From 73b548db06c5e293533344c5b6171e955eac9ff1 Mon Sep 17 00:00:00 2001 From: Pavithra Ramesh Date: Wed, 15 Aug 2018 17:04:30 -0700 Subject: [PATCH 1/2] Support running a nodelocal dns cache This change includes the yaml files and gce startup script changes to run this addon. It is disabled by default, can be enabled by setting KUBE_ENABLE_NODELOCAL_DNS=true An ip address is required for the cache instance to listen for requests on, default is a link local ip address of value 169.254.25.10 addressed review comments, updated image location Picked a different prometheus port so stats port is not same as the coredns deployment Removed the nodelocaldns-ready label. Set memory limit to 30Mi --- cluster/addons/dns/nodelocaldns/Makefile | 34 ++++ .../dns/nodelocaldns/nodelocaldns.yaml.base | 150 ++++++++++++++++++ .../dns/nodelocaldns/nodelocaldns.yaml.in | 150 ++++++++++++++++++ .../dns/nodelocaldns/nodelocaldns.yaml.sed | 150 ++++++++++++++++++ .../dns/nodelocaldns/transforms2salt.sed | 4 + .../dns/nodelocaldns/transforms2sed.sed | 4 + cluster/centos/config-default.sh | 2 + cluster/centos/deployAddons.sh | 31 +++- cluster/centos/util.sh | 5 + cluster/gce/config-default.sh | 3 + cluster/gce/config-test.sh | 3 + cluster/gce/gci/configure-helper.sh | 14 ++ cluster/gce/util.sh | 5 + hack/local-up-cluster.sh | 28 +++- 14 files changed, 579 insertions(+), 4 deletions(-) create mode 100644 cluster/addons/dns/nodelocaldns/Makefile create mode 100644 cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base create mode 100644 cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in create mode 100644 cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed create mode 100644 cluster/addons/dns/nodelocaldns/transforms2salt.sed create mode 100644 cluster/addons/dns/nodelocaldns/transforms2sed.sed diff --git a/cluster/addons/dns/nodelocaldns/Makefile b/cluster/addons/dns/nodelocaldns/Makefile new file mode 100644 index 0000000000..7e4b61405e --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/Makefile @@ -0,0 +1,34 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Makefile for the kubedns underscore templates to Salt/Pillar and other formats. + +# If you update the *.base templates, please run this Makefile before pushing. +# +# Usage: +# make + +all: transform + +# .base -> .in pattern rule +%.in: %.base + sed -f transforms2salt.sed $< | sed s/__SOURCE_FILENAME__/$ $@ + +# .base -> .sed pattern rule +%.sed: %.base + sed -f transforms2sed.sed $< | sed s/__SOURCE_FILENAME__/$ $@ + +transform: nodelocaldns.yaml.in nodelocaldns.yaml.sed + +.PHONY: transform diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base new file mode 100644 index 0000000000..c5af1f9b33 --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base @@ -0,0 +1,150 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# __MACHINE_GENERATED_WARNING__ + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nodelocaldns + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: nodelocaldns + namespace: kube-system + labels: + addonmanager.kubernetes.io/mode: EnsureExists + +data: + Corefile: | + __PILLAR__DNS__DOMAIN__:53 { + errors + cache 30 + reload + loop + bind __PILLAR__LOCAL__DNS__ + forward . __PILLAR__DNS__SERVER__ { + force_tcp + } + prometheus :9253 + health __PILLAR__LOCAL__DNS__:8080 + } + in-addr.arpa:53 { + errors + cache 30 + reload + loop + bind __PILLAR__LOCAL__DNS__ + forward . __PILLAR__DNS__SERVER__ { + force_tcp + } + prometheus :9253 + } + ip6.arpa:53 { + errors + cache 30 + reload + loop + bind __PILLAR__LOCAL__DNS__ + forward . __PILLAR__DNS__SERVER__ { + force_tcp + } + prometheus :9253 + } + .:53 { + errors + cache 30 + reload + loop + bind __PILLAR__LOCAL__DNS__ + forward . /etc/resolv.conf { + force_tcp + } + prometheus :9253 + } +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nodelocaldns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + selector: + matchLabels: + k8s-app: nodelocaldns + template: + metadata: + labels: + k8s-app: nodelocaldns + spec: + priorityClassName: system-node-critical + serviceAccountName: nodelocaldns + hostNetwork: true + dnsPolicy: Default # Don't use cluster DNS. + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + containers: + - name: node-cache + image: k8s.gcr.io/k8s-dns-node-cache:1.15.0 + resources: + limits: + memory: 30Mi + requests: + cpu: 25m + memory: 5Mi + args: [ "-localip", "__PILLAR__LOCAL__DNS__", "-conf", "/etc/coredns/Corefile" ] + securityContext: + privileged: true + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9253 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + host: __PILLAR__LOCAL__DNS__ + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + volumeMounts: + - name: config-volume + mountPath: /etc/coredns + volumes: + - name: config-volume + configMap: + name: nodelocaldns + items: + - key: Corefile + path: Corefile + terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in new file mode 100644 index 0000000000..34cd9dce85 --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in @@ -0,0 +1,150 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Warning: This is a file generated from the base underscore template file: nodelocaldns.yaml.base + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nodelocaldns + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: nodelocaldns + namespace: kube-system + labels: + addonmanager.kubernetes.io/mode: EnsureExists + +data: + Corefile: | + {{ pillar['dns_domain'] }}:53 { + errors + cache 30 + reload + loop + bind {{ pillar['local_dns_ip'] }} + forward . {{ pillar['dns_server'] }} { + force_tcp + } + prometheus :9253 + health {{ pillar['local_dns_ip'] }}:8080 + } + in-addr.arpa:53 { + errors + cache 30 + reload + loop + bind {{ pillar['local_dns_ip'] }} + forward . {{ pillar['dns_server'] }} { + force_tcp + } + prometheus :9253 + } + ip6.arpa:53 { + errors + cache 30 + reload + loop + bind {{ pillar['local_dns_ip'] }} + forward . {{ pillar['dns_server'] }} { + force_tcp + } + prometheus :9253 + } + .:53 { + errors + cache 30 + reload + loop + bind {{ pillar['local_dns_ip'] }} + forward . /etc/resolv.conf { + force_tcp + } + prometheus :9253 + } +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nodelocaldns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + selector: + matchLabels: + k8s-app: nodelocaldns + template: + metadata: + labels: + k8s-app: nodelocaldns + spec: + priorityClassName: system-node-critical + serviceAccountName: nodelocaldns + hostNetwork: true + dnsPolicy: Default # Don't use cluster DNS. + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + containers: + - name: node-cache + image: k8s.gcr.io/k8s-dns-node-cache:1.15.0 + resources: + limits: + memory: 30Mi + requests: + cpu: 25m + memory: 5Mi + args: [ "-localip", "{{ pillar['local_dns_ip'] }}", "-conf", "/etc/coredns/Corefile" ] + securityContext: + privileged: true + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9253 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + host: {{ pillar['local_dns_ip'] }} + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + volumeMounts: + - name: config-volume + mountPath: /etc/coredns + volumes: + - name: config-volume + configMap: + name: nodelocaldns + items: + - key: Corefile + path: Corefile + terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed new file mode 100644 index 0000000000..2f990fa301 --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed @@ -0,0 +1,150 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Warning: This is a file generated from the base underscore template file: nodelocaldns.yaml.base + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nodelocaldns + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: nodelocaldns + namespace: kube-system + labels: + addonmanager.kubernetes.io/mode: EnsureExists + +data: + Corefile: | + $DNS_DOMAIN:53 { + errors + cache 30 + reload + loop + bind $LOCAL_DNS_IP + forward . $DNS_SERVER_IP { + force_tcp + } + prometheus :9253 + health $LOCAL_DNS_IP:8080 + } + in-addr.arpa:53 { + errors + cache 30 + reload + loop + bind $LOCAL_DNS_IP + forward . $DNS_SERVER_IP { + force_tcp + } + prometheus :9253 + } + ip6.arpa:53 { + errors + cache 30 + reload + loop + bind $LOCAL_DNS_IP + forward . $DNS_SERVER_IP { + force_tcp + } + prometheus :9253 + } + .:53 { + errors + cache 30 + reload + loop + bind $LOCAL_DNS_IP + forward . /etc/resolv.conf { + force_tcp + } + prometheus :9253 + } +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nodelocaldns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + selector: + matchLabels: + k8s-app: nodelocaldns + template: + metadata: + labels: + k8s-app: nodelocaldns + spec: + priorityClassName: system-node-critical + serviceAccountName: nodelocaldns + hostNetwork: true + dnsPolicy: Default # Don't use cluster DNS. + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + containers: + - name: node-cache + image: k8s.gcr.io/k8s-dns-node-cache:1.15.0 + resources: + limits: + memory: 30Mi + requests: + cpu: 25m + memory: 5Mi + args: [ "-localip", "$LOCAL_DNS_IP", "-conf", "/etc/coredns/Corefile" ] + securityContext: + privileged: true + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9253 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + host: $LOCAL_DNS_IP + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + volumeMounts: + - name: config-volume + mountPath: /etc/coredns + volumes: + - name: config-volume + configMap: + name: nodelocaldns + items: + - key: Corefile + path: Corefile + terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/transforms2salt.sed b/cluster/addons/dns/nodelocaldns/transforms2salt.sed new file mode 100644 index 0000000000..a0f4a79aa9 --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/transforms2salt.sed @@ -0,0 +1,4 @@ +s/__PILLAR__DNS__SERVER__/{{ pillar['dns_server'] }}/g +s/__PILLAR__DNS__DOMAIN__/{{ pillar['dns_domain'] }}/g +s/__PILLAR__LOCAL__DNS__/{{ pillar['local_dns_ip'] }}/g +s/__MACHINE_GENERATED_WARNING__/Warning: This is a file generated from the base underscore template file: __SOURCE_FILENAME__/g diff --git a/cluster/addons/dns/nodelocaldns/transforms2sed.sed b/cluster/addons/dns/nodelocaldns/transforms2sed.sed new file mode 100644 index 0000000000..b27647e7ee --- /dev/null +++ b/cluster/addons/dns/nodelocaldns/transforms2sed.sed @@ -0,0 +1,4 @@ +s/__PILLAR__DNS__SERVER__/$DNS_SERVER_IP/g +s/__PILLAR__DNS__DOMAIN__/$DNS_DOMAIN/g +s/__PILLAR__LOCAL__DNS__/$LOCAL_DNS_IP/g +s/__MACHINE_GENERATED_WARNING__/Warning: This is a file generated from the base underscore template file: __SOURCE_FILENAME__/g diff --git a/cluster/centos/config-default.sh b/cluster/centos/config-default.sh index 4d33d4ab20..e4110fd1a0 100755 --- a/cluster/centos/config-default.sh +++ b/cluster/centos/config-default.sh @@ -108,8 +108,10 @@ export SERVICE_CLUSTER_IP_RANGE=${SERVICE_CLUSTER_IP_RANGE:-"192.168.3.0/24"} # Optional: Install cluster DNS. ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" +ENABLE_NODELOCAL_DNS="${KUBE_ENABLE_NODELOCAL_DNS:-false}" # DNS_SERVER_IP must be a IP in SERVICE_CLUSTER_IP_RANGE DNS_SERVER_IP=${DNS_SERVER_IP:-"192.168.3.100"} +LOCAL_DNS_IP=${LOCAL_DNS_IP:-"169.254.20.10"} DNS_DOMAIN=${DNS_DOMAIN:-"cluster.local"} # Optional: Install Kubernetes UI diff --git a/cluster/centos/deployAddons.sh b/cluster/centos/deployAddons.sh index b19d1cd1ef..d6b95b0d2d 100755 --- a/cluster/centos/deployAddons.sh +++ b/cluster/centos/deployAddons.sh @@ -31,7 +31,7 @@ function deploy_dns { sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" kube-dns.yaml KUBEDNS=`eval "${KUBECTL} get services --namespace=kube-system | grep kube-dns | cat"` - + if [ ! "$KUBEDNS" ]; then # use kubectl to create kube-dns addon ${KUBECTL} --namespace=kube-system create -f kube-dns.yaml @@ -44,6 +44,28 @@ function deploy_dns { echo } +function deploy_nodelocaldns { + echo "Deploying NodeLocalDNS on Kubernetes" + cp "${KUBE_ROOT}/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed" nodelocaldns.yaml + sed -i -e "s/\\\$DNS_DOMAIN/${DNS_DOMAIN}/g" nodelocaldns.yaml + sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" nodelocaldns.yaml + sed -i -e "s/\\\$LOCAL_DNS_IP/${LOCAL_DNS_IP}/g" nodelocaldns.yaml + + NODELOCALDNS=$(${KUBECTL} get pods --namespace=kube-system -o jsonpath='{.items[*].metadata.name}' \ + | tr ' ' "\n" | grep "nodelocaldns") + + if [[ -z "${NODELOCALDNS}" ]]; then + # use kubectl to create nodelocaldns addon + ${KUBECTL} --namespace=kube-system create -f nodelocaldns.yaml + + echo "NodeLocalDNS addon is successfully deployed." + else + echo "NodeLocalDNS addon is already deployed. Skipping." + fi + + echo +} + function deploy_dashboard { echo "Deploying Kubernetes Dashboard" @@ -57,11 +79,14 @@ function deploy_dashboard { } -if [ "${ENABLE_CLUSTER_DNS}" == true ]; then +if [[ "${ENABLE_CLUSTER_DNS}" == "true" ]]; then deploy_dns fi -if [ "${ENABLE_CLUSTER_UI}" == true ]; then +if [[ "${ENABLE_NODELOCAL_DNS}" == "true" ]]; then + deploy_nodelocaldns +fi +if [[ "${ENABLE_CLUSTER_UI}" == "true" ]]; then deploy_dashboard fi diff --git a/cluster/centos/util.sh b/cluster/centos/util.sh index efb1c878b1..36405f190d 100755 --- a/cluster/centos/util.sh +++ b/cluster/centos/util.sh @@ -302,11 +302,16 @@ function post-provision-master() { # DOCKER_OPTS # DNS_SERVER_IP # DNS_DOMAIN +# ENABLE_NODELOCAL_DNS +# LOCAL_DNS_IP function provision-node() { echo "[INFO] Provision node on $1" local node=$1 local node_ip=${node#*@} local dns_ip=${DNS_SERVER_IP#*@} + if [ "${ENABLE_NODELOCAL_DNS}" == true ]; then + dns_ip=${LOCAL_DNS_IP} + fi local dns_domain=${DNS_DOMAIN#*@} ensure-setup-dir ${node} diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index 671c1a5db7..fd2607d9aa 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -198,6 +198,9 @@ if [[ ${ENABLE_NETD:-} == "true" ]]; then NON_MASTER_NODE_LABELS="${NON_MASTER_NODE_LABELS:+${NON_MASTER_NODE_LABELS},}cloud.google.com/gke-netd-ready=true" fi +ENABLE_NODELOCAL_DNS="${KUBE_ENABLE_NODELOCAL_DNS:-false}" +LOCAL_DNS_IP="${KUBE_LOCAL_DNS_IP:-169.254.20.10}" + # Enable metadata concealment by firewalling pod traffic to the metadata server # and run a proxy daemonset on nodes. # diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index c9ce3694c5..7b63d99eb7 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -230,6 +230,8 @@ if [[ ${ENABLE_NETD:-} == "true" ]]; then NON_MASTER_NODE_LABELS="${NON_MASTER_NODE_LABELS:+${NON_MASTER_NODE_LABELS},}cloud.google.com/gke-netd-ready=true" fi +ENABLE_NODELOCAL_DNS="${KUBE_ENABLE_NODELOCAL_DNS:-false}" + # To avoid running Calico on a node that is not configured appropriately, # label each Node so that the DaemonSet can run the Pods only on ready Nodes. if [[ ${NETWORK_POLICY_PROVIDER:-} == "calico" ]]; then @@ -272,6 +274,7 @@ fi CLUSTER_DNS_CORE_DNS="${CLUSTER_DNS_CORE_DNS:-true}" ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" DNS_SERVER_IP="10.0.0.10" +LOCAL_DNS_IP="${KUBE_LOCAL_DNS_IP:-169.254.20.10}" DNS_DOMAIN="cluster.local" # Optional: Enable DNS horizontal autoscaler diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index 411b529b28..94f245b7d3 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -2349,6 +2349,16 @@ EOF fi } +# Sets up the manifests of local dns cache agent for k8s addons. +function setup-nodelocaldns-manifest { + local -r localdns_file="${dst_dir}/dns/nodelocaldns/nodelocaldns.yaml" + mv "${dst_dir}/dns/nodelocaldns/nodelocaldns.yaml.in" "${localdns_file}" + # Replace the salt configurations with variable values. + sed -i -e "s@{{ *pillar\['dns_domain'\] *}}@${DNS_DOMAIN}@g" "${localdns_file}" + sed -i -e "s@{{ *pillar\['dns_server'\] *}}@${DNS_SERVER_IP}@g" "${localdns_file}" + sed -i -e "s@{{ *pillar\['local_dns_ip'\] *}}@${LOCAL_DNS_IP}@g" "${localdns_file}" +} + # Sets up the manifests of netd for k8s addons. function setup-netd-manifest { local -r netd_file="${dst_dir}/netd/netd.yaml" @@ -2520,6 +2530,10 @@ EOF setup-addon-manifests "addons" "dns/kube-dns" setup-kube-dns-manifest fi + if [[ "${ENABLE_NODELOCAL_DNS:-}" == "true" ]]; then + setup-addon-manifests "addons" "dns/nodelocaldns" + setup-nodelocaldns-manifest + fi fi if [[ "${ENABLE_NETD:-}" == "true" ]]; then setup-netd-manifest diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index 0f6af3a2c7..ba63d9bdbf 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -708,6 +708,9 @@ function build-kubelet-config { declare quoted_dns_server_ip declare quoted_dns_domain quoted_dns_server_ip=$(yaml-quote "${DNS_SERVER_IP}") + if [[ "${ENABLE_NODELOCAL_DNS:-}" == "true" ]]; then + quoted_dns_server_ip=$(yaml-quote "${LOCAL_DNS_IP}") + fi quoted_dns_domain=$(yaml-quote "${DNS_DOMAIN}") cat </dev/null || sudo mkdir -p "/var/lib/kubelet" # Enable dns if [[ "${ENABLE_CLUSTER_DNS}" = true ]]; then - dns_args="--cluster-dns=${DNS_SERVER_IP} --cluster-domain=${DNS_DOMAIN}" + if [[ "${ENABLE_NODELOCAL_DNS}" = true ]]; then + dns_args="--cluster-dns=${LOCAL_DNS_IP} --cluster-domain=${DNS_DOMAIN}" + else + dns_args="--cluster-dns=${DNS_SERVER_IP} --cluster-domain=${DNS_DOMAIN}" + fi else # To start a private DNS server set ENABLE_CLUSTER_DNS and # DNS_SERVER_IP/DOMAIN. This will at least provide a working @@ -908,6 +914,25 @@ function start_kubedns { fi } +function start_nodelocaldns { + if [[ "${ENABLE_NODELOCAL_DNS}" = true ]]; then + cp "${KUBE_ROOT}/cluster/addons/dns/nodelocaldns/localdns.yaml.in" nodelocaldns.yaml + sed -i -e "s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g" nodelocaldns.yaml + sed -i -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" nodelocaldns.yaml + sed -i -e "s/{{ pillar\['local_dns_ip'\] }}/${LOCAL_DNS_IP}/g" nodelocaldns.yaml + if [[ -n "${CLUSTER_IP_RANGE:-}" ]]; then + sed -i -e "s@{{ *pillar\['service_cluster_ip_range'\] *}}@${CLUSTER_IP_RANGE}@g" nodelocaldns.yaml + else + sed -i -e "s@{{ *pillar\['service_cluster_ip_range'\] *}}@0.0.0.0@g" nodelocaldns.yaml + fi + # TODO update to dns role once we have one. + # use kubectl to create nodelocaldns addon + ${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" --namespace=kube-system create -f nodelocaldns.yaml + echo "NodeLocalDNS addon successfully deployed." + rm nodelocaldns.yaml + fi +} + function start_kubedashboard { if [[ "${ENABLE_CLUSTER_DASHBOARD}" = true ]]; then echo "Creating kubernetes-dashboard" @@ -1056,6 +1081,7 @@ if [[ "${START_MODE}" != "kubeletonly" ]]; then fi start_kubeproxy start_kubedns + start_nodelocaldns start_kubedashboard fi From 6d7c5e90ede44b355e522a8f17a3c925652cd329 Mon Sep 17 00:00:00 2001 From: Pavithra Ramesh Date: Tue, 13 Nov 2018 15:42:18 -0800 Subject: [PATCH 2/2] Removed .salt template , using .sed template Removed default config options from yaml. Removed unused yaml files --- cluster/addons/dns/nodelocaldns/Makefile | 34 ---- ...delocaldns.yaml.base => nodelocaldns.yaml} | 22 +-- .../dns/nodelocaldns/nodelocaldns.yaml.in | 150 ------------------ .../dns/nodelocaldns/nodelocaldns.yaml.sed | 150 ------------------ .../dns/nodelocaldns/transforms2salt.sed | 4 - .../dns/nodelocaldns/transforms2sed.sed | 4 - cluster/centos/config-default.sh | 2 - cluster/centos/deployAddons.sh | 31 +--- cluster/centos/util.sh | 5 - cluster/gce/gci/configure-helper.sh | 11 +- hack/local-up-cluster.sh | 30 ++-- 11 files changed, 28 insertions(+), 415 deletions(-) delete mode 100644 cluster/addons/dns/nodelocaldns/Makefile rename cluster/addons/dns/nodelocaldns/{nodelocaldns.yaml.base => nodelocaldns.yaml} (89%) delete mode 100644 cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in delete mode 100644 cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed delete mode 100644 cluster/addons/dns/nodelocaldns/transforms2salt.sed delete mode 100644 cluster/addons/dns/nodelocaldns/transforms2sed.sed diff --git a/cluster/addons/dns/nodelocaldns/Makefile b/cluster/addons/dns/nodelocaldns/Makefile deleted file mode 100644 index 7e4b61405e..0000000000 --- a/cluster/addons/dns/nodelocaldns/Makefile +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2018 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Makefile for the kubedns underscore templates to Salt/Pillar and other formats. - -# If you update the *.base templates, please run this Makefile before pushing. -# -# Usage: -# make - -all: transform - -# .base -> .in pattern rule -%.in: %.base - sed -f transforms2salt.sed $< | sed s/__SOURCE_FILENAME__/$ $@ - -# .base -> .sed pattern rule -%.sed: %.base - sed -f transforms2sed.sed $< | sed s/__SOURCE_FILENAME__/$ $@ - -transform: nodelocaldns.yaml.in nodelocaldns.yaml.sed - -.PHONY: transform diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml similarity index 89% rename from cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base rename to cluster/addons/dns/nodelocaldns/nodelocaldns.yaml index c5af1f9b33..fdf0f421ea 100644 --- a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.base +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml @@ -12,12 +12,11 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# __MACHINE_GENERATED_WARNING__ apiVersion: v1 kind: ServiceAccount metadata: - name: nodelocaldns + name: node-local-dns namespace: kube-system labels: kubernetes.io/cluster-service: "true" @@ -27,11 +26,10 @@ metadata: apiVersion: v1 kind: ConfigMap metadata: - name: nodelocaldns + name: node-local-dns namespace: kube-system labels: addonmanager.kubernetes.io/mode: EnsureExists - data: Corefile: | __PILLAR__DNS__DOMAIN__:53 { @@ -83,7 +81,7 @@ data: apiVersion: apps/v1 kind: DaemonSet metadata: - name: nodelocaldns + name: node-local-dns namespace: kube-system labels: k8s-app: kube-dns @@ -92,14 +90,14 @@ metadata: spec: selector: matchLabels: - k8s-app: nodelocaldns + k8s-app: node-local-dns template: metadata: labels: - k8s-app: nodelocaldns + k8s-app: node-local-dns spec: priorityClassName: system-node-critical - serviceAccountName: nodelocaldns + serviceAccountName: node-local-dns hostNetwork: true dnsPolicy: Default # Don't use cluster DNS. tolerations: @@ -116,7 +114,7 @@ spec: memory: 5Mi args: [ "-localip", "__PILLAR__LOCAL__DNS__", "-conf", "/etc/coredns/Corefile" ] securityContext: - privileged: true + privileged: true ports: - containerPort: 53 name: dns @@ -132,19 +130,15 @@ spec: host: __PILLAR__LOCAL__DNS__ path: /health port: 8080 - scheme: HTTP initialDelaySeconds: 60 timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 volumeMounts: - name: config-volume mountPath: /etc/coredns volumes: - name: config-volume configMap: - name: nodelocaldns + name: node-local-dns items: - key: Corefile path: Corefile - terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in deleted file mode 100644 index 34cd9dce85..0000000000 --- a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.in +++ /dev/null @@ -1,150 +0,0 @@ -# Copyright 2018 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Warning: This is a file generated from the base underscore template file: nodelocaldns.yaml.base - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nodelocaldns - namespace: kube-system - labels: - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: nodelocaldns - namespace: kube-system - labels: - addonmanager.kubernetes.io/mode: EnsureExists - -data: - Corefile: | - {{ pillar['dns_domain'] }}:53 { - errors - cache 30 - reload - loop - bind {{ pillar['local_dns_ip'] }} - forward . {{ pillar['dns_server'] }} { - force_tcp - } - prometheus :9253 - health {{ pillar['local_dns_ip'] }}:8080 - } - in-addr.arpa:53 { - errors - cache 30 - reload - loop - bind {{ pillar['local_dns_ip'] }} - forward . {{ pillar['dns_server'] }} { - force_tcp - } - prometheus :9253 - } - ip6.arpa:53 { - errors - cache 30 - reload - loop - bind {{ pillar['local_dns_ip'] }} - forward . {{ pillar['dns_server'] }} { - force_tcp - } - prometheus :9253 - } - .:53 { - errors - cache 30 - reload - loop - bind {{ pillar['local_dns_ip'] }} - forward . /etc/resolv.conf { - force_tcp - } - prometheus :9253 - } ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: nodelocaldns - namespace: kube-system - labels: - k8s-app: kube-dns - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile -spec: - selector: - matchLabels: - k8s-app: nodelocaldns - template: - metadata: - labels: - k8s-app: nodelocaldns - spec: - priorityClassName: system-node-critical - serviceAccountName: nodelocaldns - hostNetwork: true - dnsPolicy: Default # Don't use cluster DNS. - tolerations: - - key: "CriticalAddonsOnly" - operator: "Exists" - containers: - - name: node-cache - image: k8s.gcr.io/k8s-dns-node-cache:1.15.0 - resources: - limits: - memory: 30Mi - requests: - cpu: 25m - memory: 5Mi - args: [ "-localip", "{{ pillar['local_dns_ip'] }}", "-conf", "/etc/coredns/Corefile" ] - securityContext: - privileged: true - ports: - - containerPort: 53 - name: dns - protocol: UDP - - containerPort: 53 - name: dns-tcp - protocol: TCP - - containerPort: 9253 - name: metrics - protocol: TCP - livenessProbe: - httpGet: - host: {{ pillar['local_dns_ip'] }} - path: /health - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 - volumeMounts: - - name: config-volume - mountPath: /etc/coredns - volumes: - - name: config-volume - configMap: - name: nodelocaldns - items: - - key: Corefile - path: Corefile - terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed deleted file mode 100644 index 2f990fa301..0000000000 --- a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed +++ /dev/null @@ -1,150 +0,0 @@ -# Copyright 2018 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Warning: This is a file generated from the base underscore template file: nodelocaldns.yaml.base - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nodelocaldns - namespace: kube-system - labels: - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: nodelocaldns - namespace: kube-system - labels: - addonmanager.kubernetes.io/mode: EnsureExists - -data: - Corefile: | - $DNS_DOMAIN:53 { - errors - cache 30 - reload - loop - bind $LOCAL_DNS_IP - forward . $DNS_SERVER_IP { - force_tcp - } - prometheus :9253 - health $LOCAL_DNS_IP:8080 - } - in-addr.arpa:53 { - errors - cache 30 - reload - loop - bind $LOCAL_DNS_IP - forward . $DNS_SERVER_IP { - force_tcp - } - prometheus :9253 - } - ip6.arpa:53 { - errors - cache 30 - reload - loop - bind $LOCAL_DNS_IP - forward . $DNS_SERVER_IP { - force_tcp - } - prometheus :9253 - } - .:53 { - errors - cache 30 - reload - loop - bind $LOCAL_DNS_IP - forward . /etc/resolv.conf { - force_tcp - } - prometheus :9253 - } ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: nodelocaldns - namespace: kube-system - labels: - k8s-app: kube-dns - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile -spec: - selector: - matchLabels: - k8s-app: nodelocaldns - template: - metadata: - labels: - k8s-app: nodelocaldns - spec: - priorityClassName: system-node-critical - serviceAccountName: nodelocaldns - hostNetwork: true - dnsPolicy: Default # Don't use cluster DNS. - tolerations: - - key: "CriticalAddonsOnly" - operator: "Exists" - containers: - - name: node-cache - image: k8s.gcr.io/k8s-dns-node-cache:1.15.0 - resources: - limits: - memory: 30Mi - requests: - cpu: 25m - memory: 5Mi - args: [ "-localip", "$LOCAL_DNS_IP", "-conf", "/etc/coredns/Corefile" ] - securityContext: - privileged: true - ports: - - containerPort: 53 - name: dns - protocol: UDP - - containerPort: 53 - name: dns-tcp - protocol: TCP - - containerPort: 9253 - name: metrics - protocol: TCP - livenessProbe: - httpGet: - host: $LOCAL_DNS_IP - path: /health - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 - volumeMounts: - - name: config-volume - mountPath: /etc/coredns - volumes: - - name: config-volume - configMap: - name: nodelocaldns - items: - - key: Corefile - path: Corefile - terminationGracePeriodSeconds: 30 diff --git a/cluster/addons/dns/nodelocaldns/transforms2salt.sed b/cluster/addons/dns/nodelocaldns/transforms2salt.sed deleted file mode 100644 index a0f4a79aa9..0000000000 --- a/cluster/addons/dns/nodelocaldns/transforms2salt.sed +++ /dev/null @@ -1,4 +0,0 @@ -s/__PILLAR__DNS__SERVER__/{{ pillar['dns_server'] }}/g -s/__PILLAR__DNS__DOMAIN__/{{ pillar['dns_domain'] }}/g -s/__PILLAR__LOCAL__DNS__/{{ pillar['local_dns_ip'] }}/g -s/__MACHINE_GENERATED_WARNING__/Warning: This is a file generated from the base underscore template file: __SOURCE_FILENAME__/g diff --git a/cluster/addons/dns/nodelocaldns/transforms2sed.sed b/cluster/addons/dns/nodelocaldns/transforms2sed.sed deleted file mode 100644 index b27647e7ee..0000000000 --- a/cluster/addons/dns/nodelocaldns/transforms2sed.sed +++ /dev/null @@ -1,4 +0,0 @@ -s/__PILLAR__DNS__SERVER__/$DNS_SERVER_IP/g -s/__PILLAR__DNS__DOMAIN__/$DNS_DOMAIN/g -s/__PILLAR__LOCAL__DNS__/$LOCAL_DNS_IP/g -s/__MACHINE_GENERATED_WARNING__/Warning: This is a file generated from the base underscore template file: __SOURCE_FILENAME__/g diff --git a/cluster/centos/config-default.sh b/cluster/centos/config-default.sh index e4110fd1a0..4d33d4ab20 100755 --- a/cluster/centos/config-default.sh +++ b/cluster/centos/config-default.sh @@ -108,10 +108,8 @@ export SERVICE_CLUSTER_IP_RANGE=${SERVICE_CLUSTER_IP_RANGE:-"192.168.3.0/24"} # Optional: Install cluster DNS. ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" -ENABLE_NODELOCAL_DNS="${KUBE_ENABLE_NODELOCAL_DNS:-false}" # DNS_SERVER_IP must be a IP in SERVICE_CLUSTER_IP_RANGE DNS_SERVER_IP=${DNS_SERVER_IP:-"192.168.3.100"} -LOCAL_DNS_IP=${LOCAL_DNS_IP:-"169.254.20.10"} DNS_DOMAIN=${DNS_DOMAIN:-"cluster.local"} # Optional: Install Kubernetes UI diff --git a/cluster/centos/deployAddons.sh b/cluster/centos/deployAddons.sh index d6b95b0d2d..b19d1cd1ef 100755 --- a/cluster/centos/deployAddons.sh +++ b/cluster/centos/deployAddons.sh @@ -31,7 +31,7 @@ function deploy_dns { sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" kube-dns.yaml KUBEDNS=`eval "${KUBECTL} get services --namespace=kube-system | grep kube-dns | cat"` - + if [ ! "$KUBEDNS" ]; then # use kubectl to create kube-dns addon ${KUBECTL} --namespace=kube-system create -f kube-dns.yaml @@ -44,28 +44,6 @@ function deploy_dns { echo } -function deploy_nodelocaldns { - echo "Deploying NodeLocalDNS on Kubernetes" - cp "${KUBE_ROOT}/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml.sed" nodelocaldns.yaml - sed -i -e "s/\\\$DNS_DOMAIN/${DNS_DOMAIN}/g" nodelocaldns.yaml - sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" nodelocaldns.yaml - sed -i -e "s/\\\$LOCAL_DNS_IP/${LOCAL_DNS_IP}/g" nodelocaldns.yaml - - NODELOCALDNS=$(${KUBECTL} get pods --namespace=kube-system -o jsonpath='{.items[*].metadata.name}' \ - | tr ' ' "\n" | grep "nodelocaldns") - - if [[ -z "${NODELOCALDNS}" ]]; then - # use kubectl to create nodelocaldns addon - ${KUBECTL} --namespace=kube-system create -f nodelocaldns.yaml - - echo "NodeLocalDNS addon is successfully deployed." - else - echo "NodeLocalDNS addon is already deployed. Skipping." - fi - - echo -} - function deploy_dashboard { echo "Deploying Kubernetes Dashboard" @@ -79,14 +57,11 @@ function deploy_dashboard { } -if [[ "${ENABLE_CLUSTER_DNS}" == "true" ]]; then +if [ "${ENABLE_CLUSTER_DNS}" == true ]; then deploy_dns fi -if [[ "${ENABLE_NODELOCAL_DNS}" == "true" ]]; then - deploy_nodelocaldns -fi -if [[ "${ENABLE_CLUSTER_UI}" == "true" ]]; then +if [ "${ENABLE_CLUSTER_UI}" == true ]; then deploy_dashboard fi diff --git a/cluster/centos/util.sh b/cluster/centos/util.sh index 36405f190d..efb1c878b1 100755 --- a/cluster/centos/util.sh +++ b/cluster/centos/util.sh @@ -302,16 +302,11 @@ function post-provision-master() { # DOCKER_OPTS # DNS_SERVER_IP # DNS_DOMAIN -# ENABLE_NODELOCAL_DNS -# LOCAL_DNS_IP function provision-node() { echo "[INFO] Provision node on $1" local node=$1 local node_ip=${node#*@} local dns_ip=${DNS_SERVER_IP#*@} - if [ "${ENABLE_NODELOCAL_DNS}" == true ]; then - dns_ip=${LOCAL_DNS_IP} - fi local dns_domain=${DNS_DOMAIN#*@} ensure-setup-dir ${node} diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index 94f245b7d3..35ea36142a 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -2351,12 +2351,12 @@ EOF # Sets up the manifests of local dns cache agent for k8s addons. function setup-nodelocaldns-manifest { + setup-addon-manifests "addons" "dns/nodelocaldns" local -r localdns_file="${dst_dir}/dns/nodelocaldns/nodelocaldns.yaml" - mv "${dst_dir}/dns/nodelocaldns/nodelocaldns.yaml.in" "${localdns_file}" - # Replace the salt configurations with variable values. - sed -i -e "s@{{ *pillar\['dns_domain'\] *}}@${DNS_DOMAIN}@g" "${localdns_file}" - sed -i -e "s@{{ *pillar\['dns_server'\] *}}@${DNS_SERVER_IP}@g" "${localdns_file}" - sed -i -e "s@{{ *pillar\['local_dns_ip'\] *}}@${LOCAL_DNS_IP}@g" "${localdns_file}" + # Replace the sed configurations with variable values. + sed -i -e "s/__PILLAR__DNS__DOMAIN__/${DNS_DOMAIN}/g" "${localdns_file}" + sed -i -e "s/__PILLAR__DNS__SERVER__/${DNS_SERVER_IP}/g" "${localdns_file}" + sed -i -e "s/__PILLAR__LOCAL__DNS__/${LOCAL_DNS_IP}/g" "${localdns_file}" } # Sets up the manifests of netd for k8s addons. @@ -2531,7 +2531,6 @@ EOF setup-kube-dns-manifest fi if [[ "${ENABLE_NODELOCAL_DNS:-}" == "true" ]]; then - setup-addon-manifests "addons" "dns/nodelocaldns" setup-nodelocaldns-manifest fi fi diff --git a/hack/local-up-cluster.sh b/hack/local-up-cluster.sh index 7a1be84935..b137b776f9 100755 --- a/hack/local-up-cluster.sh +++ b/hack/local-up-cluster.sh @@ -706,7 +706,7 @@ function start_kubelet { mkdir -p "/var/lib/kubelet" &>/dev/null || sudo mkdir -p "/var/lib/kubelet" # Enable dns if [[ "${ENABLE_CLUSTER_DNS}" = true ]]; then - if [[ "${ENABLE_NODELOCAL_DNS}" = true ]]; then + if [[ "${ENABLE_NODELOCAL_DNS:-}" == "true" ]]; then dns_args="--cluster-dns=${LOCAL_DNS_IP} --cluster-domain=${DNS_DOMAIN}" else dns_args="--cluster-dns=${DNS_SERVER_IP} --cluster-domain=${DNS_DOMAIN}" @@ -915,22 +915,14 @@ function start_kubedns { } function start_nodelocaldns { - if [[ "${ENABLE_NODELOCAL_DNS}" = true ]]; then - cp "${KUBE_ROOT}/cluster/addons/dns/nodelocaldns/localdns.yaml.in" nodelocaldns.yaml - sed -i -e "s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g" nodelocaldns.yaml - sed -i -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" nodelocaldns.yaml - sed -i -e "s/{{ pillar\['local_dns_ip'\] }}/${LOCAL_DNS_IP}/g" nodelocaldns.yaml - if [[ -n "${CLUSTER_IP_RANGE:-}" ]]; then - sed -i -e "s@{{ *pillar\['service_cluster_ip_range'\] *}}@${CLUSTER_IP_RANGE}@g" nodelocaldns.yaml - else - sed -i -e "s@{{ *pillar\['service_cluster_ip_range'\] *}}@0.0.0.0@g" nodelocaldns.yaml - fi - # TODO update to dns role once we have one. - # use kubectl to create nodelocaldns addon - ${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" --namespace=kube-system create -f nodelocaldns.yaml - echo "NodeLocalDNS addon successfully deployed." - rm nodelocaldns.yaml - fi + cp "${KUBE_ROOT}/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml" nodelocaldns.yaml + sed -i -e "s/__PILLAR__DNS__DOMAIN__/${DNS_DOMAIN}/g" nodelocaldns.yaml + sed -i -e "s/__PILLAR__DNS__SERVER__/${DNS_SERVER_IP}/g" nodelocaldns.yaml + sed -i -e "s/__PILLAR__LOCAL__DNS__/${LOCAL_DNS_IP}/g" nodelocaldns.yaml + # use kubectl to create nodelocaldns addon + ${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" --namespace=kube-system create -f nodelocaldns.yaml + echo "NodeLocalDNS addon successfully deployed." + rm nodelocaldns.yaml } function start_kubedashboard { @@ -1081,7 +1073,9 @@ if [[ "${START_MODE}" != "kubeletonly" ]]; then fi start_kubeproxy start_kubedns - start_nodelocaldns + if [[ "${ENABLE_NODELOCAL_DNS:-}" == "true" ]]; then + start_nodelocaldns + fi start_kubedashboard fi