Add unsafe_show_logs switch (#9164)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>pull/9166/head
parent
0088fe0ab7
commit
9ad2d24ad8
|
@ -130,3 +130,6 @@ ntp_servers:
|
||||||
- "1.pool.ntp.org iburst"
|
- "1.pool.ntp.org iburst"
|
||||||
- "2.pool.ntp.org iburst"
|
- "2.pool.ntp.org iburst"
|
||||||
- "3.pool.ntp.org iburst"
|
- "3.pool.ntp.org iburst"
|
||||||
|
|
||||||
|
## Used to control no_log attribute
|
||||||
|
unsafe_show_logs: false
|
||||||
|
|
|
@ -25,3 +25,8 @@ override_system_hostname: true
|
||||||
is_fedora_coreos: false
|
is_fedora_coreos: false
|
||||||
|
|
||||||
skip_http_proxy_on_os_packages: false
|
skip_http_proxy_on_os_packages: false
|
||||||
|
|
||||||
|
# If this is true, debug information will be displayed but
|
||||||
|
# may contain some private data, so it is recommended to set it to false
|
||||||
|
# in the production environment.
|
||||||
|
unsafe_show_logs: false
|
||||||
|
|
|
@ -65,7 +65,7 @@
|
||||||
notify: RHEL auto-attach subscription
|
notify: RHEL auto-attach subscription
|
||||||
ignore_errors: true # noqa ignore-errors
|
ignore_errors: true # noqa ignore-errors
|
||||||
become: true
|
become: true
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
when:
|
when:
|
||||||
- rh_subscription_username is defined
|
- rh_subscription_username is defined
|
||||||
- rh_subscription_status.changed
|
- rh_subscription_status.changed
|
||||||
|
|
|
@ -2,6 +2,11 @@
|
||||||
local_release_dir: /tmp/releases
|
local_release_dir: /tmp/releases
|
||||||
download_cache_dir: /tmp/kubespray_cache
|
download_cache_dir: /tmp/kubespray_cache
|
||||||
|
|
||||||
|
# If this is true, debug information will be displayed but
|
||||||
|
# may contain some private data, so it is recommended to set it to false
|
||||||
|
# in the production environment.
|
||||||
|
unsafe_show_logs: false
|
||||||
|
|
||||||
# do not delete remote cache files after using them
|
# do not delete remote cache files after using them
|
||||||
# NOTE: Setting this parameter to TRUE is only really useful when developing kubespray
|
# NOTE: Setting this parameter to TRUE is only really useful when developing kubespray
|
||||||
download_keep_remote_cache: false
|
download_keep_remote_cache: false
|
||||||
|
|
|
@ -67,7 +67,7 @@
|
||||||
retries: 4
|
retries: 4
|
||||||
delay: "{{ retry_stagger | default(5) }}"
|
delay: "{{ retry_stagger | default(5) }}"
|
||||||
environment: "{{ proxy_env }}"
|
environment: "{{ proxy_env }}"
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
loop: "{{ download.mirrors | default([download.url]) }}"
|
loop: "{{ download.mirrors | default([download.url]) }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: mirror
|
loop_var: mirror
|
||||||
|
@ -100,7 +100,7 @@
|
||||||
retries: 4
|
retries: 4
|
||||||
delay: "{{ retry_stagger | default(5) }}"
|
delay: "{{ retry_stagger | default(5) }}"
|
||||||
environment: "{{ proxy_env }}"
|
environment: "{{ proxy_env }}"
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
|
|
||||||
- name: download_file | Copy file back to ansible host file cache
|
- name: download_file | Copy file back to ansible host file cache
|
||||||
synchronize:
|
synchronize:
|
||||||
|
|
|
@ -58,7 +58,7 @@
|
||||||
|
|
||||||
- name: prep_download | Register docker images info
|
- name: prep_download | Register docker images info
|
||||||
shell: "{{ image_info_command }}" # noqa 305 image_info_command contains pipe therefore requires shell
|
shell: "{{ image_info_command }}" # noqa 305 image_info_command contains pipe therefore requires shell
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
register: docker_images
|
register: docker_images
|
||||||
failed_when: false
|
failed_when: false
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
|
@ -115,3 +115,8 @@ etcd_retries: 4
|
||||||
# ETCD 3.5.x issue
|
# ETCD 3.5.x issue
|
||||||
# https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer
|
# https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer
|
||||||
etcd_experimental_initial_corrupt_check: true
|
etcd_experimental_initial_corrupt_check: true
|
||||||
|
|
||||||
|
# If this is true, debug information will be displayed but
|
||||||
|
# may contain some private data, so it is recommended to set it to false
|
||||||
|
# in the production environment.
|
||||||
|
unsafe_show_logs: false
|
||||||
|
|
|
@ -142,7 +142,7 @@
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
warn: false
|
warn: false
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
register: etcd_node_certs
|
register: etcd_node_certs
|
||||||
check_mode: no
|
check_mode: no
|
||||||
delegate_to: "{{ groups['etcd'][0] }}"
|
delegate_to: "{{ groups['etcd'][0] }}"
|
||||||
|
@ -154,7 +154,7 @@
|
||||||
shell: "set -o pipefail && base64 -d <<< '{{ etcd_node_certs.stdout|quote }}' | tar xz -C {{ etcd_cert_dir }}"
|
shell: "set -o pipefail && base64 -d <<< '{{ etcd_node_certs.stdout|quote }}' | tar xz -C {{ etcd_cert_dir }}"
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
|
when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
|
||||||
inventory_hostname in groups['k8s_cluster']) and
|
inventory_hostname in groups['k8s_cluster']) and
|
||||||
|
|
|
@ -21,3 +21,8 @@ csi_endpoint: '{% if external_vsphere_version >= "7.0u1" %}/csi{% else %}/var/li
|
||||||
vsphere_csi_aggressive_node_drain: False
|
vsphere_csi_aggressive_node_drain: False
|
||||||
vsphere_csi_aggressive_node_unreachable_timeout: 300
|
vsphere_csi_aggressive_node_unreachable_timeout: 300
|
||||||
vsphere_csi_aggressive_node_not_ready_timeout: 300
|
vsphere_csi_aggressive_node_not_ready_timeout: 300
|
||||||
|
|
||||||
|
# If this is true, debug information will be displayed but
|
||||||
|
# may contain some private data, so it is recommended to set it to false
|
||||||
|
# in the production environment.
|
||||||
|
unsafe_show_logs: false
|
||||||
|
|
|
@ -30,14 +30,14 @@
|
||||||
command: "{{ kubectl }} create secret generic vsphere-config-secret --from-file=csi-vsphere.conf={{ kube_config_dir }}/vsphere-csi-cloud-config -n kube-system --dry-run --save-config -o yaml"
|
command: "{{ kubectl }} create secret generic vsphere-config-secret --from-file=csi-vsphere.conf={{ kube_config_dir }}/vsphere-csi-cloud-config -n kube-system --dry-run --save-config -o yaml"
|
||||||
register: vsphere_csi_secret_manifest
|
register: vsphere_csi_secret_manifest
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
|
|
||||||
- name: vSphere CSI Driver | Apply a CSI secret manifest
|
- name: vSphere CSI Driver | Apply a CSI secret manifest
|
||||||
command:
|
command:
|
||||||
cmd: "{{ kubectl }} apply -f -"
|
cmd: "{{ kubectl }} apply -f -"
|
||||||
stdin: "{{ vsphere_csi_secret_manifest.stdout }}"
|
stdin: "{{ vsphere_csi_secret_manifest.stdout }}"
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
no_log: true
|
no_log: "{{ not (unsafe_show_logs|bool) }}"
|
||||||
|
|
||||||
- name: vSphere CSI Driver | Apply Manifests
|
- name: vSphere CSI Driver | Apply Manifests
|
||||||
kube:
|
kube:
|
||||||
|
|
|
@ -2,3 +2,4 @@
|
||||||
# Kubespray settings for tests
|
# Kubespray settings for tests
|
||||||
deploy_netchecker: true
|
deploy_netchecker: true
|
||||||
dns_min_replicas: 1
|
dns_min_replicas: 1
|
||||||
|
unsafe_show_logs: true
|
||||||
|
|
Loading…
Reference in New Issue