XMLWordPrintable

#### Details

• Type: Epic
• Status: Done
• Resolution: Done
• Fix Version/s: None
• Component/s: None
• Labels:
• Epic Name:
• Story Points:
20
• WBS:
02C.07.09
• Team:
Data Facility
• Cycle:
Spring 2018

#### Description

Upgrade interim Kubernetes service for development use. Per conversations with the SLAC and SQuaRE teams, this will involve investigating Kubernetes versions with desired capabilities and installing requested system software and services on PDAC nodes. Ongoing administration is not covered in this epic.

#### Activity

Hide
Steve Pietrowicz added a comment -

Kubernetes 1.9.3 installed here late this afternoon.  That all works. I ran the multicast test with the Weave 1.7 overlay and that worked fine too.   Installed the dashboard, and that responded as well.  I say "responded" because I did that via wget, and not the browser, since I'm on a VPN here, and wasn't able to test it fully.  The VPN is something to keep in mind for the iptables rules for those systems.  I don't know how they're set since I don't have access to them, but we don't want that exposed on the open internet.  Doing the dashboard via a VPN would be a better choice, I think.

Show
Steve Pietrowicz added a comment - Kubernetes 1.9.3 installed here late this afternoon.  That all works. I ran the multicast test with the Weave 1.7 overlay and that worked fine too.   Installed the dashboard, and that responded as well.  I say "responded" because I did that via wget, and not the browser, since I'm on a VPN here, and wasn't able to test it fully.  The VPN is something to keep in mind for the iptables rules for those systems.  I don't know how they're set since I don't have access to them, but we don't want that exposed on the open internet.  Doing the dashboard via a VPN would be a better choice, I think.
Hide
Steve Pietrowicz added a comment -

I'm seeing an issue here with 1.9.3 as the control plane and client, and 1.9.2 client with 1.9.3 control plane  I'm trying to track this down, and retesting something for 1.9.2's control plane with 1.9.2 client to be sure.  I'll update here.

Show
Steve Pietrowicz added a comment - I'm seeing an issue here with 1.9.3 as the control plane and client, and 1.9.2 client with 1.9.3 control plane  I'm trying to track this down, and retesting something for 1.9.2's control plane with 1.9.2 client to be sure.  I'll update here.
Hide
Steve Pietrowicz added a comment -

This was an issue where there was a race condition between when the firewall rules were set by kubernetes and when additional rules were put into place by puppet.  An additional rule for port 6443 had to be introduced.   This was tested under all configs listed above and works fine.

Show
Steve Pietrowicz added a comment - This was an issue where there was a race condition between when the firewall rules were set by kubernetes and when additional rules were put into place by puppet.  An additional rule for port 6443 had to be introduced.   This was tested under all configs listed above and works fine.
Hide
Fritz Mueller added a comment - - edited

Hello Andrew Loftus [X], we will need to add the line:

 Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"

...to the top section of /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on the pdac nodes, if this file is under puppet control?

Additionally, we will need the kubelet systemd service enabled and started on all the nodes if systemd services are under puppet control?

Show
Fritz Mueller added a comment - - edited Hello Andrew Loftus [X] , we will need to add the line: Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false" ...to the top section of /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on the pdac nodes, if this file is under puppet control? Additionally, we will need the kubelet systemd service enabled and started on all the nodes if systemd services are under puppet control?
Hide
Joel Plutchak (Inactive) added a comment -

Kubernetes installation has been up and running. Initial configuration changes in place and stable.

Show
Joel Plutchak (Inactive) added a comment - Kubernetes installation has been up and running. Initial configuration changes in place and stable.

#### People

Assignee:
Andrew Loftus [X] (Inactive)
Reporter:
Joel Plutchak (Inactive)
Watchers:
Andrew Loftus [X] (Inactive), Bill Glick [X] (Inactive), Fritz Mueller, Gregory Dubois-Felsmann, Jacob Rundall, Joel Plutchak (Inactive), Steve Pietrowicz, Xiuqin Wu [X] (Inactive)
0 Vote for this issue
Watchers:
8 Start watching this issue

#### Dates

Created:
Updated:
Resolved:
Start date:
End date:

#### Jenkins

No builds found.