Giuseppe Lavagetto has submitted this change and it was merged. Change subject: kubernetes: introduce 1st-stage worker role ......................................................................
kubernetes: introduce 1st-stage worker role For now, just the docker installation is provided, via a profile::docker::engine that can be potentially reused for labs as well. We also add a simple partman recipe that should work well with this role. Bug: T147181 Change-Id: I213286e00e0e2fb1c9398d734b0bbc0a55ced9f9 --- A hieradata/role/common/kubernetes/worker.yaml A modules/docker/manifests/init.pp A modules/install_server/files/autoinstall/partman/docker-host.cfg A modules/profile/manifests/docker/engine.pp A modules/role/manifests/kubernetes/worker.pp 5 files changed, 198 insertions(+), 0 deletions(-) Approvals: Giuseppe Lavagetto: Looks good to me, approved jenkins-bot: Verified Objections: Yuvipanda: There's a problem with this change, please improve diff --git a/hieradata/role/common/kubernetes/worker.yaml b/hieradata/role/common/kubernetes/worker.yaml new file mode 100644 index 0000000..bda5b48 --- /dev/null +++ b/hieradata/role/common/kubernetes/worker.yaml @@ -0,0 +1,3 @@ +profile::docker::engine::physical_volumes: "/dev/md2" +profile::docker::engine::version: "1.12.2-0~jessie" +profile::docker::engine::proxy: "http://webproxy.%{::site}.wmnet:8080"; diff --git a/modules/docker/manifests/init.pp b/modules/docker/manifests/init.pp new file mode 100644 index 0000000..40a1477 --- /dev/null +++ b/modules/docker/manifests/init.pp @@ -0,0 +1,54 @@ +# == Class docker +# +# Install docker on the host, at the desired version. It allows to choose +# whether to install a version from the official debian repositories or +# from dockerproject.org. It also declares the service +# +# === Parameters +# +# [*version*] The package version to install +# +# [*use_dockerproject*] Whether to use dockerproject.org packages or not. +# +# [*proxy*] If given, it will allow to use a proxy to dockerproject.org +# +class docker($version, $use_dockerproject=true, $proxy=undef){ + if $use_dockerproject { + apt::repository { 'docker': + uri => 'https://apt.dockerproject.org/repo', + dist => 'debian-jessie', + components => 'main', + source => false, + keyfile => 'puppet:///modules/docker/docker.gpg', + } + + $proxy_ensure = $proxy ? { + undef => 'absent', + default => 'present' + } + + apt::conf { 'dockerproject-org-proxy': + ensure => $proxy_ensure, + priority => '80', + key => 'Acquire::http::Proxy::apt.dockerproject.org', + value => $proxy, + } + $package = 'docker-engine' + $absent_package = 'docker.io' + } + else { + $package = 'docker.io' + $absent_package = 'docker-engine' + } + + package { $absent_package: + ensure => absent, + } + package { $package: + ensure => $version, + } + + service { 'docker': + ensure => running, + } +} diff --git a/modules/install_server/files/autoinstall/partman/docker-host.cfg b/modules/install_server/files/autoinstall/partman/docker-host.cfg new file mode 100644 index 0000000..21c5d16 --- /dev/null +++ b/modules/install_server/files/autoinstall/partman/docker-host.cfg @@ -0,0 +1,47 @@ +# Partman recipe for a host running docker +# +# * two disks, sda & sdb +# * layout: +# - / : ext4, RAID1, 30GB +# - swap: RAID1, 1GB +# - free space for the rest under RAID1 - the VG will be created by puppet + +d-i partman-auto/method string raid +d-i partman-md/device_remove_md boolean true + +# Use the first two disks +d-i partman-auto/disk string /dev/sda /dev/sdb + + +# Define physical partitions +d-i partman-auto/expert_recipe string \ + multiraid :: \ + 5000 8000 30000 raid \ + $primary{ } method{ raid } \ + . \ + 1000 2000 1000 raid \ + $primary{ } method{ raid } \ + . \ + 1000 1000 -1 raid \ + $primary{ } method{ raid } \ + . + +# Parameters are: +# <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \ +# <devices> <sparedevices> +d-i partman-auto-raid/recipe string \ + 1 2 0 ext4 / \ + /dev/sda1#/dev/sdb1 \ + . \ + 1 2 0 swap - \ + /dev/sda2#/dev/sdb2 \ + . \ + 1 2 0 ext4 - \ + /dev/sda3#/dev/sdb3 + +d-i partman-md/confirm boolean true +d-i partman-md/confirm_nooverwrite boolean true +d-i partman/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true diff --git a/modules/profile/manifests/docker/engine.pp b/modules/profile/manifests/docker/engine.pp new file mode 100644 index 0000000..224d2cb --- /dev/null +++ b/modules/profile/manifests/docker/engine.pp @@ -0,0 +1,90 @@ +# == Profile docker::engine +# +# Installs docker, along with setting up the volume group needed for the +# devicemapper storage driver to work. +# to work +class profile::docker::engine { + # Parameters that need to be defined in hiera + $physical_volumes = hiera('profile::docker::engine::physical_volumes') + + # Optional parameters + # Volume group to substitute + $vg_to_remove = hiera('profile::docker::engine::vg_to_remove', undef) + $docker_settings = hiera('profile::docker::engine::settings', {}) + # Size of the thin pool and the metadata pool. + $lv_extents = hiera('profile::docker::engine::lv_extents', '95%VG') + $pool_metadata_size = hiera('profile::docker::engine::lvm_metadata_size', undef) + # Version to install; the default is not to pick one. + $docker_version = hiera('profile::docker::engine::version', 'present') + $apt_proxy_settings = hiera('profile::docker::engine::proxy', undef) + $service_ensure = hiera('profile::docker::engine::service', 'running') + + # Install docker + class { 'docker': + version => $docker_version, + proxy_settings => $apt_proxy_settings + } + + # Storage + if $vg_to_remove { + volume_group { $vg_to_remove: + ensure => absent, + physical_volumes => [], + } + } + $basic_lv_params = { + extents => $lv_extents, + thinpool => true, + } + + $lv_params = $pool_metadata_size ? { + undef => $basic_lv_params, + default => merge($basic_lv_params, {'poolmetadatasize' => $pool_metadata_size}), + } + + $logical_volumes = { + 'thinpool' => $lv_params, + } + + lvm::volume_group { 'docker': + ensure => present, + physical_volumes => $physical_volumes, + logical_volumes => $logical_volumes, + } + + file { '/etc/lvm/profile/docker-thinpool.profile': + ensure => present, + owner => 'root', + group => 'root', + source => 'puppet:///modules/profile/docker/lvm.profile', + } + + exec { 'Attach profile to docker thinpool': + command => '/sbin/lvchange --metadataprofile docker-thinpool docker/thinpool', + unless => '/sbin/lvs -o lv_profile docker/thinpool | grep -q docker', + require => [ + File['/etc/lvm/profile/docker-thinpool.profile'], + Logical_volume['thinpool'] + ], + } + + $docker_storage_options = { + 'storage-driver' => 'devicemapper', + 'storage-opts' => [ + 'dm.thinpooldev=/dev/mapper/docker-thinpool', + 'dm.use_deferred_removal=true', + 'dm.use_deferred_deletion=true' + ] + } + + + # Docker config + docker::config { 'thinpool': + settings => merge($docker_settings, $docker_storage_options), + } + + # Service declaration + service { 'docker': + ensure => $service_ensure, + } +} diff --git a/modules/role/manifests/kubernetes/worker.pp b/modules/role/manifests/kubernetes/worker.pp new file mode 100644 index 0000000..bcf2f4a --- /dev/null +++ b/modules/role/manifests/kubernetes/worker.pp @@ -0,0 +1,4 @@ +class role::kubernetes::worker { + # Sets up docker on the machine + include ::profile::docker::engine +} -- To view, visit https://gerrit.wikimedia.org/r/315717 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I213286e00e0e2fb1c9398d734b0bbc0a55ced9f9 Gerrit-PatchSet: 6 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: Mark Bergsma <m...@wikimedia.org> Gerrit-Reviewer: Yuvipanda <yuvipa...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
