From 127969d65f35b3f2ba0c718b9c7dde0edb7a8a46 Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Sat, 20 Oct 2018 17:12:54 +0300
Subject: [PATCH] Align node-role value for kubeadm compatibility (#3558)
kubeadm sets node label node-role.kubernetes.io/master=''
and this is not configurable. We should use it everywhere.
---
inventory/sample/group_vars/k8s-cluster/addons.yml | 2 +-
.../ingress_controller/ingress_nginx/defaults/main.yml | 2 +-
roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 | 6 +++---
roles/kubernetes/node/templates/kubelet.standard.env.j2 | 6 +++---
.../network_plugin/contiv/templates/contiv-api-proxy.yml.j2 | 2 +-
roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 | 2 +-
.../network_plugin/contiv/templates/contiv-netmaster.yml.j2 | 2 +-
7 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml
index 2e70ba3ce..01699138b 100644
--- a/inventory/sample/group_vars/k8s-cluster/addons.yml
+++ b/inventory/sample/group_vars/k8s-cluster/addons.yml
@@ -44,7 +44,7 @@ cephfs_provisioner_enabled: false
ingress_nginx_enabled: false
# ingress_nginx_host_network: false
# ingress_nginx_nodeselector:
-# node-role.kubernetes.io/master: "true"
+# node-role.kubernetes.io/master: ""
# ingress_nginx_namespace: "ingress-nginx"
# ingress_nginx_insecure_port: 80
# ingress_nginx_secure_port: 443
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
index 8acee53eb..faafa0b12 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
@@ -2,7 +2,7 @@
ingress_nginx_namespace: "ingress-nginx"
ingress_nginx_host_network: false
ingress_nginx_nodeselector:
- node-role.kubernetes.io/master: "true"
+ node-role.kubernetes.io/master: ""
ingress_nginx_insecure_port: 80
ingress_nginx_secure_port: 443
ingress_nginx_configmap: {}
diff --git a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
index d5d771662..1c1850071 100644
--- a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
@@ -81,12 +81,12 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{# Kubelet node labels #}
{% set role_node_labels = [] %}
{% if inventory_hostname in groups['kube-master'] %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/master=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/master=''") %}
{% if not standalone_kubelet|bool %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/node=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
{% endif %}
{% else %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/node=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
{% endif %}
{% set inventory_node_labels = [] %}
{% if node_labels is defined %}
diff --git a/roles/kubernetes/node/templates/kubelet.standard.env.j2 b/roles/kubernetes/node/templates/kubelet.standard.env.j2
index f6189ac0b..a7bc1dab5 100644
--- a/roles/kubernetes/node/templates/kubelet.standard.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.standard.env.j2
@@ -95,12 +95,12 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{# Kubelet node labels #}
{% set role_node_labels = [] %}
{% if inventory_hostname in groups['kube-master'] %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/master=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/master=''") %}
{% if not standalone_kubelet|bool %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/node=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
{% endif %}
{% else %}
-{% set dummy = role_node_labels.append('node-role.kubernetes.io/node=true') %}
+{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
{% endif %}
{% if nvidia_gpu_nodes is defined and nvidia_accelerator_enabled|bool %}
{% if inventory_hostname in nvidia_gpu_nodes %}
diff --git a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
index d1cd66b50..73a7688ef 100644
--- a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
@@ -27,7 +27,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: "true"
+ node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
index 460bf9fb3..b8fba9cc6 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
@@ -23,7 +23,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: "true"
+ node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
diff --git a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
index 0c0ad5938..e61510253 100644
--- a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
@@ -27,7 +27,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: "true"
+ node-role.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
--
GitLab