scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-10-31 10:18:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add KUBE_GCE_ENABLE_IP_ALIASES flag to the cluster turn up scripts.

Browse Source 
KUBE_GCE_ENABLE_IP_ALIASES=true will enable allocation of PodCIDR ips
using the ip alias mechanism rather than using routes.

NODE_IP_RANGE will control the node instance IP cidr
KUBE_GCE_IP_ALIAS_SIZE controls the size of each podCIDR
IP_ALIAS_SUBNETWORK controls the name of the subnet created for the cluster
This commit is contained in:
Bowei Du
2017-02-27 00:31:13 -08:00
parent f5be63e0f7
commit 345c65847f
11 changed files with 257 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cluster/common.sh
View File

@@ -734,6 +734,17 @@ EOF
FEATURE_GATES: $(yaml-quote ${FEATURE_GATES}) FEATURE_GATES: $(yaml-quote ${FEATURE_GATES})
EOF EOF
fi fi
if [ -n "${PROVIDER_VARS:-}" ]; then
local var_name
local var_value
for var_name in ${PROVIDER_VARS}; do
eval "local var_value=\$(yaml-quote \${${var_name}})"
echo "${var_name}: ${var_value}" >>$file
done
fi
if [[ "${master}" == "true" ]]; then if [[ "${master}" == "true" ]]; then
# Master-only env vars. # Master-only env vars.
cat >>$file <<EOF cat >>$file <<EOF

24
cluster/gce/config-default.sh
View File

@@ -77,15 +77,16 @@ INITIAL_ETCD_CLUSTER="${MASTER_NAME}"
ETCD_QUORUM_READ="${ENABLE_ETCD_QUORUM_READ:-false}" ETCD_QUORUM_READ="${ENABLE_ETCD_QUORUM_READ:-false}"
MASTER_TAG="${INSTANCE_PREFIX}-master" MASTER_TAG="${INSTANCE_PREFIX}-master"
NODE_TAG="${INSTANCE_PREFIX}-minion" NODE_TAG="${INSTANCE_PREFIX}-minion"
MASTER_IP_RANGE="${MASTER_IP_RANGE:-10.246.0.0/24}"
CLUSTER_IP_RANGE="${CLUSTER_IP_RANGE:-10.244.0.0/14}" CLUSTER_IP_RANGE="${CLUSTER_IP_RANGE:-10.244.0.0/14}"
MASTER_IP_RANGE="${MASTER_IP_RANGE:-10.246.0.0/24}"
if [[ "${FEDERATION:-}" == true ]]; then if [[ "${FEDERATION:-}" == true ]]; then
NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro,https://www.googleapis.com/auth/ndev.clouddns.readwrite}" NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro,https://www.googleapis.com/auth/ndev.clouddns.readwrite}"
else else
NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro}" NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro}"
fi fi
# Extra docker options for nodes. # Extra docker options for nodes.
EXTRA_DOCKER_OPTS="${EXTRA_DOCKER_OPTS:-}" EXTRA_DOCKER_OPTS="${EXTRA_DOCKER_OPTS:-}"
@@ -173,6 +174,25 @@ fi
# Optional: Enable Rescheduler # Optional: Enable Rescheduler
ENABLE_RESCHEDULER="${KUBE_ENABLE_RESCHEDULER:-true}" ENABLE_RESCHEDULER="${KUBE_ENABLE_RESCHEDULER:-true}"
# Optional: Enable allocation of pod IPs using IP aliases.
#
# ALPHA FEATURE.
#
# IP_ALIAS_SIZE is the size of the podCIDR allocated to a node.
# IP_ALIAS_SUBNETWORK is the subnetwork to allocate from. If empty, a
# new subnetwork will be created for the cluster.
ENABLE_IP_ALIASES=${KUBE_GCE_ENABLE_IP_ALIASES:-false}
if [ ${ENABLE_IP_ALIASES} = true ]; then
# Size of ranges allocated to each node. gcloud alpha supports only /32 and /24.
IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24}
IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default}
# NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in
# the subnet and is the range used for node instance IPs.
NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}"
# Add to the provider custom variables.
PROVIDER_VARS="${PROVIDER_VARS} ENABLE_IP_ALIASES"
fi
# Admission Controllers to invoke prior to persisting objects in cluster # Admission Controllers to invoke prior to persisting objects in cluster
# If we included ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely. # If we included ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely.
ADMISSION_CONTROL=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,ResourceQuota ADMISSION_CONTROL=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,ResourceQuota

24
cluster/gce/config-test.sh
View File

@@ -79,8 +79,13 @@ INITIAL_ETCD_CLUSTER="${MASTER_NAME}"
ETCD_QUORUM_READ="${ENABLE_ETCD_QUORUM_READ:-false}" ETCD_QUORUM_READ="${ENABLE_ETCD_QUORUM_READ:-false}"
MASTER_TAG="${INSTANCE_PREFIX}-master" MASTER_TAG="${INSTANCE_PREFIX}-master"
NODE_TAG="${INSTANCE_PREFIX}-minion" NODE_TAG="${INSTANCE_PREFIX}-minion"
CLUSTER_IP_RANGE="${CLUSTER_IP_RANGE:-10.180.0.0/14}" CLUSTER_IP_RANGE="${CLUSTER_IP_RANGE:-10.180.0.0/14}"
MASTER_IP_RANGE="${MASTER_IP_RANGE:-10.246.0.0/24}" MASTER_IP_RANGE="${MASTER_IP_RANGE:-10.246.0.0/24}"
# NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in
# the subnet and is the range used for node instance IPs.
NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}"
RUNTIME_CONFIG="${KUBE_RUNTIME_CONFIG:-}" RUNTIME_CONFIG="${KUBE_RUNTIME_CONFIG:-}"
# Optional: set feature gates # Optional: set feature gates
@@ -198,6 +203,25 @@ fi
# Optional: Enable Rescheduler # Optional: Enable Rescheduler
ENABLE_RESCHEDULER="${KUBE_ENABLE_RESCHEDULER:-true}" ENABLE_RESCHEDULER="${KUBE_ENABLE_RESCHEDULER:-true}"
# Optional: Enable allocation of pod IPs using IP aliases.
#
# ALPHA FEATURE.
#
# IP_ALIAS_SIZE is the size of the podCIDR allocated to a node.
# IP_ALIAS_SUBNETWORK is the subnetwork to allocate from. If empty, a
# new subnetwork will be created for the cluster.
ENABLE_IP_ALIASES=${KUBE_GCE_ENABLE_IP_ALIASES:-false}
if [ ${ENABLE_IP_ALIASES} = true ]; then
# Size of ranges allocated to each node. gcloud alpha supports only /32 and /24.
IP_ALIAS_SIZE=${KUBE_GCE_IP_ALIAS_SIZE:-/24}
IP_ALIAS_SUBNETWORK=${KUBE_GCE_IP_ALIAS_SUBNETWORK:-${INSTANCE_PREFIX}-subnet-default}
# NODE_IP_RANGE is used when ENABLE_IP_ALIASES=true. It is the primary range in
# the subnet and is the range used for node instance IPs.
NODE_IP_RANGE="${NODE_IP_RANGE:-10.40.0.0/22}"
# Add to the provider custom variables.
PROVIDER_VARS="${PROVIDER_VARS} ENABLE_IP_ALIASES"
fi
# If we included ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely. # If we included ResourceQuota, we should keep it at the end of the list to prevent incrementing quota usage prematurely.
ADMISSION_CONTROL="${KUBE_ADMISSION_CONTROL:-NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,PodPreset,DefaultStorageClass,DefaultTolerationSeconds,ResourceQuota}" ADMISSION_CONTROL="${KUBE_ADMISSION_CONTROL:-NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,PodPreset,DefaultStorageClass,DefaultTolerationSeconds,ResourceQuota}"

5
cluster/gce/configure-vm.sh
View File

@@ -585,6 +585,11 @@ EOF
if [ -n "${SCHEDULING_ALGORITHM_PROVIDER:-}" ]; then if [ -n "${SCHEDULING_ALGORITHM_PROVIDER:-}" ]; then
cat <<EOF >>/srv/salt-overlay/pillar/cluster-params.sls cat <<EOF >>/srv/salt-overlay/pillar/cluster-params.sls
scheduling_algorithm_provider: '$(echo "${SCHEDULING_ALGORITHM_PROVIDER}" | sed -e "s/'/''/g")' scheduling_algorithm_provider: '$(echo "${SCHEDULING_ALGORITHM_PROVIDER}" | sed -e "s/'/''/g")'
EOF
fi
if [ -n "${ENABLE_IP_ALIASES:-}" ]; then
cat <<EOF >>/srv/salt-overlay/pillar/cluster-params.sls
enable_ip_aliases: '$(echo "$ENABLE_IP_ALIASES" | sed -e "s/'/''/g")'
EOF EOF
fi fi
} }

4
cluster/gce/container-linux/configure-helper.sh
View File

@@ -997,6 +997,10 @@ function start-kube-controller-manager {
if [[ -n "${TERMINATED_POD_GC_THRESHOLD:-}" ]]; then if [[ -n "${TERMINATED_POD_GC_THRESHOLD:-}" ]]; then
params+=" --terminated-pod-gc-threshold=${TERMINATED_POD_GC_THRESHOLD}" params+=" --terminated-pod-gc-threshold=${TERMINATED_POD_GC_THRESHOLD}"
fi fi
if [[ "${ENABLE_IP_ALIASES:-}" == 'true' ]]; then
params+=" --cidr-allocator-type=CloudAllocator"
params+=" --configure-cloud-routes=false"
fi
if [[ -n "${FEATURE_GATES:-}" ]]; then if [[ -n "${FEATURE_GATES:-}" ]]; then
params+=" --feature-gates=${FEATURE_GATES}" params+=" --feature-gates=${FEATURE_GATES}"
fi fi

46
cluster/gce/container-linux/master-helper.sh
View File

@@ -31,11 +31,11 @@ source "${KUBE_ROOT}/cluster/gce/container-linux/helper.sh"
# detect-project # detect-project
# get-bearer-token # get-bearer-token
function create-master-instance { function create-master-instance {
local address_opt="" local address=""
[[ -n ${1:-} ]] && address_opt="--address ${1}" [[ -n ${1:-} ]] && address="${1}"
write-master-env write-master-env
create-master-instance-internal "${MASTER_NAME}" "${address_opt}" create-master-instance-internal "${MASTER_NAME}" "${address}"
} }
function replicate-master-instance() { function replicate-master-instance() {
@@ -65,38 +65,58 @@ function replicate-master-instance() {
function create-master-instance-internal() { function create-master-instance-internal() {
local gcloud="gcloud"
if [[ "${ENABLE_IP_ALIASES:-}" == 'true' ]]; then
gcloud="gcloud alpha"
fi
local -r master_name="${1}" local -r master_name="${1}"
local -r address_option="${2:-}" local -r address="${2:-}"
local preemptible_master="" local preemptible_master=""
if [[ "${PREEMPTIBLE_MASTER:-}" == "true" ]]; then if [[ "${PREEMPTIBLE_MASTER:-}" == "true" ]]; then
preemptible_master="--preemptible --maintenance-policy TERMINATE" preemptible_master="--preemptible --maintenance-policy TERMINATE"
fi fi
gcloud compute instances create "${master_name}" \ local network=$(make-gcloud-network-argument \
${address_option} \ "${NETWORK}" "${address:-}" \
"${ENABLE_IP_ALIASES:-}" "${IP_ALIAS_SUBNETWORK:-}" "${IP_ALIAS_SIZE:-}")
local metadata="kube-env=${KUBE_TEMP}/master-kube-env.yaml"
metadata="${metadata},user-data=${KUBE_ROOT}/cluster/gce/container-linux/master.yaml"
metadata="${metadata},configure-sh=${KUBE_ROOT}/cluster/gce/container-linux/configure.sh"
metadata="${metadata},cluster-name=${KUBE_TEMP}/cluster-name.txt"
local disk="name=${master_name}-pd"
disk="${disk},device-name=master-pd"
disk="${disk},mode=rw"
disk="${disk},boot=no"
disk="${disk},auto-delete=no"
${gcloud} compute instances create "${master_name}" \
--project "${PROJECT}" \ --project "${PROJECT}" \
--zone "${ZONE}" \ --zone "${ZONE}" \
--machine-type "${MASTER_SIZE}" \ --machine-type "${MASTER_SIZE}" \
--image-project="${MASTER_IMAGE_PROJECT}" \ --image-project="${MASTER_IMAGE_PROJECT}" \
--image "${MASTER_IMAGE}" \ --image "${MASTER_IMAGE}" \
--tags "${MASTER_TAG}" \ --tags "${MASTER_TAG}" \
--network "${NETWORK}" \
--scopes "storage-ro,compute-rw,monitoring,logging-write" \ --scopes "storage-ro,compute-rw,monitoring,logging-write" \
--can-ip-forward \ --metadata-from-file "${metadata}" \
--metadata-from-file \ --disk "${disk}" \
"kube-env=${KUBE_TEMP}/master-kube-env.yaml,user-data=${KUBE_ROOT}/cluster/gce/container-linux/master.yaml,configure-sh=${KUBE_ROOT}/cluster/gce/container-linux/configure.sh,cluster-name=${KUBE_TEMP}/cluster-name.txt" \
--disk "name=${master_name}-pd,device-name=master-pd,mode=rw,boot=no,auto-delete=no" \
--boot-disk-size "${MASTER_ROOT_DISK_SIZE:-30}" \ --boot-disk-size "${MASTER_ROOT_DISK_SIZE:-30}" \
${preemptible_master} ${preemptible_master} \
${network}
} }
function get-metadata() { function get-metadata() {
local zone="${1}" local zone="${1}"
local name="${2}" local name="${2}"
local key="${3}" local key="${3}"
local metadata_url="http://metadata.google.internal/computeMetadata/v1/instance/attributes/${key}"
gcloud compute ssh "${name}" \ gcloud compute ssh "${name}" \
--project "${PROJECT}" \ --project "${PROJECT}" \
--zone "${zone}" \ --zone "${zone}" \
--command "curl \"http://metadata.google.internal/computeMetadata/v1/instance/attributes/${key}\" -H \"Metadata-Flavor: Google\"" 2>/dev/null --command "curl '${metadata_url}' -H 'Metadata-Flavor: Google'" 2>/dev/null
} }

4
cluster/gce/gci/configure-helper.sh
View File

@@ -1205,6 +1205,10 @@ function start-kube-controller-manager {
if [[ -n "${TERMINATED_POD_GC_THRESHOLD:-}" ]]; then if [[ -n "${TERMINATED_POD_GC_THRESHOLD:-}" ]]; then
params+=" --terminated-pod-gc-threshold=${TERMINATED_POD_GC_THRESHOLD}" params+=" --terminated-pod-gc-threshold=${TERMINATED_POD_GC_THRESHOLD}"
fi fi
if [[ "${ENABLE_IP_ALIASES:-}" == 'true' ]]; then
params+=" --cidr-allocator-type=CloudAllocator"
params+=" --configure-cloud-routes=false"
fi
if [[ -n "${FEATURE_GATES:-}" ]]; then if [[ -n "${FEATURE_GATES:-}" ]]; then
params+=" --feature-gates=${FEATURE_GATES}" params+=" --feature-gates=${FEATURE_GATES}"
fi fi

45
cluster/gce/gci/master-helper.sh
View File

@@ -31,12 +31,12 @@ source "${KUBE_ROOT}/cluster/gce/gci/helper.sh"
# detect-project # detect-project
# get-bearer-token # get-bearer-token
function create-master-instance { function create-master-instance {
local address_opt="" local address=""
[[ -n ${1:-} ]] && address_opt="--address ${1}" [[ -n ${1:-} ]] && address="${1}"
write-master-env write-master-env
ensure-gci-metadata-files ensure-gci-metadata-files
create-master-instance-internal "${MASTER_NAME}" "${address_opt}" create-master-instance-internal "${MASTER_NAME}" "${address}"
} }
function replicate-master-instance() { function replicate-master-instance() {
@@ -74,30 +74,51 @@ function replicate-master-instance() {
function create-master-instance-internal() { function create-master-instance-internal() {
local gcloud="gcloud"
if [[ "${ENABLE_IP_ALIASES:-}" == 'true' ]]; then
gcloud="gcloud alpha"
fi
local -r master_name="${1}" local -r master_name="${1}"
local -r address_option="${2:-}" local -r address="${2:-}"
local preemptible_master="" local preemptible_master=""
if [[ "${PREEMPTIBLE_MASTER:-}" == "true" ]]; then if [[ "${PREEMPTIBLE_MASTER:-}" == "true" ]]; then
preemptible_master="--preemptible --maintenance-policy TERMINATE" preemptible_master="--preemptible --maintenance-policy TERMINATE"
fi fi
gcloud compute instances create "${master_name}" \ local network=$(make-gcloud-network-argument \
${address_option} \ "${NETWORK}" "${address:-}" \
"${ENABLE_IP_ALIASES:-}" "${IP_ALIAS_SUBNETWORK:-}" "${IP_ALIAS_SIZE:-}")
local metadata="kube-env=${KUBE_TEMP}/master-kube-env.yaml"
metadata="${metadata},user-data=${KUBE_ROOT}/cluster/gce/gci/master.yaml"
metadata="${metadata},configure-sh=${KUBE_ROOT}/cluster/gce/gci/configure.sh"
metadata="${metadata},cluster-name=${KUBE_TEMP}/cluster-name.txt"
metadata="${metadata},gci-update-strategy=${KUBE_TEMP}/gci-update.txt"
metadata="${metadata},gci-ensure-gke-docker=${KUBE_TEMP}/gci-ensure-gke-docker.txt"
metadata="${metadata},gci-docker-version=${KUBE_TEMP}/gci-docker-version.txt"
metadata="${metadata},kube-master-certs=${KUBE_TEMP}/kube-master-certs.yaml"
local disk="name=${master_name}-pd"
disk="${disk},device-name=master-pd"
disk="${disk},mode=rw"
disk="${disk},boot=no"
disk="${disk},auto-delete=no"
${gcloud} compute instances create "${master_name}" \
--project "${PROJECT}" \ --project "${PROJECT}" \
--zone "${ZONE}" \ --zone "${ZONE}" \
--machine-type "${MASTER_SIZE}" \ --machine-type "${MASTER_SIZE}" \
--image-project="${MASTER_IMAGE_PROJECT}" \ --image-project="${MASTER_IMAGE_PROJECT}" \
--image "${MASTER_IMAGE}" \ --image "${MASTER_IMAGE}" \
--tags "${MASTER_TAG}" \ --tags "${MASTER_TAG}" \
--network "${NETWORK}" \
--scopes "storage-ro,compute-rw,monitoring,logging-write" \ --scopes "storage-ro,compute-rw,monitoring,logging-write" \
--can-ip-forward \ --metadata-from-file "${metadata}" \
--metadata-from-file \ --disk "${disk}" \
"kube-env=${KUBE_TEMP}/master-kube-env.yaml,user-data=${KUBE_ROOT}/cluster/gce/gci/master.yaml,configure-sh=${KUBE_ROOT}/cluster/gce/gci/configure.sh,cluster-name=${KUBE_TEMP}/cluster-name.txt,gci-update-strategy=${KUBE_TEMP}/gci-update.txt,gci-ensure-gke-docker=${KUBE_TEMP}/gci-ensure-gke-docker.txt,gci-docker-version=${KUBE_TEMP}/gci-docker-version.txt,kube-master-certs=${KUBE_TEMP}/kube-master-certs.yaml" \
--disk "name=${master_name}-pd,device-name=master-pd,mode=rw,boot=no,auto-delete=no" \
--boot-disk-size "${MASTER_ROOT_DISK_SIZE:-10}" \ --boot-disk-size "${MASTER_ROOT_DISK_SIZE:-10}" \
${preemptible_master} ${preemptible_master} \
${network}
} }
function get-metadata() { function get-metadata() {

116
cluster/gce/util.sh
View File

@@ -449,6 +449,35 @@ function create-firewall-rule() {
done done
} }
# Format the string argument for gcloud network.
function make-gcloud-network-argument() {
local network="$1"
local address="$2" # optional
local enable_ip_alias="$3" # optional
local alias_subnetwork="$4" # optional
local alias_size="$5" # optional
local ret=""
if [[ "${enable_ip_alias}" == 'true' ]]; then
ret="--network-interface"
ret="${ret} network=${network}"
# If address is omitted, instance will not receive an external IP.
ret="${ret},address=${address:-}"
ret="${ret},subnet=${alias_subnetwork}"
ret="${ret},aliases=pods-default:${alias_size}"
ret="${ret} --no-can-ip-forward"
else
ret="--network ${network}"
ret="${ret} --can-ip-forward"
if [[ -n ${address:-} ]]; then
ret="${ret} --address ${address}"
fi
fi
echo "${ret}"
}
# $1: version (required) # $1: version (required)
function get-template-name-from-version() { function get-template-name-from-version() {
# trim template name to pass gce name validation # trim template name to pass gce name validation
@@ -475,20 +504,34 @@ function create-node-template() {
fi fi
fi fi
local attempt=1 local gcloud="gcloud"
if [[ "${ENABLE_IP_ALIASES:-}" == 'true' ]]; then
gcloud="gcloud alpha"
fi
local preemptible_minions="" local preemptible_minions=""
if [[ "${PREEMPTIBLE_NODE}" == "true" ]]; then if [[ "${PREEMPTIBLE_NODE}" == "true" ]]; then
preemptible_minions="--preemptible --maintenance-policy TERMINATE" preemptible_minions="--preemptible --maintenance-policy TERMINATE"
fi fi
local local_ssds="" local local_ssds=""
if [ ! -z ${NODE_LOCAL_SSDS+x} ]; then if [ ! -z ${NODE_LOCAL_SSDS+x} ]; then
for i in $(seq ${NODE_LOCAL_SSDS}); do for i in $(seq ${NODE_LOCAL_SSDS}); do
local_ssds="$local_ssds--local-ssd=interface=SCSI " local_ssds="$local_ssds--local-ssd=interface=SCSI "
done done
fi fi
local network=$(make-gcloud-network-argument \
"${NETWORK}" "" \
"${ENABLE_IP_ALIASES:-}" \
"${IP_ALIAS_SUBNETWORK:-}" \
"${IP_ALIAS_SIZE:-}")
local attempt=1
while true; do while true; do
echo "Attempt ${attempt} to create ${1}" >&2 echo "Attempt ${attempt} to create ${1}" >&2
if ! gcloud compute instance-templates create "$template_name" \ if ! ${gcloud} compute instance-templates create \
"$template_name" \
--project "${PROJECT}" \ --project "${PROJECT}" \
--machine-type "${NODE_SIZE}" \ --machine-type "${NODE_SIZE}" \
--boot-disk-type "${NODE_DISK_TYPE}" \ --boot-disk-type "${NODE_DISK_TYPE}" \
@@ -496,11 +539,11 @@ function create-node-template() {
--image-project="${NODE_IMAGE_PROJECT}" \ --image-project="${NODE_IMAGE_PROJECT}" \
--image "${NODE_IMAGE}" \ --image "${NODE_IMAGE}" \
--tags "${NODE_TAG}" \ --tags "${NODE_TAG}" \
--network "${NETWORK}" \
${local_ssds} \ ${local_ssds} \
--region "${REGION}" \
${network} \
${preemptible_minions} \ ${preemptible_minions} \
$2 \ $2 \
--can-ip-forward \
--metadata-from-file $(echo ${@:3} | tr ' ' ',') >&2; then --metadata-from-file $(echo ${@:3} | tr ' ' ',') >&2; then
if (( attempt > 5 )); then if (( attempt > 5 )); then
echo -e "${color_red}Failed to create instance template $template_name ${color_norm}" >&2 echo -e "${color_red}Failed to create instance template $template_name ${color_norm}" >&2
@@ -597,6 +640,7 @@ function kube-up() {
if [[ ${KUBE_USE_EXISTING_MASTER:-} == "true" ]]; then if [[ ${KUBE_USE_EXISTING_MASTER:-} == "true" ]]; then
detect-master detect-master
parse-master-env parse-master-env
create-subnetwork
create-nodes create-nodes
elif [[ ${KUBE_REPLICATE_EXISTING_MASTER:-} == "true" ]]; then elif [[ ${KUBE_REPLICATE_EXISTING_MASTER:-} == "true" ]]; then
if [[ "${MASTER_OS_DISTRIBUTION}" != "gci" && "${MASTER_OS_DISTRIBUTION}" != "debian" ]]; then if [[ "${MASTER_OS_DISTRIBUTION}" != "gci" && "${MASTER_OS_DISTRIBUTION}" != "debian" ]]; then
@@ -612,6 +656,7 @@ function kube-up() {
else else
check-existing check-existing
create-network create-network
create-subnetwork
write-cluster-name write-cluster-name
create-autoscaler-config create-autoscaler-config
create-master create-master
@@ -680,6 +725,48 @@ function create-network() {
fi fi
} }
function create-subnetwork() {
case ${ENABLE_IP_ALIASES} in
true) ;;
false) return;;
*) echo "${color_red}Invalid argument to ENABLE_IP_ALIASES${color_norm}"
exit 1;;
esac
# Look for the subnet, it must exist and have a secondary range
# configured.
local subnet=$(gcloud alpha compute networks subnets describe \
--region ${REGION} ${IP_ALIAS_SUBNETWORK} 2>/dev/null)
if [[ -z ${subnet} ]]; then
# Only allow auto-creation for default subnets
if [[ ${IP_ALIAS_SUBNETWORK} != ${INSTANCE_PREFIX}-subnet-default ]]; then
echo "${color_red}Subnetwork ${NETWORK}:${IP_ALIAS_SUBNETWORK} does not exist${color_norm}"
exit 1
fi
if [ -z ${NODE_IP_RANGE:-} ]; then
echo "${color_red}NODE_IP_RANGE must be specified{color_norm}"
exit 1
fi
echo "Creating subnet ${NETWORK}:${IP_ALIAS_SUBNETWORK}"
gcloud alpha compute networks subnets create \
${IP_ALIAS_SUBNETWORK} \
--description "Automatically generated subnet for ${INSTANCE_PREFIX} cluster. This will be removed on cluster teardown." \
--network ${NETWORK} \
--region ${REGION} \
--range ${NODE_IP_RANGE} \
--secondary-range "name=pods-default,range=${CLUSTER_IP_RANGE}"
echo "Created subnetwork ${IP_ALIAS_SUBNETWORK}"
else
if ! echo ${subnet} | grep --quiet secondaryIpRanges ${subnet}; then
echo "${color_red}Subnet ${IP_ALIAS_SUBNETWORK} does not have a secondary range${color_norm}"
exit 1
fi
fi
}
function delete-firewall-rules() { function delete-firewall-rules() {
for fw in $@; do for fw in $@; do
if [[ -n $(gcloud compute firewall-rules --project "${PROJECT}" describe "${fw}" --format='value(name)' 2>/dev/null || true) ]]; then if [[ -n $(gcloud compute firewall-rules --project "${PROJECT}" describe "${fw}" --format='value(name)' 2>/dev/null || true) ]]; then
@@ -701,6 +788,24 @@ function delete-network() {
fi fi
} }
function delete-subnetwork() {
if [[ ${ENABLE_IP_ALIASES:-} != "true" ]]; then
return
fi
# Only delete automatically created subnets.
if [[ ${IP_ALIAS_SUBNETWORK} != ${INSTANCE_PREFIX}-subnet-default ]]; then
return
fi
echo "Removing auto-created subnet ${NETWORK}:${IP_ALIAS_SUBNETWORK}"
if [[ -n $(gcloud alpha compute networks subnets describe \
--region ${REGION} ${IP_ALIAS_SUBNETWORK} 2>/dev/null) ]]; then
gcloud alpha --quiet compute networks subnets delete \
--region ${REGION} ${IP_ALIAS_SUBNETWORK}
fi
}
# Assumes: # Assumes:
# NUM_NODES # NUM_NODES
# Sets: # Sets:
@@ -1414,6 +1519,9 @@ function kube-down() {
"${CLUSTER_NAME}-default-internal-node" \ "${CLUSTER_NAME}-default-internal-node" \
"${NETWORK}-default-ssh" \ "${NETWORK}-default-ssh" \
"${NETWORK}-default-internal" # Pre-1.5 clusters "${NETWORK}-default-internal" # Pre-1.5 clusters
delete-subnetwork
if [[ "${KUBE_DELETE_NETWORK}" == "true" ]]; then if [[ "${KUBE_DELETE_NETWORK}" == "true" ]]; then
delete-network || true # might fail if there are leaked firewall rules delete-network || true # might fail if there are leaked firewall rules
fi fi

1
cluster/kube-up.sh
View File

@@ -32,7 +32,6 @@ fi
source "${KUBE_ROOT}/cluster/kube-util.sh" source "${KUBE_ROOT}/cluster/kube-util.sh"
if [ -z "${ZONE-}" ]; then if [ -z "${ZONE-}" ]; then
echo "... Starting cluster using provider: ${KUBERNETES_PROVIDER}" >&2 echo "... Starting cluster using provider: ${KUBERNETES_PROVIDER}" >&2
else else

6
cluster/kube-util.sh
View File

@@ -28,6 +28,12 @@ else
KUBERNETES_PROVIDER="${KUBERNETES_PROVIDER:-gce}" KUBERNETES_PROVIDER="${KUBERNETES_PROVIDER:-gce}"
fi fi
# PROVIDER_VARS is a list of cloud provider specific variables. Note:
# this is a list of the _names_ of the variables, not the value of the
# variables. Providers can add variables to be appended to kube-env.
# (see `build-kube-env`).
PROVIDER_VARS=""
PROVIDER_UTILS="${KUBE_ROOT}/cluster/${KUBERNETES_PROVIDER}/util.sh" PROVIDER_UTILS="${KUBE_ROOT}/cluster/${KUBERNETES_PROVIDER}/util.sh"
if [ -f ${PROVIDER_UTILS} ]; then if [ -f ${PROVIDER_UTILS} ]; then
source "${PROVIDER_UTILS}" source "${PROVIDER_UTILS}"