Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • v2.27.0
  • v2.25.1
  • v2.24.3
  • v2.26.0
  • v2.24.2
  • v2.25.0
  • v2.24.1
  • v2.22.2
  • v2.23.3
  • v2.24.0
  • v2.23.2
  • v2.23.1
  • v2.23.0
  • v2.22.1
  • v2.22.0
  • v2.21.0
  • v2.20.0
  • v2.19.1
  • v2.18.2
  • v2.19.0
21 results
Blame Permalink
main.yaml 26.10 KiB 
---
# Use proxycommand if bastion host is in group all
# This change obseletes editing ansible.cfg file depending on bastion existence
ansible_ssh_common_args: "{% if 'bastion' in groups['all'] %} -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -W %h:%p -p {{ hostvars['bastion']['ansible_port'] | default(22) }} {{ hostvars['bastion']['ansible_user'] }}@{{ hostvars['bastion']['ansible_host'] }} {% if ansible_ssh_private_key_file is defined %}-i {{ ansible_ssh_private_key_file }}{% endif %} ' {% endif %}"

# selinux state
preinstall_selinux_state: permissive

kube_api_anonymous_auth: true

# Default value, but will be set to true automatically if detected
is_fedora_coreos: false

# Swap settings
kubelet_fail_swap_on: true
kubelet_swap_behavior: LimitedSwap

## Change this to use another Kubernetes version, e.g. a current beta release
kube_version: v1.26.3

## The minimum version working
kube_version_min_required: v1.24.0

## Kube Proxy mode One of ['iptables','ipvs']
kube_proxy_mode: ipvs

## The timeout for init first control-plane
kubeadm_init_timeout: 300s

## List of kubeadm init phases that should be skipped during control plane setup
## By default 'addon/coredns' is skipped
## 'addon/kube-proxy' gets skipped for some network plugins
kubeadm_init_phases_skip_default: [ "addon/coredns" ]
kubeadm_init_phases_skip: >-
  {%- if kube_network_plugin == 'kube-router' and (kube_router_run_service_proxy is defined and kube_router_run_service_proxy) -%}
  {{ kubeadm_init_phases_skip_default }} + [ "addon/kube-proxy" ]
  {%- elif kube_network_plugin == 'cilium' and (cilium_kube_proxy_replacement is defined and cilium_kube_proxy_replacement == 'strict') -%}
  {{ kubeadm_init_phases_skip_default }} + [ "addon/kube-proxy" ]
  {%- elif kube_network_plugin == 'calico' and (calico_bpf_enabled is defined and calico_bpf_enabled) -%}
  {{ kubeadm_init_phases_skip_default }} + [ "addon/kube-proxy" ]
  {%- elif kube_proxy_remove is defined and kube_proxy_remove -%}
  {{ kubeadm_init_phases_skip_default }} + [ "addon/kube-proxy" ]
  {%- else -%}
  {{ kubeadm_init_phases_skip_default }}
  {%- endif -%}

# List of kubeadm phases that should be skipped when joining a new node
# You may need to set this to ['preflight'] for air-gaped deployments to avoid failing connectivity tests.
kubeadm_join_phases_skip_default: []
kubeadm_join_phases_skip: >-
 {{ kubeadm_join_phases_skip_default }}

# A string slice of values which specify the addresses to use for NodePorts.
# Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32).
# The default empty string slice ([]) means to use all local addresses.
# kube_proxy_nodeport_addresses_cidr is retained for legacy config
kube_proxy_nodeport_addresses: >-
  {%- if kube_proxy_nodeport_addresses_cidr is defined -%}
  [{{ kube_proxy_nodeport_addresses_cidr }}]
  {%- else -%}
  []
  {%- endif -%}

# Set to true to allow pre-checks to fail and continue deployment
ignore_assert_errors: false

kube_vip_enabled: false

# nginx-proxy configure
nginx_config_dir: "/etc/nginx"