Created
September 7, 2017 11:33
-
-
Save lukaszo/5c461b49b1003ccf769b525f9e555602 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Demo: https://asciinema.org/a/CEKNMeeG3ef7Mkg92uAS3MO7f | |
# REUIREMENTS: | |
# https://github.com/lukaszo/kubernetes-dind-federation | |
# kubefed, kubectl and hyperkube in path | |
# deploying two k8s clusters | |
CLUSTER_NAME=federation1 dind/dind-up-cluster.sh | |
CLUSTER_NAME=federation2 IP_RANGE=172.128.0.0/16 APISERVER_ADDRESS=172.128.0.1 dind/dind-up-cluster.sh | |
kubectl config use-context federation1 | |
# starting externalipcontroller(https://github.com/Mirantis/k8s-externalipcontroller) in both clusters | |
kubectl create -f - <<EOF | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1alpha1 | |
metadata: | |
name: system:serviceaccounts | |
subjects: | |
- kind: Group | |
name: system:serviceaccounts | |
roleRef: | |
kind: ClusterRole | |
name: cluster-admin | |
apiGroup: rbac.authorization.k8s.io | |
EOF | |
kubectl create --context=federation2 -f - <<EOF | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1alpha1 | |
metadata: | |
name: system:serviceaccounts | |
subjects: | |
- kind: Group | |
name: system:serviceaccounts | |
roleRef: | |
kind: ClusterRole | |
name: cluster-admin | |
apiGroup: rbac.authorization.k8s.io | |
EOF | |
kubectl create -f - <<EOF | |
apiVersion: extensions/v1beta1 | |
kind: DaemonSet | |
metadata: | |
name: claimcontroller | |
spec: | |
template: | |
metadata: | |
labels: | |
app: externalipcontroller | |
spec: | |
hostNetwork: true | |
containers: | |
- name: externalipcontroller | |
image: yashulyak/k8s-externalipcontroller | |
imagePullPolicy: IfNotPresent | |
securityContext: | |
privileged: true | |
command: | |
- ipmanager | |
- claimcontroller | |
# iface is environment specific | |
- --iface=docker0 | |
- --logtostderr | |
- --v=5 | |
- --hb=500ms | |
EOF | |
kubectl create --context=federation2 -f - <<EOF | |
apiVersion: extensions/v1beta1 | |
kind: DaemonSet | |
metadata: | |
name: claimcontroller | |
spec: | |
template: | |
metadata: | |
labels: | |
app: externalipcontroller | |
spec: | |
hostNetwork: true | |
containers: | |
- name: externalipcontroller | |
image: yashulyak/k8s-externalipcontroller | |
imagePullPolicy: IfNotPresent | |
securityContext: | |
privileged: true | |
command: | |
- ipmanager | |
- claimcontroller | |
# iface is environment specific | |
- --iface=docker0 | |
- --logtostderr | |
- --v=5 | |
- --hb=500ms | |
EOF | |
kubectl create -f - <<EOF | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: claimscheduler | |
spec: | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
app: claimscheduler | |
spec: | |
containers: | |
- name: externalipcontroller | |
image: yashulyak/k8s-externalipcontroller | |
imagePullPolicy: IfNotPresent | |
command: | |
- ipmanager | |
- scheduler | |
- --mask=24 | |
- --logtostderr | |
- --v=5 | |
- --leader-elect=true | |
- --monitor=1s | |
- --nodefilter=fair | |
EOF | |
kubectl create --context=federation2 -f - <<EOF | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: claimscheduler | |
spec: | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
app: claimscheduler | |
spec: | |
containers: | |
- name: externalipcontroller | |
image: yashulyak/k8s-externalipcontroller | |
imagePullPolicy: IfNotPresent | |
command: | |
- ipmanager | |
- scheduler | |
- --mask=24 | |
- --logtostderr | |
- --v=5 | |
- --leader-elect=true | |
- --monitor=1s | |
- --nodefilter=fair | |
EOF | |
kubectl create -f -<< EOF | |
apiVersion: ipcontroller.ext/v1 | |
kind: IpClaimPool | |
metadata: | |
name: test-pool | |
spec: | |
cidr: 192.168.0.248/29 | |
ranges: | |
- - 192.168.0.249 | |
- 192.168.0.250 | |
- - 192.168.0.252 | |
- 192.168.0.253 | |
EOF | |
kubectl create --context=federation2 -f - <<EOF | |
apiVersion: ipcontroller.ext/v1 | |
kind: IpClaimPool | |
metadata: | |
name: test-pool | |
spec: | |
cidr: 192.168.10.248/29 | |
ranges: | |
- - 192.168.10.249 | |
- 192.168.10.250 | |
- - 192.168.10.252 | |
- 192.168.10.253 | |
EOF | |
# Adding routes to the IpClaimPool addresses | |
# this part is network specific, in my case I just need to add address from ClaimPool to the docker bridge | |
fed1_br=br-`docker network ls | grep federation1 | awk '{print $1}'` | |
sudo ip addr add 192.168.0.14/24 dev $fed1_br | |
fed2_br=br-`docker network ls | grep federation2 | awk '{print $1}'` | |
sudo ip addr add 192.168.10.14/24 dev $fed2_br | |
# deploying federation | |
FEDERATION_IMAGE=lukaszo/hyperkube:1.7 CLUSTER_NAME=federation1 dind/dind-deploy-federation.sh | |
kubefed join federation2 --host-cluster-context=federation1 --context=federation | |
# wait for clusters to be ready | |
kubectl get cluster --context=federation | |
# create ns | |
kubectl --context=federation create ns default | |
kbectl --context=federation run my-nginx --image=nginx --replicas=2 --port=80 | |
kubectl --context=federation expose deployment my-nginx --port=80 --type=LoadBalancer | |
nslookup my-nginx.default.federation.svc.example.com 172.28.7.2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment