C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Change node-role.kubernetes.io from master to control-plane (#7183)

Browse source
This commit is contained in:
Florian Ruynat 2021-01-21 17:13:03 +01:00 committed by GitHub
parent 24ceee134e
commit 222a77dfe7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 68 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
inventory/sample/group_vars/k8s-cluster/addons.yml
View file

@ -94,6 +94,10 @@ ingress_publish_status_address: ""
# operator: "Equal" # operator: "Equal"
# value: "" # value: ""
# effect: "NoSchedule" # effect: "NoSchedule"
# - key: "node-role.kubernetes.io/control-plane"
# operator: "Equal"
# value: ""
# effect: "NoSchedule"
# ingress_nginx_namespace: "ingress-nginx" # ingress_nginx_namespace: "ingress-nginx"
# ingress_nginx_insecure_port: 80 # ingress_nginx_insecure_port: 80
# ingress_nginx_secure_port: 443 # ingress_nginx_secure_port: 443

6
roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
View file

@ -31,6 +31,8 @@ spec:
tolerations: tolerations:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% if dns_extra_tolerations | default(None) %} {% if dns_extra_tolerations | default(None) %}
{{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }} {{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
{% endif %} {% endif %}
@ -46,7 +48,11 @@ spec:
- weight: 100 - weight: 100
preference: preference:
matchExpressions: matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In operator: In
values: values:
- "" - ""

4
roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
View file

@ -219,6 +219,8 @@ spec:
tolerations: tolerations:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %} {% endif %}
--- ---
@ -316,4 +318,6 @@ spec:
tolerations: tolerations:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %} {% endif %}

7
roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
View file

@ -40,8 +40,9 @@ spec:
kubernetes.io/os: linux kubernetes.io/os: linux
tolerations: tolerations:
- effect: NoSchedule - effect: NoSchedule
operator: Equal
key: node-role.kubernetes.io/master key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
affinity: affinity:
podAntiAffinity: podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution: requiredDuringSchedulingIgnoredDuringExecution:
@ -54,7 +55,11 @@ spec:
- weight: 100 - weight: 100
preference: preference:
matchExpressions: matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In operator: In
values: values:
- "" - ""

7
roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2
View file

@ -36,7 +36,11 @@ spec:
hostNetwork: true hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
nodeSelector: nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
tolerations: tolerations:
- key: node.cloudprovider.kubernetes.io/uninitialized - key: node.cloudprovider.kubernetes.io/uninitialized
value: "true" value: "true"
@ -44,6 +48,9 @@ spec:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
operator: Exists operator: Exists
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
volumes: volumes:
- name: cfg - name: cfg
secret: secret:

4
roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-controller.yml.j2
View file

@ -21,8 +21,8 @@ spec:
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
tolerations: tolerations:
- key: "node-role.kubernetes.io/master" - key: "node-role.kubernetes.io/master"
operator: "Equal" effect: "NoSchedule"
value: "true" - key: "node-role.kubernetes.io/control-plane"
effect: "NoSchedule" effect: "NoSchedule"
containers: containers:
- name: csi-provisioner - name: csi-provisioner

7
roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-controller-ss.yml.j2
View file

@ -19,11 +19,18 @@ spec:
spec: spec:
serviceAccountName: vsphere-csi-controller serviceAccountName: vsphere-csi-controller
nodeSelector: nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
tolerations: tolerations:
- operator: "Exists" - operator: "Exists"
key: node-role.kubernetes.io/master key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- operator: "Exists"
key: node-role.kubernetes.io/control-plane
effect: NoSchedule
dnsPolicy: "Default" dnsPolicy: "Default"
containers: containers:
- name: csi-attacher - name: csi-attacher

6
roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2
View file

@ -24,7 +24,11 @@ spec:
k8s-app: openstack-cloud-controller-manager k8s-app: openstack-cloud-controller-manager
spec: spec:
nodeSelector: nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
securityContext: securityContext:
runAsUser: 1001 runAsUser: 1001
tolerations: tolerations:
@ -33,6 +37,8 @@ spec:
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
serviceAccountName: cloud-controller-manager serviceAccountName: cloud-controller-manager
containers: containers:
- name: openstack-cloud-controller-manager - name: openstack-cloud-controller-manager

6
roles/kubernetes-apps/external_cloud_controller/vsphere/templates/external-vsphere-cloud-controller-manager-ds.yml.j2
View file

@ -24,7 +24,11 @@ spec:
k8s-app: vsphere-cloud-controller-manager k8s-app: vsphere-cloud-controller-manager
spec: spec:
nodeSelector: nodeSelector:
{% if kube_version is version('v1.20.0', '<') %}
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
{% else %}
node-role.kubernetes.io/control-plane: ""
{% endif %}
securityContext: securityContext:
runAsUser: 0 runAsUser: 0
tolerations: tolerations:
@ -33,6 +37,8 @@ spec:
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
serviceAccountName: cloud-controller-manager serviceAccountName: cloud-controller-manager
containers: containers:
- name: vsphere-cloud-controller-manager - name: vsphere-cloud-controller-manager

5
roles/kubernetes-apps/ingress_controller/ambassador/templates/cr-ambassador-installation.yml.j2
View file

@ -16,7 +16,8 @@ spec:
helmValues: helmValues:
tolerations: tolerations:
- key: "node-role.kubernetes.io/master" - key: "node-role.kubernetes.io/master"
operator: Equal effect: NoSchedule
- key: "node-role.kubernetes.io/control-plane"
effect: NoSchedule effect: NoSchedule
deploymentTool: amb-oper-kubespray deploymentTool: amb-oper-kubespray
{% if ingress_ambassador_host_network %} {% if ingress_ambassador_host_network %}
@ -34,4 +35,4 @@ spec:
port: 443 port: 443
hostPort: {{ ingress_ambassador_secure_port }} hostPort: {{ ingress_ambassador_secure_port }}
targetPort: 8443 targetPort: 8443
protocol: TCP protocol: TCP

2
roles/kubernetes-apps/metallb/templates/metallb.yml.j2
View file

@ -345,6 +345,8 @@ spec:
tolerations: tolerations:
- effect: NoSchedule - effect: NoSchedule
key: node-role.kubernetes.io/master key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment

6
roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
View file

@ -126,6 +126,8 @@ spec:
tolerations: tolerations:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
{% endif %} {% endif %}
affinity: affinity:
nodeAffinity: nodeAffinity:
@ -133,7 +135,11 @@ spec:
- weight: 100 - weight: 100
preference: preference:
matchExpressions: matchExpressions:
{% if kube_version is version('v1.20.0', '<') %}
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
{% else %}
- key: node-role.kubernetes.io/control-plane
{% endif %}
operator: In operator: In
values: values:
- "" - ""

2
roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
View file

@ -26,6 +26,8 @@ spec:
tolerations: tolerations:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
containers: containers:
- name: calico-kube-controllers - name: calico-kube-controllers

2
roles/kubernetes/master/tasks/kubeadm-setup.yml
View file

@ -226,7 +226,7 @@
# FIXME(mattymo): from docs: If you don't want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. # FIXME(mattymo): from docs: If you don't want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file.
- name: kubeadm | Remove taint for master with node role - name: kubeadm | Remove taint for master with node role
command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node-role.kubernetes.io/master:NoSchedule-" command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node-role.kubernetes.io/master:NoSchedule- node-role.kubernetes.io/control-plane:NoSchedule-"
delegate_to: "{{ groups['kube-master'] | first }}" delegate_to: "{{ groups['kube-master'] | first }}"
when: inventory_hostname in groups['kube-node'] when: inventory_hostname in groups['kube-node']
failed_when: false failed_when: false

3
roles/network_plugin/calico/templates/calico-typha.yml.j2
View file

@ -54,6 +54,9 @@ spec:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
operator: Exists operator: Exists
effect: NoSchedule effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
# Since Calico can't network a pod until Typha is up, we need to run Typha itself # Since Calico can't network a pod until Typha is up, we need to run Typha itself
# as a host-networked pod. # as a host-networked pod.
serviceAccountName: calico-node serviceAccountName: calico-node

3
roles/network_plugin/ovn4nfv/templates/ovn4nfv-k8s-plugin.yml.j2
View file

@ -414,6 +414,9 @@ spec:
- key: "node-role.kubernetes.io/master" - key: "node-role.kubernetes.io/master"
effect: "NoSchedule" effect: "NoSchedule"
operator: "Exists" operator: "Exists"
- key: "node-role.kubernetes.io/control-plane"
effect: "NoSchedule"
operator: "Exists"
serviceAccountName: k8s-nfn-sa serviceAccountName: k8s-nfn-sa
containers: containers:
- name: nfn-operator - name: nfn-operator