oci-cloud-controller-manager
is a Kubernetes Cloud Controller Manager
implementation (or out-of-tree cloud-provider) for Oracle Cloud
Infrastucture (OCI).
WARNING: this project is under active development and should be considered alpha.
External cloud providers were introduced as an Alpha feature in Kubernetes 1.6 with the addition of the Cloud Controller Manager binary. External cloud providers are Kubernetes (master) controllers that implement the cloud-provider specific control loops required for Kubernetes to function.
This functionality is implemented in-tree in the kube-controller-manger
binary
for existing cloud-providers (e.g. AWS, GCE, etc.), however, in-tree
cloud-providers have entered maintenance mode and no additional providers will
be accepted. Furthermore, there is an ongoing effort to remove all existing
cloud-provider specific code out of the Kubernetes codebase.
Kubernetes < 1.7.2 | Kubernetes 1.7.{2..5} | Kubernetes 1.7.{6..} | Kubernetes 1.8.* | |
---|---|---|---|---|
v 0.1 | ✗ | † | ✓ | ✓ |
Key:
✓
oci-cloud-controller-manager is fully compatible.†
oci-cloud-controller-manager is compatible but requires the--provider-id
flag to be set on the Kubelet of all nodes in the cluster.✗
oci-cloud-controller-manager is not compatible.
Currently oci-cloud-controller-manager
implements:
- NodeController - updates nodes with cloud provider specific labels and addresses, also deletes kubernetes nodes when deleted from the cloud-provider.
- ServiceController - responsible for creating load balancers when a service
of
type: LoadBalancer
is created in Kubernetes.
To get the CCM running in your Kubernetes cluster you will need to do the following:
- Prepare your Kubernetes cluster for running an external cloud provider.
- Create a Kubernetes secret containing the configuration for the CCM.
- Deploy the CCM as a DaemonSet.
To deploy the Cloud Controller Manager (CCM) your cluster must be configured to use an external cloud-provider.
This involves:
- Setting the
--cloud-provider=external
flag on thekubelet
on all nodes in your cluster. - Setting the
--cloud-provider=external
flag on thekube-controller-manager
in your Kubernetes control plane.
Depending on how kube-proxy is run you may need the following:
- Ensuring that
kube-proxy
tolerates the uninitialised cloud taint. The following should appear in thekube-proxy
pod yaml:
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
If your cluster was created using kubeadm
>= v1.7.2 this toleration will
already be applied. See kubernetes/kubernetes#49017 for details.
Remember to restart any components that you have reconfigured before continuing.
An example configuration file can be found here. Download this file and populate it with values specific to your chosen OCI identity and tenancy. Then create the Kubernetes secret with the following command:
$ kubectl create secret generic oci-cloud-controller-manager \
-n kube-system \
--from-file=cloud-provider.yaml=cloud-provider-example.yaml
Note that you must ensure the secret contains the key cloud-provider.yaml
rather than the name of the file on disk.
Lastly deploy the controller manager and associated RBAC rules if your cluster is configured to use RBAC:
$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/oci-cloud-controller-manager.yaml
$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/oci-cloud-controller-manager-rbac.yaml
Check the CCM logs to ensure it's running correctly:
$ kubectl -n kube-system get po | grep oci
oci-cloud-controller-manager-ds-k2txq 1/1 Running 0 19s
$ kubectl -n kube-system logs oci-cloud-controller-manager-ds-k2txq
I0905 13:44:51.785964 7 flags.go:52] FLAG: --address="0.0.0.0"
I0905 13:44:51.786063 7 flags.go:52] FLAG: --allocate-node-cidrs="false"
I0905 13:44:51.786074 7 flags.go:52] FLAG: --alsologtostderr="false"
I0905 13:44:51.786078 7 flags.go:52] FLAG: --cloud-config="/etc/oci/cloud-config.cfg"
I0905 13:44:51.786083 7 flags.go:52] FLAG: --cloud-provider="oci"
See DEVELOPMENT.md.
If you think you've found a bug, please raise an issue.
oci-cloud-controller-manager
is an open source project. See CONTRIBUTING for
details.
Oracle gratefully acknowledges the contributions to this project that have been made by the community.
Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
oci-cloud-controller-manager
is licensed under the Apache License 2.0.
See LICENSE for more details.