Manually enforce kube-proxy for kubeadm deploy

This commit is contained in:
Matthew Mosesohn 2017-09-24 19:47:36 +01:00
parent 4a9ebee765
commit 05e5bc79f1
2 changed files with 67 additions and 0 deletions

View file

@ -18,6 +18,17 @@
with_items: ['deploy', 'svc'] with_items: ['deploy', 'svc']
tags: upgrade tags: upgrade
- name: Kubernetes Apps | Ensure kubeadm kube-proxy
kube:
name: "kube-proxy"
namespace: "{{ system_namespace }}"
kubectl: "{{bin_dir}}/kubectl"
resource: "daemonset"
state: latest
when:
- kubeadm_enabled|default(false)
- inventory_hostname == groups['kube-master'][0]
- name: Kubernetes Apps | Delete kubeadm kubedns - name: Kubernetes Apps | Delete kubeadm kubedns
kube: kube:
name: "kubedns" name: "kubedns"

View file

@ -0,0 +1,56 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
labels:
k8s-app: kube-proxy
name: kube-proxy
namespace: {{ system_namespace }}
spec:
selector:
matchLabels:
k8s-app: kube-proxy
template:
metadata:
labels:
k8s-app: kube-proxy
spec:
containers:
- command:
- /usr/local/bin/kube-proxy
- --kubeconfig=/var/lib/kube-proxy/kubeconfig.conf
- --cluster-cidr=10.233.64.0/18
image: {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
name: kube-proxy
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/lib/kube-proxy
name: kube-proxy
- mountPath: /run/xtables.lock
name: xtables-lock
dnsPolicy: ClusterFirst
hostNetwork: true
restartPolicy: Always
serviceAccount: kube-proxy
serviceAccountName: kube-proxy
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
volumes:
- configMap:
defaultMode: 420
name: kube-proxy
name: kube-proxy
- hostPath:
path: /run/xtables.lock
name: xtables-lock
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate