Hypernetes deployment

This document covers the basic depolyment procedure for Hypernetes. If you are looking for detailed depolyment of Kubernetes, refer to https://kubernetes.io/docs/setup/.

Deploy OpenStack with Ceph

Since Hypernetes is working together with OpenStack, a OpenStack cluster must be deployed first. There are a lot of OpenStack deployment solutions, including

Choose any tool you like to deploy a new OpenStack cluster, or you can just re-use your existing OpenStack environment.

Don't forget to deploy neutron L2 agent and Ceph client for Kubernetes nodes.

Deploy Kubernetes

Since Hypernetes is Kubernetes based, you can deploy Hypernetes following the same procedure as kubernetes. Here are some distribution-specific links:

See more at Kubernetes getstarted guide

Deploy KubeStack

KubeStack is an OpenStack network provider for Kubernetes and it is deployed on all Kubernetes masters and nodes.

mkdir -p $GOPATH/src/github.com/hyperhq
cd $GOPATH/src/github.com/hyperhq
git clone https://github.com/hyperhq/kubestack.git
cd kubestack
make && make install

Configure KubeStack

# cat /etc/kubestack.conf
auth-url = http://keystone-server:5000/v2.0
username = admin
password = admin
tenant-name = admin
region = RegionOne
ext-net-id = 

create-monitor = yes
monitor-delay = 1m
monitor-timeout = 30s
monitor-max-retries = 3

plugin-name = ovs
# cat /usr/lib/systemd/system/kubestack.service
Description=OpenStack Network Provider for Kubernetes
After=syslog.target network.target openvswitch.service

ExecStart=/usr/local/bin/kubestack \
  -logtostderr=false -v=4 \
  -port=:4237 \
  -log_dir=/var/log/kubestack \

systemctl start kubestack.service

Configure Kubernetes

Disable selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

Create the service account key

mkdir /var/lib/kubernetes/
openssl genrsa -out /var/lib/kubernetes/serviceaccount.key 2048
chown kube:kube /var/lib/kubernetes/serviceaccount.key

Create Kubernetes log dir

mkdir /var/log/kubernetes
chown kube:kube /var/log/kubernetes
mkdir /var/run/kubernetes/
chown kube:kube /var/run/kubernetes/

Configure etcd

cat >> /etc/etcd/etcd.conf <

Common configs for all Kubernetes services

# cat /etc/kubernetes/config
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=false --log-dir=/var/log/kubernetes"
# journal message level, 0 is debug
# Should this cluster be allowed to run privileged docker containers
# How the controller-manager, scheduler, and proxy find the apiserver

Configure kube-apiserver

# cat /etc/kubernetes/apiserver
# The address on the local server to listen to.
# The port on the local server to listen on.
# KUBE_API_PORT="--port=8080"
# Port minions listen on
# KUBELET_PORT="--kubelet_port=10250"
# Comma separated list of nodes in the etcd cluster
# Address range to use for services
# default admission control policies
# Add your own!

Configure kube-controller-manager

# cat /etc/kubernetes/controller-manager
# The following values are used to configure the Kubernetes controller-manager
# defaults from config and apiserver should be adequate

# Add your own!
KUBE_CONTROLLER_MANAGER_ARGS="--service-account-private-key-file=/var/lib/kubernetes/serviceaccount.key --network-provider=localhost:4237"

Configure kube-proxy

# cat /etc/kubernetes/proxy
# Kubernetes proxy config
# default config should be adequate

# Add your own!

Configure kubelet

# cat /etc/kubernetes/kubelet
# The address for the info server to serve on (set to or "" for all interfaces)
# The port for the info server to serve on
# KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
# location of the api-server
# Add your own!
KUBELET_ARGS="--container-runtime=hyper --network-provider=localhost:4237 --cinder-config=/etc/kubernetes/cinder.conf"

# cat /etc/kubernetes/cinder.conf
auth-url = http://keystone-server:5000/v2.0
username = admin
password = admin
tenant-name = admin
region = RegionOne

keyring = "AQAtqv9V3u4nKRA8Cxfic687DqPW1FV/rly3nw=="

Start services

systemctl restart etcd
systemctl restart hyperd
systemctl restart kubestack
systemctl restart kube-apiserver.service
systemctl restart kube-scheduler.service
systemctl restart kube-controller-manager.service
systemctl restart kubelet.service
systemctl restart kube-proxy