clean up document (#5214)
parent
fb591bf232
commit
8bc0710073
|
@ -7,7 +7,7 @@ cluster_name: example
|
||||||
# node that can be used to access the masters and minions
|
# node that can be used to access the masters and minions
|
||||||
use_bastion: false
|
use_bastion: false
|
||||||
|
|
||||||
# Set this to a prefered name that will be used as the first part of the dns name for your bastotion host. For example: k8s-bastion.<azureregion>.cloudapp.azure.com.
|
# Set this to a preferred name that will be used as the first part of the dns name for your bastotion host. For example: k8s-bastion.<azureregion>.cloudapp.azure.com.
|
||||||
# This is convenient when exceptions have to be configured on a firewall to allow ssh to the given bastion host.
|
# This is convenient when exceptions have to be configured on a firewall to allow ssh to the given bastion host.
|
||||||
# bastion_domain_prefix: k8s-bastion
|
# bastion_domain_prefix: k8s-bastion
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ The name of the network security group your instances are in, can be retrieved v
|
||||||
These will have to be generated first:
|
These will have to be generated first:
|
||||||
- Create an Azure AD Application with:
|
- Create an Azure AD Application with:
|
||||||
`azure ad app create --display-name kubernetes --identifier-uris http://kubernetes --homepage http://example.com --password CLIENT_SECRET`
|
`azure ad app create --display-name kubernetes --identifier-uris http://kubernetes --homepage http://example.com --password CLIENT_SECRET`
|
||||||
display name, identifier-uri, homepage and the password can be choosen
|
display name, identifier-uri, homepage and the password can be chosen
|
||||||
Note the AppId in the output.
|
Note the AppId in the output.
|
||||||
- Create Service principal for the application with:
|
- Create Service principal for the application with:
|
||||||
`azure ad sp create --id AppId`
|
`azure ad sp create --id AppId`
|
||||||
|
@ -49,7 +49,7 @@ This is the AppId from the last command
|
||||||
- Create the role assignment with:
|
- Create the role assignment with:
|
||||||
`azure role assignment create --role "Owner" --assignee http://kubernetes --subscription SUBSCRIPTION_ID`
|
`azure role assignment create --role "Owner" --assignee http://kubernetes --subscription SUBSCRIPTION_ID`
|
||||||
|
|
||||||
azure\_aad\_client\_id must be set to the AppId, azure\_aad\_client\_secret is your choosen secret.
|
azure\_aad\_client\_id must be set to the AppId, azure\_aad\_client\_secret is your chosen secret.
|
||||||
|
|
||||||
#### azure\_loadbalancer\_sku
|
#### azure\_loadbalancer\_sku
|
||||||
Sku of Load Balancer and Public IP. Candidate values are: basic and standard.
|
Sku of Load Balancer and Public IP. Candidate values are: basic and standard.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
# NOTE: The ampersand hell in this block is needed because docker-inspect uses go templates,
|
# NOTE: The ampersand hell in this block is needed because docker-inspect uses go templates,
|
||||||
# which uses double ampersands as delimeters, just like Jinja does. If you want to understand
|
# which uses double ampersands as delimiters, just like Jinja does. If you want to understand
|
||||||
# the template, just replace all instances of {{ `{{` }} with {{ and {{ '}}' }} with }}.
|
# the template, just replace all instances of {{ `{{` }} with {{ and {{ '}}' }} with }}.
|
||||||
# It will output something like the following:
|
# It will output something like the following:
|
||||||
# nginx:1.15,gcr.io/google-containers/kube-proxy:v1.14.1,gcr.io/google-containers/kube-proxy@sha256:44af2833c6cbd9a7fc2e9d2f5244a39dfd2e31ad91bf9d4b7d810678db738ee9,gcr.io/google-containers/kube-apiserver:v1.14.1,etc...
|
# nginx:1.15,gcr.io/google-containers/kube-proxy:v1.14.1,gcr.io/google-containers/kube-proxy@sha256:44af2833c6cbd9a7fc2e9d2f5244a39dfd2e31ad91bf9d4b7d810678db738ee9,gcr.io/google-containers/kube-apiserver:v1.14.1,etc...
|
||||||
|
|
|
@ -43,7 +43,7 @@
|
||||||
|
|
||||||
- name: "OCI Cloud Controller | Credentials Check | oci_vnc_id"
|
- name: "OCI Cloud Controller | Credentials Check | oci_vnc_id"
|
||||||
fail:
|
fail:
|
||||||
msg: "oci_vnc_id is missin. This is the Virtual Cloud Network in which the cluster resides"
|
msg: "oci_vnc_id is missing. This is the Virtual Cloud Network in which the cluster resides"
|
||||||
when:
|
when:
|
||||||
- oci_vnc_id is not defined or not oci_vnc_id
|
- oci_vnc_id is not defined or not oci_vnc_id
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
mode: 0755
|
mode: 0755
|
||||||
remote_src: yes
|
remote_src: yes
|
||||||
|
|
||||||
- name: Macvlan | Retreive Pod Cidr
|
- name: Macvlan | Retrieve Pod Cidr
|
||||||
command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
|
command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
|
||||||
register: node_pod_cidr_cmd
|
register: node_pod_cidr_cmd
|
||||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||||
|
@ -24,7 +24,7 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
node_pod_cidr={{ node_pod_cidr_cmd.stdout }}
|
node_pod_cidr={{ node_pod_cidr_cmd.stdout }}
|
||||||
|
|
||||||
- name: Macvlan | Retreive default gateway network interface
|
- name: Macvlan | Retrieve default gateway network interface
|
||||||
become: false
|
become: false
|
||||||
raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
|
raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
|
||||||
register: node_default_gateway_interface_cmd
|
register: node_default_gateway_interface_cmd
|
||||||
|
|
Loading…
Reference in New Issue