diff --git a/README.md b/README.md index 828058b8c..e32cdad3b 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ Supported Components -------------------- - Core - - [kubernetes](https://github.com/kubernetes/kubernetes) v1.12.3 + - [kubernetes](https://github.com/kubernetes/kubernetes) v1.12.4 - [etcd](https://github.com/coreos/etcd) v3.2.24 - [docker](https://www.docker.com/) v18.06 (see note) - [rkt](https://github.com/rkt/rkt) v1.21.0 (see Note 2) diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index 80ebb3f12..a2508c5a9 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -35,7 +35,7 @@ download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube image_arch: "{{host_architecture | default('amd64')}}" # Versions -kube_version: v1.12.3 +kube_version: v1.12.4 kubeadm_version: "{{ kube_version }}" etcd_version: v3.2.24 @@ -70,6 +70,7 @@ cni_download_url: "https://github.com/containernetworking/plugins/releases/downl # Checksums hyperkube_checksums: + v1.12.4: a4697d8f3791f0408fcdb97b3de187e47d7b39a63332c75f68f95e25f4891cc9 v1.12.3: 600aad3f0d016716abd85931239806193ffbe95f2edfdcea11532d518ae5cdb1 v1.12.2: 566dfed398c20c9944f8999d6370cb584cb8c228b3c5881137b6b3d9306e4b06 v1.12.1: 4aa23cfb2fc2e2e4d0cbe0d83a648c38e4baabd6c66f5cdbbb40cbc7582fdc74 @@ -88,6 +89,7 @@ hyperkube_checksums: v1.10.1: 6e0642ad6bae68dc81b8d1c9efa18e265e17e23da1895862823cafac08c0344c v1.10.0: b5575b2fb4266754c1675b8cd5d9b6cac70f3fee7a05c4e80da3a9e83e58c57e kubeadm_checksums: + v1.12.4: 674ad5892ff2403f492c9042c3cea3fa0bfa3acf95bc7d1777c3645f0ddf64d7 v1.12.3: c675aa3be82754b3f8dfdde2a1526a72986713312d46d898e65cb564c6aa8ad4 v1.12.2: 51bc4bfd1d934a27245111c0ad1f793d5147ed15389415a1509502f23fcfa642 v1.12.1: 5d95efd65aad398d85a9802799f36410ae7a95f9cbe73c8b10d2213c10a6d7be diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml index e0c13fefa..cae508fc2 100644 --- a/roles/kubernetes/master/tasks/kubeadm-setup.yml +++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml @@ -54,12 +54,14 @@ {%- if loadbalancer_apiserver is defined %} {{ apiserver_loadbalancer_domain_name }} {%- endif %} - {%- for host in groups['kube-master'] -%} - {%- if hostvars[host]['access_ip'] is defined %}{{ hostvars[host]['access_ip'] }}{% endif %} + {% for host in groups['kube-master'] -%} + {%- if hostvars[host]['access_ip'] is defined -%} + {{ hostvars[host]['access_ip'] }} + {%- endif %} {{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }} {%- endfor %} - {%- if supplementary_addresses_in_ssl_keys is defined %} - {%- for addr in supplementary_addresses_in_ssl_keys %} + {%- if supplementary_addresses_in_ssl_keys is defined -%} + {% for addr in supplementary_addresses_in_ssl_keys -%} {{ addr }} {%- endfor %} {%- endif %} diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2 index 8adc777fd..1866be550 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2 @@ -20,7 +20,6 @@ networking: dnsDomain: {{ dns_domain }} serviceSubnet: {{ kube_service_addresses }} podSubnet: {{ kube_pods_subnet }} - podNetworkCidr: "{{ kube_network_node_prefix }}" kubernetesVersion: {{ kube_version }} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %} cloudProvider: {{cloud_provider}} @@ -121,6 +120,7 @@ controllerManagerExtraArgs: node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }} node-monitor-period: {{ kube_controller_node_monitor_period }} pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }} + node-cidr-mask-size: "{{ kube_network_node_prefix }}" profiling: "{{ kube_profiling }}" terminated-pod-gc-threshold: "{{ kube_controller_terminated_pod_gc_threshold }}" {% if kube_feature_gates %} @@ -171,7 +171,7 @@ apiServerExtraVolumes: {% endif %} {% endif %} apiServerCertSANs: -{% for san in apiserver_sans.split(' ') | unique %} +{% for san in apiserver_sans.split() | unique %} - {{ san }} {% endfor %} certificatesDir: {{ kube_config_dir }}/ssl diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 index 53e1703ce..eda407f36 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 @@ -21,7 +21,6 @@ networking: dnsDomain: {{ dns_domain }} serviceSubnet: {{ kube_service_addresses }} podSubnet: {{ kube_pods_subnet }} - podNetworkCidr: "{{ kube_network_node_prefix }}" kubernetesVersion: {{ kube_version }} kubeProxy: config: @@ -119,6 +118,7 @@ controllerManagerExtraArgs: node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }} node-monitor-period: {{ kube_controller_node_monitor_period }} pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }} + node-cidr-mask-size: "{{ kube_network_node_prefix }}" profiling: "{{ kube_profiling }}" terminated-pod-gc-threshold: "{{ kube_controller_terminated_pod_gc_threshold }}" {% if kube_feature_gates %} @@ -189,7 +189,7 @@ schedulerExtraArgs: {% endfor %} {% endif %} apiServerCertSANs: -{% for san in apiserver_sans.split(' ') | unique %} +{% for san in apiserver_sans.split() | unique %} - {{ san }} {% endfor %} certificatesDir: {{ kube_config_dir }}/ssl diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 index adedb850d..155b4fe54 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 @@ -36,7 +36,6 @@ networking: dnsDomain: {{ dns_domain }} serviceSubnet: {{ kube_service_addresses }} podSubnet: {{ kube_pods_subnet }} - podNetworkCidr: "{{ kube_network_node_prefix }}" kubernetesVersion: {{ kube_version }} {% if groups['kube-master'] | length > 1 and kubeadm_config_api_fqdn is defined %} controlPlaneEndpoint: {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }} @@ -44,7 +43,7 @@ controlPlaneEndpoint: {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.po controlPlaneEndpoint: {{ ip | default(ansible_default_ipv4.address) }}:{{ kube_apiserver_port }} {% endif %} apiServerCertSANs: -{% for san in apiserver_sans.split(' ') | unique %} +{% for san in apiserver_sans.split() | unique %} - {{ san }} {% endfor %} certificatesDir: {{ kube_config_dir }}/ssl @@ -126,6 +125,7 @@ controllerManagerExtraArgs: node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }} node-monitor-period: {{ kube_controller_node_monitor_period }} pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }} + node-cidr-mask-size: "{{ kube_network_node_prefix }}" {% if kube_feature_gates %} feature-gates: {{ kube_feature_gates|join(',') }} {% endif %}