Merge pull request #3344 from woopstar/kubeadm-minor-fix
Sync manifests from non-kubeadm to kubeadm deploy
This commit is contained in:
commit
e47eeb67ee
7 changed files with 45 additions and 12 deletions
|
@ -68,9 +68,18 @@ apiServerExtraArgs:
|
|||
{% endif %}
|
||||
service-node-port-range: {{ kube_apiserver_node_port_range }}
|
||||
kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}"
|
||||
profiling: "{{ kube_profiling }}"
|
||||
repair-malformed-updates: "false"
|
||||
enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
|
||||
{% if kube_api_anonymous_auth is defined and kube_version | version_compare('v1.5', '>=') %}
|
||||
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
||||
{% endif %}
|
||||
{% if kube_basic_auth|default(true) %}
|
||||
basic-auth-file: {{ kube_users_dir }}/known_users.csv
|
||||
{% endif %}
|
||||
{% if kube_token_auth|default(true) %}
|
||||
token-auth-file: {{ kube_token_dir }}/known_tokens.csv
|
||||
{% endif %}
|
||||
{% if kube_oidc_auth|default(false) and kube_oidc_url is defined and kube_oidc_client_id is defined %}
|
||||
oidc-issuer-url: {{ kube_oidc_url }}
|
||||
oidc-client-id: {{ kube_oidc_client_id }}
|
||||
|
@ -92,6 +101,13 @@ apiServerExtraArgs:
|
|||
runtime-config: {{ kube_api_runtime_config | join(',') }}
|
||||
{% endif %}
|
||||
allow-privileged: "true"
|
||||
{% if kubernetes_audit %}
|
||||
audit-log-path: "{{ audit_log_path }}"
|
||||
audit-log-maxage: "{{ audit_log_maxage }}"
|
||||
audit-log-maxbackup: "{{ audit_log_maxbackups }}"
|
||||
audit-log-maxsize: "{{ audit_log_maxsize }}"
|
||||
audit-policy-file: {{ audit_policy_file }}
|
||||
{% endif %}
|
||||
{% for key in kube_kubeadm_apiserver_extra_args %}
|
||||
{{ key }}: "{{ kube_kubeadm_apiserver_extra_args[key] }}"
|
||||
{% endfor %}
|
||||
|
@ -102,19 +118,21 @@ controllerManagerExtraArgs:
|
|||
node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }}
|
||||
node-monitor-period: {{ kube_controller_node_monitor_period }}
|
||||
pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
|
||||
profiling: "{{ kube_profiling }}"
|
||||
{% if kube_feature_gates %}
|
||||
feature-gates: {{ kube_feature_gates|join(',') }}
|
||||
{% endif %}
|
||||
{% for key in kube_kubeadm_controller_extra_args %}
|
||||
{{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
|
||||
{% endfor %}
|
||||
{% if cloud_provider is defined and cloud_provider in ["openstack"] and openstack_cacert is defined %}
|
||||
controllerManagerExtraVolumes:
|
||||
- name: openstackcacert
|
||||
hostPath: "{{ kube_config_dir }}/openstack-cacert.pem"
|
||||
mountPath: "{{ kube_config_dir }}/openstack-cacert.pem"
|
||||
{% endif %}
|
||||
{% for key in kube_kubeadm_controller_extra_args %}
|
||||
{{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
|
||||
{% endfor %}
|
||||
schedulerExtraArgs:
|
||||
profiling: "{{ kube_profiling }}"
|
||||
{% if kube_feature_gates %}
|
||||
feature-gates: {{ kube_feature_gates|join(',') }}
|
||||
{% endif %}
|
||||
|
|
|
@ -60,9 +60,18 @@ apiServerExtraArgs:
|
|||
{% endif %}
|
||||
service-node-port-range: {{ kube_apiserver_node_port_range }}
|
||||
kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}"
|
||||
profiling: "{{ kube_profiling }}"
|
||||
repair-malformed-updates: "false"
|
||||
enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
|
||||
{% if kube_api_anonymous_auth is defined and kube_version | version_compare('v1.5', '>=') %}
|
||||
anonymous-auth: "{{ kube_api_anonymous_auth }}"
|
||||
{% endif %}
|
||||
{% if kube_basic_auth|default(true) %}
|
||||
basic-auth-file: {{ kube_users_dir }}/known_users.csv
|
||||
{% endif %}
|
||||
{% if kube_token_auth|default(true) %}
|
||||
token-auth-file: {{ kube_token_dir }}/known_tokens.csv
|
||||
{% endif %}
|
||||
{% if kube_oidc_auth|default(false) and kube_oidc_url is defined and kube_oidc_client_id is defined %}
|
||||
oidc-issuer-url: {{ kube_oidc_url }}
|
||||
oidc-client-id: {{ kube_oidc_client_id }}
|
||||
|
@ -101,9 +110,13 @@ controllerManagerExtraArgs:
|
|||
node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }}
|
||||
node-monitor-period: {{ kube_controller_node_monitor_period }}
|
||||
pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
|
||||
profiling: "{{ kube_profiling }}"
|
||||
{% if kube_feature_gates %}
|
||||
feature-gates: {{ kube_feature_gates|join(',') }}
|
||||
{% endif %}
|
||||
{% for key in kube_kubeadm_controller_extra_args %}
|
||||
{{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
|
||||
{% endfor %}
|
||||
{% if cloud_provider is defined and cloud_provider in ["openstack"] and openstack_cacert is defined %}
|
||||
controllerManagerExtraVolumes:
|
||||
- name: openstackcacert
|
||||
|
@ -122,10 +135,8 @@ apiServerExtraVolumes:
|
|||
writable: true
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% for key in kube_kubeadm_controller_extra_args %}
|
||||
{{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
|
||||
{% endfor %}
|
||||
schedulerExtraArgs:
|
||||
profiling: "{{ kube_profiling }}"
|
||||
{% if kube_feature_gates %}
|
||||
feature-gates: {{ kube_feature_gates|join(',') }}
|
||||
{% endif %}
|
||||
|
|
|
@ -33,7 +33,7 @@ spec:
|
|||
- --audit-log-maxage={{ audit_log_maxage }}
|
||||
- --audit-log-maxbackup={{ audit_log_maxbackups }}
|
||||
- --audit-log-maxsize={{ audit_log_maxsize }}
|
||||
- --audit-policy-file={{ audit_policy_file }}
|
||||
- --audit-policy-file={{ audit_policy_file }}
|
||||
{% endif %}
|
||||
- --advertise-address={{ ip | default(ansible_default_ipv4.address) }}
|
||||
- --etcd-servers={{ etcd_access_addresses }}
|
||||
|
@ -58,16 +58,16 @@ spec:
|
|||
- --admission-control={{ kube_apiserver_admission_control | join(',') }}
|
||||
{% else %}
|
||||
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
|
||||
- --enable-admission-plugins={{ kube_apiserver_enable_admission_plugins | join(',') }}
|
||||
- --enable-admission-plugins={{ kube_apiserver_enable_admission_plugins | join(',') }}
|
||||
{% endif %}
|
||||
{% if kube_apiserver_disable_admission_plugins|length > 0 %}
|
||||
- --disable-admission-plugins={{ kube_apiserver_disable_admission_plugins | join(',') }}
|
||||
- --disable-admission-plugins={{ kube_apiserver_disable_admission_plugins | join(',') }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
- --service-cluster-ip-range={{ kube_service_addresses }}
|
||||
- --service-node-port-range={{ kube_apiserver_node_port_range }}
|
||||
- --client-ca-file={{ kube_cert_dir }}/ca.pem
|
||||
- --profiling=false
|
||||
- --profiling={{ kube_profiling }}
|
||||
- --repair-malformed-updates=false
|
||||
- --kubelet-client-certificate={{ kube_cert_dir }}/node-{{ inventory_hostname }}.pem
|
||||
- --kubelet-client-key={{ kube_cert_dir }}/node-{{ inventory_hostname }}-key.pem
|
||||
|
|
|
@ -37,7 +37,7 @@ spec:
|
|||
- --node-monitor-grace-period={{ kube_controller_node_monitor_grace_period }}
|
||||
- --node-monitor-period={{ kube_controller_node_monitor_period }}
|
||||
- --pod-eviction-timeout={{ kube_controller_pod_eviction_timeout }}
|
||||
- --profiling=false
|
||||
- --profiling={{ kube_profiling }}
|
||||
- --terminated-pod-gc-threshold=12500
|
||||
- --v={{ kube_log_level }}
|
||||
{% if rbac_enabled %}
|
||||
|
|
|
@ -32,7 +32,7 @@ spec:
|
|||
- --use-legacy-policy-config
|
||||
- --policy-config-file={{ kube_config_dir }}/kube-scheduler-policy.yaml
|
||||
{% endif %}
|
||||
- --profiling=false
|
||||
- --profiling={{ kube_profiling }}
|
||||
- --v={{ kube_log_level }}
|
||||
{% if kube_feature_gates %}
|
||||
- --feature-gates={{ kube_feature_gates|join(',') }}
|
||||
|
|
|
@ -26,6 +26,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
|
|||
{% if kubelet_authorization_mode_webhook %}
|
||||
--authorization-mode=Webhook \
|
||||
{% endif %}
|
||||
--enforce-node-allocatable={{ kubelet_enforce_node_allocatable }} \
|
||||
--client-ca-file={{ kube_cert_dir }}/ca.crt \
|
||||
--pod-manifest-path={{ kube_manifest_dir }} \
|
||||
--cadvisor-port={{ kube_cadvisor_port }} \
|
||||
|
|
|
@ -147,6 +147,9 @@ dynamic_kubelet_configuration_dir: "{{ kubelet_config_dir | default(default_kube
|
|||
# Aggregator
|
||||
kube_api_aggregator_routing: false
|
||||
|
||||
# Profiling
|
||||
kube_profiling: false
|
||||
|
||||
# Container for runtime
|
||||
container_manager: docker
|
||||
|
||||
|
|
Loading…
Reference in a new issue