diff --git a/build/common.sh b/build/common.sh index d4301bc23e6..8ca371c3332 100755 --- a/build/common.sh +++ b/build/common.sh @@ -953,24 +953,6 @@ function kube::release::package_kube_manifests_tarball() { mkdir -p "${dst_dir}/dns" tar c -C "${KUBE_ROOT}/cluster/saltbase/salt/kube-dns" ${objects} | tar x -C "${dst_dir}/dns" - # We leave the `{{ pillar['federations_domain_map'] }}` parameter as is, if - # the right federation environment variables isn't set. This is to allow - # users to provide these pillar values using the regular salt's mechanisms - # during cluster bootstrap. - if [[ "${FEDERATION:-}" == "true" ]]; then - FEDERATIONS_DOMAIN_MAP="${FEDERATIONS_DOMAIN_MAP:-}" - if [[ -z "${FEDERATIONS_DOMAIN_MAP}" && -n "${FEDERATION_NAME:-}" && -n "${DNS_ZONE_NAME:-}" ]]; then - FEDERATIONS_DOMAIN_MAP="${FEDERATION_NAME}=${DNS_ZONE_NAME}" - fi - if [[ -n "${FEDERATIONS_DOMAIN_MAP}" ]]; then - sed -i 's/{{ pillar\['"'"'federations_domain_map'"'"'\] }}/- --federations='"${FEDERATIONS_DOMAIN_MAP}"'/g' "${dst_dir}/dns/skydns-rc.yaml.in" - else - sed -i '/{{ pillar\['"'"'federations_domain_map'"'"'\] }}/d' "${dst_dir}/dns/skydns-rc.yaml.in" - fi - else - sed -i '/{{ pillar\['"'"'federations_domain_map'"'"'\] }}/d' "${dst_dir}/dns/skydns-rc.yaml.in" - fi - # This is for coreos only. ContainerVM, GCI, or Trusty does not use it. cp -r "${KUBE_ROOT}/cluster/gce/coreos/kube-manifests"/* "${release_stage}/" diff --git a/cluster/common.sh b/cluster/common.sh index 5765228d0b2..f064da159c1 100755 --- a/cluster/common.sh +++ b/cluster/common.sh @@ -710,6 +710,28 @@ EOF cat >>$file <>$file <>$file <>$file <>$file <>/srv/salt-overlay/pillar/cluster-params.sls +federations_domain_map: '$(echo "- --federations=${FEDERATIONS_DOMAIN_MAP}" | sed -e "s/'/''/g")' +EOF + else + cat <>/srv/salt-overlay/pillar/cluster-params.sls +federations_domain_map: '' +EOF + fi + else + cat <>/srv/salt-overlay/pillar/cluster-params.sls +federations_domain_map: '' +EOF + fi } # The job of this function is simple, but the basic regular expression syntax makes diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index a4a26311bfa..23cde1db918 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -837,6 +837,20 @@ function start-kube-addons { sed -i -e "s@{{ *pillar\['dns_replicas'\] *}}@${DNS_REPLICAS}@g" "${dns_rc_file}" sed -i -e "s@{{ *pillar\['dns_domain'\] *}}@${DNS_DOMAIN}@g" "${dns_rc_file}" sed -i -e "s@{{ *pillar\['dns_server'\] *}}@${DNS_SERVER_IP}@g" "${dns_svc_file}" + + if [[ "${FEDERATION:-}" == "true" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATIONS_DOMAIN_MAP:-}" + if [[ -z "${FEDERATIONS_DOMAIN_MAP}" && -n "${FEDERATION_NAME:-}" && -n "${DNS_ZONE_NAME:-}" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATION_NAME}=${DNS_ZONE_NAME}" + fi + if [[ -n "${FEDERATIONS_DOMAIN_MAP}" ]]; then + sed -i -e "s@{{ *pillar\['federations_domain_map'\] *}}@- --federations=${FEDERATIONS_DOMAIN_MAP}@g" "${dns_rc_file}" + else + sed -i -e "/{{ *pillar\['federations_domain_map'\] *}}/d" "${dns_rc_file}" + fi + else + sed -i -e "/{{ *pillar\['federations_domain_map'\] *}}/d" "${dns_rc_file}" + fi fi if [[ "${ENABLE_CLUSTER_REGISTRY:-}" == "true" ]]; then setup-addon-manifests "addons" "registry" diff --git a/cluster/gce/trusty/configure-helper.sh b/cluster/gce/trusty/configure-helper.sh index e43de66e756..e2fb5d3e2a9 100644 --- a/cluster/gce/trusty/configure-helper.sh +++ b/cluster/gce/trusty/configure-helper.sh @@ -767,6 +767,20 @@ start_kube_addons() { sed -i -e "s@{{ *pillar\['dns_replicas'\] *}}@${DNS_REPLICAS}@g" "${dns_rc_file}" sed -i -e "s@{{ *pillar\['dns_domain'\] *}}@${DNS_DOMAIN}@g" "${dns_rc_file}" sed -i -e "s@{{ *pillar\['dns_server'\] *}}@${DNS_SERVER_IP}@g" "${dns_svc_file}" + + if [[ "${FEDERATION:-}" == "true" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATIONS_DOMAIN_MAP:-}" + if [[ -z "${FEDERATIONS_DOMAIN_MAP}" && -n "${FEDERATION_NAME:-}" && -n "${DNS_ZONE_NAME:-}" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATION_NAME}=${DNS_ZONE_NAME}" + fi + if [[ -n "${FEDERATIONS_DOMAIN_MAP}" ]]; then + sed -i -e "s@{{ *pillar\['federations_domain_map'\] *}}@- --federations=${FEDERATIONS_DOMAIN_MAP}@g" "${dns_rc_file}" + else + sed -i -e "/{{ *pillar\['federations_domain_map'\] *}}/d" "${dns_rc_file}" + fi + else + sed -i -e "/{{ *pillar\['federations_domain_map'\] *}}/d" "${dns_rc_file}" + fi fi if [ "${ENABLE_CLUSTER_REGISTRY:-}" = "true" ]; then setup_addon_manifests "addons" "registry" diff --git a/cluster/mesos/docker/deploy-dns.sh b/cluster/mesos/docker/deploy-dns.sh index f8f1734abd0..f9aff165387 100755 --- a/cluster/mesos/docker/deploy-dns.sh +++ b/cluster/mesos/docker/deploy-dns.sh @@ -31,6 +31,21 @@ workspace=$(pwd) sed -e "s/{{ pillar\['dns_replicas'\] }}/${DNS_REPLICAS}/g;s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g" "${KUBE_ROOT}/cluster/saltbase/salt/kube-dns/skydns-rc.yaml.in" > "${workspace}/skydns-rc.yaml" sed -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" "${KUBE_ROOT}/cluster/saltbase/salt/kube-dns/skydns-svc.yaml.in" > "${workspace}/skydns-svc.yaml" +# Federation specific values. +if [[ "${FEDERATION:-}" == "true" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATIONS_DOMAIN_MAP:-}" + if [[ -z "${FEDERATIONS_DOMAIN_MAP}" && -n "${FEDERATION_NAME:-}" && -n "${DNS_ZONE_NAME:-}" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATION_NAME}=${DNS_ZONE_NAME}" + fi + if [[ -n "${FEDERATIONS_DOMAIN_MAP}" ]]; then + sed -i -e "s/{{ pillar\['federations_domain_map'\] }}/- --federations=${FEDERATIONS_DOMAIN_MAP}/g" "${workspace}/skydns-rc.yaml" + else + sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" "${workspace}/skydns-rc.yaml" + fi +else + sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" "${workspace}/skydns-rc.yaml" +fi + # Use kubectl to create skydns rc and service "${kubectl}" create -f "${workspace}/skydns-rc.yaml" "${kubectl}" create -f "${workspace}/skydns-svc.yaml" diff --git a/cluster/openstack-heat/kubernetes-heat/fragments/configure-salt.yaml b/cluster/openstack-heat/kubernetes-heat/fragments/configure-salt.yaml index c996d39482c..bed41547c4c 100644 --- a/cluster/openstack-heat/kubernetes-heat/fragments/configure-salt.yaml +++ b/cluster/openstack-heat/kubernetes-heat/fragments/configure-salt.yaml @@ -46,6 +46,7 @@ write_files: dns_replicas: "1" dns_server: 10.246.0.10 dns_domain: cluster.local + federations_domain_map: '' instance_prefix: kubernetes admission_control: NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota enable_cpu_cfs_quota: "true" diff --git a/cluster/photon-controller/templates/create-dynamic-salt-files.sh b/cluster/photon-controller/templates/create-dynamic-salt-files.sh index 424c75bd4ff..4a7c3be7017 100755 --- a/cluster/photon-controller/templates/create-dynamic-salt-files.sh +++ b/cluster/photon-controller/templates/create-dynamic-salt-files.sh @@ -120,6 +120,7 @@ enable_cluster_dns: "${ENABLE_CLUSTER_DNS:-false}" dns_replicas: ${DNS_REPLICAS:-1} dns_server: $DNS_SERVER_IP dns_domain: $DNS_DOMAIN +federations_domain_map: '' e2e_storage_test_environment: "${E2E_STORAGE_TEST_ENVIRONMENT:-false}" cluster_cidr: "$NODE_IP_RANGES" allocate_node_cidrs: "${ALLOCATE_NODE_CIDRS:-true}" diff --git a/cluster/vagrant/provision-utils.sh b/cluster/vagrant/provision-utils.sh index 846d9c505ce..e486af93264 100755 --- a/cluster/vagrant/provision-utils.sh +++ b/cluster/vagrant/provision-utils.sh @@ -59,6 +59,7 @@ enable_cluster_dns: '$(echo "$ENABLE_CLUSTER_DNS" | sed -e "s/'/''/g")' dns_replicas: '$(echo "$DNS_REPLICAS" | sed -e "s/'/''/g")' dns_server: '$(echo "$DNS_SERVER_IP" | sed -e "s/'/''/g")' dns_domain: '$(echo "$DNS_DOMAIN" | sed -e "s/'/''/g")' +federations_domain_map: '' instance_prefix: '$(echo "$INSTANCE_PREFIX" | sed -e "s/'/''/g")' admission_control: '$(echo "$ADMISSION_CONTROL" | sed -e "s/'/''/g")' enable_cpu_cfs_quota: '$(echo "$ENABLE_CPU_CFS_QUOTA" | sed -e "s/'/''/g")' diff --git a/cluster/vsphere/templates/create-dynamic-salt-files.sh b/cluster/vsphere/templates/create-dynamic-salt-files.sh index e85aaacf7d5..0d2e9252a68 100755 --- a/cluster/vsphere/templates/create-dynamic-salt-files.sh +++ b/cluster/vsphere/templates/create-dynamic-salt-files.sh @@ -120,6 +120,7 @@ enable_cluster_dns: "${ENABLE_CLUSTER_DNS:-false}" dns_replicas: ${DNS_REPLICAS:-1} dns_server: $DNS_SERVER_IP dns_domain: $DNS_DOMAIN +federations_domain_map: '' e2e_storage_test_environment: "${E2E_STORAGE_TEST_ENVIRONMENT:-false}" cluster_cidr: "$NODE_IP_RANGES" allocate_node_cidrs: "${ALLOCATE_NODE_CIDRS:-true}" diff --git a/hack/local-up-cluster.sh b/hack/local-up-cluster.sh index 9713243b85e..6a7e1e64586 100755 --- a/hack/local-up-cluster.sh +++ b/hack/local-up-cluster.sh @@ -412,6 +412,19 @@ function start_kubedns { if [[ "${ENABLE_CLUSTER_DNS}" = true ]]; then echo "Creating kube-system namespace" sed -e "s/{{ pillar\['dns_replicas'\] }}/${DNS_REPLICAS}/g;s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g;" "${KUBE_ROOT}/cluster/saltbase/salt/kube-dns/skydns-rc.yaml.in" >| skydns-rc.yaml + if [[ "${FEDERATION:-}" == "true" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATIONS_DOMAIN_MAP:-}" + if [[ -z "${FEDERATIONS_DOMAIN_MAP}" && -n "${FEDERATION_NAME:-}" && -n "${DNS_ZONE_NAME:-}" ]]; then + FEDERATIONS_DOMAIN_MAP="${FEDERATION_NAME}=${DNS_ZONE_NAME}" + fi + if [[ -n "${FEDERATIONS_DOMAIN_MAP}" ]]; then + sed -i -e "s/{{ pillar\['federations_domain_map'\] }}/- --federations=${FEDERATIONS_DOMAIN_MAP}/g" skydns-rc.yaml + else + sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" skydns-rc.yaml + fi + else + sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" skydns-rc.yaml + fi sed -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" "${KUBE_ROOT}/cluster/saltbase/salt/kube-dns/skydns-svc.yaml.in" >| skydns-svc.yaml cat <namespace.yaml apiVersion: v1