diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index 3517e472b1b5417b5279c5b05e934d074d3735f7..5f082c22eab093290ad12a1a2910015d62f047f6 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -31,8 +31,6 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- - key: "CriticalAddonsOnly"
- operator: "Exists"
{% if dns_extra_tolerations | default(None) %}
{{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
index 18b7227b857befcdcc70adc531bc9d814e3a6a11..f0c80f5174776100fb5c93fa11da64dddd3a66d3 100644
--- a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
@@ -30,7 +30,6 @@ spec:
labels:
k8s-app: dns-autoscaler{{ coredns_ordinal_suffix }}
annotations:
- scheduler.alpha.kubernetes.io/critical-pod: ""
seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
spec:
priorityClassName: system-cluster-critical
@@ -43,8 +42,6 @@ spec:
- effect: NoSchedule
operator: Equal
key: node-role.kubernetes.io/master
- - key: "CriticalAddonsOnly"
- operator: "Exists"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 158757523190f0f016776baedeb39854b307705d..6ef230d95f955e36e16c6f66ee3b04e6f92a7a72 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -27,8 +27,6 @@ spec:
operator: "Exists"
- effect: NoExecute
operator: "Exists"
- - key: "CriticalAddonsOnly"
- operator: "Exists"
containers:
- name: node-cache
image: "{{ nodelocaldns_image_repo }}:{{ nodelocaldns_image_tag }}"
diff --git a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2 b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2
index f570cf2b3021ab598cb0b2d5ee978174a03596e8..021694dd6b21480f7b432e8eb78c9da0fc6d0f53 100644
--- a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2
@@ -20,9 +20,6 @@ spec:
kubernetes.io/os: linux
serviceAccount: ebs-csi-controller-sa
priorityClassName: system-cluster-critical
- tolerations:
- - key: CriticalAddonsOnly
- operator: Exists
containers:
- name: ebs-plugin
image: {{ aws_ebs_csi_plugin_image_repo }}:{{ aws_ebs_csi_plugin_image_tag }}
diff --git a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2 b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2
index 9175e24b3899ad757c4b226fcb997fd58148626e..3c86e882cb84686f5eec2d0dd891a915f16cddbb 100644
--- a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2
@@ -20,9 +20,6 @@ spec:
kubernetes.io/os: linux
hostNetwork: true
priorityClassName: system-node-critical
- tolerations:
- - key: CriticalAddonsOnly
- operator: Exists
containers:
- name: ebs-plugin
securityContext:
diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
index dfe1e69ac17b4053c58b58dc4261e3b0c6e437b3..deaa3554a7be5397476719cc560a24dec5648b79 100644
--- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
@@ -120,8 +120,6 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- - key: "CriticalAddonsOnly"
- operator: "Exists"
{% endif %}
affinity:
nodeAffinity:
diff --git a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
index b5db15c56123cefe5cf773613c6bffdcf693654d..94f2630b4b7ba75943affc1fe1d8393a16b92d44 100644
--- a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
+++ b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
@@ -24,8 +24,6 @@ spec:
hostNetwork: true
serviceAccountName: calico-kube-controllers
tolerations:
- - key: CriticalAddonsOnly
- operator: Exists
- key: node-role.kubernetes.io/master
effect: NoSchedule
priorityClassName: system-cluster-critical
diff --git a/roles/network_plugin/canal/templates/canal-node.yaml.j2 b/roles/network_plugin/canal/templates/canal-node.yaml.j2
index 8a737c374ffc4dc6fd437b3fdeb03e19306332ba..ad3414802e73ad979536660f486c3e9622d471f4 100644
--- a/roles/network_plugin/canal/templates/canal-node.yaml.j2
+++ b/roles/network_plugin/canal/templates/canal-node.yaml.j2
@@ -21,9 +21,6 @@ spec:
serviceAccountName: canal
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
volumes:
# Used by calico/node.
- name: lib-modules
diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
index 9cdc04cba5952cea3f5f78828ce36a2a3fc11c7f..43a96821fa81a37fa28bca25d2c185fe2fcd1eed 100755
--- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
@@ -16,11 +16,6 @@ spec:
prometheus.io/port: "9090"
prometheus.io/scrape: "true"
{% endif %}
- # This annotation plus the CriticalAddonsOnly toleration makes
- # cilium to be a critical pod in the cluster, which ensures cilium
- # gets priority scheduling.
- # https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/
- scheduler.alpha.kubernetes.io/critical-pod: ""
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"dedicated","operator":"Equal","value":"master","effect":"NoSchedule"}]'
labels:
k8s-app: cilium
diff --git a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
index 74c60896fdcc1bab6f3f544f66f83a502973ed1a..e69e07c7aa43d1d9b61136d04c511c95595e0fc6 100644
--- a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
@@ -29,9 +29,6 @@ spec:
node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
serviceAccountName: contiv-netmaster
containers:
- name: contiv-api-proxy
diff --git a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
index 6d6938823e5ae0262a9911e65e6f4e2bcc138c48..80884d7199792925c5aac0638a602d77e38ef69b 100644
--- a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
@@ -21,9 +21,6 @@ spec:
hostPID: true
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
serviceAccountName: contiv-netplugin
containers:
- name: contiv-ovs-cleanup
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
index 5a8fae4897038f32ced48823003af810f0d3b774..d0b5d21550a1751d1c72a0264c3c7deac3a9429e 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
@@ -23,9 +23,6 @@ spec:
node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
initContainers:
- name: contiv-etcd-init
image: {{ contiv_etcd_init_image_repo }}:{{ contiv_etcd_init_image_tag }}
diff --git a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
index 2ffa8962b22932618c64fd1f2aa52d77301c3fbc..ad3411f03f0af136cc276ec0bcc4e041c430ae4e 100644
--- a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
@@ -29,9 +29,6 @@ spec:
node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
serviceAccountName: contiv-netmaster
containers:
- name: contiv-netmaster
diff --git a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
index 80c4e32fc79961bc32473e61ffa96576f6112755..c21399fb693fd236bbd93283caf63dcf21f07d4d 100644
--- a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
@@ -26,9 +26,6 @@ spec:
hostPID: true
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
serviceAccountName: contiv-netplugin
initContainers:
- name: contiv-netplugin-init
diff --git a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
index 56680b0bd0c00eaff0359d0d4790ff59a79276f5..0b05588baadc37cffa5bf7454b13e51872a8d9ff 100644
--- a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
@@ -23,9 +23,6 @@ spec:
hostPID: true
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
containers:
# Runs ovs containers on each Kubernetes node.
- name: contiv-ovsdb-server
diff --git a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
index f1a46e87017208a389a40535d9f9248b4f94e7f8..2510a861f30b5f619a5644111ed466b652f3d2bd 100644
--- a/roles/network_plugin/kube-router/templates/kube-router.yml.j2
+++ b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
@@ -112,9 +112,6 @@ spec:
{% endif %}
tolerations:
- operator: Exists
- # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- - key: CriticalAddonsOnly
- operator: "Exists"
volumes:
{% if kube_router_enable_dsr %}
- name: docker-socket