diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/default-svc.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/default-svc.yaml new file mode 100644 index 00000000000..cd07ec50eb4 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/default-svc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + # This must match the --default-backend-service argument of the l7 lb + # controller and is required because GCE mandates a default backend. + name: default-http-backend + namespace: kube-system + labels: + k8s-app: glbc + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "GLBCDefaultBackend" +spec: + # The default backend must be of type NodePort. + type: NodePort + ports: + - port: 80 + targetPort: 8080 + protocol: TCP + name: http + selector: + k8s-app: glbc \ No newline at end of file diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/glbc-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/glbc-controller.yaml new file mode 100644 index 00000000000..4b9b7bbf4b9 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-loadbalancing/glbc/glbc-controller.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: l7-lb-controller + namespace: kube-system + labels: + k8s-app: glbc + version: v0.5.1 + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "GLBC" +spec: + # There should never be more than 1 controller alive simultaneously. + replicas: 1 + selector: + k8s-app: glbc + version: v0.5.1 + template: + metadata: + labels: + k8s-app: glbc + version: v0.5.1 + name: glbc + kubernetes.io/cluster-service: "true" + spec: + terminationGracePeriodSeconds: 600 + containers: + - name: default-http-backend + # Any image is permissable as long as: + # 1. It serves a 404 page at / + # 2. It serves 200 on a /healthz endpoint + image: gcr.io/google_containers/defaultbackend:1.0 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 8080 + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi + - image: gcr.io/google_containers/glbc:0.5.1 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + scheme: HTTP + initialDelaySeconds: 30 + # healthz reaches out to GCE + periodSeconds: 30 + timeoutSeconds: 5 + name: l7-lb-controller + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + args: + - --default-backend-service=kube-system/default-http-backend + - --sync-period=300s \ No newline at end of file diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-controller.yaml new file mode 100644 index 00000000000..c8f903b0aae --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-controller.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: heapster-v10 + namespace: kube-system + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: heapster + version: v10 + template: + metadata: + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/heapster:v0.18.2 + name: heapster + resources: + limits: + cpu: 100m + memory: 300Mi + command: + - /heapster + - --source=kubernetes:'' + - --sink=gcm + - --sink=gcmautoscaling + - --sink=gcl + - --stats_resolution=30s + - --sink_frequency=1m + volumeMounts: + - name: ssl-certs + mountPath: /etc/ssl/certs + readOnly: true + - name: usrsharecacerts + mountPath: /usr/share/ca-certificates + readOnly: true + volumes: + - name: ssl-certs + hostPath: + path: /etc/ssl/certs + - name: usrsharecacerts + hostPath: + path: /usr/share/ca-certificates diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-service.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-service.yaml new file mode 100644 index 00000000000..31e8b96006d --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/google/heapster-service.yaml @@ -0,0 +1,14 @@ +kind: Service +apiVersion: v1 +metadata: + name: heapster + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Heapster" +spec: + ports: + - port: 80 + targetPort: 8082 + selector: + k8s-app: heapster diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/googleinfluxdb/heapster-controller-combined.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/googleinfluxdb/heapster-controller-combined.yaml new file mode 100644 index 00000000000..c036fc92e61 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/googleinfluxdb/heapster-controller-combined.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: heapster-v10 + namespace: kube-system + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: heapster + version: v10 + template: + metadata: + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/heapster:v0.18.2 + name: heapster + resources: + limits: + cpu: 100m + memory: 300Mi + command: + - /heapster + - --source=kubernetes:'' + - --sink=gcl + - --sink=gcmautoscaling + - --sink=influxdb:http://monitoring-influxdb:8086 + - --stats_resolution=30s + - --sink_frequency=1m + volumeMounts: + - name: ssl-certs + mountPath: /etc/ssl/certs + readOnly: true + - name: usrsharecacerts + mountPath: /usr/share/ca-certificates + readOnly: true + volumes: + - name: ssl-certs + hostPath: + path: /etc/ssl/certs + - name: usrsharecacerts + hostPath: + path: /usr/share/ca-certificates diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/grafana-service.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/grafana-service.yaml new file mode 100644 index 00000000000..9140e8b0c2c --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/grafana-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: monitoring-grafana + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Grafana" +spec: + # On production clusters, consider setting up auth for grafana, and + # exposing Grafana either using a LoadBalancer or a public IP. + # type: LoadBalancer + ports: + - port: 80 + targetPort: 3000 + selector: + k8s-app: influxGrafana + diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-controller.yaml new file mode 100644 index 00000000000..e6b71a10177 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-controller.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: heapster-v10 + namespace: kube-system + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: heapster + version: v10 + template: + metadata: + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/heapster:v0.18.2 + name: heapster + resources: + limits: + cpu: 100m + memory: 300Mi + command: + - /heapster + - --source=kubernetes:'' + - --sink=influxdb:http://monitoring-influxdb:8086 + - --stats_resolution=30s + - --sink_frequency=1m diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-service.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-service.yaml new file mode 100644 index 00000000000..e406d69c44c --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/heapster-service.yaml @@ -0,0 +1,14 @@ +kind: Service +apiVersion: v1 +metadata: + name: heapster + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Heapster" +spec: + ports: + - port: 80 + targetPort: 8082 + selector: + k8s-app: heapster diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml new file mode 100644 index 00000000000..bd28795ad08 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: monitoring-influxdb-grafana-v2 + namespace: kube-system + labels: + k8s-app: influxGrafana + version: v2 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: influxGrafana + version: v2 + template: + metadata: + labels: + k8s-app: influxGrafana + version: v2 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/heapster_influxdb:v0.4 + name: influxdb + resources: + limits: + cpu: 100m + memory: 200Mi + ports: + - containerPort: 8083 + hostPort: 8083 + - containerPort: 8086 + hostPort: 8086 + volumeMounts: + - name: influxdb-persistent-storage + mountPath: /data + - image: beta.gcr.io/google_containers/heapster_grafana:v2.1.1 + name: grafana + env: + resources: + limits: + cpu: 100m + memory: 100Mi + env: + # This variable is required to setup templates in Grafana. + - name: INFLUXDB_SERVICE_URL + value: http://monitoring-influxdb:8086 + # The following env variables are required to make Grafana accessible via + # the kubernetes api-server proxy. On production clusters, we recommend + # removing these env variables, setup auth for grafana, and expose the grafana + # service using a LoadBalancer or a public IP. + - name: GF_AUTH_BASIC_ENABLED + value: "false" + - name: GF_AUTH_ANONYMOUS_ENABLED + value: "true" + - name: GF_AUTH_ANONYMOUS_ORG_ROLE + value: Admin + - name: GF_SERVER_ROOT_URL + value: /api/v1/proxy/namespaces/kube-system/services/monitoring-grafana/ + volumeMounts: + - name: grafana-persistent-storage + mountPath: /var + + volumes: + - name: influxdb-persistent-storage + emptyDir: {} + - name: grafana-persistent-storage + emptyDir: {} + + diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-service.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-service.yaml new file mode 100644 index 00000000000..066e052476e --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/influxdb/influxdb-service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: monitoring-influxdb + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "InfluxDB" +spec: + ports: + - name: http + port: 8083 + targetPort: 8083 + - name: api + port: 8086 + targetPort: 8086 + selector: + k8s-app: influxGrafana + diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-controller.yaml new file mode 100644 index 00000000000..ed53a9d9df5 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-controller.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: heapster-v10 + namespace: kube-system + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: heapster + version: v10 + template: + metadata: + labels: + k8s-app: heapster + version: v10 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/heapster:v0.18.2 + name: heapster + resources: + limits: + cpu: 100m + memory: 300Mi + command: + - /heapster + - --source=kubernetes:'' diff --git a/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-service.yaml b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-service.yaml new file mode 100644 index 00000000000..31e8b96006d --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/cluster-monitoring/standalone/heapster-service.yaml @@ -0,0 +1,14 @@ +kind: Service +apiVersion: v1 +metadata: + name: heapster + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Heapster" +spec: + ports: + - port: 80 + targetPort: 8082 + selector: + k8s-app: heapster diff --git a/cluster/gce/coreos/kube-manifests/addons/dns/skydns-rc.yaml b/cluster/gce/coreos/kube-manifests/addons/dns/skydns-rc.yaml new file mode 100644 index 00000000000..5cf57c1162f --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/dns/skydns-rc.yaml @@ -0,0 +1,115 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: kube-dns-v10 + namespace: kube-system + labels: + k8s-app: kube-dns + version: v10 + kubernetes.io/cluster-service: "true" +spec: + replicas: ${DNS_REPLICAS} + selector: + k8s-app: kube-dns + version: v10 + template: + metadata: + labels: + k8s-app: kube-dns + version: v10 + kubernetes.io/cluster-service: "true" + spec: + containers: + - name: etcd + image: gcr.io/google_containers/etcd:2.0.9 + resources: + # keep request = limit to keep this container in guaranteed class + limits: + cpu: 100m + memory: 50Mi + requests: + cpu: 100m + memory: 50Mi + command: + - /usr/local/bin/etcd + - -data-dir + - /var/etcd/data + - -listen-client-urls + - http://127.0.0.1:2379,http://127.0.0.1:4001 + - -advertise-client-urls + - http://127.0.0.1:2379,http://127.0.0.1:4001 + - -initial-cluster-token + - skydns-etcd + volumeMounts: + - name: etcd-storage + mountPath: /var/etcd/data + - name: kube2sky + image: gcr.io/google_containers/kube2sky:1.12 + resources: + # keep request = limit to keep this container in guaranteed class + limits: + cpu: 100m + memory: 50Mi + requests: + cpu: 100m + memory: 50Mi + args: + # command = "/kube2sky" + - -domain=${DNS_DOMAIN} + - name: skydns + image: gcr.io/google_containers/skydns:2015-10-13-8c72f8c + resources: + # keep request = limit to keep this container in guaranteed class + limits: + cpu: 100m + memory: 50Mi + requests: + cpu: 100m + memory: 50Mi + args: + # command = "/skydns" + - -machines=http://127.0.0.1:4001 + - -addr=0.0.0.0:53 + - -ns-rotate=false + - -domain=${DNS_DOMAIN}. + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 1 + timeoutSeconds: 5 + - name: healthz + image: gcr.io/google_containers/exechealthz:1.0 + resources: + # keep request = limit to keep this container in guaranteed class + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi + args: + - -cmd=nslookup kubernetes.default.svc.${DNS_DOMAIN} 127.0.0.1 >/dev/null + - -port=8080 + ports: + - containerPort: 8080 + protocol: TCP + volumes: + - name: etcd-storage + emptyDir: {} + dnsPolicy: Default # Don't use cluster DNS. \ No newline at end of file diff --git a/cluster/gce/coreos/kube-manifests/addons/dns/skydns-svc.yaml b/cluster/gce/coreos/kube-manifests/addons/dns/skydns-svc.yaml new file mode 100644 index 00000000000..deeb0d9ba3d --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/dns/skydns-svc.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-dns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "KubeDNS" +spec: + selector: + k8s-app: kube-dns + clusterIP: ${DNS_SERVER_IP} + ports: + - name: dns + port: 53 + protocol: UDP + - name: dns-tcp + port: 53 + protocol: TCP diff --git a/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-controller.yaml new file mode 100644 index 00000000000..6631153a56e --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-controller.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: elasticsearch-logging-v1 + namespace: kube-system + labels: + k8s-app: elasticsearch-logging + version: v1 + kubernetes.io/cluster-service: "true" +spec: + replicas: 2 + selector: + k8s-app: elasticsearch-logging + version: v1 + template: + metadata: + labels: + k8s-app: elasticsearch-logging + version: v1 + kubernetes.io/cluster-service: "true" + spec: + containers: + - image: gcr.io/google_containers/elasticsearch:1.7 + name: elasticsearch-logging + resources: + limits: + cpu: 100m + ports: + - containerPort: 9200 + name: db + protocol: TCP + - containerPort: 9300 + name: transport + protocol: TCP + volumeMounts: + - name: es-persistent-storage + mountPath: /data + volumes: + - name: es-persistent-storage + emptyDir: {} diff --git a/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-service.yaml b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-service.yaml new file mode 100644 index 00000000000..abf1fd3f684 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/es-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: elasticsearch-logging + namespace: kube-system + labels: + k8s-app: elasticsearch-logging + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Elasticsearch" +spec: + ports: + - port: 9200 + protocol: TCP + targetPort: db + selector: + k8s-app: elasticsearch-logging diff --git a/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-controller.yaml b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-controller.yaml new file mode 100644 index 00000000000..893608aef6b --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-controller.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: kibana-logging-v1 + namespace: kube-system + labels: + k8s-app: kibana-logging + version: v1 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: kibana-logging + version: v1 + template: + metadata: + labels: + k8s-app: kibana-logging + version: v1 + kubernetes.io/cluster-service: "true" + spec: + containers: + - name: kibana-logging + image: gcr.io/google_containers/kibana:1.3 + resources: + limits: + cpu: 100m + env: + - name: "ELASTICSEARCH_URL" + value: "http://elasticsearch-logging:9200" + ports: + - containerPort: 5601 + name: ui + protocol: TCP diff --git a/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-service.yaml b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-service.yaml new file mode 100644 index 00000000000..43efada2c50 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/fluentd-elasticsearch/kibana-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: kibana-logging + namespace: kube-system + labels: + k8s-app: kibana-logging + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Kibana" +spec: + ports: + - port: 5601 + protocol: TCP + targetPort: ui + selector: + k8s-app: kibana-logging diff --git a/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-rc.yaml b/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-rc.yaml new file mode 100644 index 00000000000..4bfdf381e87 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-rc.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: kube-ui-v3 + namespace: kube-system + labels: + k8s-app: kube-ui + version: v3 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: kube-ui + version: v3 + template: + metadata: + labels: + k8s-app: kube-ui + version: v3 + kubernetes.io/cluster-service: "true" + spec: + containers: + - name: kube-ui + image: gcr.io/google_containers/kube-ui:v3 + resources: + limits: + cpu: 100m + memory: 50Mi + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: / + port: 8080 + initialDelaySeconds: 30 + timeoutSeconds: 5 diff --git a/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-svc.yaml b/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-svc.yaml new file mode 100644 index 00000000000..cf960c8bda3 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/kube-ui/kube-ui-svc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-ui + namespace: kube-system + labels: + k8s-app: kube-ui + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "KubeUI" +spec: + selector: + k8s-app: kube-ui + ports: + - port: 80 + targetPort: 8080 diff --git a/cluster/gce/coreos/kube-manifests/addons/namespace.yaml b/cluster/gce/coreos/kube-manifests/addons/namespace.yaml new file mode 100644 index 00000000000..986f4b48221 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: kube-system diff --git a/cluster/gce/coreos/kube-manifests/addons/registry/registry-pv.yaml b/cluster/gce/coreos/kube-manifests/addons/registry/registry-pv.yaml new file mode 100644 index 00000000000..bb4ceb532bb --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/registry/registry-pv.yaml @@ -0,0 +1,14 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: kube-system-kube-registry-pv + labels: + kubernetes.io/cluster-service: "true" +spec: + capacity: + storage: ${CLUSTER_REGISTRY_DISK_SIZE} + accessModes: + - ReadWriteOnce + gcePersistentDisk: + pdName: ${CLUSTER_REGISTRY_DISK} + fsType: "ext4" diff --git a/cluster/gce/coreos/kube-manifests/addons/registry/registry-pvc.yaml b/cluster/gce/coreos/kube-manifests/addons/registry/registry-pvc.yaml new file mode 100644 index 00000000000..4f6c8da6d7b --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/registry/registry-pvc.yaml @@ -0,0 +1,13 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: kube-registry-pvc + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: ${CLUSTER_REGISTRY_DISK_SIZE} diff --git a/cluster/gce/coreos/kube-manifests/addons/registry/registry-rc.yaml b/cluster/gce/coreos/kube-manifests/addons/registry/registry-rc.yaml new file mode 100644 index 00000000000..2a8bd477a68 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/registry/registry-rc.yaml @@ -0,0 +1,44 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: kube-registry-v0 + namespace: kube-system + labels: + k8s-app: kube-registry + version: v0 + kubernetes.io/cluster-service: "true" +spec: + replicas: 1 + selector: + k8s-app: kube-registry + version: v0 + template: + metadata: + labels: + k8s-app: kube-registry + version: v0 + kubernetes.io/cluster-service: "true" + spec: + containers: + - name: registry + image: registry:2 + resources: + limits: + cpu: 100m + memory: 100Mi + env: + - name: REGISTRY_HTTP_ADDR + value: :5000 + - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY + value: /var/lib/registry + volumeMounts: + - name: image-store + mountPath: /var/lib/registry + ports: + - containerPort: 5000 + name: registry + protocol: TCP + volumes: + - name: image-store + persistentVolumeClaim: + claimName: kube-registry-pvc diff --git a/cluster/gce/coreos/kube-manifests/addons/registry/registry-svc.yaml b/cluster/gce/coreos/kube-manifests/addons/registry/registry-svc.yaml new file mode 100644 index 00000000000..b9f1cc40b99 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/addons/registry/registry-svc.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-registry + namespace: kube-system + labels: + k8s-app: kube-registry + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "KubeRegistry" +spec: + selector: + k8s-app: kube-registry + ports: + - name: registry + port: 5000 + protocol: TCP diff --git a/cluster/gce/coreos/kube-manifests/etcd-events.yaml b/cluster/gce/coreos/kube-manifests/etcd-events.yaml new file mode 100644 index 00000000000..3915cba2e7a --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/etcd-events.yaml @@ -0,0 +1,58 @@ +apiVersion: v1 +kind: Pod +metadata: + name: etcd-server-events-kubernetes-master + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - /usr/local/bin/etcd + --listen-peer-urls=http://127.0.0.1:2381 + --addr=127.0.0.1:4002 + --bind-addr=127.0.0.1:4002 + --data-dir=/var/etcd/data-events + 1>>/var/log/etcd-events.log 2>&1 + image: gcr.io/google_containers/etcd:2.0.12 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /health + port: 4002 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: etcd-container + ports: + - containerPort: 2381 + hostPort: 2381 + name: serverport + protocol: TCP + - containerPort: 4002 + hostPort: 4002 + name: clientport + protocol: TCP + resources: + limits: + cpu: 100m + requests: + cpu: 100m + volumeMounts: + - mountPath: /var/etcd + name: varetcd + - mountPath: /var/log/etcd-events.log + name: varlogetcd + dnsPolicy: ClusterFirst + hostNetwork: true + nodeName: kubernetes-master + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /mnt/master-pd/var/etcd + name: varetcd + - hostPath: + path: /var/log/etcd-events.log + name: varlogetcd diff --git a/cluster/gce/coreos/kube-manifests/etcd.yaml b/cluster/gce/coreos/kube-manifests/etcd.yaml new file mode 100644 index 00000000000..571c7db24cb --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/etcd.yaml @@ -0,0 +1,57 @@ +apiVersion: v1 +kind: Pod +metadata: + name: etcd-server-kubernetes-master + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - /usr/local/bin/etcd + --listen-peer-urls=http://127.0.0.1:2380 + --addr=127.0.0.1:4001 + --bind-addr=127.0.0.1:4001 + --data-dir=/var/etcd/data + 1>>/var/log/etcd.log 2>&1 + image: gcr.io/google_containers/etcd:2.0.12 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /health + port: 4001 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: etcd-container + ports: + - containerPort: 2380 + hostPort: 2380 + name: serverport + protocol: TCP + - containerPort: 4001 + hostPort: 4001 + name: clientport + protocol: TCP + resources: + limits: + cpu: 200m + requests: + cpu: 200m + volumeMounts: + - mountPath: /var/etcd + name: varetcd + - mountPath: /var/log/etcd.log + name: varlogetcd + dnsPolicy: ClusterFirst + hostNetwork: true + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /mnt/master-pd/var/etcd + name: varetcd + - hostPath: + path: /var/log/etcd.log + name: varlogetcd diff --git a/cluster/gce/coreos/kube-manifests/kube-apiserver.yaml b/cluster/gce/coreos/kube-manifests/kube-apiserver.yaml new file mode 100644 index 00000000000..490e391844a --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kube-apiserver.yaml @@ -0,0 +1,85 @@ +apiVersion: v1 +kind: Pod +metadata: + name: kube-apiserver-kubernetes-master + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - /usr/local/bin/kube-apiserver + --address=127.0.0.1 + --etcd-servers=http://127.0.0.1:4001 + --etcd-servers-overrides=/events#http://127.0.0.1:4002 + --cloud-provider=gce + --admission-control=${ADMISSION_CONTROL} + --service-cluster-ip-range=${SERVICE_CLUSTER_IP_RANGE} + --client-ca-file=/srv/kubernetes/ca.crt + --basic-auth-file=/srv/kubernetes/basic_auth.csv + --tls-cert-file=/srv/kubernetes/server.cert + --tls-private-key-file=/srv/kubernetes/server.key + --secure-port=443 + --token-auth-file=/srv/kubernetes/known_tokens.csv + --v=2 + --allow-privileged=True + 1>>/var/log/kube-apiserver.log 2>&1 + image: gcr.io/google_containers/kube-apiserver:${KUBE_APISERVER_DOCKER_TAG} + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: kube-apiserver + ports: + - containerPort: 443 + hostPort: 443 + name: https + protocol: TCP + - containerPort: 8080 + hostPort: 8080 + name: local + protocol: TCP + resources: + limits: + cpu: 250m + requests: + cpu: 250m + volumeMounts: + - mountPath: /srv/kubernetes + name: srvkube + readOnly: true + - mountPath: /var/log/kube-apiserver.log + name: logfile + - mountPath: /etc/ssl + name: etcssl + readOnly: true + - mountPath: /usr/share/ca-certificates + name: usrsharecacerts + readOnly: true + - mountPath: /srv/sshproxy + name: srvsshproxy + dnsPolicy: ClusterFirst + hostNetwork: true + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/kubernetes + name: srvkube + - hostPath: + path: /var/log/kube-apiserver.log + name: logfile + - hostPath: + path: /etc/ssl + name: etcssl + - hostPath: + path: /usr/share/ca-certificates + name: usrsharecacerts + - hostPath: + path: /srv/sshproxy + name: srvsshproxy diff --git a/cluster/gce/coreos/kube-manifests/kube-controller-manager.yaml b/cluster/gce/coreos/kube-manifests/kube-controller-manager.yaml new file mode 100644 index 00000000000..35ac18d6328 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kube-controller-manager.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Pod +metadata: + name: kube-controller-manager-kubernetes-master + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - /usr/local/bin/kube-controller-manager + --master=127.0.0.1:8080 + --cluster-name=${INSTANCE_PREFIX} + --cluster-cidr=${CLUSTER_IP_RANGE} + --allocate-node-cidrs=true + --cloud-provider=gce + --service-account-private-key-file=/srv/kubernetes/server.key + --v=2 + --root-ca-file=/srv/kubernetes/ca.crt + 1>>/var/log/kube-controller-manager.log 2>&1 + image: gcr.io/google_containers/kube-controller-manager:${KUBE_CONTROLLER_MANAGER_DOCKER_TAG} + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /healthz + port: 10252 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: kube-controller-manager + resources: + limits: + cpu: 200m + requests: + cpu: 200m + volumeMounts: + - mountPath: /srv/kubernetes + name: srvkube + readOnly: true + - mountPath: /var/log/kube-controller-manager.log + name: logfile + - mountPath: /etc/ssl + name: etcssl + readOnly: true + - mountPath: /usr/share/ca-certificates + name: usrsharecacerts + readOnly: true + dnsPolicy: ClusterFirst + hostNetwork: true + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/kubernetes + name: srvkube + - hostPath: + path: /var/log/kube-controller-manager.log + name: logfile + - hostPath: + path: /etc/ssl + name: etcssl + - hostPath: + path: /usr/share/ca-certificates + name: usrsharecacerts diff --git a/cluster/gce/coreos/kube-manifests/kube-scheduler.yaml b/cluster/gce/coreos/kube-manifests/kube-scheduler.yaml new file mode 100644 index 00000000000..8ef9f5a73d0 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kube-scheduler.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Pod +metadata: + name: kube-scheduler-kubernetes-master + namespace: kube-system +spec: + containers: + - command: + - /bin/sh + - -c + - /usr/local/bin/kube-scheduler + --master=127.0.0.1:8080 + --v=2 + 1>>/var/log/kube-scheduler.log 2>&1 + image: gcr.io/google_containers/kube-scheduler:${KUBE_SCHEDULER_DOCKER_TAG} + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + host: 127.0.0.1 + path: /healthz + port: 10251 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 15 + name: kube-scheduler + resources: + limits: + cpu: 100m + requests: + cpu: 100m + volumeMounts: + - mountPath: /var/log/kube-scheduler.log + name: logfile + dnsPolicy: ClusterFirst + hostNetwork: true + nodeName: kubernetes-master + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /var/log/kube-scheduler.log + name: logfile diff --git a/cluster/gce/coreos/kube-manifests/kube-system.json b/cluster/gce/coreos/kube-manifests/kube-system.json new file mode 100644 index 00000000000..395b9722bf6 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kube-system.json @@ -0,0 +1,7 @@ +{ + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "name": "kube-system" + } +} diff --git a/cluster/gce/coreos/kube-manifests/kubelet-config.yaml b/cluster/gce/coreos/kube-manifests/kubelet-config.yaml new file mode 100644 index 00000000000..8524abe8aa9 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kubelet-config.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Config +users: +- name: kubelet + user: + client-certificate-data: ${KUBELET_CERT} + client-key-data: ${KUBELET_KEY} +clusters: +- name: local + cluster: + certificate-authority-data: ${CA_CERT} +contexts: +- context: + cluster: local + user: kubelet + name: service-account-context +current-context: service-account-context diff --git a/cluster/gce/coreos/kube-manifests/kubeproxy-config.yaml b/cluster/gce/coreos/kube-manifests/kubeproxy-config.yaml new file mode 100644 index 00000000000..c111eb0fa16 --- /dev/null +++ b/cluster/gce/coreos/kube-manifests/kubeproxy-config.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Config +users: +- name: kube-proxy + user: + token: ${KUBE_PROXY_TOKEN} +clusters: +- name: local + cluster: + certificate-authority-data: ${CA_CERT} +contexts: +- context: + cluster: local + user: kube-proxy + name: service-account-context +current-context: service-account-context