kubespray/roles/kubernetes/preinstall/defaults/main.yml

156 lines
4.5 KiB
YAML
Raw Normal View History

---
# Set to true to allow pre-checks to fail and continue deployment
ignore_assert_errors: false
epel_enabled: false
# Kubespray sets this to true after clusterDNS is running to apply changes to the host resolv.conf
dns_late: false
2015-12-31 21:07:02 +08:00
common_required_pkgs:
- "{{ (ansible_distribution == 'openSUSE Tumbleweed') | ternary('openssl-1_1', 'openssl') }}"
2015-12-31 21:07:02 +08:00
- curl
2016-01-09 17:45:50 +08:00
- rsync
- socat
- unzip
- e2fsprogs
- xfsprogs
- ebtables
2021-04-15 23:33:50 +08:00
- bash-completion
2022-08-16 20:17:18 +08:00
- tar
2015-12-31 21:07:02 +08:00
# Set to true if your network does not support IPv6
2024-01-30 09:46:58 +08:00
# This may be necessary for pulling Docker images from
# GCE docker repository
disable_ipv6_dns: false
# Remove default cluster search domains (``default.svc.{{ dns_domain }}, svc.{{ dns_domain }}``).
remove_default_searchdomains: false
kube_owner: kube
kube_cert_group: kube-cert
kube_config_dir: /etc/kubernetes
kube_cert_dir: "{{ kube_config_dir }}/ssl"
kube_cert_compat_dir: /etc/kubernetes/pki
kubelet_flexvolumes_plugins_dir: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
# Flatcar Container Linux by Kinvolk cloud init config file to define /etc/resolv.conf content
# for hostnet pods and infra needs
resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf
# All inventory hostnames will be written into each /etc/hosts file.
populate_inventory_to_hosts_file: true
# K8S Api FQDN will be written into /etc/hosts file.
populate_loadbalancer_apiserver_to_hosts_file: true
# etc_hosts_localhost_entries will be written into /etc/hosts file.
populate_localhost_entries_to_hosts_file: true
sysctl_file_path: "/etc/sysctl.d/99-sysctl.conf"
2018-08-24 20:06:07 +08:00
etc_hosts_localhost_entries:
127.0.0.1:
expected:
- localhost
- localhost.localdomain
::1:
2018-08-24 20:06:07 +08:00
expected:
- localhost6
- localhost6.localdomain
unexpected:
- localhost
- localhost.localdomain
# Minimal memory requirement in MB for safety checks
minimal_node_memory_mb: 1024
minimal_master_memory_mb: 1500
yum_repo_dir: /etc/yum.repos.d
# number of times package install task should be retried
pkg_install_retries: 4
# Check if access_ip responds to ping. Set false if your firewall blocks ICMP.
ping_access_ip: true
2022-06-29 04:15:34 +08:00
## NTP Settings
# Start the ntpd or chrony service and enable it at system boot.
ntp_enabled: false
# The package to install which provides NTP functionality.
# The default is ntp for most platforms, or chrony on RHEL/CentOS 7 and later.
# The ntp_package can be one of ['ntp', 'chrony']
2022-06-29 04:15:34 +08:00
ntp_package: >-
{% if ansible_os_family == "RedHat" -%}
chrony
{%- else -%}
ntp
{%- endif -%}
# Manage the NTP configuration file.
ntp_manage_config: false
# Specify the NTP servers
# Only takes effect when ntp_manage_config is true.
ntp_servers:
- "0.pool.ntp.org iburst"
- "1.pool.ntp.org iburst"
- "2.pool.ntp.org iburst"
- "3.pool.ntp.org iburst"
# Restrict NTP access to these hosts.
# Only takes effect when ntp_manage_config is true.
ntp_restrict:
- "127.0.0.1"
- "::1"
# The NTP driftfile path
# Only takes effect when ntp_manage_config is true.
ntp_driftfile: /var/lib/ntp/ntp.drift
# Enable tinker panic is useful when running NTP in a VM environment.
# Only takes effect when ntp_manage_config is true.
ntp_tinker_panic: false
2024-01-30 09:46:58 +08:00
# Force sync time immediately after the ntp installed, which is useful in a newly installed system.
2022-06-29 04:15:34 +08:00
ntp_force_sync_immediately: false
2022-09-15 12:11:22 +08:00
# Set the timezone for your server. eg: "Etc/UTC","Etc/GMT-8". If not set, the timezone will not change.
ntp_timezone: ""
# Currently known os distributions
supported_os_distributions:
- 'RedHat'
- 'CentOS'
- 'Fedora'
- 'Ubuntu'
- 'Debian'
- 'Flatcar'
- 'Flatcar Container Linux by Kinvolk'
- 'Suse'
- 'openSUSE Leap'
- 'openSUSE Tumbleweed'
- 'ClearLinux'
- 'OracleLinux'
- 'AlmaLinux'
- 'Rocky'
- 'Amazon'
- 'Kylin Linux Advanced Server'
- 'UnionTech'
- 'UniontechOS'
- 'openEuler'
# Extending some distributions into the redhat os family
redhat_os_family_extensions:
- "Kylin Linux Advanced Server"
- "openEuler"
- "UnionTech"
- "UniontechOS"
# Extending some distributions into the debian os family
debian_os_family_extensions:
- "UnionTech OS Server 20"
# Sets DNSStubListener=no, useful if you get "0.0.0.0:53: bind: address already in use"
systemd_resolved_disable_stub_listener: "{{ ansible_os_family in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
2023-06-21 21:23:40 +08:00
2023-06-24 11:49:06 +08:00
# Used to disable File Access Policy Daemon service.
# If service is enabled, the CNI plugin installation will fail
disable_fapolicyd: true
2023-06-21 21:23:40 +08:00
# Enable 0120-growpart-azure-centos-7 tasks
growpart_azure_enabled: true