Update pre-install verify settings with network checks and etc. (#3504)
* Update pre-install verify settings with network checks and etc. * Remove upstream dns server check. It's bogus
This commit is contained in:
parent
c66d1ad6cb
commit
2117e8167d
1 changed files with 49 additions and 0 deletions
|
@ -153,3 +153,52 @@
|
|||
- 'calico_version_on_server.stdout != ""'
|
||||
- inventory_hostname == groups['kube-master'][0]
|
||||
run_once: yes
|
||||
|
||||
- name: "Check that kube_service_addresses is a network range"
|
||||
assert:
|
||||
that:
|
||||
- kube_service_addresses | ipaddr
|
||||
msg: "kube_service_addresses is not a valid network range"
|
||||
run_once: yes
|
||||
|
||||
- name: "Check that kube_pods_subnet is a network range"
|
||||
assert:
|
||||
that:
|
||||
- kube_pods_subnet | ipaddr
|
||||
msg: "kube_pods_subnet is not a valid network range"
|
||||
run_once: yes
|
||||
|
||||
- name: "Check that kube_pods_subnet does not collide with kube_service_addresses"
|
||||
assert:
|
||||
that:
|
||||
- kube_pods_subnet | ipaddr(kube_service_addresses) | string == 'None'
|
||||
msg: "kube_pods_subnet cannot be the same network segment as kube_service_addresses"
|
||||
run_once: yes
|
||||
|
||||
- name: Stop if unknown dns mode
|
||||
assert:
|
||||
that: dns_mode in ['dnsmasq_kubedns', 'kubedns', 'coredns', 'coredns_dual', 'manual', 'none']
|
||||
msg: "dns_mode can only be 'dnsmasq_kubedns', 'kubedns', 'coredns', 'coredns_dual', 'manual' or 'none'"
|
||||
when: dns_mode is defined
|
||||
run_once: true
|
||||
|
||||
- name: Stop if unknown kube proxy mode
|
||||
assert:
|
||||
that: kube_proxy_mode in ['iptables', 'ipvs']
|
||||
msg: "kube_proxy_mode can only be 'iptables' or 'ipvs'"
|
||||
when: kube_proxy_mode is defined
|
||||
run_once: true
|
||||
|
||||
- name: Stop if unknown cert_management
|
||||
assert:
|
||||
that: cert_management in ['script', 'vault']
|
||||
msg: "cert_management can only be 'script' or 'vault'"
|
||||
when: cert_management is defined
|
||||
run_once: true
|
||||
|
||||
- name: Stop if unknown resolvconf_mode
|
||||
assert:
|
||||
that: resolvconf_mode in ['docker_dns', 'host_resolvconf', 'none']
|
||||
msg: "resolvconf_mode can only be 'docker_dns', 'host_resolvconf' or 'none'"
|
||||
when: resolvconf_mode is defined
|
||||
run_once: true
|
||||
|
|
Loading…
Reference in a new issue