Skip to content

Commit

Permalink
Merge pull request kubernetes#23600 from mikedanese/addon-manager
Browse files Browse the repository at this point in the history
Automatic merge from submit-queue

run kube-addon-manager in a static pod

Depends on kubernetes#23605 and kubernetes#24108

Ref kubernetes#23233
  • Loading branch information
k8s-merge-robot committed May 8, 2016
2 parents 601e098 + 3e1c0b5 commit f46f35a
Show file tree
Hide file tree
Showing 15 changed files with 92 additions and 281 deletions.
4 changes: 1 addition & 3 deletions build/common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -912,9 +912,7 @@ function kube::release::package_kube_manifests_tarball() {
cp "${salt_dir}/kube-apiserver/kube-apiserver.manifest" "${dst_dir}"
cp "${salt_dir}/kube-apiserver/abac-authz-policy.jsonl" "${dst_dir}"
cp "${salt_dir}/kube-controller-manager/kube-controller-manager.manifest" "${dst_dir}"
cp "${salt_dir}/kube-addons/namespace.yaml" "${dst_dir}"
cp "${salt_dir}/kube-addons/kube-addons.sh" "${dst_dir}"
cp "${salt_dir}/kube-addons/kube-addon-update.sh" "${dst_dir}"
cp "${salt_dir}/kube-addons/kube-addon-manager.yaml" "${dst_dir}"
cp "${KUBE_ROOT}/cluster/gce/trusty/configure-helper.sh" "${dst_dir}"
cp -r "${salt_dir}/kube-admission-controls/limit-range" "${dst_dir}"
local objects
Expand Down
1 change: 1 addition & 0 deletions cluster/addons/addon-manager/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
kubectl
24 changes: 24 additions & 0 deletions cluster/addons/addon-manager/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM python:2.7-slim

RUN pip install pyyaml

ADD kube-addons.sh /opt/
ADD kube-addon-update.sh /opt/
ADD namespace.yaml /opt/
ADD kubectl /usr/local/bin/kubectl

CMD /opt/kube-addons.sh
34 changes: 34 additions & 0 deletions cluster/addons/addon-manager/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Copyright 2016 The Kubernetes Authors All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

IMAGE=gcr.io/google-containers/kube-addon-manager
VERSION=v1
KUBECTL_VERSION=v1.2.3

.PHONY: build push container

build: kubectl
docker build -t "$(IMAGE):$(VERSION)" .

kubectl:
curl "https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl" \
-o kubectl
chmod +x kubectl

push: build
gcloud docker push "$(IMAGE):$(VERSION)"

clean:
rm kubectl
docker rmi -f "$(IMAGE):$(VERSION)"
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ function log() {
function get-object-kind-from-file() {
# prints to stdout, so log cannot be used
#WARNING: only yaml is supported
cat $1 | ${PYTHON} -c '''
cat $1 | python -c '''
try:
import pipes,sys,yaml
y = yaml.load(sys.stdin)
Expand All @@ -120,7 +120,7 @@ function get-object-nsname-from-file() {
# prints to stdout, so log cannot be used
#WARNING: only yaml is supported
#addons that do not specify a namespace are assumed to be in "default".
cat $1 | ${PYTHON} -c '''
cat $1 | python -c '''
try:
import pipes,sys,yaml
y = yaml.load(sys.stdin)
Expand Down
16 changes: 2 additions & 14 deletions .../saltbase/salt/kube-addons/kube-addons.sh → cluster/addons/addon-manager/kube-addons.sh
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -19,21 +19,11 @@
# managed result is of that. Start everything below that directory.
KUBECTL=${KUBECTL_BIN:-/usr/local/bin/kubectl}

ADDON_CHECK_INTERVAL_SEC=${TEST_ADDON_CHECK_INTERVAL_SEC:-600}
ADDON_CHECK_INTERVAL_SEC=${TEST_ADDON_CHECK_INTERVAL_SEC:-10}

SYSTEM_NAMESPACE=kube-system
trusty_master=${TRUSTY_MASTER:-false}

function ensure_python() {
if ! python --version > /dev/null 2>&1; then
echo "No python on the machine, will use a python image"
local -r PYTHON_IMAGE=gcr.io/google_containers/python:v1
export PYTHON="docker run --interactive --rm --net=none ${PYTHON_IMAGE} python"
else
export PYTHON=python
fi
}

# $1 filename of addon to start.
# $2 count of tries to start the addon.
# $3 delay in seconds between two consecutive tries
Expand Down Expand Up @@ -74,10 +64,8 @@ function create-resource-from-string() {
# managed result is of that. Start everything below that directory.
echo "== Kubernetes addon manager started at $(date -Is) with ADDON_CHECK_INTERVAL_SEC=${ADDON_CHECK_INTERVAL_SEC} =="

ensure_python

# Create the namespace that will be used to host the cluster-level add-ons.
start_addon /etc/kubernetes/addons/namespace.yaml 100 10 "" &
start_addon /opt/namespace.yaml 100 10 "" &

# Wait for the default service account to be created in the kube-system namespace.
token_found=""
Expand Down
File renamed without changes.
11 changes: 2 additions & 9 deletions cluster/gce/trusty/configure-helper.sh
Original file line number Diff line number Diff line change
Expand Up @@ -662,13 +662,6 @@ prepare_kube_addons() {
setup_addon_manifests "admission-controls" "limit-range"
fi

# Prepare the scripts for running addons.
addon_script_dir="/var/lib/cloud/scripts/kubernetes"
mkdir -p "${addon_script_dir}"
cp "${addon_src_dir}/kube-addons.sh" "${addon_script_dir}"
cp "${addon_src_dir}/kube-addon-update.sh" "${addon_script_dir}"
chmod 544 "${addon_script_dir}/"*.sh
# In case that some GCE customized trusty may have a read-only /root.
mount -t tmpfs tmpfs /root
mount --bind -o remount,rw,noexec /root
# Place addon manager pod manifest
cp "${addon_src_dir}/kube-addon-manager.yaml" /etc/kubernetes/manifests
}
32 changes: 0 additions & 32 deletions cluster/gce/trusty/master.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -180,38 +180,6 @@ script
prepare_kube_addons
end script

--====================================
MIME-Version: 1.0
Content-Type: text/upstart-job; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="kube-addons.conf"

#upstart-job

description "Run kubernetes addon pods"

start on stopped kube-master-components

respawn

script
set -o errexit
set -o nounset

. /etc/kube-env
export HOME="/root"
export KUBECTL_BIN="/usr/bin/kubectl"
export TRUSTY_MASTER="true"
if [ -n "${TEST_ADDON_CHECK_INTERVAL_SEC:-}" ]; then
export TEST_ADDON_CHECK_INTERVAL_SEC=${TEST_ADDON_CHECK_INTERVAL_SEC}
fi
# Run the script to start and monitoring addon manifest changes.
exec /var/lib/cloud/scripts/kubernetes/kube-addons.sh 1>>/var/log/kube-addons.log 2>&1
end script

# Wait for 10s to start it again.
post-stop exec sleep 10

--====================================
MIME-Version: 1.0
Content-Type: text/upstart-job; charset="us-ascii"
Expand Down
65 changes: 2 additions & 63 deletions cluster/saltbase/salt/kube-addons/init.sls
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,6 @@ addon-dir-create:
- require:
- file: addon-dir-delete

/etc/kubernetes/addons/namespace.yaml:
file.managed:
- source: salt://kube-addons/namespace.yaml
- user: root
- group: root
- file_mode: 644

{% if pillar.get('enable_cluster_monitoring', '').lower() == 'influxdb' %}
/etc/kubernetes/addons/cluster-monitoring/influxdb:
file.recurse:
Expand Down Expand Up @@ -157,63 +150,9 @@ addon-dir-create:
- file_mode: 644
{% endif %}

/etc/kubernetes/kube-addons.sh:
file.managed:
- source: salt://kube-addons/kube-addons.sh
- user: root
- group: root
- mode: 755

/etc/kubernetes/kube-addon-update.sh:
/etc/kubernetes/manifests/kube-addon-manager.yaml:
file.managed:
- source: salt://kube-addons/kube-addon-update.sh
- source: salt://kube-addons/kube-addon-manager.yaml
- user: root
- group: root
- mode: 755

{% if pillar.get('is_systemd') %}

{{ pillar.get('systemd_system_path') }}/kube-addons.service:
file.managed:
- source: salt://kube-addons/kube-addons.service
- user: root
- group: root
cmd.wait:
- name: /opt/kubernetes/helpers/services bounce kube-addons
- watch:
- file: {{ pillar.get('systemd_system_path') }}/kube-addons.service

{% else %}

/etc/init.d/kube-addons:
file.managed:
- source: salt://kube-addons/initd
- user: root
- group: root
- mode: 755

{% endif %}

# Stop kube-addons service each time salt is executed, just in case
# there was a modification of addons.
# Actually, this should be handled by watching file changes, but
# somehow it doesn't work.
service-kube-addon-stop:
service.dead:
- name: kube-addons

kube-addons:
service.running:
- enable: True
- require:
- service: service-kube-addon-stop
- watch:
{% if pillar.get('is_systemd') %}
- file: {{ pillar.get('systemd_system_path') }}/kube-addons.service
{% else %}
- file: /etc/init.d/kube-addons
{% endif %}
{% if pillar.get('is_systemd') %}
- provider:
- service: systemd
{%- endif %}
120 changes: 0 additions & 120 deletions cluster/saltbase/salt/kube-addons/initd

This file was deleted.

Loading

0 comments on commit f46f35a

Please sign in to comment.