C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

remove unused var 'kube_apiserver_admission_control' (#5648) (#5651)

Browse source
This commit is contained in:
Adrien Gooris 2020-02-19 14:08:25 +01:00 committed by GitHub
parent eb00693325
commit da86457cda
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 0 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
roles/kubernetes/master/defaults/main/main.yml
View file

@ -95,17 +95,6 @@ kube_apiserver_memory_requests: 256M
kube_apiserver_cpu_requests: 100m
kube_apiserver_request_timeout: "1m0s"
# 1.9 and below Admission control plug-ins
kube_apiserver_admission_control:
- NamespaceLifecycle
- LimitRanger
- ServiceAccount
- DefaultStorageClass
- PersistentVolumeClaimResize
- MutatingAdmissionWebhook
- ValidatingAdmissionWebhook
- ResourceQuota
# 1.10+ admission plugins
kube_apiserver_enable_admission_plugins: []

1
roles/kubernetes/master/tasks/main.yml
View file

@ -61,7 +61,6 @@
- name: Disable SecurityContextDeny admission-controller and enable PodSecurityPolicy
set_fact:
kube_apiserver_admission_control: "{{ kube_apiserver_admission_control | default([]) | difference(['SecurityContextDeny']) | union(['PodSecurityPolicy']) | unique }}"
kube_apiserver_enable_admission_plugins: "{{ kube_apiserver_enable_admission_plugins | difference(['SecurityContextDeny']) | union(['PodSecurityPolicy']) | unique }}"
when: podsecuritypolicy_enabled