Add KRD source code

This changes includes the source code created for the Kubernetes
Reference Deployment(KRD) which helps to provide an automated
mechanism to install and configure Kubernetes services required for
the MultiCloud/K8s plugin.

Change-Id: Ica49566fcd531e25846ed3e5062de2f92ec56f6c
Signed-off-by: Victor Morales <victor.morales@intel.com>
Issue-ID: MULTICLOUD-301

1 files changed, 233 insertions, 0 deletions

diff --git a/vagrant/playbooks/configure-virtlet.yml b/vagrant/playbooks/configure-virtlet.yml
new file mode 100644
index 00000000..fcc33716
--- /dev/null
+++ b/vagrant/playbooks/configure-virtlet.yml
@@ -0,0 +1,233 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: localhost
+  become: yes
+  vars:
+    images_file: /tmp/images.yaml
+  pre_tasks:
+    - name: Load krd variables
+      include_vars:
+        file: krd-vars.yml
+  roles:
+    - andrewrothstein.kubectl
+    - { role: geerlingguy.docker, when: virtlet_source_type == "source" }
+  tasks:
+    - name: create Virtlet binary folder
+      file:
+        state: directory
+        path: "{{ virtlet_dest }}"
+    - name: apply virtlet extraRuntime label
+      command: "/usr/local/bin/kubectl label node {{ item }} extraRuntime=virtlet --overwrite"
+      with_inventory_hostnames: virtlet
+    - name: create image translations confimap file
+      blockinfile:
+        path: "{{ images_file }}"
+        create: yes
+        block: |
+          translations:
+            - name: ubuntu/16.04
+              url: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+            - regexp: 'centos/(\d+)-(\d+)'
+              url: 'https://cloud.centos.org/centos/$1/images/CentOS-$1-x86_64-GenericCloud-$2.qcow2'
+            - name: fedora
+              url: https://download.fedoraproject.org/pub/fedora/linux/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2
+          {% if lookup('env','http_proxy') != "" %}
+          transports:
+            "":
+              proxy: "{{ lookup('env','http_proxy') }}"
+          {% endif %}
+    - name: install image translations configmap
+      shell: "/usr/local/bin/kubectl create configmap -n kube-system virtlet-image-translations --from-file {{ images_file }} --dry-run -o yaml | /usr/local/bin/kubectl apply -f -"
+      ignore_errors: True
+    - name: create Virtlet folder
+      file:
+        state: directory
+        path: "{{ virtlet_dest }}"
+    - name: getting source code
+      block:
+      - name: clone Virtlet repo
+        git:
+          repo: "{{ virtlet_url }}"
+          dest: "{{ virtlet_dest }}"
+          version: "{{ virtlet_version }}"
+          force: yes
+      - name: configure proxy values for docker service
+        block:
+        - name: create docker config folder
+          file:
+            state: directory
+            path: "/etc/systemd/system/docker.service.d"
+        - name: Configure docker service to use http_proxy env value
+          blockinfile:
+            dest: "/etc/systemd/system/docker.service.d/http-proxy.conf"
+            create: yes
+            block: |
+              [Service]
+              Environment="HTTP_PROXY={{ lookup('env','http_proxy') }}"
+          when:
+            - lookup('env','http_proxy') != "fooproxy"
+        - name: Configure docker service to use https_proxy env value
+          blockinfile:
+            dest: "/etc/systemd/system/docker.service.d/https-proxy.conf"
+            create: yes
+            block: |
+              [Service]
+              Environment="HTTPS_PROXY={{ lookup('env','https_proxy') }}"
+          when:
+            - lookup('env','https_proxy') != "fooproxy"
+        - name: Configure docker service to use no_proxy env value
+          blockinfile:
+            dest: "/etc/systemd/system/docker.service.d/no-proxy.conf"
+            create: yes
+            block: |
+              [Service]
+              Environment="NO_PROXY={{ lookup('env','no_proxy') }}"
+          when:
+            - lookup('env','no_proxy') != "fooproxy"
+        - name: reload systemd
+          command: systemctl daemon-reload
+        - name: restart docker service
+          service:
+            name: docker
+            state: restarted
+        when: lookup('env','http_proxy') != "fooproxy" or lookup('env','https_proxy') != "fooproxy" or lookup('env','no_proxy') != "fooproxy"
+      - name: build virtlet source code
+        command: ./cmd.sh build
+        args:
+          chdir: "{{ virtlet_dest }}/build"
+        environment:
+          http_proxy: "{{ lookup('env','http_proxy') }}"
+          https_proxy: "{{ lookup('env','https_proxy') }}"
+          no_proxy: "{{ lookup('env','no_proxy') }}"
+      when: virtlet_source_type == "source"
+    - name: download virtletctl
+      get_url:
+        url: "{{ virtlet_url }}"
+        dest: "{{ virtlet_dest }}/virtletctl"
+      when: virtlet_source_type == "binary"
+    - name: set virtletctl execution permissions
+      file:
+        path: "{{ virtlet_dest }}/virtletctl"
+        mode: "+x"
+    - name: install virtletctl as kubectl plugin
+      command: "{{ virtlet_dest }}/virtletctl install"
+    - name: create Virtlet k8s objects
+      shell: "/usr/local/bin/kubectl plugin virt gen | /usr/local/bin/kubectl apply -f -"
+      ignore_errors: True
+    - name: wait for Virtlet daemonset
+      shell: "/usr/local/bin/kubectl get ds virtlet -n=kube-system -o=jsonpath --template={.status.numberReady}"
+      register: daemonset
+      until:
+        - '1'
+      retries: 6
+      delay: 10
+
+- hosts: virtlet
+  become: yes
+  tasks:
+    - name: Load krd variables
+      include_vars:
+        file: krd-vars.yml
+    - name: create CRIProxy binary folder
+      file:
+        state: directory
+        path: "{{ criproxy_dest }}"
+    - name: disable AppArmor in all nodes
+      service:
+        name: apparmor
+        state: stopped
+        enabled: no
+      when: ansible_os_family == "Debian"
+    - name: modify args for kubelet service
+      lineinfile:
+        dest: /etc/systemd/system/kubelet.service
+        line: "                --container-runtime=remote --container-runtime-endpoint=unix:///run/criproxy.sock --image-service-endpoint=unix:///run/criproxy.sock --enable-controller-attach-detach=false \\"
+        insertafter: '^ExecStart=/usr/local/bin/kubelet *'
+        state: present
+    - name: create dockershim service
+      blockinfile:
+        path: /etc/systemd/system/dockershim.service
+        create: yes
+        block: |
+          [Unit]
+          Description=dockershim for criproxy
+
+          [Service]
+          EnvironmentFile=-/etc/kubernetes/kubelet.env
+          ExecStartPre=-/bin/mkdir -p /var/lib/kubelet/volume-plugins
+          ExecStart=/usr/local/bin/kubelet --experimental-dockershim --port 11250 \
+                $KUBE_LOGTOSTDERR \
+                $KUBE_LOG_LEVEL \
+                $KUBELET_API_SERVER \
+                $KUBELET_ADDRESS \
+                $KUBELET_PORT \
+                $KUBELET_HOSTNAME \
+                $KUBE_ALLOW_PRIV \
+                $KUBELET_ARGS \
+                $DOCKER_SOCKET \
+                $KUBELET_NETWORK_PLUGIN \
+                $KUBELET_VOLUME_PLUGIN \
+                $KUBELET_CLOUDPROVIDER
+          Restart=always
+          StartLimitInterval=0
+          RestartSec=10
+
+          [Install]
+          RequiredBy=criproxy.service
+    - name: getting source code
+      block:
+      - name: clone CRIProxy repo
+        git:
+          repo: "{{ criproxy_url }}"
+          dest: "{{ criproxy_dest }}"
+          version: "{{ criproxy_version }}"
+          force: yes
+      - name: build criproxy source code
+        command: ./build-package.sh
+        args:
+          chdir: "{{ criproxy_dest }}"
+      when: criproxy_source_type == "source"
+    - name: download CRIproxy package
+      get_url:
+        url: "{{ criproxy_url }}"
+        dest: "{{ criproxy_dest }}/criproxy"
+      when: criproxy_source_type == "binary"
+    - name: set criproxy execution permissions
+      file:
+        path: "{{ criproxy_dest }}/criproxy"
+        mode: "+x"
+    - name: create criproxy service
+      blockinfile:
+        path: /etc/systemd/system/criproxy.service
+        create: yes
+        block: |
+          [Unit]
+          Description=CRI Proxy
+
+          [Service]
+          ExecStart={{ criproxy_dest }}/criproxy -v 3 -logtostderr -connect /var/run/dockershim.sock,virtlet.cloud:/run/virtlet.sock -listen /run/criproxy.sock
+          Restart=always
+          StartLimitInterval=0
+          RestartSec=10
+
+          [Install]
+          WantedBy=kubelet.service
+    - name: start criproxy and dockershim services
+      service:
+        name: "{{ item }}"
+        state: started
+        enabled: yes
+      with_items:
+      - dockershim
+      - criproxy
+    - name: restart kubelet services
+      service:
+        name: kubelet
+        state: restarted