Fix kube_hostname_override inconsistencies (#4185)
parent
db2b76a22a
commit
6878c2af4e
|
@ -111,6 +111,13 @@ kube_proxy_nodeport_addresses: >-
|
||||||
[]
|
[]
|
||||||
{%- endif -%}
|
{%- endif -%}
|
||||||
|
|
||||||
|
# If non-empty, will use this string as identification instead of the actual hostname
|
||||||
|
#kube_override_hostname: >-
|
||||||
|
# {%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
|
||||||
|
# {%- else -%}
|
||||||
|
# {{ inventory_hostname }}
|
||||||
|
# {%- endif -%}
|
||||||
|
|
||||||
## Encrypting Secret Data at Rest (experimental)
|
## Encrypting Secret Data at Rest (experimental)
|
||||||
kube_encrypt_secret_data: false
|
kube_encrypt_secret_data: false
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,10 @@
|
||||||
---
|
---
|
||||||
# discovery_timeout modifies the discovery timeout
|
# discovery_timeout modifies the discovery timeout
|
||||||
discovery_timeout: 5m0s
|
discovery_timeout: 5m0s
|
||||||
|
|
||||||
|
# If non-empty, will use this string as identification instead of the actual hostname
|
||||||
|
kube_override_hostname: >-
|
||||||
|
{%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
|
||||||
|
{%- else -%}
|
||||||
|
{{ inventory_hostname }}
|
||||||
|
{%- endif -%}
|
||||||
|
|
|
@ -15,7 +15,7 @@ discoveryTokenAPIServers:
|
||||||
{% endif %}
|
{% endif %}
|
||||||
discoveryTokenUnsafeSkipCAVerification: true
|
discoveryTokenUnsafeSkipCAVerification: true
|
||||||
nodeRegistration:
|
nodeRegistration:
|
||||||
name: {{ inventory_hostname }}
|
name: {{ kube_override_hostname }}
|
||||||
{% if container_manager == 'crio' %}
|
{% if container_manager == 'crio' %}
|
||||||
criSocket: /var/run/crio/crio.sock
|
criSocket: /var/run/crio/crio.sock
|
||||||
{% elif container_manager == 'rkt' %}
|
{% elif container_manager == 'rkt' %}
|
||||||
|
|
|
@ -15,7 +15,7 @@ discoveryTokenAPIServers:
|
||||||
{% endif %}
|
{% endif %}
|
||||||
discoveryTokenUnsafeSkipCAVerification: true
|
discoveryTokenUnsafeSkipCAVerification: true
|
||||||
nodeRegistration:
|
nodeRegistration:
|
||||||
name: {{ inventory_hostname }}
|
name: {{ kube_override_hostname }}
|
||||||
{% if container_manager == 'crio' %}
|
{% if container_manager == 'crio' %}
|
||||||
criSocket: /var/run/crio/crio.sock
|
criSocket: /var/run/crio/crio.sock
|
||||||
{% elif container_manager == 'rkt' %}
|
{% elif container_manager == 'rkt' %}
|
||||||
|
|
|
@ -13,7 +13,7 @@ discovery:
|
||||||
tlsBootstrapToken: {{ kubeadm_token }}
|
tlsBootstrapToken: {{ kubeadm_token }}
|
||||||
caCertPath: {{ kube_cert_dir }}/ca.crt
|
caCertPath: {{ kube_cert_dir }}/ca.crt
|
||||||
nodeRegistration:
|
nodeRegistration:
|
||||||
name: {{ inventory_hostname }}
|
name: {{ kube_override_hostname }}
|
||||||
{% if container_manager == 'crio' %}
|
{% if container_manager == 'crio' %}
|
||||||
criSocket: /var/run/crio/crio.sock
|
criSocket: /var/run/crio/crio.sock
|
||||||
{% elif container_manager == 'rkt' %}
|
{% elif container_manager == 'rkt' %}
|
||||||
|
|
|
@ -254,6 +254,7 @@ conntrack:
|
||||||
tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
|
tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
|
||||||
enableProfiling: {{ kube_proxy_enable_profiling }}
|
enableProfiling: {{ kube_proxy_enable_profiling }}
|
||||||
healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
|
healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
|
||||||
|
hostnameOverride: {{ kube_override_hostname }}
|
||||||
iptables:
|
iptables:
|
||||||
masqueradeAll: {{ kube_proxy_masquerade_all }}
|
masqueradeAll: {{ kube_proxy_masquerade_all }}
|
||||||
masqueradeBit: {{ kube_proxy_masquerade_bit }}
|
masqueradeBit: {{ kube_proxy_masquerade_bit }}
|
||||||
|
|
|
@ -259,6 +259,7 @@ conntrack:
|
||||||
tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
|
tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
|
||||||
enableProfiling: {{ kube_proxy_enable_profiling }}
|
enableProfiling: {{ kube_proxy_enable_profiling }}
|
||||||
healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
|
healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
|
||||||
|
hostnameOverride: {{ kube_override_hostname }}
|
||||||
iptables:
|
iptables:
|
||||||
masqueradeAll: {{ kube_proxy_masquerade_all }}
|
masqueradeAll: {{ kube_proxy_masquerade_all }}
|
||||||
masqueradeBit: {{ kube_proxy_masquerade_bit }}
|
masqueradeBit: {{ kube_proxy_masquerade_bit }}
|
||||||
|
|
|
@ -157,6 +157,13 @@ kube_apiserver_port: 6443
|
||||||
kube_apiserver_insecure_bind_address: 127.0.0.1
|
kube_apiserver_insecure_bind_address: 127.0.0.1
|
||||||
kube_apiserver_insecure_port: 0
|
kube_apiserver_insecure_port: 0
|
||||||
|
|
||||||
|
# If non-empty, will use this string as identification instead of the actual hostname
|
||||||
|
kube_override_hostname: >-
|
||||||
|
{%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
|
||||||
|
{%- else -%}
|
||||||
|
{{ inventory_hostname }}
|
||||||
|
{%- endif -%}
|
||||||
|
|
||||||
# dynamic kubelet configuration
|
# dynamic kubelet configuration
|
||||||
dynamic_kubelet_configuration: false
|
dynamic_kubelet_configuration: false
|
||||||
|
|
||||||
|
|
|
@ -1,22 +0,0 @@
|
||||||
[
|
|
||||||
{
|
|
||||||
"op": "add",
|
|
||||||
"path": "/spec/template/spec/containers/0/env",
|
|
||||||
"value": [
|
|
||||||
{
|
|
||||||
"name": "NODE_NAME",
|
|
||||||
"valueFrom": {
|
|
||||||
"fieldRef": {
|
|
||||||
"apiVersion": "v1",
|
|
||||||
"fieldPath": "spec.nodeName"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"op": "add",
|
|
||||||
"path": "/spec/template/spec/containers/0/command/-",
|
|
||||||
"value": "--hostname-override=${NODE_NAME}"
|
|
||||||
}
|
|
||||||
]
|
|
|
@ -7,33 +7,6 @@
|
||||||
recurse: yes
|
recurse: yes
|
||||||
tags: [init, cni]
|
tags: [init, cni]
|
||||||
|
|
||||||
- name: Apply kube-proxy hostnameOverride
|
|
||||||
block:
|
|
||||||
- name: Copy kube-proxy daemonset hostnameOverride patch
|
|
||||||
copy:
|
|
||||||
src: hostnameOverride-patch.json
|
|
||||||
dest: "{{ kubernetes_user_manifests_path }}/hostnameOverride-patch.json"
|
|
||||||
|
|
||||||
- name: Check current command for kube-proxy daemonset
|
|
||||||
shell: "{{bin_dir}}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf get ds kube-proxy --namespace=kube-system -o jsonpath='{.spec.template.spec.containers[0].command}'"
|
|
||||||
register: current_kube_proxy_command
|
|
||||||
|
|
||||||
- name: Apply hostnameOverride patch for kube-proxy daemonset
|
|
||||||
shell: "{{bin_dir}}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf patch ds kube-proxy --namespace=kube-system --type=json -p \"$(cat hostnameOverride-patch.json)\""
|
|
||||||
args:
|
|
||||||
chdir: "{{ kubernetes_user_manifests_path }}"
|
|
||||||
register: patch_kube_proxy_command
|
|
||||||
when: not current_kube_proxy_command.stdout is search("--hostname-override=${NODE_NAME}")
|
|
||||||
|
|
||||||
- debug: msg={{ patch_kube_proxy_command.stdout_lines }}
|
|
||||||
when: patch_kube_proxy_command is not skipped
|
|
||||||
|
|
||||||
- debug: msg={{ patch_kube_proxy_command.stderr_lines }}
|
|
||||||
when: patch_kube_proxy_command is not skipped
|
|
||||||
tags: init
|
|
||||||
when:
|
|
||||||
- not kube_proxy_remove
|
|
||||||
|
|
||||||
- name: Apply kube-proxy nodeselector
|
- name: Apply kube-proxy nodeselector
|
||||||
block:
|
block:
|
||||||
- name: Copy kube-proxy daemonset nodeselector patch
|
- name: Copy kube-proxy daemonset nodeselector patch
|
||||||
|
|
Loading…
Reference in New Issue