remove unused code (#4981)
This commit is contained in:
刘旭
Kubernetes Prow Robot
parent
99c5f7e013
commit
de9443a694
36 changed files with 6 additions and 100 deletions
|
|
@ -30,7 +30,6 @@
|
||||||
- name: download | Get kubeadm binary and list of required images
|
- name: download | Get kubeadm binary and list of required images
|
||||||
include_tasks: prep_kubeadm_images.yml
|
include_tasks: prep_kubeadm_images.yml
|
||||||
when:
|
when:
|
||||||
- kube_version is version('v1.11.0', '>=')
|
|
||||||
- not skip_downloads|default(false)
|
- not skip_downloads|default(false)
|
||||||
- inventory_hostname in groups['kube-master']
|
- inventory_hostname in groups['kube-master']
|
||||||
tags:
|
tags:
|
||||||
|
|
|
||||||
|
|
@ -140,9 +140,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: kubernetes-dashboard
|
k8s-app: kubernetes-dashboard
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: kubernetes-dashboard
|
- name: kubernetes-dashboard
|
||||||
image: {{ dashboard_image_repo }}:{{ dashboard_image_tag }}
|
image: {{ dashboard_image_repo }}:{{ dashboard_image_tag }}
|
||||||
|
|
|
||||||
|
|
@ -34,9 +34,7 @@ spec:
|
||||||
scheduler.alpha.kubernetes.io/critical-pod: ""
|
scheduler.alpha.kubernetes.io/critical-pod: ""
|
||||||
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
|
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
securityContext:
|
securityContext:
|
||||||
supplementalGroups: [ 65534 ]
|
supplementalGroups: [ 65534 ]
|
||||||
fsGroup: 65534
|
fsGroup: 65534
|
||||||
|
|
|
||||||
|
|
@ -12,9 +12,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
app: netchecker-agent
|
app: netchecker-agent
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
tolerations:
|
tolerations:
|
||||||
- effect: NoSchedule
|
- effect: NoSchedule
|
||||||
operator: Exists
|
operator: Exists
|
||||||
|
|
|
||||||
|
|
@ -16,9 +16,7 @@ spec:
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: linux
|
beta.kubernetes.io/os: linux
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
tolerations:
|
tolerations:
|
||||||
- effect: NoSchedule
|
- effect: NoSchedule
|
||||||
operator: Exists
|
operator: Exists
|
||||||
|
|
|
||||||
|
|
@ -11,9 +11,7 @@ spec:
|
||||||
app: netchecker-server
|
app: netchecker-server
|
||||||
namespace: {{ netcheck_namespace }}
|
namespace: {{ netcheck_namespace }}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: netchecker-server
|
- name: netchecker-server
|
||||||
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
|
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
|
||||||
|
|
|
||||||
|
|
@ -19,9 +19,7 @@ spec:
|
||||||
prometheus.io/scrape: 'true'
|
prometheus.io/scrape: 'true'
|
||||||
prometheus.io/port: '9253'
|
prometheus.io/port: '9253'
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: nodelocaldns
|
serviceAccountName: nodelocaldns
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: Default # Don't use cluster DNS.
|
dnsPolicy: Default # Don't use cluster DNS.
|
||||||
|
|
|
||||||
|
|
@ -140,9 +140,7 @@
|
||||||
|
|
||||||
- name: PriorityClass | Copy k8s-cluster-critical-pc.yml file
|
- name: PriorityClass | Copy k8s-cluster-critical-pc.yml file
|
||||||
copy: src=k8s-cluster-critical-pc.yml dest={{ kube_config_dir }}/k8s-cluster-critical-pc.yml
|
copy: src=k8s-cluster-critical-pc.yml dest={{ kube_config_dir }}/k8s-cluster-critical-pc.yml
|
||||||
when:
|
when: inventory_hostname == groups['kube-master']|last
|
||||||
- kube_version is version('v1.11.1', '>=')
|
|
||||||
- inventory_hostname == groups['kube-master']|last
|
|
||||||
|
|
||||||
- name: PriorityClass | Create k8s-cluster-critical
|
- name: PriorityClass | Create k8s-cluster-critical
|
||||||
kube:
|
kube:
|
||||||
|
|
@ -151,6 +149,4 @@
|
||||||
resource: "PriorityClass"
|
resource: "PriorityClass"
|
||||||
filename: "{{ kube_config_dir }}/k8s-cluster-critical-pc.yml"
|
filename: "{{ kube_config_dir }}/k8s-cluster-critical-pc.yml"
|
||||||
state: latest
|
state: latest
|
||||||
when:
|
when: inventory_hostname == groups['kube-master']|last
|
||||||
- kube_version is version('v1.11.1', '>=')
|
|
||||||
- inventory_hostname == groups['kube-master']|last
|
|
||||||
|
|
|
||||||
|
|
@ -43,10 +43,8 @@ spec:
|
||||||
- min: 1
|
- min: 1
|
||||||
max: 65535
|
max: 65535
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
{% if kube_version is version('v1.12.1', '>=') %}
|
|
||||||
forbiddenSysctls:
|
forbiddenSysctls:
|
||||||
- '*'
|
- '*'
|
||||||
{% endif %}
|
|
||||||
---
|
---
|
||||||
apiVersion: policy/v1beta1
|
apiVersion: policy/v1beta1
|
||||||
kind: PodSecurityPolicy
|
kind: PodSecurityPolicy
|
||||||
|
|
@ -79,8 +77,6 @@ spec:
|
||||||
fsGroup:
|
fsGroup:
|
||||||
rule: 'RunAsAny'
|
rule: 'RunAsAny'
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
{% if kube_version is version('v1.12.1', '>=') %}
|
|
||||||
# This will fail if allowed-unsafe-sysctls is not set accordingly in kubelet flags
|
# This will fail if allowed-unsafe-sysctls is not set accordingly in kubelet flags
|
||||||
allowedUnsafeSysctls:
|
allowedUnsafeSysctls:
|
||||||
- '*'
|
- '*'
|
||||||
{% endif %}
|
|
||||||
|
|
|
||||||
|
|
@ -19,9 +19,7 @@ spec:
|
||||||
app: cephfs-provisioner
|
app: cephfs-provisioner
|
||||||
version: {{ cephfs_provisioner_image_tag }}
|
version: {{ cephfs_provisioner_image_tag }}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if cephfs_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if cephfs_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccount: cephfs-provisioner
|
serviceAccount: cephfs-provisioner
|
||||||
containers:
|
containers:
|
||||||
- name: cephfs-provisioner
|
- name: cephfs-provisioner
|
||||||
|
|
|
||||||
|
|
@ -18,9 +18,7 @@ spec:
|
||||||
k8s-app: local-volume-provisioner
|
k8s-app: local-volume-provisioner
|
||||||
version: {{ local_volume_provisioner_image_tag }}
|
version: {{ local_volume_provisioner_image_tag }}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if local_volume_provisioner_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if local_volume_provisioner_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: local-volume-provisioner
|
serviceAccountName: local-volume-provisioner
|
||||||
tolerations:
|
tolerations:
|
||||||
- effect: NoSchedule
|
- effect: NoSchedule
|
||||||
|
|
|
||||||
|
|
@ -21,9 +21,7 @@ spec:
|
||||||
app: rbd-provisioner
|
app: rbd-provisioner
|
||||||
version: {{ rbd_provisioner_image_tag }}
|
version: {{ rbd_provisioner_image_tag }}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if rbd_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if rbd_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccount: rbd-provisioner
|
serviceAccount: rbd-provisioner
|
||||||
containers:
|
containers:
|
||||||
- name: rbd-provisioner
|
- name: rbd-provisioner
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,7 @@
|
||||||
--upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
|
--upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
|
||||||
{% if rbac_enabled %} --service-account=tiller{% endif %}
|
{% if rbac_enabled %} --service-account=tiller{% endif %}
|
||||||
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
|
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
|
||||||
{% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
|
--override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
|
||||||
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
|
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
|
||||||
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
|
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
|
||||||
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
|
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
|
||||||
|
|
@ -66,7 +66,7 @@
|
||||||
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
|
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
|
||||||
{% if rbac_enabled %} --service-account=tiller{% endif %}
|
{% if rbac_enabled %} --service-account=tiller{% endif %}
|
||||||
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
|
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
|
||||||
{% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
|
--override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
|
||||||
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
|
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
|
||||||
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
|
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
|
||||||
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
|
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
|
||||||
|
|
@ -76,7 +76,6 @@
|
||||||
| {{ bin_dir }}/kubectl apply -f -
|
| {{ bin_dir }}/kubectl apply -f -
|
||||||
changed_when: false
|
changed_when: false
|
||||||
when:
|
when:
|
||||||
- (tiller_override is defined and tiller_override) or (kube_version is version('v1.11.1', '>='))
|
|
||||||
- inventory_hostname == groups['kube-master'][0]
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
environment: "{{ proxy_env }}"
|
environment: "{{ proxy_env }}"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -22,9 +22,7 @@ spec:
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
annotations:
|
annotations:
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if cert_manager_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if cert_manager_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: cert-manager
|
serviceAccountName: cert-manager
|
||||||
containers:
|
containers:
|
||||||
- name: cert-manager
|
- name: cert-manager
|
||||||
|
|
|
||||||
|
|
@ -34,9 +34,7 @@ spec:
|
||||||
tolerations:
|
tolerations:
|
||||||
{{ ingress_nginx_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
{{ ingress_nginx_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if ingress_nginx_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if ingress_nginx_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: ingress-nginx-controller
|
- name: ingress-nginx-controller
|
||||||
image: {{ ingress_nginx_controller_image_repo }}:{{ ingress_nginx_controller_image_tag }}
|
image: {{ ingress_nginx_controller_image_repo }}:{{ ingress_nginx_controller_image_tag }}
|
||||||
|
|
|
||||||
|
|
@ -23,9 +23,7 @@ spec:
|
||||||
annotations:
|
annotations:
|
||||||
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
|
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: metrics-server
|
serviceAccountName: metrics-server
|
||||||
containers:
|
containers:
|
||||||
- name: metrics-server
|
- name: metrics-server
|
||||||
|
|
|
||||||
|
|
@ -32,9 +32,7 @@ spec:
|
||||||
operator: Exists
|
operator: Exists
|
||||||
- key: node-role.kubernetes.io/master
|
- key: node-role.kubernetes.io/master
|
||||||
effect: NoSchedule
|
effect: NoSchedule
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: calico-kube-controllers
|
- name: calico-kube-controllers
|
||||||
image: {{ calico_policy_image_repo }}:{{ calico_policy_image_tag }}
|
image: {{ calico_policy_image_repo }}:{{ calico_policy_image_tag }}
|
||||||
|
|
|
||||||
|
|
@ -21,9 +21,7 @@ spec:
|
||||||
kubernetes.io/cluster-service: "true"
|
kubernetes.io/cluster-service: "true"
|
||||||
version: v{{ registry_proxy_image_tag }}
|
version: v{{ registry_proxy_image_tag }}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if registry_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if registry_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: registry-proxy
|
serviceAccountName: registry-proxy
|
||||||
containers:
|
containers:
|
||||||
- name: registry-proxy
|
- name: registry-proxy
|
||||||
|
|
|
||||||
|
|
@ -22,9 +22,7 @@ spec:
|
||||||
version: v{{ registry_image_tag }}
|
version: v{{ registry_image_tag }}
|
||||||
kubernetes.io/cluster-service: "true"
|
kubernetes.io/cluster-service: "true"
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: {% if registry_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
priorityClassName: {% if registry_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: registry
|
serviceAccountName: registry
|
||||||
containers:
|
containers:
|
||||||
- name: registry
|
- name: registry
|
||||||
|
|
|
||||||
|
|
@ -90,7 +90,7 @@ imageRepository: {{ kube_image_repo }}
|
||||||
useHyperKubeImage: false
|
useHyperKubeImage: false
|
||||||
apiServer:
|
apiServer:
|
||||||
extraArgs:
|
extraArgs:
|
||||||
{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
|
{% if kube_api_anonymous_auth is defined %}
|
||||||
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
authorization-mode: {{ authorization_modes | join(',') }}
|
authorization-mode: {{ authorization_modes | join(',') }}
|
||||||
|
|
@ -106,9 +106,7 @@ apiServer:
|
||||||
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
|
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
apiserver-count: "{{ kube_apiserver_count }}"
|
apiserver-count: "{{ kube_apiserver_count }}"
|
||||||
{% if kube_version is version('v1.9', '>=') %}
|
|
||||||
endpoint-reconciler-type: lease
|
endpoint-reconciler-type: lease
|
||||||
{% endif %}
|
|
||||||
{% if etcd_events_cluster_enabled %}
|
{% if etcd_events_cluster_enabled %}
|
||||||
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
|
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
||||||
|
|
@ -94,7 +94,7 @@ imageRepository: {{ kube_image_repo }}
|
||||||
useHyperKubeImage: false
|
useHyperKubeImage: false
|
||||||
apiServer:
|
apiServer:
|
||||||
extraArgs:
|
extraArgs:
|
||||||
{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
|
{% if kube_api_anonymous_auth is defined %}
|
||||||
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
authorization-mode: {{ authorization_modes | join(',') }}
|
authorization-mode: {{ authorization_modes | join(',') }}
|
||||||
|
|
@ -110,9 +110,7 @@ apiServer:
|
||||||
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
|
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
apiserver-count: "{{ kube_apiserver_count }}"
|
apiserver-count: "{{ kube_apiserver_count }}"
|
||||||
{% if kube_version is version('v1.9', '>=') %}
|
|
||||||
endpoint-reconciler-type: lease
|
endpoint-reconciler-type: lease
|
||||||
{% endif %}
|
|
||||||
{% if etcd_events_cluster_enabled %}
|
{% if etcd_events_cluster_enabled %}
|
||||||
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
|
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
||||||
|
|
@ -1,17 +1,11 @@
|
||||||
[Global]
|
[Global]
|
||||||
{% if kube_version is version('v1.6', '>=') %}
|
|
||||||
zone={{ aws_zone|default("") }}
|
zone={{ aws_zone|default("") }}
|
||||||
vpc={{ aws_vpc|default("") }}
|
vpc={{ aws_vpc|default("") }}
|
||||||
subnetId={{ aws_subnet_id|default("") }}
|
subnetId={{ aws_subnet_id|default("") }}
|
||||||
routeTableId={{ aws_route_table_id|default("") }}
|
routeTableId={{ aws_route_table_id|default("") }}
|
||||||
{% if kube_version is version('v1.10', '>=') %}
|
|
||||||
roleArn={{ aws_role_arn|default("") }}
|
roleArn={{ aws_role_arn|default("") }}
|
||||||
{% endif %}
|
|
||||||
kubernetesClusterTag={{ aws_kubernetes_cluster_tag|default("") }}
|
kubernetesClusterTag={{ aws_kubernetes_cluster_tag|default("") }}
|
||||||
kubernetesClusterId={{ aws_kubernetes_cluster_id|default("") }}
|
kubernetesClusterId={{ aws_kubernetes_cluster_id|default("") }}
|
||||||
disableSecurityGroupIngress={{ "true" if aws_disable_security_group_ingress|default(False) else "false" }}
|
disableSecurityGroupIngress={{ "true" if aws_disable_security_group_ingress|default(False) else "false" }}
|
||||||
disableStrictZoneCheck={{ "true" if aws_disable_strict_zone_check|default(False) else "false" }}
|
disableStrictZoneCheck={{ "true" if aws_disable_strict_zone_check|default(False) else "false" }}
|
||||||
{% if kube_version is version('v1.7', '>=') %}
|
|
||||||
elbSecurityGroup={{ aws_elb_security_group|default("") }}
|
elbSecurityGroup={{ aws_elb_security_group|default("") }}
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
|
||||||
|
|
@ -4,22 +4,7 @@ password = "{{ vsphere_password }}"
|
||||||
port = {{ vsphere_vcenter_port }}
|
port = {{ vsphere_vcenter_port }}
|
||||||
insecure-flag = {{ vsphere_insecure }}
|
insecure-flag = {{ vsphere_insecure }}
|
||||||
|
|
||||||
{% if kube_version is version('v1.9.2', '>=') %}
|
|
||||||
datacenters = "{{ vsphere_datacenter }}"
|
datacenters = "{{ vsphere_datacenter }}"
|
||||||
{% else %}
|
|
||||||
datastore = "{{ vsphere_datastore }}"
|
|
||||||
datacenter = "{{ vsphere_datacenter }}"
|
|
||||||
working-dir = "{{ vsphere_working_dir }}"
|
|
||||||
server = "{{ vsphere_vcenter_ip }}"
|
|
||||||
{% if vsphere_vm_uuid is defined and vsphere_vm_uuid != "" %}
|
|
||||||
vm-uuid = "{{ vsphere_vm_uuid }}"
|
|
||||||
{% endif %}
|
|
||||||
{% if vsphere_vm_name is defined and vsphere_vm_name != "" %}
|
|
||||||
vm-name = "{{ vsphere_vm_name }}"
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if kube_version is version('v1.9.2', '>=') %}
|
|
||||||
|
|
||||||
[VirtualCenter "{{ vsphere_vcenter_ip }}"]
|
[VirtualCenter "{{ vsphere_vcenter_ip }}"]
|
||||||
|
|
||||||
|
|
@ -32,7 +17,6 @@ default-datastore = "{{ vsphere_datastore }}"
|
||||||
{% if vsphere_resource_pool is defined and vsphere_resource_pool != "" %}
|
{% if vsphere_resource_pool is defined and vsphere_resource_pool != "" %}
|
||||||
resourcepool-path = "{{ vsphere_resource_pool }}"
|
resourcepool-path = "{{ vsphere_resource_pool }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
|
|
||||||
[Disk]
|
[Disk]
|
||||||
|
|
@ -43,7 +27,6 @@ scsicontrollertype = {{ vsphere_scsi_controller_type }}
|
||||||
public-network = {{ vsphere_public_network }}
|
public-network = {{ vsphere_public_network }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if kube_version is version('v1.12.0', '>=') %}
|
|
||||||
[Labels]
|
[Labels]
|
||||||
{% if vsphere_zone_category is defined and vsphere_zone_category != "" %}
|
{% if vsphere_zone_category is defined and vsphere_zone_category != "" %}
|
||||||
zone = {{ vsphere_zone_category }}
|
zone = {{ vsphere_zone_category }}
|
||||||
|
|
@ -51,4 +34,3 @@ zone = {{ vsphere_zone_category }}
|
||||||
{% if vsphere_region_category is defined and vsphere_region_category != "" %}
|
{% if vsphere_region_category is defined and vsphere_region_category != "" %}
|
||||||
region = {{ vsphere_region_category }}
|
region = {{ vsphere_region_category }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
|
||||||
|
|
|
||||||
|
|
@ -13,9 +13,7 @@ spec:
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: linux
|
beta.kubernetes.io/os: linux
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: haproxy
|
- name: haproxy
|
||||||
image: {{ haproxy_image_repo }}:{{ haproxy_image_tag }}
|
image: {{ haproxy_image_repo }}:{{ haproxy_image_tag }}
|
||||||
|
|
|
||||||
|
|
@ -13,9 +13,7 @@ spec:
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: linux
|
beta.kubernetes.io/os: linux
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: nginx-proxy
|
- name: nginx-proxy
|
||||||
image: {{ nginx_image_repo }}:{{ nginx_image_tag }}
|
image: {{ nginx_image_repo }}:{{ nginx_image_tag }}
|
||||||
|
|
|
||||||
|
|
@ -26,9 +26,7 @@ spec:
|
||||||
prometheus.io/port: "9090"
|
prometheus.io/port: "9090"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: cilium
|
serviceAccountName: cilium
|
||||||
initContainers:
|
initContainers:
|
||||||
- name: clean-cilium-state
|
- name: clean-cilium-state
|
||||||
|
|
|
||||||
|
|
@ -16,9 +16,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-api-proxy
|
k8s-app: contiv-api-proxy
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
# The API proxy must run in the host network namespace so that
|
# The API proxy must run in the host network namespace so that
|
||||||
# it isn't governed by policy that would prevent it from working.
|
# it isn't governed by policy that would prevent it from working.
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
|
|
|
||||||
|
|
@ -15,9 +15,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-cleanup
|
k8s-app: contiv-cleanup
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
|
||||||
|
|
@ -15,9 +15,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-etcd-proxy
|
k8s-app: contiv-etcd-proxy
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
|
||||||
|
|
@ -15,9 +15,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-etcd
|
k8s-app: contiv-etcd
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
|
||||||
|
|
@ -16,9 +16,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-netmaster
|
k8s-app: contiv-netmaster
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
# The netmaster must run in the host network namespace so that
|
# The netmaster must run in the host network namespace so that
|
||||||
# it isn't governed by policy that would prevent it from working.
|
# it isn't governed by policy that would prevent it from working.
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
|
|
|
||||||
|
|
@ -20,9 +20,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-netplugin
|
k8s-app: contiv-netplugin
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
|
||||||
|
|
@ -17,9 +17,7 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: contiv-ovs
|
k8s-app: contiv-ovs
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
|
||||||
|
|
@ -52,9 +52,7 @@ spec:
|
||||||
tier: node
|
tier: node
|
||||||
k8s-app: flannel
|
k8s-app: flannel
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: flannel
|
serviceAccountName: flannel
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: linux
|
beta.kubernetes.io/os: linux
|
||||||
|
|
|
||||||
|
|
@ -61,9 +61,7 @@ spec:
|
||||||
k8s-app: kube-router
|
k8s-app: kube-router
|
||||||
tier: node
|
tier: node
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-cluster-critical
|
priorityClassName: system-cluster-critical
|
||||||
{% endif %}
|
|
||||||
serviceAccountName: kube-router
|
serviceAccountName: kube-router
|
||||||
containers:
|
containers:
|
||||||
- name: kube-router
|
- name: kube-router
|
||||||
|
|
|
||||||
|
|
@ -115,9 +115,7 @@ items:
|
||||||
labels:
|
labels:
|
||||||
name: weave-net
|
name: weave-net
|
||||||
spec:
|
spec:
|
||||||
{% if kube_version is version('v1.11.1', '>=') %}
|
|
||||||
priorityClassName: system-node-critical
|
priorityClassName: system-node-critical
|
||||||
{% endif %}
|
|
||||||
containers:
|
containers:
|
||||||
- name: weave
|
- name: weave
|
||||||
command:
|
command:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue