Merge branch 'master' of https://github.com/kubernetes-incubator/kubespray into cert-fix-2
This commit is contained in:
commit
4bb7d2b566
10 changed files with 44 additions and 19 deletions
|
@ -118,6 +118,8 @@ Stack](https://github.com/kubernetes-incubator/kubespray/blob/master/docs/dns-st
|
|||
* *kubelet_cgroup_driver* - Allows manual override of the
|
||||
cgroup-driver option for Kubelet. By default autodetection is used
|
||||
to match Docker configuration.
|
||||
* *node_labels* - Labels applied to nodes via kubelet --node-labels parameter.
|
||||
For example, labels can be set in the inventory as variables or more widely in group_vars
|
||||
|
||||
##### Custom flags for Kube Components
|
||||
For all kube components, custom flags can be passed in. This allows for edge cases where users need changes to the default deployment that may not be applicable to all deployments. This can be done by providing a list of flags. Example:
|
||||
|
|
|
@ -50,6 +50,10 @@
|
|||
- dns_mode != 'none'
|
||||
- inventory_hostname == groups['kube-master'][0]
|
||||
- not item|skipped
|
||||
register: resource_result
|
||||
until: resource_result|succeeded
|
||||
retries: 4
|
||||
delay: 5
|
||||
tags:
|
||||
- dnsmasq
|
||||
|
||||
|
|
|
@ -20,6 +20,9 @@ spec:
|
|||
labels:
|
||||
k8s-app: ingress-nginx
|
||||
version: v{{ ingress_nginx_controller_image_tag }}
|
||||
annotations:
|
||||
prometheus.io/port: '10254'
|
||||
prometheus.io/scrape: 'true'
|
||||
spec:
|
||||
{% if ingress_nginx_host_network %}
|
||||
hostNetwork: true
|
||||
|
@ -78,3 +81,4 @@ spec:
|
|||
{% if rbac_enabled %}
|
||||
serviceAccountName: ingress-nginx
|
||||
{% endif %}
|
||||
|
||||
|
|
|
@ -30,4 +30,7 @@
|
|||
with_items:
|
||||
- ["kube-apiserver", "kube-controller-manager", "kube-scheduler"]
|
||||
when: kube_apiserver_manifest_replaced.changed
|
||||
run_once: true
|
||||
register: remove_master_container
|
||||
retries: 4
|
||||
until: remove_master_container.rc == 0
|
||||
delay: 5
|
|
@ -90,3 +90,7 @@ apiServerCertSANs:
|
|||
{% endfor %}
|
||||
certificatesDir: {{ kube_config_dir }}/ssl
|
||||
unifiedControlPlaneImage: "{{ hyperkube_image_repo }}:{{ hyperkube_image_tag }}"
|
||||
{% if kube_override_hostname|default('') %}
|
||||
nodeName: {{ kube_override_hostname }}
|
||||
{% endif %}
|
||||
|
||||
|
|
|
@ -134,6 +134,19 @@
|
|||
tags:
|
||||
- kube-proxy
|
||||
|
||||
- name: Write cloud-config
|
||||
template:
|
||||
src: "{{ cloud_provider }}-cloud-config.j2"
|
||||
dest: "{{ kube_config_dir }}/cloud_config"
|
||||
group: "{{ kube_cert_group }}"
|
||||
mode: 0640
|
||||
when:
|
||||
- cloud_provider is defined
|
||||
- cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
|
||||
notify: restart kubelet
|
||||
tags:
|
||||
- cloud-provider
|
||||
|
||||
# reload-systemd
|
||||
- meta: flush_handlers
|
||||
|
||||
|
|
|
@ -81,18 +81,26 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
|
|||
{% endif %}
|
||||
|
||||
{# Kubelet node labels #}
|
||||
{% set role_node_labels = [] %}
|
||||
{% if inventory_hostname in groups['kube-master'] %}
|
||||
{% set node_labels %}--node-labels=node-role.kubernetes.io/master=true{% endset %}
|
||||
{% do role_node_labels.append('node-role.kubernetes.io/master=true') %}
|
||||
{% if not standalone_kubelet|bool %}
|
||||
{% set node_labels %}{{ node_labels }},node-role.kubernetes.io/node=true{% endset %}
|
||||
{% do role_node_labels.append('node-role.kubernetes.io/node=true') %}
|
||||
{% endif %}
|
||||
{% elif inventory_hostname in groups['kube-ingress']|default([]) %}
|
||||
{% set node_labels %}--node-labels=node-role.kubernetes.io/ingress=true{% endset %}
|
||||
{% else %}
|
||||
{% set node_labels %}--node-labels=node-role.kubernetes.io/node=true{% endset %}
|
||||
{% do role_node_labels.append('node-role.kubernetes.io/node=true') %}
|
||||
{% endif %}
|
||||
{% set inventory_node_labels = [] %}
|
||||
{% if node_labels is defined %}
|
||||
{% for labelname, labelvalue in node_labels.iteritems() %}
|
||||
{% do inventory_node_labels.append(labelname + '=' + labelvalue) %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% set all_node_labels = role_node_labels + inventory_node_labels %}
|
||||
|
||||
KUBELET_ARGS="{{ kubelet_args_base }} {{ kubelet_args_dns }} {{ kubelet_args_kubeconfig }} {{ kube_reserved }} {{ node_labels }} {% if kube_feature_gates %} --feature-gates={{ kube_feature_gates|join(',') }} {% endif %} {% if kubelet_custom_flags is string %} {{kubelet_custom_flags}} {% else %}{% for flag in kubelet_custom_flags %} {{flag}} {% endfor %}{% endif %}"
|
||||
KUBELET_ARGS="{{ kubelet_args_base }} {{ kubelet_args_dns }} {{ kubelet_args_kubeconfig }} {{ kube_reserved }} --node-labels={{ all_node_labels | join(',') }} {% if kube_feature_gates %} --feature-gates={{ kube_feature_gates|join(',') }} {% endif %} {% if kubelet_custom_flags is string %} {{kubelet_custom_flags}} {% else %}{% for flag in kubelet_custom_flags %} {{flag}} {% endfor %}{% endif %}"
|
||||
{% if kube_network_plugin is defined and kube_network_plugin in ["calico", "canal", "flannel", "weave", "contiv", "cilium"] %}
|
||||
KUBELET_NETWORK_PLUGIN="--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
|
||||
{% elif kube_network_plugin is defined and kube_network_plugin == "weave" %}
|
||||
|
|
|
@ -48,7 +48,6 @@ spec:
|
|||
{% elif kube_proxy_mode == 'ipvs' %}
|
||||
- --masquerade-all
|
||||
- --feature-gates=SupportIPVSProxyMode=true
|
||||
- --proxy-mode=ipvs
|
||||
- --ipvs-min-sync-period=5s
|
||||
- --ipvs-sync-period=5s
|
||||
- --ipvs-scheduler=rr
|
||||
|
|
|
@ -256,19 +256,6 @@
|
|||
tags:
|
||||
- bootstrap-os
|
||||
|
||||
- name: Write cloud-config
|
||||
template:
|
||||
src: "{{ cloud_provider }}-cloud-config.j2"
|
||||
dest: "{{ kube_config_dir }}/cloud_config"
|
||||
group: "{{ kube_cert_group }}"
|
||||
mode: 0640
|
||||
when:
|
||||
- inventory_hostname in groups['k8s-cluster']
|
||||
- cloud_provider is defined
|
||||
- cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
|
||||
tags:
|
||||
- cloud-provider
|
||||
|
||||
- import_tasks: etchosts.yml
|
||||
tags:
|
||||
- bootstrap-os
|
||||
|
|
|
@ -10,3 +10,4 @@ fact_caching_connection = /tmp
|
|||
stdout_callback = skippy
|
||||
library = ./library:../library
|
||||
callback_whitelist = profile_tasks
|
||||
jinja2_extensions = jinja2.ext.do
|
||||
|
|
Loading…
Reference in a new issue