +12 -3
- data/lib/porkadot/assets/kubernetes/manifests/metallb.secrets.yaml.erb +13 -0
- data/lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb +116 -26
- data/lib/porkadot/assets/kubernetes/manifests/porkadot.yaml.erb +23 -1
- data/lib/porkadot/assets/kubernetes/manifests/storage-version-migrator.yaml.erb +354 -0
- data/lib/porkadot/cmd/render/certs.rb +1 -1
- data/lib/porkadot/configs/certs.rb +1 -1
- data/lib/porkadot/configs/certs/k8s.rb +6 -0
- data/lib/porkadot/configs/kubernetes.rb +1 -0
- data/lib/porkadot/default.yaml +4 -3
- data/lib/porkadot/version.rb +1 -1
- metadata +8 -3
- data/lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb +0 -130
@@ -40,7 +40,7 @@ module Porkadot; module Cmd; module Render; module Certs
|
|
40
40
|
certs.apiserver_cert(true)
|
41
41
|
logger.info "--> Kubelet client key and certs"
|
42
42
|
certs.kubelet_client_key
|
43
|
-
certs.kubelet_client_cert
|
43
|
+
certs.kubelet_client_cert(true)
|
44
44
|
# logger.info "--> Bootstrap client key and certs"
|
45
45
|
# bootstrap_client_key = self.private_key(self.assets.k8s_bootstrap_key_path)
|
46
46
|
# self.client_cert(self.assets.k8s_bootstrap_cert_path, '/O=porkadot:node-bootstrappers/CN=node-bootstrapper', bootstrap_client_key, ca_cert, ca_key)
|
@@ -33,6 +33,12 @@ module Porkadot; module Configs; class Certs
|
|
33
33
|
DNS:kubernetes.default
|
34
34
|
DNS:kubernetes.default.svc
|
35
35
|
DNS:kubernetes.default.svc.#{self.config.k8s.networking.dns_domain}
|
36
|
+
DNS:porkadot-kubernetes
|
37
|
+
DNS:porkadot-kubernetes.kube-system
|
38
|
+
DNS:porkadot-kubernetes.kube-system.svc
|
39
|
+
DNS:porkadot-kubernetes-latest
|
40
|
+
DNS:porkadot-kubernetes-latest.kube-system
|
41
|
+
DNS:porkadot-kubernetes-latest.kube-system.svc
|
36
42
|
DNS:localhost
|
37
43
|
IP:#{self.config.k8s.networking.kubernetes_ip}
|
38
44
|
IP:127.0.0.1
|
@@ -56,6 +56,7 @@ module Porkadot; module Configs
|
|
56
56
|
"#{RECOMMENDED_LABEL_PREFIX}/version": self.config.k8s.kubernetes_version,
|
57
57
|
"#{RECOMMENDED_LABEL_PREFIX}/part-of": 'kubernetes',
|
58
58
|
"#{RECOMMENDED_LABEL_PREFIX}/managed-by": 'porkadot',
|
59
|
+
"k8s-app": self.component_name,
|
59
60
|
})
|
60
61
|
end
|
61
62
|
|
data/lib/porkadot/default.yaml
CHANGED
@@ -27,10 +27,11 @@ lb:
|
|
27
27
|
|
28
28
|
etcd:
|
29
29
|
image_repository: gcr.io/etcd-development/etcd
|
30
|
-
image_tag: v3.3
|
30
|
+
image_tag: v3.4.3
|
31
|
+
extra_env: []
|
31
32
|
|
32
33
|
kubernetes:
|
33
|
-
kubernetes_version: v1.
|
34
|
+
kubernetes_version: v1.19.6
|
34
35
|
image_repository: k8s.gcr.io
|
35
36
|
|
36
37
|
networking:
|
@@ -101,7 +102,7 @@ kubernetes:
|
|
101
102
|
webhook:
|
102
103
|
cacheAuthorizedTTL: 0s
|
103
104
|
cacheUnauthorizedTTL: 0s
|
104
|
-
cgroupDriver:
|
105
|
+
cgroupDriver: systemd
|
105
106
|
clusterDNS: []
|
106
107
|
clusterDomain: cluster.local
|
107
108
|
cpuManagerReconcilePeriod: 0s
|
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: porkadot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTSUKA, Yuanying
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-06-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -113,6 +113,8 @@ files:
|
|
113
113
|
- config/porkadot.yaml
|
114
114
|
- config/unstable.yaml
|
115
115
|
- exe/porkadot
|
116
|
+
- hack/gen-storage-version-migrator.sh
|
117
|
+
- hack/storage-version-migrator/kustomization.yaml
|
116
118
|
- lib/porkadot.rb
|
117
119
|
- lib/porkadot/assets.rb
|
118
120
|
- lib/porkadot/assets/bootstrap.rb
|
@@ -140,6 +142,8 @@ files:
|
|
140
142
|
- lib/porkadot/assets/kubelet/kubelet.service.erb
|
141
143
|
- lib/porkadot/assets/kubernetes.rb
|
142
144
|
- lib/porkadot/assets/kubernetes/install.sh.erb
|
145
|
+
- lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb
|
146
|
+
- lib/porkadot/assets/kubernetes/manifests/dns-horizontal-autoscaler.yaml.erb
|
143
147
|
- lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb
|
144
148
|
- lib/porkadot/assets/kubernetes/manifests/kube-apiserver.secrets.yaml.erb
|
145
149
|
- lib/porkadot/assets/kubernetes/manifests/kube-apiserver.yaml.erb
|
@@ -149,9 +153,10 @@ files:
|
|
149
153
|
- lib/porkadot/assets/kubernetes/manifests/kube-scheduler.yaml.erb
|
150
154
|
- lib/porkadot/assets/kubernetes/manifests/kubelet-rubber-stamp.yaml.erb
|
151
155
|
- lib/porkadot/assets/kubernetes/manifests/kubelet.yaml.erb
|
156
|
+
- lib/porkadot/assets/kubernetes/manifests/metallb.secrets.yaml.erb
|
152
157
|
- lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb
|
153
|
-
- lib/porkadot/assets/kubernetes/manifests/pod-checkpointer.yaml.erb
|
154
158
|
- lib/porkadot/assets/kubernetes/manifests/porkadot.yaml.erb
|
159
|
+
- lib/porkadot/assets/kubernetes/manifests/storage-version-migrator.yaml.erb
|
155
160
|
- lib/porkadot/cmd.rb
|
156
161
|
- lib/porkadot/cmd/cli.rb
|
157
162
|
- lib/porkadot/cmd/install.rb
|
@@ -1,130 +0,0 @@
|
|
1
|
-
<% k8s = global_config.k8s -%>
|
2
|
-
---
|
3
|
-
apiVersion: v1
|
4
|
-
kind: ServiceAccount
|
5
|
-
metadata:
|
6
|
-
name: pod-checkpointer
|
7
|
-
namespace: kube-system
|
8
|
-
---
|
9
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
10
|
-
kind: Role
|
11
|
-
metadata:
|
12
|
-
name: pod-checkpointer
|
13
|
-
namespace: kube-system
|
14
|
-
rules:
|
15
|
-
- apiGroups: [""] # "" indicates the core API group
|
16
|
-
resources: ["pods"]
|
17
|
-
verbs: ["get", "watch", "list"]
|
18
|
-
- apiGroups: [""] # "" indicates the core API group
|
19
|
-
resources: ["secrets", "configmaps"]
|
20
|
-
verbs: ["get"]
|
21
|
-
---
|
22
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
23
|
-
kind: RoleBinding
|
24
|
-
metadata:
|
25
|
-
name: pod-checkpointer
|
26
|
-
namespace: kube-system
|
27
|
-
roleRef:
|
28
|
-
apiGroup: rbac.authorization.k8s.io
|
29
|
-
kind: Role
|
30
|
-
name: pod-checkpointer
|
31
|
-
subjects:
|
32
|
-
- kind: ServiceAccount
|
33
|
-
name: pod-checkpointer
|
34
|
-
namespace: kube-system
|
35
|
-
---
|
36
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
37
|
-
kind: ClusterRole
|
38
|
-
metadata:
|
39
|
-
name: pod-checkpointer
|
40
|
-
rules:
|
41
|
-
- apiGroups: [""]
|
42
|
-
resources: ["nodes", "nodes/proxy"]
|
43
|
-
verbs: ["get"]
|
44
|
-
---
|
45
|
-
apiVersion: rbac.authorization.k8s.io/v1
|
46
|
-
kind: ClusterRoleBinding
|
47
|
-
metadata:
|
48
|
-
name: pod-checkpointer
|
49
|
-
roleRef:
|
50
|
-
apiGroup: rbac.authorization.k8s.io
|
51
|
-
kind: ClusterRole
|
52
|
-
name: pod-checkpointer
|
53
|
-
subjects:
|
54
|
-
- kind: ServiceAccount
|
55
|
-
name: pod-checkpointer
|
56
|
-
namespace: kube-system
|
57
|
-
---
|
58
|
-
apiVersion: apps/v1
|
59
|
-
kind: DaemonSet
|
60
|
-
metadata:
|
61
|
-
name: pod-checkpointer
|
62
|
-
namespace: kube-system
|
63
|
-
labels:
|
64
|
-
tier: control-plane
|
65
|
-
k8s-app: pod-checkpointer
|
66
|
-
spec:
|
67
|
-
selector:
|
68
|
-
matchLabels:
|
69
|
-
tier: control-plane
|
70
|
-
k8s-app: pod-checkpointer
|
71
|
-
template:
|
72
|
-
metadata:
|
73
|
-
labels:
|
74
|
-
tier: control-plane
|
75
|
-
k8s-app: pod-checkpointer
|
76
|
-
annotations:
|
77
|
-
checkpointer.alpha.coreos.com/checkpoint: "true"
|
78
|
-
spec:
|
79
|
-
containers:
|
80
|
-
- name: pod-checkpointer
|
81
|
-
image: quay.io/coreos/pod-checkpointer:83e25e5968391b9eb342042c435d1b3eeddb2be1
|
82
|
-
command:
|
83
|
-
- /checkpoint
|
84
|
-
- --lock-file=/var/run/lock/pod-checkpointer.lock
|
85
|
-
- --kubeconfig=/etc/checkpointer/kubeconfig
|
86
|
-
- --checkpoint-grace-period=5m
|
87
|
-
env:
|
88
|
-
- name: NODE_NAME
|
89
|
-
valueFrom:
|
90
|
-
fieldRef:
|
91
|
-
fieldPath: spec.nodeName
|
92
|
-
- name: POD_NAME
|
93
|
-
valueFrom:
|
94
|
-
fieldRef:
|
95
|
-
fieldPath: metadata.name
|
96
|
-
- name: POD_NAMESPACE
|
97
|
-
valueFrom:
|
98
|
-
fieldRef:
|
99
|
-
fieldPath: metadata.namespace
|
100
|
-
imagePullPolicy: Always
|
101
|
-
volumeMounts:
|
102
|
-
- mountPath: /etc/checkpointer
|
103
|
-
name: kubeconfig
|
104
|
-
- mountPath: /etc/kubernetes
|
105
|
-
name: etc-kubernetes
|
106
|
-
- mountPath: /var/run
|
107
|
-
name: var-run
|
108
|
-
serviceAccountName: pod-checkpointer
|
109
|
-
hostNetwork: true
|
110
|
-
nodeSelector:
|
111
|
-
k8s.unstable.cloud/master: ""
|
112
|
-
restartPolicy: Always
|
113
|
-
tolerations:
|
114
|
-
- key: node-role.kubernetes.io/master
|
115
|
-
operator: Exists
|
116
|
-
effect: NoSchedule
|
117
|
-
volumes:
|
118
|
-
- name: kubeconfig
|
119
|
-
configMap:
|
120
|
-
name: kubeconfig-in-cluster
|
121
|
-
- name: etc-kubernetes
|
122
|
-
hostPath:
|
123
|
-
path: /etc/kubernetes
|
124
|
-
- name: var-run
|
125
|
-
hostPath:
|
126
|
-
path: /var/run
|
127
|
-
updateStrategy:
|
128
|
-
rollingUpdate:
|
129
|
-
maxUnavailable: 1
|
130
|
-
type: RollingUpdate
|