github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-05 10:19:50 +00:00
Code Issues Projects Releases Wiki Activity

Create a subnet for reserving the service cluster IP range

Browse Source 
This will be done if IP aliases is enabled on GCP.
This commit is contained in:
Bowei Du 2017-05-19 15:23:39 -07:00
parent 8d0cce3f91
commit 7c9b6e90e8
3 changed files with 58 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cluster/gce/config-default.sh
View File

@ -198,6 +198,8 @@ if [ ${ENABLE_IP_ALIASES} = true ]; then
# Size of ranges allocated to each node. gcloud alpha supports only /32 and /24. # Size of ranges allocated to each node. gcloud alpha supports only /32 and /24.
IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24} IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24}
IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default} IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default}
# Reserve the services IP space to avoid being allocated for other GCP resources.
SERVICE_CLUSTER_IP_SUBNETWORK=${KUBE_GCE_SERVICE_CLUSTER_IP_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-services}
# NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in # NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in
# the subnet and is the range used for node instance IPs. # the subnet and is the range used for node instance IPs.
NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}" NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}"

2
cluster/gce/config-test.sh
View File

@ -231,6 +231,8 @@ if [ ${ENABLE_IP_ALIASES} = true ]; then
# Size of ranges allocated to each node. gcloud current supports only /32 and /24. # Size of ranges allocated to each node. gcloud current supports only /32 and /24.
IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24} IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24}
IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default} IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default}
# Reserve the services IP space to avoid being allocated for other GCP resources.
SERVICE_CLUSTER_IP_SUBNETWORK=${KUBE_GCE_SERVICE_CLUSTER_IP_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-services}
# NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in # NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in
# the subnet and is the range used for node instance IPs. # the subnet and is the range used for node instance IPs.
NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}" NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}"

73
cluster/gce/util.sh
View File

@ -650,7 +650,7 @@ function kube-up() {
if [[ ${KUBE_USE_EXISTING_MASTER:-} == "true" ]]; then if [[ ${KUBE_USE_EXISTING_MASTER:-} == "true" ]]; then
detect-master detect-master
parse-master-env parse-master-env
create-subnetwork create-subnetworks
create-nodes create-nodes
elif [[ ${KUBE_REPLICATE_EXISTING_MASTER:-} == "true" ]]; then elif [[ ${KUBE_REPLICATE_EXISTING_MASTER:-} == "true" ]]; then
if [[ "${MASTER_OS_DISTRIBUTION}" != "gci" && "${MASTER_OS_DISTRIBUTION}" != "debian" && "${MASTER_OS_DISTRIBUTION}" != "ubuntu" ]]; then if [[ "${MASTER_OS_DISTRIBUTION}" != "gci" && "${MASTER_OS_DISTRIBUTION}" != "debian" && "${MASTER_OS_DISTRIBUTION}" != "ubuntu" ]]; then
@ -666,7 +666,7 @@ function kube-up() {
else else
check-existing check-existing
create-network create-network
create-subnetwork create-subnetworks
write-cluster-name write-cluster-name
create-autoscaler-config create-autoscaler-config
create-master create-master
@ -735,7 +735,7 @@ function create-network() {
fi fi
} }
function create-subnetwork() { function create-subnetworks() {
case ${ENABLE_IP_ALIASES} in case ${ENABLE_IP_ALIASES} in
true) ;; true) ;;
false) return;; false) return;;
@ -743,8 +743,8 @@ function create-subnetwork() {
exit 1;; exit 1;;
esac esac
# Look for the subnet, it must exist and have a secondary range # Look for the alias subnet, it must exist and have a secondary
# configured. # range configured.
local subnet=$(gcloud beta compute networks subnets describe \ local subnet=$(gcloud beta compute networks subnets describe \
--project "${PROJECT}" \ --project "${PROJECT}" \
--region ${REGION} \ --region ${REGION} \
@ -770,7 +770,6 @@ function create-subnetwork() {
--region ${REGION} \ --region ${REGION} \
--range ${NODE_IP_RANGE} \ --range ${NODE_IP_RANGE} \
--secondary-range "name=pods-default,range=${CLUSTER_IP_RANGE}" --secondary-range "name=pods-default,range=${CLUSTER_IP_RANGE}"
echo "Created subnetwork ${IP_ALIAS_SUBNETWORK}" echo "Created subnetwork ${IP_ALIAS_SUBNETWORK}"
else else
if ! echo ${subnet} | grep --quiet secondaryIpRanges ${subnet}; then if ! echo ${subnet} | grep --quiet secondaryIpRanges ${subnet}; then
@ -778,6 +777,31 @@ function create-subnetwork() {
exit 1 exit 1
fi fi
fi fi
# Services subnetwork.
local subnet=$(gcloud beta compute networks subnets describe \
--project "${PROJECT}" \
--region ${REGION} \
${SERVICE_CLUSTER_IP_SUBNETWORK} 2>/dev/null)
if [[ -z ${subnet} ]]; then
if [[ ${SERVICE_CLUSTER_IP_SUBNETWORK} != ${INSTANCE_PREFIX}-subnet-services ]]; then
echo "${color_red}Subnetwork ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK} does not exist${color_norm}"
exit 1
fi
echo "Creating subnet for reserving service cluster IPs ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK}"
gcloud beta compute networks subnets create \
${SERVICE_CLUSTER_IP_SUBNETWORK} \
--description "Automatically generated subnet for ${INSTANCE_PREFIX} cluster. This will be removed on cluster teardown." \
--project "${PROJECT}" \
--network ${NETWORK} \
--region ${REGION} \
--range ${SERVICE_CLUSTER_IP_RANGE}
echo "Created subnetwork ${SERVICE_CLUSTER_IP_SUBNETWORK}"
else
echo "Subnet ${SERVICE_CLUSTER_IP_SUBNETWORK} already exists"
fi
} }
function delete-firewall-rules() { function delete-firewall-rules() {
@ -801,25 +825,36 @@ function delete-network() {
fi fi
} }
function delete-subnetwork() { function delete-subnetworks() {
if [[ ${ENABLE_IP_ALIASES:-} != "true" ]]; then if [[ ${ENABLE_IP_ALIASES:-} != "true" ]]; then
return return
fi fi
# Only delete automatically created subnets. # Only delete automatically created subnets.
if [[ ${IP_ALIAS_SUBNETWORK} != ${INSTANCE_PREFIX}-subnet-default ]]; then if [[ ${IP_ALIAS_SUBNETWORK} == ${INSTANCE_PREFIX}-subnet-default ]]; then
return echo "Removing auto-created subnet ${NETWORK}:${IP_ALIAS_SUBNETWORK}"
fi if [[ -n $(gcloud beta compute networks subnets describe \
--project "${PROJECT}" \
echo "Removing auto-created subnet ${NETWORK}:${IP_ALIAS_SUBNETWORK}" --region ${REGION} \
if [[ -n $(gcloud beta compute networks subnets describe \ ${IP_ALIAS_SUBNETWORK} 2>/dev/null) ]]; then
gcloud beta --quiet compute networks subnets delete \
--project "${PROJECT}" \ --project "${PROJECT}" \
--region ${REGION} \ --region ${REGION} \
${IP_ALIAS_SUBNETWORK} 2>/dev/null) ]]; then ${IP_ALIAS_SUBNETWORK}
gcloud beta --quiet compute networks subnets delete \ fi
--project "${PROJECT}" \ fi
--region ${REGION} \
${IP_ALIAS_SUBNETWORK} if [[ ${SERVICE_CLUSTER_IP_SUBNETWORK} == ${INSTANCE_PREFIX}-subnet-services ]]; then
echo "Removing auto-created subnet ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK}"
if [[ -n $(gcloud beta compute networks subnets describe \
--project "${PROJECT}" \
--region ${REGION} \
${SERVICE_CLUSTER_IP_SUBNETWORK} 2>/dev/null) ]]; then
gcloud --quiet beta compute networks subnets delete \
--project "${PROJECT}" \
--region ${REGION} \
${SERVICE_CLUSTER_IP_SUBNETWORK}
fi
fi fi
} }
@ -1537,7 +1572,7 @@ function kube-down() {
"${NETWORK}-default-ssh" \ "${NETWORK}-default-ssh" \
"${NETWORK}-default-internal" # Pre-1.5 clusters "${NETWORK}-default-internal" # Pre-1.5 clusters
delete-subnetwork delete-subnetworks
if [[ "${KUBE_DELETE_NETWORK}" == "true" ]]; then if [[ "${KUBE_DELETE_NETWORK}" == "true" ]]; then
delete-network || true # might fail if there are leaked firewall rules delete-network || true # might fail if there are leaked firewall rules