The kube cookbook is a Library cookbook that provides custom resources for managing various components of a Kubernetes cluster.
- Chef Infra client 15 or higher
- Ubuntu 16.04+
- Debian 8+
- RHEL 7+
- None
- Add
'kube', '~> 5.0'
to your cookbook'smetadata.rb
. - Use the resources shipped in this cookbook in your recipes the same way you use core Chef resources like file, template, directory, package, etc.
# Master
kube_apiserver 'default' do
service_cluster_ip_range '10.0.0.1/24'
etcd_servers 'http://127.0.0.1:2379'
insecure_bind_address '0.0.0.0' # for convenience
action %w(create start)
end
kube_scheduler 'default' do
master '127.0.0.1:8080'
action %w(create start)
end
kube_controller_manager 'default' do
master '127.0.0.1:8080'
action %w(create start)
end
# Node
kubelet_service 'default' do
api_servers 'http://127.0.0.1:8080'
config '/etc/kubernetes/manifests'
cluster_dns '10.0.0.10'
cluster_domain 'cluster.local'
action %w(create start)
end
kube_proxy 'default' do
master '127.0.0.1:8080'
action %w(create start)
end
The test cookbook ran under test-kitchen provide good usage examples. It is
found in test/cookbooks/kube_test
.
Components for a Kubernetes node:
kubelet
kube_proxy
Components for a Kubernetes master:
kube_apiserver
kube_scheduler
kube_controller_manager
All the above resources will contain the following properties:
remote
- The URL of where a corresponding component's binary can be downloaded. The default value points to the official Kubernetes release URL of each component. Check each resource for the default value of each component.version
- The version of the Kubernetes artifact to pull down. Defaults to'1.7.5'
. NOTE: This will be ignored if you set theremote
property instead.checksum
- The SHA256 hash of the Kubernetes component's binary.run_user
- The user in which to run the Kubernetes user. Defaults to'kubernetes'
.file_ulimit
- The file ulimit value to set for the services - Integer. Defaults to65536
All the above resources will contain the following actions:
create
- Download the Kubernetes component's binary to/usr/bin
.start
- Starts the Kubernetes component managed through a systemd unit.
Each resource' set of unique properties corresponds to the options in the Kubernetes component they represent:
kube_apiserver
- https://github.com/kubernetes/kubernetes.github.io/blob/release-1.7/docs/admin/kube-apiserver.mdkube_controller_manager
- https://github.com/kubernetes/kubernetes.github.io/blob/release-1.7/docs/admin/kube-controller-manager.mdkube_scheduler
- https://github.com/kubernetes/kubernetes.github.io/blob/release-1.7/docs/admin/kube-scheduler.mdkubelet
- https://github.com/kubernetes/kubernetes.github.io/blob/release-1.7/docs/admin/kubelet.mdkube_proxy
- https://github.com/kubernetes/kubernetes.github.io/blob/release-1.7/docs/admin/kube-proxy.md
In general, a command line flag of the form --long-option
will correspond to a
custom resource property called long_option
.
When newer versions of Kubernetes are released, components might introduce and deprecate some commandline flags that are not yet hard-coded as properties.
To add these properties, a wrapper cookbook can be written like the following:
# wrapper-cookbook/metadata.rb
name 'wrapper-cookbook'
depends 'kube', '~> 5.0' # Make sure you have this
# wrapper-cookbook/libraries/apiserver.rb
class KubernetesCookbook::KubeApiserver
property :something_only_in_kubernetes9000
end
The kube_apiserver
resource can now use the new commandline flag available in
Kubernetes v9000 like the following:
# wrapper-cookbook/recipes/default.rb
kube_apiserver 'default' do
something_only_in_kubernetes9000 'someflag'
end
Copyright 2016-2017 Allan Espinosa
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.