Change node-role.kubernetes.io from master to control-plane (#7183)

This commit is contained in:
Florian Ruynat 2021-01-21 17:13:03 +01:00 committed by GitHub
parent 24ceee134e
commit 222a77dfe7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 68 additions and 6 deletions

View file

@ -94,6 +94,10 @@ ingress_publish_status_address: ""
# operator: "Equal"
# value: ""
# effect: "NoSchedule"
# - key: "node-role.kubernetes.io/control-plane"
# operator: "Equal"
# value: ""
# effect: "NoSchedule"
# ingress_nginx_namespace: "ingress-nginx"
# ingress_nginx_insecure_port: 80
# ingress_nginx_secure_port: 443

View file

@ -31,6 +31,8 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% if dns_extra_tolerations | default(None) %}
{{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
{% endif %}
@ -46,7 +48,11 @@ spec:
- weight: 100
preference:
matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In
values:
- ""

View file

@ -219,6 +219,8 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %}
---
@ -316,4 +318,6 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %}

View file

@ -40,8 +40,9 @@ spec:
kubernetes.io/os: linux
tolerations:
- effect: NoSchedule
operator: Equal
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
@ -54,7 +55,11 @@ spec:
- weight: 100
preference:
matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In
values:
- ""

View file

@ -36,7 +36,11 @@ spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
tolerations:
- key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
@ -44,6 +48,9 @@ spec:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
volumes:
- name: cfg
secret:

View file

@ -21,8 +21,8 @@ spec:
priorityClassName: system-cluster-critical
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Equal"
value: "true"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
effect: "NoSchedule"
containers:
- name: csi-provisioner

View file

@ -19,11 +19,18 @@ spec:
spec:
serviceAccountName: vsphere-csi-controller
nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
tolerations:
- operator: "Exists"
key: node-role.kubernetes.io/master
effect: NoSchedule
- operator: "Exists"
key: node-role.kubernetes.io/control-plane
effect: NoSchedule
dnsPolicy: "Default"
containers:
- name: csi-attacher

View file

@ -24,7 +24,11 @@ spec:
k8s-app: openstack-cloud-controller-manager
spec:
nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
securityContext:
runAsUser: 1001
tolerations:
@ -33,6 +37,8 @@ spec:
effect: NoSchedule
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
serviceAccountName: cloud-controller-manager
containers:
- name: openstack-cloud-controller-manager

View file

@ -24,7 +24,11 @@ spec:
k8s-app: vsphere-cloud-controller-manager
spec:
nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
securityContext:
runAsUser: 0
tolerations:
@ -33,6 +37,8 @@ spec:
effect: NoSchedule
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
serviceAccountName: cloud-controller-manager
containers:
- name: vsphere-cloud-controller-manager

View file

@ -16,7 +16,8 @@ spec:
helmValues:
tolerations:
- key: "node-role.kubernetes.io/master"
operator: Equal
effect: NoSchedule
- key: "node-role.kubernetes.io/control-plane"
effect: NoSchedule
deploymentTool: amb-oper-kubespray
{% if ingress_ambassador_host_network %}
@ -34,4 +35,4 @@ spec:
port: 443
hostPort: {{ ingress_ambassador_secure_port }}
targetPort: 8443
protocol: TCP
protocol: TCP

View file

@ -345,6 +345,8 @@ spec:
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
---
apiVersion: apps/v1
kind: Deployment

View file

@ -126,6 +126,8 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %}
affinity:
nodeAffinity:
@ -133,7 +135,11 @@ spec:
- weight: 100
preference:
matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In
values:
- ""

View file

@ -26,6 +26,8 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
priorityClassName: system-cluster-critical
containers:
- name: calico-kube-controllers

View file

@ -226,7 +226,7 @@
# FIXME(mattymo): from docs: If you don't want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file.
- name: kubeadm | Remove taint for master with node role
command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node-role.kubernetes.io/master:NoSchedule-"
command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node-role.kubernetes.io/master:NoSchedule- node-role.kubernetes.io/control-plane:NoSchedule-"
delegate_to: "{{ groups['kube-master'] | first }}"
when: inventory_hostname in groups['kube-node']
failed_when: false

View file

@ -54,6 +54,9 @@ spec:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
# Since Calico can't network a pod until Typha is up, we need to run Typha itself
# as a host-networked pod.
serviceAccountName: calico-node

View file

@ -414,6 +414,9 @@ spec:
- key: "node-role.kubernetes.io/master"
effect: "NoSchedule"
operator: "Exists"
- key: "node-role.kubernetes.io/control-plane"
effect: "NoSchedule"
operator: "Exists"
serviceAccountName: k8s-nfn-sa
containers:
- name: nfn-operator