Fix ansible syntax to avoid ansible deprecation warnings (#3512)

* failed

* version_compare

* succeeded

* skipped

* success

* version_compare becomes version since ansible 2.5

* ansible minimal version updated in doc and spec

* last version_compare
This commit is contained in:
Erwan Miran 2018-10-17 00:33:30 +02:00 committed by k8s-ci-robot
parent bfd4ccbeaa
commit 7bec169d58
75 changed files with 153 additions and 153 deletions

View file

@ -134,7 +134,7 @@ plugins can be deployed for a given single cluster.
Requirements
------------
- **Ansible v2.4 (or newer) and python-netaddr is installed on the machine
- **Ansible v2.5 (or newer) and python-netaddr is installed on the machine
that will run Ansible commands**
- **Jinja 2.9 (or newer) is required to run the Ansible Playbooks**
- The target servers must have **access to the Internet** in order to pull docker images. Otherwise, additional configuration is required (See [Offline Environment](https://github.com/kubernetes-incubator/kubespray/blob/master/docs/downloads.md#offline-environment))

View file

@ -20,7 +20,7 @@ BuildRequires: python2-setuptools
BuildRequires: python-d2to1
BuildRequires: python2-pbr
Requires: ansible >= 2.4.0
Requires: ansible >= 2.5.0
Requires: python-jinja2 >= 2.10
Requires: python-netaddr
Requires: python-pbr

View file

@ -45,7 +45,7 @@
docker requires a minimum kernel version of
{{ docker_kernel_min_version }} on
{{ ansible_distribution }}-{{ ansible_distribution_version }}
when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]) and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
tags:
- facts
@ -58,7 +58,7 @@
url: "{{docker_repo_key_info.url}}"
state: present
register: keyserver_task_result
until: keyserver_task_result|succeeded
until: keyserver_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ docker_repo_key_info.repo_keys }}"
@ -79,7 +79,7 @@
url: "{{dockerproject_repo_key_info.url}}"
state: present
register: keyserver_task_result
until: keyserver_task_result|succeeded
until: keyserver_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
@ -134,7 +134,7 @@
state: present
update_cache: "{{ omit if ansible_distribution == 'Fedora' else True }}"
register: docker_task_result
until: docker_task_result|succeeded
until: docker_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ docker_package_info.pkgs }}"
@ -145,7 +145,7 @@
- name: get available packages on Ubuntu
command: apt-cache policy docker-ce
when:
- docker_task_result|failed
- docker_task_result is failed
- ansible_distribution == 'Ubuntu'
register: available_packages
@ -153,7 +153,7 @@
fail:
msg: "{{available_packages}}"
when:
- docker_task_result|failed
- docker_task_result is failed
- ansible_distribution == 'Ubuntu'
# This is required to ensure any apt upgrade will not break kubernetes
@ -185,7 +185,7 @@
when: >
dns_mode != 'none' and
resolvconf_mode == 'docker_dns' and
installed_docker_version.stdout|version_compare('1.12', '<')
installed_docker_version.stdout is version('1.12', '<')
- name: Set docker systemd config
import_tasks: systemd.yml

View file

@ -21,7 +21,7 @@ Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart={{ docker_bin_dir }}/docker{% if installed_docker_version.stdout|version_compare('17.03', '<') %} daemon{% else %}d{% endif %} \
ExecStart={{ docker_bin_dir }}/docker{% if installed_docker_version.stdout is version('17.03', '<') %} daemon{% else %}d{% endif %} \
{% if ansible_os_family == "Suse" %}
--containerd /run/containerd/containerd.sock --add-runtime oci=/usr/bin/docker-runc \
{% endif %}

View file

@ -41,7 +41,7 @@ docker_pkgs:
docker_package_info:
pkg_mgr: yum
pkgs: |-
{%- if docker_version | version_compare('17.04', '<') -%}
{%- if docker_version is version('17.04', '<') -%}
{{ docker_pkgs_use_docker_ce }}
{%- else -%}
{{ docker_pkgs }}

View file

@ -20,7 +20,7 @@
deb: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
state: present
register: rkt_task_result
until: rkt_task_result|succeeded
until: rkt_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when: ansible_os_family == "Debian"
@ -36,7 +36,7 @@
pkg: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
state: present
register: rkt_task_result
until: rkt_task_result|succeeded
until: rkt_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -48,7 +48,7 @@
name: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
state: present
register: rkt_task_result
until: rkt_task_result|succeeded
until: rkt_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when: ansible_os_family == "Suse"

View file

@ -31,7 +31,7 @@ spec:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
serviceAccountName: dnsmasq

View file

@ -21,7 +21,7 @@ spec:
kubernetes.io/cluster-service: "true"
kubespray/dnsmasq-checksum: "{{ dnsmasq_stat.stat.checksum }}"
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
tolerations:

View file

@ -15,7 +15,7 @@
- name: container_download | Download containers if pull is required or told to always pull (delegate)
command: "{{ docker_bin_dir }}/docker pull {{ pull_args }}"
register: pull_task_result
until: pull_task_result|succeeded
until: pull_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -30,7 +30,7 @@
- name: container_download | Download containers if pull is required or told to always pull (all nodes)
command: "{{ docker_bin_dir }}/docker pull {{ pull_args }}"
register: pull_task_result
until: pull_task_result|succeeded
until: pull_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:

View file

@ -99,7 +99,7 @@
delegate_facts: no
become: false
register: get_task
until: get_task|succeeded
until: get_task is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:

View file

@ -36,7 +36,7 @@
when:
- dns_mode in ['kubedns', 'dnsmasq_kubedns']
- inventory_hostname == groups['kube-master'][0]
- rbac_enabled and kubedns_version|version_compare("1.11.0", "<", strict=True)
- rbac_enabled and kubedns_version is version("1.11.0", "<", strict=True)
tags:
- dnsmasq
- kubedns

View file

@ -52,9 +52,9 @@
when:
- dns_mode != 'none'
- inventory_hostname == groups['kube-master'][0]
- not item|skipped
- not item is skipped
register: resource_result
until: resource_result|succeeded
until: resource_result is succeeded
retries: 4
delay: 5
tags:

View file

@ -68,4 +68,4 @@
filename: "{{kube_config_dir}}/{{item.item.file}}"
state: "latest"
with_items: "{{ manifests.results }}"
when: inventory_hostname == groups['kube-master'][0] and not item|skipped
when: inventory_hostname == groups['kube-master'][0] and not item is skipped

View file

@ -24,7 +24,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
serviceAccountName: coredns

View file

@ -140,7 +140,7 @@ spec:
labels:
k8s-app: kubernetes-dashboard
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
containers:

View file

@ -28,7 +28,7 @@ spec:
labels:
k8s-app: kubedns-autoscaler
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows

View file

@ -27,7 +27,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows

View file

@ -12,7 +12,7 @@ spec:
labels:
app: netchecker-agent
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
tolerations:

View file

@ -16,10 +16,10 @@ spec:
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
dnsPolicy: ClusterFirstWithHostNet
{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
tolerations:

View file

@ -11,7 +11,7 @@ spec:
app: netchecker-server
namespace: {{ netcheck_namespace }}
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
containers:

View file

@ -49,7 +49,7 @@
with_items: "{{ psp_manifests.results }}"
when:
- inventory_hostname == groups['kube-master'][0]
- not item|skipped
- not item is skipped
- name: Kubernetes Apps | Add ClusterRoleBinding to admit nodes
template:
@ -130,8 +130,8 @@
- rbac_enabled
- cloud_provider is defined
- cloud_provider == 'vsphere'
- kube_version | version_compare('v1.9.0', '>=')
- kube_version | version_compare('v1.9.3', '<=')
- kube_version is version('v1.9.0', '>=')
- kube_version is version('v1.9.3', '<=')
- inventory_hostname == groups['kube-master'][0]
tags: vsphere
@ -146,8 +146,8 @@
- cloud_provider == 'vsphere'
- vsphere_cloud_provider.rc is defined
- vsphere_cloud_provider.rc != 0
- kube_version | version_compare('v1.9.0', '>=')
- kube_version | version_compare('v1.9.3', '<=')
- kube_version is version('v1.9.0', '>=')
- kube_version is version('v1.9.3', '<=')
- inventory_hostname == groups['kube-master'][0]
tags: vsphere
@ -164,8 +164,8 @@
- cloud_provider == 'vsphere'
- vsphere_cloud_provider.rc is defined
- vsphere_cloud_provider.rc != 0
- kube_version | version_compare('v1.9.0', '>=')
- kube_version | version_compare('v1.9.3', '<=')
- kube_version is version('v1.9.0', '>=')
- kube_version is version('v1.9.3', '<=')
- inventory_hostname == groups['kube-master'][0]
tags: vsphere
@ -178,7 +178,7 @@
- name: PriorityClass | Copy k8s-cluster-critical-pc.yml file
copy: src=k8s-cluster-critical-pc.yml dest={{ kube_config_dir }}/k8s-cluster-critical-pc.yml
when:
- kube_version|version_compare('v1.11.1', '>=')
- kube_version is version('v1.11.1', '>=')
- inventory_hostname == groups['kube-master'][0]
- name: PriorityClass | Create k8s-cluster-critical
@ -189,5 +189,5 @@
filename: "{{ kube_config_dir }}/k8s-cluster-critical-pc.yml"
state: latest
when:
- kube_version|version_compare('v1.11.1', '>=')
- kube_version is version('v1.11.1', '>=')
- inventory_hostname == groups['kube-master'][0]

View file

@ -19,7 +19,7 @@ spec:
app: cephfs-provisioner
version: {{ cephfs_provisioner_image_tag }}
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if cephfs_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
serviceAccount: cephfs-provisioner

View file

@ -18,7 +18,7 @@ spec:
k8s-app: local-volume-provisioner
version: {{ local_volume_provisioner_image_tag }}
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if local_volume_provisioner_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
serviceAccountName: local-volume-provisioner

View file

@ -45,7 +45,7 @@
--upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
{% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
{% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %}
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
@ -65,7 +65,7 @@
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
{% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
{% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %}
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
@ -74,7 +74,7 @@
| {{bin_dir}}/kubectl apply -f -
changed_when: false
when:
- (tiller_override is defined and tiller_override != "") or (kube_version|version_compare('v1.11.1', '>='))
- (tiller_override is defined and tiller_override != "") or (kube_version is version('v1.11.1', '>='))
- inventory_hostname == groups['kube-master'][0]
environment: "{{proxy_env}}"

View file

@ -22,7 +22,7 @@ spec:
release: cert-manager
annotations:
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if cert_manager_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
serviceAccountName: cert-manager

View file

@ -19,7 +19,7 @@ spec:
app.kubernetes.io/name: default-backend
app.kubernetes.io/part-of: ingress-nginx
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if ingress_nginx_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
terminationGracePeriodSeconds: 60

View file

@ -29,7 +29,7 @@ spec:
nodeSelector:
{{ ingress_nginx_nodeselector | to_nice_yaml }}
{%- endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if ingress_nginx_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
containers:

View file

@ -10,7 +10,7 @@
with_items:
- "{{ calico_node_manifests.results }}"
when:
- inventory_hostname == groups['kube-master'][0] and not item|skipped
- inventory_hostname == groups['kube-master'][0] and not item is skipped
- name: "calico upgrade complete"
shell: "{{ bin_dir }}/calico-upgrade complete --no-prompts --apiconfigv1 /etc/calico/etcdv2.yml --apiconfigv3 /etc/calico/etcdv3.yml"

View file

@ -8,4 +8,4 @@
filename: "{{kube_config_dir}}/{{item.item.file}}"
state: "latest"
with_items: "{{ canal_manifests.results }}"
when: inventory_hostname == groups['kube-master'][0] and not item|skipped
when: inventory_hostname == groups['kube-master'][0] and not item is skipped

View file

@ -8,7 +8,7 @@
filename: "{{kube_config_dir}}/{{item.item.file}}"
state: "latest"
with_items: "{{ cilium_node_manifests.results }}"
when: inventory_hostname == groups['kube-master'][0] and not item|skipped
when: inventory_hostname == groups['kube-master'][0] and not item is skipped
- name: Cilium | Wait for pods to run
command: "{{bin_dir}}/kubectl -n kube-system get pods -l k8s-app=cilium -o jsonpath='{.items[?(@.status.containerStatuses[0].ready==false)].metadata.name}'"

View file

@ -8,7 +8,7 @@
filename: "{{kube_config_dir}}/{{item.item.file}}"
state: "latest"
with_items: "{{ flannel_node_manifests.results }}"
when: inventory_hostname == groups['kube-master'][0] and not item|skipped
when: inventory_hostname == groups['kube-master'][0] and not item is skipped
- name: Flannel | Wait for flannel subnet.env file presence
wait_for:

View file

@ -34,4 +34,4 @@
- "{{ calico_kube_manifests.results }}"
when:
- inventory_hostname == groups['kube-master'][0]
- not item|skipped
- not item is skipped

View file

@ -29,7 +29,7 @@ spec:
tolerations:
- effect: NoSchedule
operator: Exists
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
containers:

View file

@ -21,7 +21,7 @@ spec:
kubernetes.io/cluster-service: "true"
version: v{{ registry_proxy_image_tag }}
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if registry_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
serviceAccountName: registry-proxy

View file

@ -22,7 +22,7 @@ spec:
version: v{{ registry_image_tag }}
kubernetes.io/cluster-service: "true"
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if registry_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
{% endif %}
serviceAccountName: registry

View file

@ -34,19 +34,19 @@
- name: sets kubeadm api version to v1alpha1
set_fact:
kubeadmConfig_api_version: v1alpha1
when: kubeadm_output.stdout|version_compare('v1.11.0', '<')
when: kubeadm_output.stdout is version('v1.11.0', '<')
- name: sets kubeadm api version to v1alpha2
set_fact:
kubeadmConfig_api_version: v1alpha2
when:
- kubeadm_output.stdout|version_compare('v1.11.0', '>=')
- kubeadm_output.stdout|version_compare('v1.12.0', '<')
- kubeadm_output.stdout is version('v1.11.0', '>=')
- kubeadm_output.stdout is version('v1.12.0', '<')
- name: sets kubeadm api version to v1alpha3
set_fact:
kubeadmConfig_api_version: v1alpha3
when: kubeadm_output.stdout|version_compare('v1.12.0', '>=')
when: kubeadm_output.stdout is version('v1.12.0', '>=')
- name: Create kubeadm client config
template:

View file

@ -80,7 +80,7 @@ kube_apiserver_admission_control:
- ServiceAccount
- DefaultStorageClass
- >-
{%- if kube_version | version_compare('v1.9', '<') -%}
{%- if kube_version is version('v1.9', '<') -%}
GenericAdmissionWebhook
{%- else -%}
MutatingAdmissionWebhook,ValidatingAdmissionWebhook

View file

@ -84,19 +84,19 @@
- name: sets kubeadm api version to v1alpha1
set_fact:
kubeadmConfig_api_version: v1alpha1
when: kubeadm_output.stdout|version_compare('v1.11.0', '<')
when: kubeadm_output.stdout is version('v1.11.0', '<')
- name: sets kubeadm api version to v1alpha2
set_fact:
kubeadmConfig_api_version: v1alpha2
when:
- kubeadm_output.stdout|version_compare('v1.11.0', '>=')
- kubeadm_output.stdout|version_compare('v1.12.0', '<')
- kubeadm_output.stdout is version('v1.11.0', '>=')
- kubeadm_output.stdout is version('v1.12.0', '<')
- name: sets kubeadm api version to v1alpha3
set_fact:
kubeadmConfig_api_version: v1alpha3
when: kubeadm_output.stdout|version_compare('v1.12.0', '>=')
when: kubeadm_output.stdout is version('v1.12.0', '>=')
# Nginx LB(default), If kubeadm_config_api_fqdn is defined, use other LB by kubeadm controlPlaneEndpoint.
- name: set kubeadm_config_api_fqdn define

View file

@ -26,10 +26,10 @@ cloudProvider: {{ cloud_provider }}
{% if kube_proxy_mode == 'ipvs' %}
kubeProxy:
config:
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
featureGates: SupportIPVSProxyMode=true
{% endif %}
{% if kube_version | version_compare('v1.10', '>=') %}
{% if kube_version is version('v1.10', '>=') %}
featureGates:
SupportIPVSProxyMode: true
{% endif %}
@ -49,7 +49,7 @@ apiServerExtraArgs:
insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
{% endif %}
insecure-port: "{{ kube_apiserver_insecure_port }}"
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
admission-control: {{ kube_apiserver_admission_control | join(',') }}
{% else %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
@ -60,7 +60,7 @@ apiServerExtraArgs:
{% endif %}
{% endif %}
apiserver-count: "{{ kube_apiserver_count }}"
{% if kube_version | version_compare('v1.9', '>=') %}
{% if kube_version is version('v1.9', '>=') %}
endpoint-reconciler-type: lease
{% endif %}
{% if etcd_events_cluster_enabled %}
@ -72,7 +72,7 @@ apiServerExtraArgs:
request-timeout: "{{ kube_apiserver_request_timeout }}"
repair-malformed-updates: "false"
enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
{% if kube_api_anonymous_auth is defined and kube_version | version_compare('v1.5', '>=') %}
{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
anonymous-auth: "{{ kube_api_anonymous_auth }}"
{% endif %}
{% if kube_basic_auth|default(true) %}

View file

@ -41,7 +41,7 @@ apiServerExtraArgs:
insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
{% endif %}
insecure-port: "{{ kube_apiserver_insecure_port }}"
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
admission-control: {{ kube_apiserver_admission_control | join(',') }}
{% else %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
@ -52,7 +52,7 @@ apiServerExtraArgs:
{% endif %}
{% endif %}
apiserver-count: "{{ kube_apiserver_count }}"
{% if kube_version | version_compare('v1.9', '>=') %}
{% if kube_version is version('v1.9', '>=') %}
endpoint-reconciler-type: lease
{% endif %}
{% if etcd_events_cluster_enabled %}
@ -64,7 +64,7 @@ apiServerExtraArgs:
request-timeout: "{{ kube_apiserver_request_timeout }}"
repair-malformed-updates: "false"
enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
{% if kube_api_anonymous_auth is defined and kube_version | version_compare('v1.5', '>=') %}
{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
anonymous-auth: "{{ kube_api_anonymous_auth }}"
{% endif %}
{% if kube_basic_auth|default(true) %}

View file

@ -44,7 +44,7 @@ apiServerExtraArgs:
insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
{% endif %}
insecure-port: "{{ kube_apiserver_insecure_port }}"
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
admission-control: {{ kube_apiserver_admission_control | join(',') }}
{% else %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
@ -55,7 +55,7 @@ apiServerExtraArgs:
{% endif %}
{% endif %}
apiserver-count: "{{ kube_apiserver_count }}"
{% if kube_version | version_compare('v1.9', '>=') %}
{% if kube_version is version('v1.9', '>=') %}
endpoint-reconciler-type: lease
{% endif %}
{% if etcd_events_cluster_enabled %}

View file

@ -11,10 +11,10 @@ metadata:
kubespray.apiserver-cert/serial: "{{ apiserver_cert_serial }}"
spec:
hostNetwork: true
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
dnsPolicy: ClusterFirst
{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:
@ -43,7 +43,7 @@ spec:
{% if etcd_events_cluster_enabled %}
- --etcd-servers-overrides=/events#{{ etcd_events_access_addresses_semicolon }}
{% endif %}
{% if kube_version | version_compare('v1.9', '<') %}
{% if kube_version is version('v1.9', '<') %}
- --etcd-quorum-read=true
{% endif %}
- --etcd-cafile={{ etcd_cert_dir }}/ca.pem
@ -54,10 +54,10 @@ spec:
{% endif %}
- --bind-address={{ kube_apiserver_bind_address }}
- --apiserver-count={{ kube_apiserver_count }}
{% if kube_version | version_compare('v1.9', '>=') %}
{% if kube_version is version('v1.9', '>=') %}
- --endpoint-reconciler-type=lease
{% endif %}
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
- --admission-control={{ kube_apiserver_admission_control | join(',') }}
{% else %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
@ -114,7 +114,7 @@ spec:
{% endfor %}
{% endif %}
{% if enable_network_policy %}
{% if kube_version | version_compare('v1.8', '<') %}
{% if kube_version is version('v1.8', '<') %}
- --runtime-config=extensions/v1beta1/networkpolicies=true
{% endif %}
{% endif %}
@ -124,7 +124,7 @@ spec:
- --cloud-provider={{ cloud_provider }}
- --cloud-config={{ kube_config_dir }}/cloud_config
{% endif %}
{% if kube_api_anonymous_auth is defined and kube_version | version_compare('v1.5', '>=') %}
{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
- --anonymous-auth={{ kube_api_anonymous_auth }}
{% endif %}
{% if authorization_modes %}
@ -136,7 +136,7 @@ spec:
{% if kube_feature_gates %}
- --feature-gates={{ kube_feature_gates|join(',') }}
{% endif %}
{% if kube_version | version_compare('v1.9', '>=') %}
{% if kube_version is version('v1.9', '>=') %}
- --requestheader-client-ca-file={{ kube_cert_dir }}/{{ kube_front_proxy_ca }}
{# FIXME(mattymo): Vault certs do not work with front-proxy-client #}
{% if cert_management == "vault" %}

View file

@ -10,10 +10,10 @@ metadata:
kubespray.controller-manager-cert/serial: "{{ controller_manager_cert_serial }}"
spec:
hostNetwork: true
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
dnsPolicy: ClusterFirst
{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:

View file

@ -9,10 +9,10 @@ metadata:
kubespray.scheduler-cert/serial: "{{ scheduler_cert_serial }}"
spec:
hostNetwork: true
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
dnsPolicy: ClusterFirst
{% endif %}
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:

View file

@ -1,17 +1,17 @@
[Global]
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
zone={{ aws_zone|default("") }}
vpc={{ aws_vpc|default("") }}
subnetId={{ aws_subnet_id|default("") }}
routeTableId={{ aws_route_table_id|default("") }}
{% if kube_version | version_compare('v1.10', '>=') %}
{% if kube_version is version('v1.10', '>=') %}
roleArn={{ aws_role_arn|default("") }}
{% endif %}
kubernetesClusterTag={{ aws_kubernetes_cluster_tag|default("") }}
kubernetesClusterId={{ aws_kubernetes_cluster_id|default("") }}
disableSecurityGroupIngress={{ "true" if aws_disable_security_group_ingress|default(False) else "false" }}
disableStrictZoneCheck={{ "true" if aws_disable_strict_zone_check|default(False) else "false" }}
{% if kube_version | version_compare('v1.7', '>=') %}
{% if kube_version is version('v1.7', '>=') %}
elbSecurityGroup={{ aws_elb_security_group|default("") }}
{% endif %}
{% endif %}

View file

@ -17,7 +17,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{# start kubeadm specific settings #}
--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \
--kubeconfig={{ kube_config_dir }}/kubelet.conf \
{% if kube_version | version_compare('v1.8', '<') %}
{% if kube_version is version('v1.8', '<') %}
--require-kubeconfig \
{% endif %}
{% if kubelet_authentication_token_webhook %}
@ -29,7 +29,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
--enforce-node-allocatable={{ kubelet_enforce_node_allocatable }} \
--client-ca-file={{ kube_cert_dir }}/ca.crt \
--pod-manifest-path={{ kube_manifest_dir }} \
{% if kube_version | version_compare('v1.12.0', '<') %}
{% if kube_version is version('v1.12.0', '<') %}
--cadvisor-port={{ kube_cadvisor_port }} \
{% endif %}
{# end kubeadm specific settings #}
@ -37,7 +37,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
--node-status-update-frequency={{ kubelet_status_update_frequency }} \
--cgroup-driver={{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }} \
--max-pods={{ kubelet_max_pods }} \
{% if container_manager == 'docker' and kube_version | version_compare('v1.12.0', '<') %}
{% if container_manager == 'docker' and kube_version is version('v1.12.0', '<') %}
--docker-disable-shared-pid={{ kubelet_disable_shared_pid }} \
{% endif %}
{% if container_manager == 'crio' %}
@ -46,7 +46,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{% endif %}
--anonymous-auth=false \
--read-only-port={{ kube_read_only_port }} \
{% if kube_version | version_compare('v1.8', '<') %}
{% if kube_version is version('v1.8', '<') %}
--experimental-fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \
{% else %}
--fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \

View file

@ -12,12 +12,12 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{# Base kubelet args #}
{% set kubelet_args_base %}
--pod-manifest-path={{ kube_manifest_dir }} \
{% if kube_version | version_compare('v1.12.0', '<') %}
{% if kube_version is version('v1.12.0', '<') %}
--cadvisor-port={{ kube_cadvisor_port }} \
{% endif %}
--pod-infra-container-image={{ pod_infra_image_repo }}:{{ pod_infra_image_tag }} \
--node-status-update-frequency={{ kubelet_status_update_frequency }} \
{% if container_manager == 'docker' and kube_version | version_compare('v1.12.0', '<') %}
{% if container_manager == 'docker' and kube_version is version('v1.12.0', '<') %}
--docker-disable-shared-pid={{ kubelet_disable_shared_pid }} \
{% endif %}
--client-ca-file={{ kube_cert_dir }}/ca.pem \
@ -25,9 +25,9 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
--tls-private-key-file={{ kube_cert_dir }}/node-{{ inventory_hostname }}-key.pem \
--anonymous-auth=false \
--read-only-port={{ kube_read_only_port }} \
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
{# flag got removed with 1.7.0 #}
{% if kube_version | version_compare('v1.7', '<') %}
{% if kube_version is version('v1.7', '<') %}
--enable-cri={{ kubelet_enable_cri }} \
{% endif %}
{% if container_manager == 'crio' %}
@ -37,7 +37,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
--cgroup-driver={{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }} \
--cgroups-per-qos={{ kubelet_cgroups_per_qos }} \
--max-pods={{ kubelet_max_pods }} \
{% if kube_version | version_compare('v1.8', '<') %}
{% if kube_version is version('v1.8', '<') %}
--experimental-fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \
{% else %}
--fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \
@ -68,7 +68,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{% set kubelet_args_dns %}{{ kubelet_args_cluster_dns }} --cluster-domain={{ dns_domain }} --resolv-conf={{ kube_resolv_conf }}{% endset %}
{# Location of the apiserver #}
{% if kube_version | version_compare('v1.8', '<') %}
{% if kube_version is version('v1.8', '<') %}
{% set kubelet_args_kubeconfig %}--kubeconfig={{ kube_config_dir}}/node-kubeconfig.yaml --require-kubeconfig{% endset %}
{% else %}
{% set kubelet_args_kubeconfig %}--kubeconfig={{ kube_config_dir}}/node-kubeconfig.yaml{% endset %}
@ -76,7 +76,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{% if standalone_kubelet|bool %}
{# We are on a master-only host. Make the master unschedulable in this case. #}
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
{# Set taints on the master so that it's unschedulable by default. Use node-role.kubernetes.io/master taint like kubeadm. #}
{% set kubelet_args_kubeconfig %}{{ kubelet_args_kubeconfig }} --register-with-taints=node-role.kubernetes.io/master=:NoSchedule{% endset %}
{% else %}

View file

@ -9,13 +9,13 @@ metadata:
kubespray.kube-proxy-cert/serial: "{{ kube_proxy_cert_serial }}"
spec:
hostNetwork: true
{% if kube_version | version_compare('v1.6', '>=') %}
{% if kube_version is version('v1.6', '>=') %}
dnsPolicy: ClusterFirst
{% endif %}
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:
@ -56,7 +56,7 @@ spec:
- --masquerade-all
{% elif kube_proxy_mode == 'ipvs' %}
- --masquerade-all
{% if kube_version | version_compare('v1.10', '<') %}
{% if kube_version is version('v1.10', '<') %}
- --feature-gates=SupportIPVSProxyMode=true
{% endif %}
- --ipvs-min-sync-period=5s

View file

@ -10,7 +10,7 @@ spec:
# When having win nodes in cluster without this patch, this pod cloud try to be created in windows
nodeSelector:
beta.kubernetes.io/os: linux
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:

View file

@ -4,7 +4,7 @@ password = "{{ vsphere_password }}"
port = {{ vsphere_vcenter_port }}
insecure-flag = {{ vsphere_insecure }}
{% if kube_version | version_compare('v1.9.2', '>=') %}
{% if kube_version is version('v1.9.2', '>=') %}
datacenters = "{{ vsphere_datacenter }}"
{% else %}
datastore = "{{ vsphere_datastore }}"
@ -19,7 +19,7 @@ vm-name = "{{ vsphere_vm_name }}"
{% endif %}
{% endif %}
{% if kube_version | version_compare('v1.9.2', '>=') %}
{% if kube_version is version('v1.9.2', '>=') %}
[VirtualCenter "{{ vsphere_vcenter_ip }}"]

View file

@ -2,7 +2,7 @@
- name: Stop if ansible version is too low
assert:
that:
- ansible_version.full|version_compare('2.3.0', '>=')
- ansible_version.full is version('2.3.0', '>=')
run_once: yes
- name: Stop if either kube-master, kube-node or etcd is empty
@ -114,7 +114,7 @@
- name: Stop if kernel version is too low
assert:
that: ansible_kernel.split('-')[0]|version_compare('4.8', '>=')
that: ansible_kernel.split('-')[0] is version('4.8', '>=')
when: kube_network_plugin == 'cilium'
ignore_errors: "{{ ignore_assert_errors }}"
@ -146,7 +146,7 @@
- name: "Check that calico version is enought for upgrade"
assert:
that:
- calico_version_on_server.stdout|version_compare('v2.6.5', '>=')
- calico_version_on_server.stdout is version('v2.6.5', '>=')
msg: "Your version of calico is not fresh enough for upgrade. Minimum version v2.6.5"
when:
- 'calico_version_on_server.stdout is defined'

View file

@ -4,7 +4,7 @@
update_cache: yes
name: '*'
register: yum_task_result
until: yum_task_result|succeeded
until: yum_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -15,7 +15,7 @@
- name: Expire management cache (YUM) for Updation - Redhat
shell: yum clean expire-cache
register: expire_cache_output
until: expire_cache_output|succeeded
until: expire_cache_output is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -27,7 +27,7 @@
- name: Update package management cache (YUM) - Redhat
shell: yum makecache
register: make_cache_output
until: make_cache_output|succeeded
until: make_cache_output is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -40,7 +40,7 @@
- name: Update package management cache (zypper) - SUSE
shell: zypper -n --gpg-auto-import-keys ref
register: make_cache_output
until: make_cache_output|succeeded
until: make_cache_output is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -58,7 +58,7 @@
- name: Install python-dnf for latest RedHat versions
command: dnf install -y python-dnf yum
register: dnf_task_result
until: dnf_task_result|succeeded
until: dnf_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
@ -86,7 +86,7 @@
name: "{{ item }}"
state: latest
register: pkgs_task_result
until: pkgs_task_result|succeeded
until: pkgs_task_result is succeeded
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}"

View file

@ -296,7 +296,7 @@ feature_gate_v1_12: []
## List of key=value pairs that describe feature gates for
## the k8s cluster.
kube_feature_gates: |-
{%- if kube_version | version_compare('v1.12.0', '<') -%}
{%- if kube_version is version('v1.12.0', '<') -%}
{{ feature_gate_v1_11 }}
{%- else -%}
{{ feature_gate_v1_12 }}

View file

@ -63,7 +63,7 @@
delay: "{{ retry_stagger | random + 3 }}"
delegate_to: "{{groups['etcd'][0]}}"
when:
- calico_version | version_compare("v3.0.0", ">=")
- calico_version is version("v3.0.0", ">=")
- name: Calico-rr | Configure route reflector (legacy)
command: |-
@ -81,7 +81,7 @@
delay: "{{ retry_stagger | random + 3 }}"
delegate_to: "{{groups['etcd'][0]}}"
when:
- calico_version | version_compare("v3.0.0", "<")
- calico_version is version("v3.0.0", "<")
- meta: flush_handlers

View file

@ -20,7 +20,7 @@
- name: "Check that calico version is enough for upgrade"
assert:
that:
- calico_version_on_server.stdout|version_compare('v2.6.5', '>=')
- calico_version_on_server.stdout is version('v2.6.5', '>=')
msg: "Your version of calico is not fresh enough for upgrade"
when: calico_upgrade_enabled
@ -28,8 +28,8 @@
set_fact:
calico_upgrade_needed: True
when:
- calico_version_on_server.stdout|version_compare('v2.6.5', '>=')
- calico_version_on_server.stdout|version_compare('v3.0.0', '<')
- calico_version_on_server.stdout is version('v2.6.5', '>=')
- calico_version_on_server.stdout is version('v3.0.0', '<')
when:
- 'calico_version_on_server.stdout is defined'

View file

@ -102,7 +102,7 @@
delegate_to: "{{ groups['kube-master'][0] }}"
when:
- 'calico_conf.stdout == "0"'
- calico_version | version_compare("v3.0.0", ">=")
- calico_version is version("v3.0.0", ">=")
- name: Calico | Configure calico network pool (legacy)
shell: >
@ -119,7 +119,7 @@
delegate_to: "{{ groups['kube-master'][0] }}"
when:
- 'calico_conf.stdout == "0"'
- calico_version | version_compare("v3.0.0", "<")
- calico_version is version("v3.0.0", "<")
- name: "Determine nodeToNodeMesh needed state"
set_fact:
@ -144,19 +144,19 @@
run_once: true
delegate_to: "{{ groups['kube-master'][0] }}"
when:
- calico_version | version_compare('v3.0.0', '>=')
- calico_version is version('v3.0.0', '>=')
- name: Calico | Set global as_num (legacy)
command: "{{ bin_dir}}/calicoctl config set asNumber {{ global_as_num }}"
run_once: true
when:
- calico_version | version_compare('v3.0.0', '<')
- calico_version is version('v3.0.0', '<')
- name: Calico | Disable node mesh (legacy)
command: "{{ bin_dir }}/calicoctl config set nodeToNodeMesh off"
run_once: yes
when:
- calico_version | version_compare('v3.0.0', '<')
- calico_version is version('v3.0.0', '<')
- nodeToMeshEnabled|default(True)
- name: Calico | Configure node asNumber for per node peering
@ -176,7 +176,7 @@
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
- calico_version | version_compare('v3.0.0', '>=')
- calico_version is version('v3.0.0', '>=')
- peer_with_router|default(false)
- inventory_hostname in groups['k8s-cluster']
- local_as is defined
@ -199,7 +199,7 @@
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when:
- calico_version | version_compare('v3.0.0', '<')
- calico_version is version('v3.0.0', '<')
- peer_with_router|default(false)
- inventory_hostname in groups['k8s-cluster']
- local_as is defined
@ -223,7 +223,7 @@
with_items:
- "{{ peers|rejectattr('scope','equalto', 'global')|default([]) }}"
when:
- calico_version | version_compare('v3.0.0', '>=')
- calico_version is version('v3.0.0', '>=')
- peer_with_router|default(false)
- inventory_hostname in groups['k8s-cluster']
@ -280,7 +280,7 @@
with_items: "{{ peers|selectattr('scope','equalto', 'global')|default([]) }}"
run_once: true
when:
- calico_version | version_compare('v3.0.0', '<')
- calico_version is version('v3.0.0', '<')
- peer_with_router|default(false)
- inventory_hostname in groups['k8s-cluster']
@ -302,7 +302,7 @@
with_items:
- "{{ groups['calico-rr'] | default([]) }}"
when:
- calico_version | version_compare('v3.0.0', '>=')
- calico_version is version('v3.0.0', '>=')
- peer_with_calico_rr|default(false)
- inventory_hostname in groups['k8s-cluster']
- hostvars[item]['cluster_id'] == cluster_id
@ -322,7 +322,7 @@
delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{ groups['calico-rr'] | default([]) }}"
when:
- calico_version | version_compare('v3.0.0', '<')
- calico_version is version('v3.0.0', '<')
- not calico_upgrade_enabled
- peer_with_calico_rr|default(false)
- hostvars[item]['cluster_id'] == cluster_id

View file

@ -22,7 +22,7 @@ spec:
scheduler.alpha.kubernetes.io/critical-pod: ''
kubespray.etcd-cert/serial: "{{ etcd_client_cert_serial }}"
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -18,7 +18,7 @@ spec:
labels:
k8s-app: canal-node
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -32,7 +32,7 @@ spec:
prometheus.io/port: "9090"
{% endif %}
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
serviceAccountName: cilium

View file

@ -19,7 +19,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
# The API proxy must run in the host network namespace so that

View file

@ -18,7 +18,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -17,7 +17,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -17,7 +17,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -19,7 +19,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
# The netmaster must run in the host network namespace so that

View file

@ -23,7 +23,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -20,7 +20,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true

View file

@ -55,7 +55,7 @@ spec:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
serviceAccountName: flannel

View file

@ -63,7 +63,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
{% endif %}
serviceAccountName: kube-router

View file

@ -118,7 +118,7 @@ items:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
containers:

View file

@ -44,7 +44,7 @@
- name: Ensure minimum version for drain label selector if necessary
assert:
that: "kubectl_version.stdout.split(' ')[-1] | version_compare('v1.10.0', '>=')"
that: "kubectl_version.stdout.split(' ')[-1] is version('v1.10.0', '>=')"
when:
- drain_nodes
- needs_cordoning

View file

@ -12,7 +12,7 @@
headers: "{{ vault_client_headers }}"
status_code: "{{ vault_successful_http_codes | join(',') }}"
register: vault_health_check
until: vault_health_check|succeeded
until: vault_health_check is succeeded
retries: 10
delay: "{{ retry_stagger | random + 3 }}"
run_once: yes

View file

@ -20,7 +20,7 @@
url: "http://localhost:{{ vault_port }}/"
secret_shares: 1
secret_threshold: 1
until: "vault_temp_init|succeeded"
until: "vault_temp_init is succeeded"
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
register: vault_temp_init

View file

@ -4,7 +4,7 @@
shell: docker stop {{ vault_temp_container_name }} || rkt stop {{ vault_temp_container_name }}
failed_when: false
register: vault_temp_stop
changed_when: vault_temp_stop|succeeded
changed_when: vault_temp_stop is succeeded
# Check if vault is reachable on the localhost
- name: check_vault | Attempt to pull local https Vault health

View file

@ -7,7 +7,7 @@
method: HEAD
status_code: 200,429,501,503
register: vault_leader_check
until: "vault_leader_check|succeeded"
until: "vault_leader_check is succeeded"
retries: 10
- name: find_leader | Set fact for current http leader

View file

@ -55,7 +55,7 @@
no_log: true
- debug: var=agents.content|from_json
failed_when: not agents|success and not agents.content=='{}'
failed_when: not agents is success and not agents.content=='{}'
run_once: true
- name: Check netchecker status
@ -70,7 +70,7 @@
when: not agents.content=='{}'
- debug: var=result.content|from_json
failed_when: not result|success
failed_when: not result is success
run_once: true
when: not agents.content=='{}'
delegate_to: "{{groups['kube-master'][0]}}"