From 564c0160bf813924fe56ae653fea7e1a5cec6c6f Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Sun, 27 Aug 2017 17:20:29 -0700 Subject: [PATCH] Add heapster, dashboard, and CLUO addons --- addons/cluo/update-agent.yaml | 56 ++++++++++++++++++++++++++++ addons/cluo/update-operator.yaml | 22 +++++++++++ addons/dashboard/deployment.yaml | 32 ++++++++++++++++ addons/dashboard/service.yaml | 15 ++++++++ addons/heapster/deployment.yaml | 63 ++++++++++++++++++++++++++++++++ addons/heapster/service.yaml | 15 ++++++++ docs/addons/cluo.md | 29 +++++++++++++-- docs/addons/dashboard.md | 24 +++++++++++- docs/addons/heapster.md | 19 +++++++++- 9 files changed, 268 insertions(+), 7 deletions(-) create mode 100644 addons/cluo/update-agent.yaml create mode 100644 addons/cluo/update-operator.yaml create mode 100644 addons/dashboard/deployment.yaml create mode 100644 addons/dashboard/service.yaml create mode 100644 addons/heapster/deployment.yaml create mode 100644 addons/heapster/service.yaml diff --git a/addons/cluo/update-agent.yaml b/addons/cluo/update-agent.yaml new file mode 100644 index 00000000..2eb75967 --- /dev/null +++ b/addons/cluo/update-agent.yaml @@ -0,0 +1,56 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: container-linux-update-agent + namespace: kube-system +spec: + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + app: container-linux-update-agent + spec: + containers: + - name: update-agent + image: quay.io/coreos/container-linux-update-operator:v0.3.1 + command: + - "/bin/update-agent" + volumeMounts: + - mountPath: /var/run/dbus + name: var-run-dbus + - mountPath: /etc/coreos + name: etc-coreos + - mountPath: /usr/share/coreos + name: usr-share-coreos + - mountPath: /etc/os-release + name: etc-os-release + env: + # read by update-agent as the node name to manage reboots for + - name: UPDATE_AGENT_NODE + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + volumes: + - name: var-run-dbus + hostPath: + path: /var/run/dbus + - name: etc-coreos + hostPath: + path: /etc/coreos + - name: usr-share-coreos + hostPath: + path: /usr/share/coreos + - name: etc-os-release + hostPath: + path: /etc/os-release diff --git a/addons/cluo/update-operator.yaml b/addons/cluo/update-operator.yaml new file mode 100644 index 00000000..c74ce574 --- /dev/null +++ b/addons/cluo/update-operator.yaml @@ -0,0 +1,22 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: container-linux-update-operator + namespace: kube-system +spec: + replicas: 1 + template: + metadata: + labels: + app: container-linux-update-operator + spec: + containers: + - name: update-operator + image: quay.io/coreos/container-linux-update-operator:v0.3.1 + command: + - "/bin/update-operator" + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace diff --git a/addons/dashboard/deployment.yaml b/addons/dashboard/deployment.yaml new file mode 100644 index 00000000..3991836f --- /dev/null +++ b/addons/dashboard/deployment.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: kubernetes-dashboard + namespace: kube-system +spec: + replicas: 1 + template: + metadata: + labels: + name: kubernetes-dashboard + phase: prod + spec: + containers: + - name: kubernetes-dashboard + image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.6.1 + ports: + - name: http + containerPort: 9090 + resources: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 100Mi + livenessProbe: + httpGet: + path: / + port: 9090 + initialDelaySeconds: 30 + timeoutSeconds: 30 diff --git a/addons/dashboard/service.yaml b/addons/dashboard/service.yaml new file mode 100644 index 00000000..9d8a2bfb --- /dev/null +++ b/addons/dashboard/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: kubernetes-dashboard + namespace: kube-system +spec: + type: ClusterIP + selector: + name: kubernetes-dashboard + phase: prod + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 9090 diff --git a/addons/heapster/deployment.yaml b/addons/heapster/deployment.yaml new file mode 100644 index 00000000..f42465db --- /dev/null +++ b/addons/heapster/deployment.yaml @@ -0,0 +1,63 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: heapster + namespace: kube-system + labels: + k8s-app: heapster + kubernetes.io/cluster-service: "true" + version: v1.4.0 +spec: + replicas: 1 + selector: + matchLabels: + k8s-app: heapster + version: v1.4.0 + template: + metadata: + labels: + k8s-app: heapster + version: v1.4.0 + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + containers: + - name: heapster + image: gcr.io/google_containers/heapster-amd64:v1.4.0 + command: + - /heapster + - --source=kubernetes.summary_api:'' + livenessProbe: + httpGet: + path: /healthz + port: 8082 + scheme: HTTP + initialDelaySeconds: 180 + timeoutSeconds: 5 + - name: heapster-nanny + image: gcr.io/google_containers/addon-resizer:2.0 + command: + - /pod_nanny + - --cpu=80m + - --extra-cpu=0.5m + - --memory=140Mi + - --extra-memory=4Mi + - --deployment=heapster-v1.4.0 + - --container=heapster + - --poll-period=300000 + env: + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + limits: + cpu: 50m + memory: 90Mi + requests: + cpu: 50m + memory: 90Mi diff --git a/addons/heapster/service.yaml b/addons/heapster/service.yaml new file mode 100644 index 00000000..5dd622b5 --- /dev/null +++ b/addons/heapster/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: heapster + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "Heapster" +spec: + type: ClusterIP + selector: + k8s-app: heapster + ports: + - port: 80 + targetPort: 8082 diff --git a/docs/addons/cluo.md b/docs/addons/cluo.md index 677bce9a..0d091bcb 100644 --- a/docs/addons/cluo.md +++ b/docs/addons/cluo.md @@ -1,6 +1,29 @@ # Container Linux Update Operator -More aptly named "Container Linux Reboot Coordinator". +The [Container Linux Update Operator](https://github.com/coreos/container-linux-update-operator) (i.e. CLUO) coordinates reboots of auto-updating Container Linux nodes so that one node reboots at a time and nodes are drained before reboot. CLUO enables the auto-update behavior Container Linux clusters are known for, but does so in a Kubernetes native way. + +## Create + +Create the `update-operator` deployment and `update-agent` DaemonSet. + +```sh +kubectl apply -f addons/cluo -R +``` + +## Usage + +`update-agent` runs as a DaemonSet and annotates a node when `update-engine.service` indiates an update has been installed and a reboot is needed. It also adds additional labels and annotations to nodes. + +``` +$ kubectl get nodes --show-labels +... +container-linux-update.v1.coreos.com/group=stable +container-linux-update.v1.coreos.com/version=1465.6.0 +``` + +`update-operator` ensures one node reboots at a time and that pods are drained prior to reboot. + +!!! note "" + CLUO replaces `locksmithd` reboot coordination. The `update_engine` systemd unit on hosts still performs the Container Linux update check, download, and install to the inactive partition. + -!!! bug "In Progress" - These docs haven't been completed yet. diff --git a/docs/addons/dashboard.md b/docs/addons/dashboard.md index 6acf601b..c128b5e2 100644 --- a/docs/addons/dashboard.md +++ b/docs/addons/dashboard.md @@ -1,4 +1,24 @@ # Kubernetes Dashboard -!!! bug "In Progress" - These docs haven't been completed yet. +The Kubernetes [Dashboard](https://github.com/kubernetes/dashboard) provides a web UI to manage a Kubernetes cluster for those who prefer an alternative to `kubectl`. + +## Create + +Create the dashboard deployment and service. + +``` +kubectl apply -f addons/dashboard -R +``` + +## Access + +Use `kubectl` to authenticate to the apiserver and create a local port forward to the remote port on the dashboard pod. + +```sh +kubectl get pods -n kube-system +kubectl port-forward POD [LOCAL_PORT:]REMOTE_PORT +kubectl port-forward kubernetes-dashboard-id 9090 -n kube-system +``` + +!!! tip + If you'd like to expose the Dashboard via Ingress and add authentication, use a suitable OAuth2 proxy sidecar and pick your favorite OAuth2 provider. diff --git a/docs/addons/heapster.md b/docs/addons/heapster.md index 94e4a979..0ec61280 100644 --- a/docs/addons/heapster.md +++ b/docs/addons/heapster.md @@ -1,4 +1,19 @@ # Heapster -!!! bug "In Progress" - These docs haven't been moved over yet. +[Heapster](https://kubernetes.io/docs/user-guide/monitoring/) collects data from apiservers and kubelets and exposes it through a REST API. This API powers the `kubectl top` command and Kubernetes dashbard graphs. + +## Create + +```sh +kubectl apply -f addons/heapster -R +``` + +## Usage + +Allow heapster to run for a few minutes, then check CPU and memory usage. + +```sh +kubectl top node +kubectl top pod +``` +