kubespray/roles/kubernetes/node/templates/manifests/kube-vip.manifest.j2

130 lines
3.7 KiB
Django/Jinja

# Inspired by https://github.com/kube-vip/kube-vip/blob/v0.8.0/pkg/kubevip/config_generator.go#L103
apiVersion: v1
kind: Pod
metadata:
name: kube-vip
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: Reconcile
k8s-app: kube-vip
spec:
containers:
- args:
- manager
env:
- name: vip_arp
value: {{ kube_vip_arp_enabled | string | to_json }}
- name: port
value: {{ kube_apiserver_port | string | to_json }}
- name: vip_nodename
value: {{ inventory_hostname }}
{% if kube_vip_interface %}
- name: vip_interface
value: {{ kube_vip_interface | string | to_json }}
{% endif %}
{% if kube_vip_services_interface %}
- name: vip_servicesinterface
value: {{ kube_vip_services_interface | string | to_json }}
{% endif %}
{% if kube_vip_cidr %}
- name: vip_cidr
value: {{ kube_vip_cidr | string | to_json }}
{% endif %}
{% if kube_vip_dns_mode %}
- name: dns_mode
value: {{ kube_vip_dns_mode | string | to_json }}
{% endif %}
{% if kube_vip_controlplane_enabled %}
- name: cp_enable
value: "true"
- name: cp_namespace
value: kube-system
- name: vip_ddns
value: {{ kube_vip_ddns_enabled | string | to_json }}
- name: cp_detect
value: {{ kube_vip_cp_detect | string | to_json }}
{% endif %}
{% if kube_vip_services_enabled %}
- name: svc_enable
value: "true"
{% endif %}
{% if kube_vip_svc_leasename %}
- name: svc_leasename
value: {{ kube_vip_svc_leasename | string | to_json }}
{% endif %}
{% if kube_vip_enableServicesElection %}
- name: svc_election
value: "true"
{% endif %}
{% if kube_vip_leader_election_enabled %}
- name: vip_leaderelection
value: "true"
- name: vip_leasename
value: {{ kube_vip_leasename | string | to_json }}
- name: vip_leaseduration
value: {{ kube_vip_leaseduration | string | to_json }}
- name: vip_renewdeadline
value: {{ kube_vip_renewdeadline | string | to_json }}
- name: vip_retryperiod
value: {{ kube_vip_retryperiod | string | to_json }}
{% endif %}
{% if kube_vip_enable_node_labeling %}
- name: enable_node_labeling
value: {{ kube_vip_enable_node_labeling | string | to_json }}
{% endif %}
{% if kube_vip_bgp_enabled %}
- name: bgp_enable
value: "true"
- name: bgp_routerid
value: {{ kube_vip_bgp_routerid | string | to_json }}
- name: bgp_as
value: {{ kube_vip_local_as | string | to_json }}
- name: bgp_peeraddress
value: {{ kube_vip_bgp_peeraddress | to_json }}
- name: bgp_peerpass
value: {{ kube_vip_bgp_peerpass | to_json }}
- name: bgp_peeras
value: {{ kube_vip_bgp_peeras | string | to_json }}
{% if kube_vip_bgppeers %}
- name: bgp_peers
value: {{ kube_vip_bgppeers | join(',') | to_json }}
{% endif %}
{% endif %}
- name: address
value: {{ kube_vip_address | to_json }}
{% if kube_vip_lb_enable %}
- name: lb_enable
value: "true"
{% endif %}
{% if kube_vip_lb_fwdmethod %}
- name: lb_fwdmethod
value: {{ kube_vip_lb_fwdmethod | string | to_json }}
{% endif %}
image: {{ kube_vip_image_repo }}:{{ kube_vip_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
name: kube-vip
resources: {}
{% if kube_vip_lb_fwdmethod == "masquerade" %}
securityContext:
privileged: true
{% else %}
securityContext:
capabilities:
add:
- NET_ADMIN
- NET_RAW
{% endif %}
volumeMounts:
- mountPath: /etc/kubernetes/admin.conf
name: kubeconfig
hostAliases:
- hostnames:
- kubernetes
ip: 127.0.0.1
hostNetwork: true
volumes:
- hostPath:
path: /etc/kubernetes/{{kube_vip_admin_conf}}
name: kubeconfig
status: {}