Merge pull request #3161 from nutellinoit/kube_proxy_nodeport_addresses

--nodeport-addresses added on kube-proxy.manifest.j2 and on k8s-cluster.yml
pull/3107/merge
k8s-ci-robot 2018-08-25 02:00:19 -07:00 committed by GitHub
commit f97515352b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 15 additions and 1 deletions

View File

@ -107,6 +107,11 @@ kube_apiserver_insecure_port: 8080 # (http)
# Can be ipvs, iptables
kube_proxy_mode: iptables
# Kube-proxy nodeport address.
# cidr to bind nodeport services. Flag --nodeport-addresses on kube-proxy manifest
kube_proxy_nodeport_addresses: false
# kube_proxy_nodeport_addresses_cidr: 10.0.1.0/24
## Encrypting Secret Data at Rest (experimental)
kube_encrypt_secret_data: false

View File

@ -22,12 +22,15 @@ kubernetesVersion: {{ kube_version }}
{% if cloud_provider is defined and cloud_provider not in ["gce", "oci"] %}
cloudProvider: {{ cloud_provider }}
{% endif %}
{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %}
kubeProxy:
config:
{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %}
featureGates: SupportIPVSProxyMode=true
mode: ipvs
{% endif %}
{% if kube_proxy_nodeport_addresses %}
nodePortAddresses: [{{ kube_proxy_nodeport_addresses_cidr }}]
{% endif %}
authorizationModes:
{% for mode in authorization_modes %}
- {{ mode }}

View File

@ -27,6 +27,9 @@ kubeProxy:
config:
mode: {{ kube_proxy_mode }}
hostnameOverride: {{ inventory_hostname }}
{% if kube_proxy_nodeport_addresses %}
nodePortAddresses: [{{ kube_proxy_nodeport_addresses_cidr }}]
{% endif %}
authorizationModes:
{% for mode in authorization_modes %}
- {{ mode }}

View File

@ -43,6 +43,9 @@ spec:
- --proxy-mode={{ kube_proxy_mode }}
- --oom-score-adj=-998
- --healthz-bind-address={{ kube_proxy_healthz_bind_address }}
{% if kube_proxy_nodeport_addresses %}
- --nodeport-addresses={{ kube_proxy_nodeport_addresses_cidr }}
{% endif %}
{% if kube_proxy_masquerade_all and kube_proxy_mode == "iptables" %}
- --masquerade-all
{% elif kube_proxy_mode == 'ipvs' %}