Manually enforce kube-proxy for kubeadm deploy
This commit is contained in:
parent
919713af28
commit
ef04c7ed53
2 changed files with 67 additions and 0 deletions
|
@ -18,6 +18,17 @@
|
||||||
with_items: ['deploy', 'svc']
|
with_items: ['deploy', 'svc']
|
||||||
tags: upgrade
|
tags: upgrade
|
||||||
|
|
||||||
|
- name: Kubernetes Apps | Ensure kubeadm kube-proxy
|
||||||
|
kube:
|
||||||
|
name: "kube-proxy"
|
||||||
|
namespace: "{{ system_namespace }}"
|
||||||
|
kubectl: "{{bin_dir}}/kubectl"
|
||||||
|
resource: "daemonset"
|
||||||
|
state: latest
|
||||||
|
when:
|
||||||
|
- kubeadm_enabled|default(false)
|
||||||
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
|
|
||||||
- name: Kubernetes Apps | Delete kubeadm kubedns
|
- name: Kubernetes Apps | Delete kubeadm kubedns
|
||||||
kube:
|
kube:
|
||||||
name: "kubedns"
|
name: "kubedns"
|
||||||
|
|
56
roles/kubernetes-apps/ansible/templates/kube-proxy-ds.yml.j2
Normal file
56
roles/kubernetes-apps/ansible/templates/kube-proxy-ds.yml.j2
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: DaemonSet
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: kube-proxy
|
||||||
|
name: kube-proxy
|
||||||
|
namespace: {{ system_namespace }}
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
k8s-app: kube-proxy
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: kube-proxy
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- command:
|
||||||
|
- /usr/local/bin/kube-proxy
|
||||||
|
- --kubeconfig=/var/lib/kube-proxy/kubeconfig.conf
|
||||||
|
- --cluster-cidr=10.233.64.0/18
|
||||||
|
image: {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }}
|
||||||
|
imagePullPolicy: {{ k8s_image_pull_policy }}
|
||||||
|
name: kube-proxy
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /var/lib/kube-proxy
|
||||||
|
name: kube-proxy
|
||||||
|
- mountPath: /run/xtables.lock
|
||||||
|
name: xtables-lock
|
||||||
|
dnsPolicy: ClusterFirst
|
||||||
|
hostNetwork: true
|
||||||
|
restartPolicy: Always
|
||||||
|
serviceAccount: kube-proxy
|
||||||
|
serviceAccountName: kube-proxy
|
||||||
|
terminationGracePeriodSeconds: 30
|
||||||
|
tolerations:
|
||||||
|
- effect: NoSchedule
|
||||||
|
key: node-role.kubernetes.io/master
|
||||||
|
- effect: NoSchedule
|
||||||
|
key: node.cloudprovider.kubernetes.io/uninitialized
|
||||||
|
value: "true"
|
||||||
|
volumes:
|
||||||
|
- configMap:
|
||||||
|
defaultMode: 420
|
||||||
|
name: kube-proxy
|
||||||
|
name: kube-proxy
|
||||||
|
- hostPath:
|
||||||
|
path: /run/xtables.lock
|
||||||
|
name: xtables-lock
|
||||||
|
updateStrategy:
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
type: RollingUpdate
|
||||||
|
|
Loading…
Reference in a new issue