From d0630f0d6fe5cc773c05cccbb7b7b681dd83c375 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Sat, 17 Oct 2015 16:03:14 -0400 Subject: [PATCH] Retire stackforge/heat-coe-templates --- .gitreview | 4 - .travis.yml | 8 - COPYING | 202 -------------- README.md | 124 --------- README.rst | 7 + fragments/add-to-docker-group.sh | 14 - fragments/cfn-signal.sh | 11 - fragments/configure-docker-storage.sh | 20 -- fragments/configure-kubernetes-master.sh | 19 -- fragments/configure-kubernetes-minion.sh | 40 --- fragments/disable-selinux.sh | 8 - fragments/docker.service.yaml | 58 ---- fragments/enable-services-master.sh | 13 - fragments/enable-services-minion.sh | 18 -- fragments/flannel-config.service.yaml | 46 --- fragments/kube-examples.yaml | 31 --- fragments/kube-user.yaml | 10 - fragments/write-flannel-config.sh | 32 --- fragments/write-heat-params-master.yaml | 13 - fragments/write-heat-params.yaml | 12 - kubecluster.yaml | 339 ----------------------- kubenode.yaml | 224 --------------- test-requirements.txt | 1 - tools/pre-commit-hook | 28 -- tools/validate-all-yaml.sh | 9 - tools/validate-yaml.py | 38 --- tox.ini | 11 - 27 files changed, 7 insertions(+), 1333 deletions(-) delete mode 100644 .gitreview delete mode 100644 .travis.yml delete mode 100644 COPYING delete mode 100644 README.md create mode 100644 README.rst delete mode 100644 fragments/add-to-docker-group.sh delete mode 100644 fragments/cfn-signal.sh delete mode 100644 fragments/configure-docker-storage.sh delete mode 100644 fragments/configure-kubernetes-master.sh delete mode 100644 fragments/configure-kubernetes-minion.sh delete mode 100644 fragments/disable-selinux.sh delete mode 100644 fragments/docker.service.yaml delete mode 100644 fragments/enable-services-master.sh delete mode 100644 fragments/enable-services-minion.sh delete mode 100644 fragments/flannel-config.service.yaml delete mode 100644 fragments/kube-examples.yaml delete mode 100644 fragments/kube-user.yaml delete mode 100644 fragments/write-flannel-config.sh delete mode 100644 fragments/write-heat-params-master.yaml delete mode 100644 fragments/write-heat-params.yaml delete mode 100644 kubecluster.yaml delete mode 100644 kubenode.yaml delete mode 100644 test-requirements.txt delete mode 100755 tools/pre-commit-hook delete mode 100755 tools/validate-all-yaml.sh delete mode 100755 tools/validate-yaml.py delete mode 100644 tox.ini diff --git a/.gitreview b/.gitreview deleted file mode 100644 index 7136fb3..0000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=stackforge/heat-coe-templates.git diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 33fbc27..0000000 --- a/.travis.yml +++ /dev/null @@ -1,8 +0,0 @@ -language: python -python: - - "2.7" -install: - - "pip install -r test-requirements.txt" -script: - - sh tools/validate-all-yaml.sh - diff --git a/COPYING b/COPYING deleted file mode 100644 index d645695..0000000 --- a/COPYING +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/README.md b/README.md deleted file mode 100644 index 322bacd..0000000 --- a/README.md +++ /dev/null @@ -1,124 +0,0 @@ -THIS MODULE IS NO LONGER MAINTAINED -=================================== - -See this [mailing list][] post or ask on #openstack-containers on -freenode for details. - -[mailing list]: http://lists.openstack.org/pipermail/openstack-dev/2015-July/070321.html - -A Kubernetes cluster with Heat -============================== - -These [Heat][] templates will deploy an *N*-node [Kubernetes][] cluster, -where *N* is the value of the `number_of_minions` parameter you -specify when creating the stack. - -[heat]: https://wiki.openstack.org/wiki/Heat -[kubernetes]: https://github.com/GoogleCloudPlatform/kubernetes - -The cluster uses [Flannel][] to provide an overlay network connecting -pods deployed on different minions. - -[flannel]: https://github.com/coreos/flannel - -## Requirements - -### OpenStack - -These templates will work with the Juno version of Heat. - -### Guest image - -These templates will work with either CentOS Atomic Host or Fedora 21 -Atomic. You will need an image dated later than 2015-01-20 in order -to have both the `flannel` package installed and the appropriately -configured `docker.service` unit. - -You can enable the VXLAN backend for flannel by setting the -"flannel_use_vxlan" parameter to "true", but I have run into kernel -crashes using that backend with CentOS 7. It seems to work fine with -Fedora 21. - -## Creating the stack - -Creating an environment file `local.yaml` with parameters specific to -your environment: - - parameters: - ssh_key_name: lars - external_network_id: 028d70dd-67b8-4901-8bdd-0c62b06cce2d - dns_nameserver: 192.168.200.1 - server_image: centos-7-atomic-20150101 - -And then create the stack, referencing that environment file: - - heat stack-create -f kubecluster.yaml -e local.yaml my-kube-cluster - -You must provide values for: - -- `ssh_key_name` -- `external_network_id` -- `server_image` - -## Interacting with Kubernetes - -You can get the ip address of the Kubernetes master using the `heat -output-show` command: - - $ heat output-show my-kube-cluster kube_master - "192.168.200.86" - -You can ssh into that server as the `minion` user: - - $ ssh minion@192.168.200.86 - -And once logged in you can run `kubectl`, etc: - - $ kubectl get minions - NAME LABELS - 10.0.0.4 - -You can log into your minions using the `minion` user as well. You -can get a list of minion addresses by running: - - $ heat output-show my-kube-cluster kube_minions_external - [ - "192.168.200.182" - ] - -## Testing - -The templates install an example Pod and Service description into -`/etc/kubernetes/examples`. You can deploy this with the following -commands: - - $ kubectl create -f /etc/kubernetes/examples/web.service - $ kubectl create -f /etc/kubernetes/examples/web.pod - -This will deploy a minimal webserver and a service. You can use -`kubectl get pods` and `kubectl get services` to see the results of -these commands. - -## License - -Copyright 2014 Lars Kellogg-Stedman - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use these files except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -## Contact - -Please report bugs using the [GitHub issue tracker][] at -https://github.com/larsks/heat-kubernetes/issues. - -[github issue tracker]: https://github.com/larsks/heat-kubernetes/issues - diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..9006052 --- /dev/null +++ b/README.rst @@ -0,0 +1,7 @@ +This project is no longer maintained. + +The contents of this repository are still available in the Git source code +management system. To see the contents of this repository before it reached +its end of life, please check out the previous commit with +"git checkout HEAD^1". + diff --git a/fragments/add-to-docker-group.sh b/fragments/add-to-docker-group.sh deleted file mode 100644 index 171b0bb..0000000 --- a/fragments/add-to-docker-group.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -# Under atomic, we need to make sure the 'dockerroot' group exists in -# /etc/group (because /lib/group cannot be modified by usermod). -echo "making 'dockerroot' group editable" -if ! grep -q dockerroot /etc/group; then - grep dockerroot /lib/group >> /etc/group -fi - -# make 'minion' user a member of the dockerroot group -# (so you can run docker commands as the 'minion' user) -echo "adding 'minion' user to 'dockerroot' group" -usermod -G dockerroot minion - diff --git a/fragments/cfn-signal.sh b/fragments/cfn-signal.sh deleted file mode 100644 index cf43c9a..0000000 --- a/fragments/cfn-signal.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -. /etc/sysconfig/heat-params - -echo "notifying heat" -curl -sf -X PUT -H 'Content-Type: application/json' \ - --data-binary '{"Status": "SUCCESS", - "Reason": "Setup complete", - "Data": "OK", "UniqueId": "00000"}' \ - "$WAIT_HANDLE" - diff --git a/fragments/configure-docker-storage.sh b/fragments/configure-docker-storage.sh deleted file mode 100644 index 91ad937..0000000 --- a/fragments/configure-docker-storage.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -. /etc/sysconfig/heat-params - -DOCKER_DEV=/dev/disk/by-id/virtio-${DOCKER_VOLUME:0:20} - -if ! [ -b $DOCKER_DEV ]; then - echo "ERROR: device $DOCKER_DEV does not exist" >&2 - exit 1 -fi - -pvcreate $DOCKER_DEV -vgcreate docker $DOCKER_DEV -lvcreate --wipesignatures y -n data docker -l 95%VG -lvcreate --wipesignatures y -n metadata docker -l 5%VG - -cat > /etc/sysconfig/docker-storage <> /etc/environment <&2 - exit 1 - fi - - mkdir -p /run/flannel/ - cat > /run/flannel/docker <&2 - exit 1 - fi - - if ! [ "$FLANNEL_ETCD" ] && [ "$FLANNEL_ETCD_KEY" ]; then - echo "ERROR: missing required configuration" >&2 - exit 1 - fi - - echo "creating flanneld config in etcd" - while ! curl -sf -L $FLANNEL_ETCD/v2/keys${FLANNEL_ETCD_KEY}/config \ - -X PUT --data-urlencode value@${FLANNEL_JSON}; do - echo "waiting for etcd" - sleep 1 - done - - path: /etc/systemd/system/flannel-config.service - owner: "root:root" - permissions: "0644" - content: | - [Unit] - After=etcd.service - Requires=etcd.service - - [Service] - Type=oneshot - EnvironmentFile=/etc/sysconfig/flanneld - ExecStart=/usr/local/bin/flannel-config - - [Install] - WantedBy=multi-user.target -runcmd: - - systemctl enable flannel-config - - systemctl start --no-block flannel-config - diff --git a/fragments/kube-examples.yaml b/fragments/kube-examples.yaml deleted file mode 100644 index fc321c5..0000000 --- a/fragments/kube-examples.yaml +++ /dev/null @@ -1,31 +0,0 @@ -#cloud-config -merge_how: dict(recurse_array)+list(append) -write_files: - - path: /etc/kubernetes/examples/web.pod - owner: "root:root" - permissions: "0644" - content: | - kind: Pod - apiVersion: v1beta1 - labels: - name: web - desiredState: - manifest: - version: v1beta1 - id: web - containers: - - name: web - image: larsks/thttpd - ports: - - containerPort: 80 - - path: /etc/kubernetes/examples/web.service - owner: "root:root" - permissions: "0644" - content: | - kind: Service - apiVersion: v1beta1 - id: web - port: 8000 - selector: - name: web - containerPort: 80 diff --git a/fragments/kube-user.yaml b/fragments/kube-user.yaml deleted file mode 100644 index 4e7477d..0000000 --- a/fragments/kube-user.yaml +++ /dev/null @@ -1,10 +0,0 @@ -#cloud-config -system_info: - default_user: - name: minion - lock_passwd: true - gecos: Kubernetes Interactive User - groups: [wheel, adm, systemd-journal] - sudo: ["ALL=(ALL) NOPASSWD:ALL"] - shell: /bin/bash - diff --git a/fragments/write-flannel-config.sh b/fragments/write-flannel-config.sh deleted file mode 100644 index 04fb305..0000000 --- a/fragments/write-flannel-config.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -. /etc/sysconfig/heat-params -. /etc/sysconfig/flanneld - -FLANNEL_JSON=/etc/sysconfig/flannel-network.json - -if [ "$FLANNEL_USE_VXLAN" == "true" ]; then - use_vxlan=1 -fi - -# Generate a flannel configuration that we will -# store into etcd using curl. -cat > $FLANNEL_JSON <> $FLANNEL_JSON <> $FLANNEL_JSON < - This template will boot a Kubernetes cluster with one or more - minions (as specified by the number_of_minions parameter, which - defaults to "2"). - -parameters: - - # - # REQUIRED PARAMETERS - # - ssh_key_name: - type: string - description: name of ssh key to be provisioned on our server - - external_network_id: - type: string - description: uuid of a network to use for floating ip addresses - - # - # OPTIONAL PARAMETERS - # - server_image: - type: string - default: centos-atomic - description: glance image used to boot the server - - master_flavor: - type: string - default: m1.small - description: flavor to use when booting the server - - server_flavor: - type: string - default: m1.small - description: flavor to use when booting the server - - dns_nameserver: - type: string - description: address of a dns nameserver reachable in your environment - default: 8.8.8.8 - - number_of_minions: - type: string - description: how many kubernetes minions to spawn - default: 1 - - fixed_network_cidr: - type: string - description: network range for fixed ip network - default: "10.0.0.0/24" - - portal_network_cidr: - type: string - description: > - address range used by kubernetes for service portals - default: "10.254.0.0/16" - - flannel_network_cidr: - type: string - description: network range for flannel overlay network - default: "10.100.0.0/16" - - flannel_network_subnetlen: - type: string - description: size of subnet assigned to each minion - default: 24 - - flannel_use_vxlan: - type: string - description: > - if true use the vxlan backend, otherwise use the default - udp backend - default: "false" - constraints: - - allowed_values: ["true", "false"] - - kube_allow_priv: - type: string - description: > - whether or not kubernetes should permit privileged containers. - default: "true" - constraints: - - allowed_values: ["true", "false"] - - docker_volume_size: - type: string - description: > - size of a cinder volume to allocate to docker for container/image - storage - default: "25" - -resources: - - master_wait_handle: - type: "AWS::CloudFormation::WaitConditionHandle" - - master_wait_condition: - type: "AWS::CloudFormation::WaitCondition" - depends_on: - - kube_master - properties: - Handle: - get_resource: master_wait_handle - Timeout: "6000" - - ###################################################################### - # - # network resources. allocate a network and router for our server. - # it would also be possible to take advantage of existing network - # resources (and have the deployer provide network and subnet ids, - # etc, as parameters), but I wanted to minmize the amount of - # configuration necessary to make this go. - - fixed_network: - type: "OS::Neutron::Net" - - # This is the subnet on which we will deploy our server. - fixed_subnet: - type: "OS::Neutron::Subnet" - properties: - cidr: {get_param: fixed_network_cidr} - network_id: - get_resource: fixed_network - dns_nameservers: - - get_param: dns_nameserver - - # create a router attached to the external network provided as a - # parameter to this stack. - extrouter: - type: "OS::Neutron::Router" - properties: - external_gateway_info: - network: - get_param: external_network_id - - # attached fixed_subnet to our extrouter router. - extrouter_inside: - type: "OS::Neutron::RouterInterface" - properties: - router_id: - get_resource: extrouter - subnet_id: - get_resource: - fixed_subnet - - ###################################################################### - # - # security groups. we need to permit network traffic of various - # sorts. - # - - # permit ssh access - secgroup_base: - type: "OS::Neutron::SecurityGroup" - properties: - rules: - - protocol: icmp - - protocol: tcp - port_range_min: 22 - port_range_max: 22 - - # open ports for kubernetes and etcd - secgroup_kubernetes: - type: "OS::Neutron::SecurityGroup" - properties: - rules: - - protocol: tcp - port_range_min: 7080 - port_range_max: 7080 - - protocol: tcp - port_range_min: 8080 - port_range_max: 8080 - - protocol: tcp - port_range_min: 4001 - port_range_max: 4001 - - protocol: tcp - port_range_min: 7001 - port_range_max: 7001 - - ###################################################################### - # - # software configs. these are components that are combined into - # a multipart MIME user-data archive. - # - - write_heat_params: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: - str_replace: - template: {get_file: fragments/write-heat-params-master.yaml} - params: - "$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv} - "$WAIT_HANDLE": {get_resource: master_wait_handle} - "$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr} - "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen} - "$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan} - "$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr} - - configure_kubernetes: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/configure-kubernetes-master.sh} - - write_flannel_config: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/write-flannel-config.sh} - - flannel_config_service: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/flannel-config.service.yaml} - - enable_services: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/enable-services-master.sh} - - kube_user: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/kube-user.yaml} - - kube_examples: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/kube-examples.yaml} - - cfn_signal: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/cfn-signal.sh} - - disable_selinux: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/disable-selinux.sh} - - kube_master_init: - type: "OS::Heat::MultipartMime" - properties: - parts: - - config: {get_resource: disable_selinux} - - config: {get_resource: write_heat_params} - - config: {get_resource: kube_user} - - config: {get_resource: configure_kubernetes} - - config: {get_resource: enable_services} - - config: {get_resource: write_flannel_config} - - config: {get_resource: flannel_config_service} - - config: {get_resource: kube_examples} - - config: {get_resource: cfn_signal} - - ###################################################################### - # - # databases server. this sets up a Kubernetes server - # - kube_master: - type: "OS::Nova::Server" - depends_on: - - extrouter_inside - properties: - image: - get_param: server_image - flavor: - get_param: master_flavor - key_name: - get_param: ssh_key_name - user_data_format: RAW - user_data: {get_resource: kube_master_init} - networks: - - port: - get_resource: kube_master_eth0 - - kube_master_eth0: - type: "OS::Neutron::Port" - properties: - network_id: - get_resource: fixed_network - security_groups: - - get_resource: secgroup_base - - get_resource: secgroup_kubernetes - fixed_ips: - - subnet_id: - get_resource: fixed_subnet - replacement_policy: AUTO - - kube_master_floating: - type: "OS::Neutron::FloatingIP" - depends_on: - - extrouter_inside - properties: - floating_network_id: - get_param: external_network_id - port_id: - get_resource: kube_master_eth0 - - kube_minions: - type: "OS::Heat::ResourceGroup" - depends_on: - - extrouter_inside - - master_wait_condition - properties: - count: {get_param: number_of_minions} - resource_def: - type: kubenode.yaml - properties: - ssh_key_name: {get_param: ssh_key_name} - server_image: {get_param: server_image} - server_flavor: {get_param: server_flavor} - fixed_network_id: {get_resource: fixed_network} - fixed_subnet_id: {get_resource: fixed_subnet} - kube_master_ip: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]} - external_network_id: {get_param: external_network_id} - kube_allow_priv: {get_param: kube_allow_priv} - docker_volume_size: {get_param: docker_volume_size} - -outputs: - - kube_master: - value: {get_attr: [kube_master_floating, floating_ip_address]} - - kube_minions: - value: {get_attr: [kube_minions, kube_node_ip]} - - kube_minions_external: - value: {get_attr: [kube_minions, kube_node_external_ip]} - diff --git a/kubenode.yaml b/kubenode.yaml deleted file mode 100644 index 76d0c78..0000000 --- a/kubenode.yaml +++ /dev/null @@ -1,224 +0,0 @@ -heat_template_version: 2013-05-23 - -description: > - This is a nested stack that defines a single Kubernetes minion, - based on a vanilla Fedora 20 cloud image. This stack is included by - a ResourceGroup resource in the parent template (kubecluster.yaml). - -parameters: - - server_image: - type: string - default: centos-7-atomic-20150120 - description: glance image used to boot the server - - server_flavor: - type: string - default: m1.small - description: flavor to use when booting the server - - ssh_key_name: - type: string - description: name of ssh key to be provisioned on our server - default: lars - - external_network_id: - type: string - description: uuid of a network to use for floating ip addresses - - kube_allow_priv: - type: string - description: > - whether or not kubernetes should permit privileged containers. - default: "false" - constraints: - - allowed_values: ["true", "false"] - - docker_volume_size: - type: string - description: > - size of a cinder volume to allocate to docker for container/image - storage - default: "25" - - # The following are all generated in the parent template. - kube_master_ip: - type: string - description: IP address of the Kubernetes master server. - fixed_network_id: - type: string - description: Network from which to allocate fixed addresses. - fixed_subnet_id: - type: string - description: Subnet from which to allocate fixed addresses. - -resources: - - node_wait_handle: - type: "AWS::CloudFormation::WaitConditionHandle" - - node_wait_condition: - type: "AWS::CloudFormation::WaitCondition" - depends_on: - - kube_node - properties: - Handle: - get_resource: node_wait_handle - Timeout: "6000" - - ###################################################################### - # - # security groups. we need to permit network traffic of various - # sorts. - # - - secgroup_all_open: - type: "OS::Neutron::SecurityGroup" - properties: - rules: - - protocol: icmp - - protocol: tcp - - protocol: udp - - ###################################################################### - # - # software configs. these are components that are combined into - # a multipart MIME user-data archive. - # - - write_heat_params: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: - str_replace: - template: {get_file: fragments/write-heat-params.yaml} - params: - "$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv} - "$KUBE_MASTER_IP": {get_param: kube_master_ip} - "$WAIT_HANDLE": {get_resource: node_wait_handle} - "$DOCKER_VOLUME": {get_resource: docker_volume} - - add_to_docker_group: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/add-to-docker-group.sh} - - configure_docker_storage: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/configure-docker-storage.sh} - - configure_kubernetes_minion: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/configure-kubernetes-minion.sh} - - kube_user: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/kube-user.yaml} - - kube_examples: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/kube-examples.yaml} - - docker_service: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/docker.service.yaml} - - enable_services: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/enable-services-minion.sh} - - cfn_signal: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/cfn-signal.sh} - - disable_selinux: - type: "OS::Heat::SoftwareConfig" - properties: - group: ungrouped - config: {get_file: fragments/disable-selinux.sh} - - kube_node_init: - type: "OS::Heat::MultipartMime" - properties: - parts: - - config: {get_resource: disable_selinux} - - config: {get_resource: write_heat_params} - - config: {get_resource: kube_user} - - config: {get_resource: kube_examples} - - config: {get_resource: add_to_docker_group} - - config: {get_resource: configure_docker_storage} - - config: {get_resource: configure_kubernetes_minion} - - config: {get_resource: docker_service} - - config: {get_resource: enable_services} - - config: {get_resource: cfn_signal} - - kube_node: - type: "OS::Nova::Server" - properties: - image: - get_param: server_image - flavor: - get_param: server_flavor - key_name: - get_param: ssh_key_name - user_data_format: RAW - user_data: {get_resource: kube_node_init} - networks: - - port: - get_resource: kube_node_eth0 - - kube_node_eth0: - type: "OS::Neutron::Port" - properties: - network_id: - get_param: fixed_network_id - security_groups: - - get_resource: secgroup_all_open - fixed_ips: - - subnet_id: - get_param: fixed_subnet_id - replacement_policy: AUTO - - kube_node_floating: - type: "OS::Neutron::FloatingIP" - properties: - floating_network_id: - get_param: external_network_id - port_id: - get_resource: kube_node_eth0 - - docker_volume: - type: "OS::Cinder::Volume" - properties: - size: {get_param: docker_volume_size} - - docker_volume_attach: - type: "OS::Cinder::VolumeAttachment" - properties: - instance_uuid: {get_resource: kube_node} - volume_id: {get_resource: docker_volume} - -outputs: - - kube_node_ip: - value: {get_attr: [kube_node_eth0, fixed_ips, 0, ip_address]} - - kube_node_external_ip: - value: {get_attr: [kube_node_floating, floating_ip_address]} - diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index 5500f00..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1 +0,0 @@ -PyYAML diff --git a/tools/pre-commit-hook b/tools/pre-commit-hook deleted file mode 100755 index 4dbea82..0000000 --- a/tools/pre-commit-hook +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/sh - -TOPLEVEL=$(git rev-parse --show-toplevel) -RES=0 - -cd $TOPLEVEL - -if [ "$1" = "--install" ]; then - ln -sf ../../tools/pre-commit-hook .git/hooks/pre-commit - exit -fi - -tmpdir=$(mktemp -d precommit.XXXXXX) || exit 1 -trap "rm -rf $TOPLEVEL/$tmpdir" 0 - -git diff --cached --name-only --diff-filter=ACMR | - xargs git checkout-index --prefix=$tmpdir/ -- - -cd $tmpdir - -echo "=== yaml checks ===" - -( -find . -name '*.yaml' -print0 -[ -d fragments ] && - find fragments -type f | xargs grep -l '^#cloud-config' -) | xargs -0 python ${TOPLEVEL}/tools/validate-yaml.py -v || exit 1 - diff --git a/tools/validate-all-yaml.sh b/tools/validate-all-yaml.sh deleted file mode 100755 index 70a5a35..0000000 --- a/tools/validate-all-yaml.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -TOPLEVEL=$(git rev-parse --show-toplevel) -cd $TOPLEVEL - -git ls-files | - grep '\.yaml' | - xargs python ${TOPLEVEL}/tools/validate-yaml.py -v || exit 1 - diff --git a/tools/validate-yaml.py b/tools/validate-yaml.py deleted file mode 100755 index 1c406d4..0000000 --- a/tools/validate-yaml.py +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/python - -import sys -import argparse -import yaml -import logging - - -def parse_args(): - p = argparse.ArgumentParser() - p.add_argument('--verbose', '-v', - action='store_const', - const='INFO', - dest='loglevel') - p.add_argument('input', nargs='*') - p.set_defaults(loglevel='WARN') - return p.parse_args() - - -def main(): - args = parse_args() - logging.basicConfig(level=args.loglevel) - res = 0 - - for filename in args.input: - with open(filename) as fd: - try: - yaml.load(fd) - logging.info('%s: passed', filename) - except yaml.error.YAMLError as error: - res = 1 - logging.error('%s: failed: %s', - filename, error) - - return res - -if __name__ == '__main__': - sys.exit(main()) diff --git a/tox.ini b/tox.ini deleted file mode 100644 index be7cb84..0000000 --- a/tox.ini +++ /dev/null @@ -1,11 +0,0 @@ -[tox] -skipsdist = True -envlist = lint -minversion = 1.6 - -[testenv] -deps = -r{toxinidir}/test-requirements.txt - -[testenv:lint] -commands = - {toxinidir}/tools/validate-all-yaml.sh