From 1c7f4cf363c382925844059c4fe13d9e399df163 Mon Sep 17 00:00:00 2001 From: Konstantinos Tsakalozos Date: Tue, 8 Aug 2017 14:09:03 +0300 Subject: [PATCH] Fix ingress and microbot --- .../nginx-ingress-controller-rbac.yml | 10 +-- .../reactive/kubernetes_worker.py | 17 +---- .../templates/default-backend.yml | 51 -------------- .../templates/default-http-backend.yaml | 26 +++++--- .../nginx-ingress-controller-service.yml | 16 ----- .../templates/nginx-ingress-controller.yml | 66 ------------------- 6 files changed, 23 insertions(+), 163 deletions(-) delete mode 100644 cluster/juju/layers/kubernetes-worker/templates/default-backend.yml delete mode 100644 cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller-service.yml delete mode 100644 cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller.yml diff --git a/cluster/juju/layers/kubernetes-master/templates/nginx-ingress-controller-rbac.yml b/cluster/juju/layers/kubernetes-master/templates/nginx-ingress-controller-rbac.yml index 696f4c6e076..5b039282353 100644 --- a/cluster/juju/layers/kubernetes-master/templates/nginx-ingress-controller-rbac.yml +++ b/cluster/juju/layers/kubernetes-master/templates/nginx-ingress-controller-rbac.yml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: nginx-ingress-serviceaccount - namespace: kube-system + namespace: default --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole @@ -60,7 +60,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role metadata: name: nginx-ingress-role - namespace: kube-system + namespace: default rules: - apiGroups: - "" @@ -103,7 +103,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: nginx-ingress-role-nisa-binding - namespace: kube-system + namespace: default roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -111,7 +111,7 @@ roleRef: subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount - namespace: kube-system + namespace: default --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -124,4 +124,4 @@ roleRef: subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount - namespace: kube-system + namespace: default diff --git a/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py b/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py index 1aaa04b1399..d5d5a6d3b63 100644 --- a/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py +++ b/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py @@ -392,8 +392,6 @@ def render_and_launch_ingress(): '/root/cdk/addons/default-http-backend.yaml') kubectl_manifest('delete', '/root/cdk/addons/ingress-replication-controller.yaml') # noqa - kubectl_manifest('delete', - '/root/cdk/addons/ingress-replication-controller-service.yaml') # noqa hookenv.close_port(80) hookenv.close_port(443) @@ -563,7 +561,7 @@ def launch_default_ingress_controller(): # Render the default http backend (404) replicationcontroller manifest manifest = addon_path.format('default-http-backend.yaml') - render('default-backend.yml', manifest, context) + render('default-http-backend.yaml', manifest, context) hookenv.log('Creating the default http backend.') try: kubectl('apply', '-f', manifest) @@ -581,7 +579,7 @@ def launch_default_ingress_controller(): context['ingress_image'] = \ "docker.io/cdkbot/nginx-ingress-controller-s390x:0.9.0-beta.13" manifest = addon_path.format('ingress-replication-controller.yaml') - render('nginx-ingress-controller.yml', manifest, context) + render('ingress-replication-controller.yaml', manifest, context) hookenv.log('Creating the ingress replication controller.') try: kubectl('apply', '-f', manifest) @@ -591,17 +589,6 @@ def launch_default_ingress_controller(): hookenv.close_port(80) hookenv.close_port(443) return - manifest = addon_path.format('ingress-replication-controller-service.yaml') - render('nginx-ingress-controller-service.yml', manifest, context) - hookenv.log('Creating the ingress replication controller service.') - try: - kubectl('apply', '-f', manifest) - except CalledProcessError as e: - hookenv.log(e) - hookenv.log('Failed to create ingress controller service. Will attempt again next update.') # noqa - hookenv.close_port(80) - hookenv.close_port(443) - return set_state('kubernetes-worker.ingress.available') hookenv.open_port(80) diff --git a/cluster/juju/layers/kubernetes-worker/templates/default-backend.yml b/cluster/juju/layers/kubernetes-worker/templates/default-backend.yml deleted file mode 100644 index 3c40989a31e..00000000000 --- a/cluster/juju/layers/kubernetes-worker/templates/default-backend.yml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: default-http-backend - labels: - k8s-app: default-http-backend - namespace: kube-system -spec: - replicas: 1 - template: - metadata: - labels: - k8s-app: default-http-backend - spec: - terminationGracePeriodSeconds: 60 - containers: - - name: default-http-backend - # Any image is permissable as long as: - # 1. It serves a 404 page at / - # 2. It serves 200 on a /healthz endpoint - image: gcr.io/google_containers/defaultbackend:1.0 - livenessProbe: - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - timeoutSeconds: 5 - ports: - - containerPort: 8080 - resources: - limits: - cpu: 10m - memory: 20Mi - requests: - cpu: 10m - memory: 20Mi ---- -apiVersion: v1 -kind: Service -metadata: - name: default-http-backend - namespace: kube-system - labels: - k8s-app: default-http-backend -spec: - ports: - - port: 80 - targetPort: 8080 - selector: - k8s-app: default-http-backend diff --git a/cluster/juju/layers/kubernetes-worker/templates/default-http-backend.yaml b/cluster/juju/layers/kubernetes-worker/templates/default-http-backend.yaml index 02500dc679d..739ae2758a2 100644 --- a/cluster/juju/layers/kubernetes-worker/templates/default-http-backend.yaml +++ b/cluster/juju/layers/kubernetes-worker/templates/default-http-backend.yaml @@ -1,15 +1,15 @@ -apiVersion: v1 -kind: ReplicationController +apiVersion: extensions/v1beta1 +kind: Deployment metadata: name: default-http-backend + labels: + k8s-app: default-http-backend spec: replicas: 1 - selector: - app: default-http-backend template: metadata: labels: - app: default-http-backend + k8s-app: default-http-backend spec: terminationGracePeriodSeconds: 60 containers: @@ -27,17 +27,23 @@ spec: timeoutSeconds: 5 ports: - containerPort: 8080 + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi --- apiVersion: v1 kind: Service metadata: name: default-http-backend labels: - app: default-http-backend + k8s-app: default-http-backend spec: ports: - - port: 80 - protocol: TCP - targetPort: 80 + - port: 80 + targetPort: 8080 selector: - app: default-http-backend + k8s-app: default-http-backend diff --git a/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller-service.yml b/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller-service.yml deleted file mode 100644 index ad8b79df13d..00000000000 --- a/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller-service.yml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: nginx-ingress - namespace: kube-system -spec: -# Can also use LoadBalancer type - type: NodePort - ports: - - name: http - port: 8080 - nodePort: 30080 - targetPort: 80 - protocol: TCP - selector: - k8s-app: nginx-ingress-controller diff --git a/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller.yml b/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller.yml deleted file mode 100644 index 206fc3b6577..00000000000 --- a/cluster/juju/layers/kubernetes-worker/templates/nginx-ingress-controller.yml +++ /dev/null @@ -1,66 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: nginx-load-balancer-conf - namespace: kube-system ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: nginx-ingress-controller - labels: - k8s-app: nginx-ingress-controller - namespace: kube-system -spec: - replicas: 1 - selector: - matchLabels: - k8s-app: nginx-ingress-controller - template: - metadata: - labels: - k8s-app: nginx-ingress-controller - annotations: - prometheus.io/port: '10254' - prometheus.io/scrape: 'true' - spec: - # hostNetwork makes it possible to use ipv6 and to preserve the source IP correctly regardless of docker configuration - # however, it is not a hard dependency of the nginx-ingress-controller itself and it may cause issues if port 10254 already is taken on the host - # that said, since hostPort is broken on CNI (https://github.com/kubernetes/kubernetes/issues/31307) we have to use hostNetwork where CNI is used - # like with kubeadm - hostNetwork: true - terminationGracePeriodSeconds: 60 - serviceAccountName: nginx-ingress-serviceaccount - containers: - - name: nginx-ingress-controller - image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.11 - readinessProbe: - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - livenessProbe: - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - timeoutSeconds: 1 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - args: - - /nginx-ingress-controller - - --default-backend-service=$(POD_NAMESPACE)/default-http-backend - - --configmap=$(POD_NAMESPACE)/nginx-load-balancer-conf - ports: - - containerPort: 80 - hostPort: 80 - - containerPort: 443 - hostPort: 443