Use "kubeadm join" to join masters to control plane (#6661)
Remove configuration variable kubeadm_control_plane
This commit is contained in:
parent
0cc5e3ef03
commit
6da385de9d
12 changed files with 2 additions and 70 deletions
|
@ -211,8 +211,6 @@ kata_containers_enabled: false
|
||||||
kubelet_deployment_type: host
|
kubelet_deployment_type: host
|
||||||
helm_deployment_type: host
|
helm_deployment_type: host
|
||||||
|
|
||||||
# Enable kubeadm experimental control plane
|
|
||||||
kubeadm_control_plane: false
|
|
||||||
kubeadm_certificate_key: "{{ lookup('password', credentials_dir + '/kubeadm_certificate_key.creds length=64 chars=hexdigits') | lower }}"
|
kubeadm_certificate_key: "{{ lookup('password', credentials_dir + '/kubeadm_certificate_key.creds length=64 chars=hexdigits') | lower }}"
|
||||||
|
|
||||||
# K8s image pull policy (imagePullPolicy)
|
# K8s image pull policy (imagePullPolicy)
|
||||||
|
|
|
@ -163,7 +163,6 @@
|
||||||
include_tasks: kubeadm_etcd_node.yml
|
include_tasks: kubeadm_etcd_node.yml
|
||||||
when:
|
when:
|
||||||
- etcd_kubeadm_enabled
|
- etcd_kubeadm_enabled
|
||||||
- kubeadm_control_plane
|
|
||||||
- inventory_hostname not in groups['kube-master']
|
- inventory_hostname not in groups['kube-master']
|
||||||
- kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
- kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||||
|
|
|
@ -2,9 +2,6 @@
|
||||||
# disable upgrade cluster
|
# disable upgrade cluster
|
||||||
upgrade_cluster_setup: false
|
upgrade_cluster_setup: false
|
||||||
|
|
||||||
# Enable kubeadm experimental control plane
|
|
||||||
kubeadm_control_plane: false
|
|
||||||
|
|
||||||
# Experimental kubeadm etcd deployment mode. Available only for new deployment
|
# Experimental kubeadm etcd deployment mode. Available only for new deployment
|
||||||
etcd_kubeadm_enabled: false
|
etcd_kubeadm_enabled: false
|
||||||
|
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
---
|
|
||||||
- name: slurp kubeadm certs
|
|
||||||
slurp:
|
|
||||||
src: "{{ item }}"
|
|
||||||
with_items:
|
|
||||||
- "{{ kube_cert_dir }}/apiserver.crt"
|
|
||||||
- "{{ kube_cert_dir }}/apiserver.key"
|
|
||||||
- "{{ kube_cert_dir }}/apiserver-kubelet-client.crt"
|
|
||||||
- "{{ kube_cert_dir }}/apiserver-kubelet-client.key"
|
|
||||||
- "{{ kube_cert_dir }}/ca.crt"
|
|
||||||
- "{{ kube_cert_dir }}/ca.key"
|
|
||||||
- "{{ kube_cert_dir }}/front-proxy-ca.crt"
|
|
||||||
- "{{ kube_cert_dir }}/front-proxy-ca.key"
|
|
||||||
- "{{ kube_cert_dir }}/front-proxy-client.crt"
|
|
||||||
- "{{ kube_cert_dir }}/front-proxy-client.key"
|
|
||||||
- "{{ kube_cert_dir }}/sa.key"
|
|
||||||
- "{{ kube_cert_dir }}/sa.pub"
|
|
||||||
register: kubeadm_certs
|
|
||||||
delegate_to: "{{ groups['kube-master']|first }}"
|
|
||||||
|
|
||||||
- name: kubeadm | write out kubeadm certs
|
|
||||||
copy:
|
|
||||||
dest: "{{ item.item }}"
|
|
||||||
content: "{{ item.content | b64decode }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0640
|
|
||||||
no_log: true
|
|
||||||
register: copy_kubeadm_certs
|
|
||||||
with_items: "{{ kubeadm_certs.results }}"
|
|
||||||
when: inventory_hostname != groups['kube-master']|first
|
|
||||||
|
|
||||||
- name: kubeadm | Init other uninitialized masters
|
|
||||||
command: timeout -k 600s 600s {{ bin_dir }}/kubeadm init --config={{ kube_config_dir }}/kubeadm-config.yaml --ignore-preflight-errors=all --skip-phases=addon/coredns
|
|
||||||
register: kubeadm_init
|
|
||||||
retries: 10
|
|
||||||
until: kubeadm_init is succeeded or "field is immutable" in kubeadm_init.stderr
|
|
||||||
when:
|
|
||||||
- inventory_hostname != groups['kube-master']|first
|
|
||||||
- not kubeadm_already_run.stat.exists
|
|
||||||
failed_when: kubeadm_init.rc != 0 and "field is immutable" not in kubeadm_init.stderr
|
|
||||||
environment:
|
|
||||||
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
|
|
||||||
notify: Master | restart kubelet
|
|
|
@ -199,13 +199,8 @@
|
||||||
tags:
|
tags:
|
||||||
- kubeadm_token
|
- kubeadm_token
|
||||||
|
|
||||||
- name: kubeadm | Initialize other masters (experimental control plane)
|
- name: kubeadm | Join other masters
|
||||||
include_tasks: kubeadm-secondary-experimental.yml
|
include_tasks: kubeadm-secondary.yml
|
||||||
when: kubeadm_control_plane
|
|
||||||
|
|
||||||
- name: kubeadm | Initialize other masters (legacy not control plane)
|
|
||||||
include_tasks: kubeadm-secondary-legacy.yml
|
|
||||||
when: not kubeadm_control_plane
|
|
||||||
|
|
||||||
- name: kubeadm | upgrade kubernetes cluster
|
- name: kubeadm | upgrade kubernetes cluster
|
||||||
include_tasks: kubeadm-upgrade.yml
|
include_tasks: kubeadm-upgrade.yml
|
||||||
|
|
|
@ -258,12 +258,6 @@
|
||||||
when: resolvconf_mode is defined
|
when: resolvconf_mode is defined
|
||||||
run_once: true
|
run_once: true
|
||||||
|
|
||||||
- name: Stop if kubeadm etcd mode is enabled but experimental control plane is not
|
|
||||||
assert:
|
|
||||||
that: kubeadm_control_plane
|
|
||||||
msg: "kubeadm etcd mode requires experimental control plane"
|
|
||||||
when: etcd_kubeadm_enabled
|
|
||||||
|
|
||||||
- name: Stop if etcd deployment type is not host or docker
|
- name: Stop if etcd deployment type is not host or docker
|
||||||
assert:
|
assert:
|
||||||
that: etcd_deployment_type in ['host', 'docker']
|
that: etcd_deployment_type in ['host', 'docker']
|
||||||
|
|
|
@ -402,9 +402,6 @@ kubelet_protect_kernel_defaults: true
|
||||||
## the k8s cluster.
|
## the k8s cluster.
|
||||||
kube_feature_gates: []
|
kube_feature_gates: []
|
||||||
|
|
||||||
# Enable kubeadm experimental control plane
|
|
||||||
kubeadm_control_plane: false
|
|
||||||
|
|
||||||
# Local volume provisioner storage classes
|
# Local volume provisioner storage classes
|
||||||
# Levarages Ansibles string to Python datatype casting. Otherwise the dict_key isn't substituted
|
# Levarages Ansibles string to Python datatype casting. Otherwise the dict_key isn't substituted
|
||||||
# see https://github.com/ansible/ansible/issues/17324
|
# see https://github.com/ansible/ansible/issues/17324
|
||||||
|
|
|
@ -4,7 +4,6 @@ cloud_image: centos-7
|
||||||
mode: ha
|
mode: ha
|
||||||
|
|
||||||
# Kubespray settings
|
# Kubespray settings
|
||||||
kubeadm_control_plane: true
|
|
||||||
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
||||||
kube_proxy_mode: iptables
|
kube_proxy_mode: iptables
|
||||||
kube_network_plugin: flannel
|
kube_network_plugin: flannel
|
||||||
|
|
|
@ -6,7 +6,6 @@ mode: ha
|
||||||
# Kubespray settings
|
# Kubespray settings
|
||||||
kube_network_plugin: flannel
|
kube_network_plugin: flannel
|
||||||
etcd_kubeadm_enabled: true
|
etcd_kubeadm_enabled: true
|
||||||
kubeadm_control_plane: true
|
|
||||||
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
||||||
skip_non_kubeadm_warning: true
|
skip_non_kubeadm_warning: true
|
||||||
deploy_netchecker: true
|
deploy_netchecker: true
|
||||||
|
|
|
@ -5,7 +5,6 @@ mode: ha
|
||||||
vm_memory: 1600Mi
|
vm_memory: 1600Mi
|
||||||
|
|
||||||
# Kubespray settings
|
# Kubespray settings
|
||||||
kubeadm_control_plane: true
|
|
||||||
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
||||||
kube_proxy_mode: iptables
|
kube_proxy_mode: iptables
|
||||||
kube_network_plugin: flannel
|
kube_network_plugin: flannel
|
||||||
|
|
|
@ -5,7 +5,6 @@ mode: ha
|
||||||
vm_memory: 1600Mi
|
vm_memory: 1600Mi
|
||||||
|
|
||||||
# Kubespray settings
|
# Kubespray settings
|
||||||
kubeadm_control_plane: true
|
|
||||||
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
||||||
kube_proxy_mode: iptables
|
kube_proxy_mode: iptables
|
||||||
kube_network_plugin: flannel
|
kube_network_plugin: flannel
|
||||||
|
|
Loading…
Reference in a new issue