From 324106e91e3febdf75228b0883fff170bb28984c Mon Sep 17 00:00:00 2001
From: Florent Monbillard <f.monbillard@gmail.com>
Date: Fri, 8 May 2020 03:45:43 -0400
Subject: [PATCH] Remove Kubernetes <1.16 conditionals (#6088)
---
.../download/templates/kubeadm-images.yaml.j2 | 4 +-
roles/kubernetes/kubeadm/tasks/main.yml | 5 +-
.../templates/kubeadm-client.conf.v1alpha1.j2 | 12 -
.../templates/kubeadm-client.conf.v1alpha2.j2 | 19 -
.../templates/kubeadm-client.conf.v1alpha3.j2 | 24 --
...eta1.j2 => kubeadm-client.conf.v1beta2.j2} | 2 +-
.../master/tasks/kubeadm-upgrade.yml | 4 +-
.../master/tasks/kubeadm-version.yml | 1 -
.../templates/kubeadm-config.v1beta1.yaml.j2 | 330 ------------------
.../kubeadm-controlplane.v1beta1.yaml.j2 | 20 --
roles/kubernetes/node/tasks/kubelet.yml | 11 +-
11 files changed, 11 insertions(+), 421 deletions(-)
delete mode 100644 roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha1.j2
delete mode 100644 roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2
delete mode 100644 roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha3.j2
rename roles/kubernetes/kubeadm/templates/{kubeadm-client.conf.v1beta1.j2 => kubeadm-client.conf.v1beta2.j2} (96%)
delete mode 100644 roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
delete mode 100644 roles/kubernetes/master/templates/kubeadm-controlplane.v1beta1.yaml.j2
diff --git a/roles/download/templates/kubeadm-images.yaml.j2 b/roles/download/templates/kubeadm-images.yaml.j2
index ec31ea43c..5ffb7febf 100644
--- a/roles/download/templates/kubeadm-images.yaml.j2
+++ b/roles/download/templates/kubeadm-images.yaml.j2
@@ -1,9 +1,9 @@
-apiVersion: kubeadm.k8s.io/v1beta1
+apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
nodeRegistration:
criSocket: {{ cri_socket }}
---
-apiVersion: kubeadm.k8s.io/v1beta1
+apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
imageRepository: {{ kube_image_repo }}
kubernetesVersion: {{ kube_version }}
diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml
index 42b2596fc..c24400c0d 100644
--- a/roles/kubernetes/kubeadm/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/tasks/main.yml
@@ -46,10 +46,9 @@
command: "{{ bin_dir }}/kubeadm version -o short"
register: kubeadm_output
-- name: sets kubeadm api version to v1beta1
+- name: sets kubeadm api version to v1beta2
set_fact:
- kubeadmConfig_api_version: v1beta1
- when: kubeadm_output.stdout is version('v1.13.0', '>=')
+ kubeadmConfig_api_version: v1beta2
- name: Create kubeadm client config
template:
diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha1.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha1.j2
deleted file mode 100644
index 54e875cb1..000000000
--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha1.j2
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1alpha1
-kind: NodeConfiguration
-caCertPath: {{ kube_cert_dir }}/ca.crt
-token: {{ kubeadm_token }}
-discoveryTokenAPIServers:
-{% if kubeadm_config_api_fqdn is defined %}
-- {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }}
-{% else %}
-- {{ kubeadm_discovery_address }}
-{% endif %}
-discoveryTokenCACertHashes:
-- sha256:{{ kubeadm_ca_hash.stdout }}
diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2
deleted file mode 100644
index 243383667..000000000
--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1alpha2
-kind: NodeConfiguration
-clusterName: {{ cluster_name }}
-discoveryFile: ""
-caCertPath: {{ kube_cert_dir }}/ca.crt
-discoveryTimeout: {{ discovery_timeout }}
-discoveryToken: {{ kubeadm_token }}
-tlsBootstrapToken: {{ kubeadm_token }}
-token: {{ kubeadm_token }}
-discoveryTokenAPIServers:
-{% if kubeadm_config_api_fqdn is defined %}
-- {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }}
-{% else %}
-- {{ kubeadm_discovery_address }}
-{% endif %}
-discoveryTokenUnsafeSkipCAVerification: true
-nodeRegistration:
- name: {{ kube_override_hostname }}
- criSocket: {{ cri_socket }}
diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha3.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha3.j2
deleted file mode 100644
index 0110c058c..000000000
--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha3.j2
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1alpha3
-kind: JoinConfiguration
-clusterName: {{ cluster_name }}
-discoveryFile: ""
-caCertPath: {{ kube_cert_dir }}/ca.crt
-discoveryTimeout: {{ discovery_timeout }}
-discoveryToken: {{ kubeadm_token }}
-tlsBootstrapToken: {{ kubeadm_token }}
-token: {{ kubeadm_token }}
-discoveryTokenAPIServers:
-{% if kubeadm_config_api_fqdn is defined %}
-- {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }}
-{% else %}
-- {{ kubeadm_discovery_address }}
-{% endif %}
-discoveryTokenUnsafeSkipCAVerification: true
-nodeRegistration:
- name: {{ kube_override_hostname }}
- criSocket: {{ cri_socket }}
-{% if 'calico-rr' in group_names and 'kube-node' not in group_names %}
- taints:
- - effect: NoSchedule
- key: node-role.kubernetes.io/calico-rr
-{% endif %}
diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta1.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
similarity index 96%
rename from roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta1.j2
rename to roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
index 75f27fad3..c92569ec1 100644
--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta1.j2
+++ b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
@@ -1,5 +1,5 @@
---
-apiVersion: kubeadm.k8s.io/v1beta1
+apiVersion: kubeadm.k8s.io/v1beta2
kind: JoinConfiguration
discovery:
bootstrapToken:
diff --git a/roles/kubernetes/master/tasks/kubeadm-upgrade.yml b/roles/kubernetes/master/tasks/kubeadm-upgrade.yml
index 5e844296a..209bd1e13 100644
--- a/roles/kubernetes/master/tasks/kubeadm-upgrade.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-upgrade.yml
@@ -19,7 +19,7 @@
--allow-experimental-upgrades
--allow-release-candidate-upgrades
--etcd-upgrade=false
- {{ (kubeadm_output.stdout is version('v1.16.0', '>=')) | ternary('--certificate-renewal=true', '') }}
+ --certificate-renewal=true
--force
register: kubeadm_upgrade
# Retry is because upload config sometimes fails
@@ -41,7 +41,7 @@
--allow-experimental-upgrades
--allow-release-candidate-upgrades
--etcd-upgrade=false
- {{ (kubeadm_output.stdout is version('v1.16.0', '>=')) | ternary('--certificate-renewal=true', '') }}
+ --certificate-renewal=true
--force
register: kubeadm_upgrade
when: inventory_hostname != groups['kube-master']|first
diff --git a/roles/kubernetes/master/tasks/kubeadm-version.yml b/roles/kubernetes/master/tasks/kubeadm-version.yml
index 7df68b329..1ad14db68 100644
--- a/roles/kubernetes/master/tasks/kubeadm-version.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-version.yml
@@ -6,7 +6,6 @@
- name: sets kubeadm api version to v1beta2
set_fact:
kubeadmConfig_api_version: v1beta2
- when: kubeadm_output.stdout is version('v1.15.0', '>=')
- name: kubeadm | Create kubeadm config
template:
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
deleted file mode 100644
index e0276e2de..000000000
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ /dev/null
@@ -1,330 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1beta1
-kind: InitConfiguration
-{% if kubeadm_token is defined %}
-bootstrapTokens:
-- token: "{{ kubeadm_token }}"
- description: "kubespray kubeadm bootstrap token"
- ttl: "24h"
-{% endif %}
-localAPIEndpoint:
- advertiseAddress: {{ ip | default(fallback_ips[inventory_hostname]) }}
- bindPort: {{ kube_apiserver_port }}
-nodeRegistration:
-{% if kube_override_hostname|default('') %}
- name: {{ kube_override_hostname }}
-{% endif %}
-{% if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] %}
- taints:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
-{% else %}
- taints: []
-{% endif %}
- criSocket: {{ cri_socket }}
-{% if cloud_provider is defined and cloud_provider in ["external"] %}
- kubeletExtraArgs:
- cloud-provider: external
-{% endif %}
----
-apiVersion: kubeadm.k8s.io/v1beta1
-kind: ClusterConfiguration
-clusterName: {{ cluster_name }}
-etcd:
-{% if not etcd_kubeadm_enabled %}
- external:
- endpoints:
-{% for endpoint in etcd_access_addresses.split(',') %}
- - {{ endpoint }}
-{% endfor %}
- caFile: {{ etcd_cert_dir }}/{{ kube_etcd_cacert_file }}
- certFile: {{ etcd_cert_dir }}/{{ kube_etcd_cert_file }}
- keyFile: {{ etcd_cert_dir }}/{{ kube_etcd_key_file }}
-{% elif etcd_kubeadm_enabled %}
- local:
- imageRepository: "{{ etcd_image_repo | regex_replace("/etcd$","") }}"
- imageTag: "{{ etcd_image_tag }}"
- dataDir: "{{ etcd_data_dir }}"
- extraArgs:
- metrics: {{ etcd_metrics }}
- election-timeout: "{{ etcd_election_timeout }}"
- heartbeat-interval: "{{ etcd_heartbeat_interval }}"
- auto-compaction-retention: "{{ etcd_compaction_retention }}"
-{% if etcd_snapshot_count is defined %}
- snapshot-count: "{{ etcd_snapshot_count }}"
-{% endif %}
-{% if etcd_quota_backend_bytes is defined %}
- quota-backend-bytes: "{{ etcd_quota_backend_bytes }}"
-{% endif %}
-{% if etcd_log_package_levels is defined %}
- log-package_levels: "{{ etcd_log_package_levels }}"
-{% endif %}
-{% for key, value in etcd_extra_vars.items() %}
- {{ key }}: "{{ value }}"
-{% endfor %}
-{% if host_architecture != "amd64" -%}
- etcd-unsupported-arch: {{host_architecture}}
-{% endif %}
- serverCertSANs:
-{% for san in etcd_cert_alt_names %}
- - {{ san }}
-{% endfor %}
-{% for san in etcd_cert_alt_ips %}
- - {{ san }}
-{% endfor %}
- peerCertSANs:
-{% for san in etcd_cert_alt_names %}
- - {{ san }}
-{% endfor %}
-{% for san in etcd_cert_alt_ips %}
- - {{ san }}
-{% endfor %}
-{% endif %}
-dns:
- type: CoreDNS
- imageRepository: {{ coredns_image_repo | regex_replace('/coredns$','') }}
- imageTag: {{ coredns_image_tag }}
-networking:
- dnsDomain: {{ dns_domain }}
- serviceSubnet: {{ kube_service_addresses }}
- podSubnet: {{ kube_pods_subnet }}
-kubernetesVersion: {{ kube_version }}
-{% if kubeadm_config_api_fqdn is defined %}
-controlPlaneEndpoint: {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }}
-{% else %}
-controlPlaneEndpoint: {{ ip | default(fallback_ips[inventory_hostname]) }}:{{ kube_apiserver_port }}
-{% endif %}
-certificatesDir: {{ kube_cert_dir }}
-imageRepository: {{ kube_image_repo }}
-useHyperKubeImage: {{ kubeadm_use_hyperkube_image }}
-apiServer:
- extraArgs:
-{% if kube_api_anonymous_auth is defined %}
- anonymous-auth: "{{ kube_api_anonymous_auth }}"
-{% endif %}
- authorization-mode: {{ authorization_modes | join(',') }}
- bind-address: {{ kube_apiserver_bind_address }}
-{% if kube_apiserver_insecure_port|string != "0" %}
- insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
-{% endif %}
- insecure-port: "{{ kube_apiserver_insecure_port }}"
-{% if kube_apiserver_enable_admission_plugins|length > 0 %}
- enable-admission-plugins: {{ kube_apiserver_enable_admission_plugins | join(',') }}
-{% endif %}
-{% if kube_apiserver_disable_admission_plugins|length > 0 %}
- disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
-{% endif %}
- apiserver-count: "{{ kube_apiserver_count }}"
- endpoint-reconciler-type: lease
-{% if etcd_events_cluster_enabled %}
- etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
-{% endif %}
- service-node-port-range: {{ kube_apiserver_node_port_range }}
- kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}"
- profiling: "{{ kube_profiling }}"
- request-timeout: "{{ kube_apiserver_request_timeout }}"
- enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
-{% if kube_basic_auth|default(true) %}
- basic-auth-file: {{ kube_users_dir }}/known_users.csv
-{% endif %}
-{% if kube_token_auth|default(true) %}
- token-auth-file: {{ kube_token_dir }}/known_tokens.csv
-{% endif %}
-{% if kube_oidc_auth|default(false) and kube_oidc_url is defined and kube_oidc_client_id is defined %}
- oidc-issuer-url: {{ kube_oidc_url }}
- oidc-client-id: {{ kube_oidc_client_id }}
-{% if kube_oidc_ca_file is defined %}
- oidc-ca-file: {{ kube_oidc_ca_file }}
-{% endif %}
-{% if kube_oidc_username_claim is defined %}
- oidc-username-claim: {{ kube_oidc_username_claim }}
-{% endif %}
-{% if kube_oidc_groups_claim is defined %}
- oidc-groups-claim: {{ kube_oidc_groups_claim }}
-{% endif %}
-{% if kube_oidc_username_prefix is defined %}
- oidc-username-prefix: "{{ kube_oidc_username_prefix }}"
-{% endif %}
-{% if kube_oidc_groups_prefix is defined %}
- oidc-groups-prefix: "{{ kube_oidc_groups_prefix }}"
-{% endif %}
-{% endif %}
-{% if kube_webhook_token_auth|default(false) %}
- authentication-token-webhook-config-file: {{ kube_config_dir }}/webhook-token-auth-config.yaml
-{% endif %}
-{% if kube_encrypt_secret_data %}
- encryption-provider-config: {{ kube_cert_dir }}/secrets_encryption.yaml
-{% endif %}
- storage-backend: {{ kube_apiserver_storage_backend }}
-{% if kube_api_runtime_config is defined %}
- runtime-config: {{ kube_api_runtime_config | join(',') }}
-{% endif %}
- allow-privileged: "true"
-{% if kubernetes_audit %}
- audit-log-path: "{{ audit_log_path }}"
- audit-log-maxage: "{{ audit_log_maxage }}"
- audit-log-maxbackup: "{{ audit_log_maxbackups }}"
- audit-log-maxsize: "{{ audit_log_maxsize }}"
- audit-policy-file: {{ audit_policy_file }}
-{% endif %}
-{% for key in kube_kubeadm_apiserver_extra_args %}
- {{ key }}: "{{ kube_kubeadm_apiserver_extra_args[key] }}"
-{% endfor %}
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
-{% endif %}
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %}
- cloud-provider: {{cloud_provider}}
- cloud-config: {{ kube_config_dir }}/cloud_config
-{% endif %}
-{% if kubernetes_audit or kube_basic_auth|default(true) or kube_token_auth|default(true) or kube_webhook_token_auth|default(false) or ( cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] ) or apiserver_extra_volumes or ssl_ca_dirs|length %}
- extraVolumes:
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %}
- - name: cloud-config
- hostPath: {{ kube_config_dir }}/cloud_config
- mountPath: {{ kube_config_dir }}/cloud_config
-{% endif %}
-{% if kube_basic_auth|default(true) %}
- - name: basic-auth-config
- hostPath: {{ kube_users_dir }}
- mountPath: {{ kube_users_dir }}
-{% endif %}
-{% if kube_token_auth|default(true) %}
- - name: token-auth-config
- hostPath: {{ kube_token_dir }}
- mountPath: {{ kube_token_dir }}
-{% endif %}
-{% if kube_webhook_token_auth|default(false) %}
- - name: webhook-token-auth-config
- hostPath: {{ kube_config_dir }}/webhook-token-auth-config.yaml
- mountPath: {{ kube_config_dir }}/webhook-token-auth-config.yaml
-{% endif %}
-{% if kubernetes_audit %}
- - name: {{ audit_policy_name }}
- hostPath: {{ audit_policy_hostpath }}
- mountPath: {{ audit_policy_mountpath }}
-{% if audit_log_path != "-" %}
- - name: {{ audit_log_name }}
- hostPath: {{ audit_log_hostpath }}
- mountPath: {{ audit_log_mountpath }}
- readOnly: false
-{% endif %}
-{% endif %}
-{% for volume in apiserver_extra_volumes %}
- - name: {{ volume.name }}
- hostPath: {{ volume.hostPath }}
- mountPath: {{ volume.mountPath }}
- readOnly: {{ volume.readOnly | d(not (volume.writable | d(false))) }}
-{% endfor %}
-{% if ssl_ca_dirs|length %}
-{% for dir in ssl_ca_dirs %}
- - name: {{ dir | regex_replace('^/(.*)$', '\\1' ) | regex_replace('/', '-') }}
- hostPath: {{ dir }}
- mountPath: {{ dir }}
- readOnly: true
-{% endfor %}
-{% endif %}
-{% endif %}
- certSANs:
-{% for san in apiserver_sans %}
- - {{ san }}
-{% endfor %}
- timeoutForControlPlane: 5m0s
-controllerManager:
- extraArgs:
- node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }}
- node-monitor-period: {{ kube_controller_node_monitor_period }}
- pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
- node-cidr-mask-size: "{{ kube_network_node_prefix }}"
- profiling: "{{ kube_profiling }}"
- terminated-pod-gc-threshold: "{{ kube_controller_terminated_pod_gc_threshold }}"
- bind-address: {{ kube_controller_manager_bind_address }}
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
-{% endif %}
-{% for key in kube_kubeadm_controller_extra_args %}
- {{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
-{% endfor %}
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %}
- cloud-provider: {{cloud_provider}}
- cloud-config: {{ kube_config_dir }}/cloud_config
-{% endif %}
-{% if kube_network_plugin is defined and kube_network_plugin not in ["cloud"] %}
- configure-cloud-routes: "false"
-{% endif %}
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] or controller_manager_extra_volumes %}
- extraVolumes:
-{% if cloud_provider is defined and cloud_provider in ["openstack"] and openstack_cacert is defined %}
- - name: openstackcacert
- hostPath: "{{ kube_config_dir }}/openstack-cacert.pem"
- mountPath: "{{ kube_config_dir }}/openstack-cacert.pem"
-{% endif %}
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %}
- - name: cloud-config
- hostPath: {{ kube_config_dir }}/cloud_config
- mountPath: {{ kube_config_dir }}/cloud_config
-{% endif %}
-{% for volume in controller_manager_extra_volumes %}
- - name: {{ volume.name }}
- hostPath: {{ volume.hostPath }}
- mountPath: {{ volume.mountPath }}
- readOnly: {{ volume.readOnly | d(not (volume.writable | d(false))) }}
-{% endfor %}
-{% endif %}
-scheduler:
- extraArgs:
- bind-address: {{ kube_scheduler_bind_address }}
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
-{% endif %}
-{% if kube_kubeadm_scheduler_extra_args|length > 0 %}
-{% for key in kube_kubeadm_scheduler_extra_args %}
- {{ key }}: "{{ kube_kubeadm_scheduler_extra_args[key] }}"
-{% endfor %}
-{% endif %}
-{% if scheduler_extra_volumes %}
- extraVolumes:
-{% for volume in scheduler_extra_volumes %}
- - name: {{ volume.name }}
- hostPath: {{ volume.hostPath }}
- mountPath: {{ volume.mountPath }}
- readOnly: {{ volume.readOnly | d(not (volume.writable | d(false))) }}
-{% endfor %}
-{% endif %}
----
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-bindAddress: {{ kube_proxy_bind_address }}
-clientConnection:
- acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
- burst: {{ kube_proxy_client_burst }}
- contentType: {{ kube_proxy_client_content_type }}
- kubeconfig: {{ kube_proxy_client_kubeconfig }}
- qps: {{ kube_proxy_client_qps }}
-clusterCIDR: {{ kube_pods_subnet }}
-configSyncPeriod: {{ kube_proxy_config_sync_period }}
-conntrack:
- max: {{ kube_proxy_conntrack_max }}
- maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
- min: {{ kube_proxy_conntrack_min }}
- tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
- tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
-enableProfiling: {{ kube_proxy_enable_profiling }}
-healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
-hostnameOverride: {{ kube_override_hostname }}
-iptables:
- masqueradeAll: {{ kube_proxy_masquerade_all }}
- masqueradeBit: {{ kube_proxy_masquerade_bit }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- syncPeriod: {{ kube_proxy_sync_period }}
-ipvs:
- excludeCIDRs: {{ "[]" if kube_proxy_exclude_cidrs is not defined or kube_proxy_exclude_cidrs == "null" or kube_proxy_exclude_cidrs | length == 0 else (kube_proxy_exclude_cidrs if kube_proxy_exclude_cidrs[0] == '[' else ("[" + kube_proxy_exclude_cidrs + "]" if (kube_proxy_exclude_cidrs[0] | length) == 1 else "[" + kube_proxy_exclude_cidrs | join(",") + "]")) }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- scheduler: {{ kube_proxy_scheduler }}
- syncPeriod: {{ kube_proxy_sync_period }}
- strictARP: {{ kube_proxy_strict_arp }}
-metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
-mode: {{ kube_proxy_mode }}
-nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
-oomScoreAdj: {{ kube_proxy_oom_score_adj }}
-portRange: {{ kube_proxy_port_range }}
-udpIdleTimeout: {{ kube_proxy_udp_idle_timeout }}
diff --git a/roles/kubernetes/master/templates/kubeadm-controlplane.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-controlplane.v1beta1.yaml.j2
deleted file mode 100644
index 9d7952759..000000000
--- a/roles/kubernetes/master/templates/kubeadm-controlplane.v1beta1.yaml.j2
+++ /dev/null
@@ -1,20 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1beta1
-kind: JoinConfiguration
-discovery:
- bootstrapToken:
-{% if kubeadm_config_api_fqdn is defined %}
- apiServerEndpoint: {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }}
-{% else %}
- apiServerEndpoint: {{ kubeadm_discovery_address }}
-{% endif %}
- token: {{ kubeadm_token }}
- unsafeSkipCAVerification: true
- timeout: {{ discovery_timeout }}
- tlsBootstrapToken: {{ kubeadm_token }}
-controlPlane:
- localAPIEndpoint:
- advertiseAddress: {{ kube_apiserver_address }}
- bindPort: {{ kube_apiserver_port }}
-nodeRegistration:
- name: {{ kube_override_hostname|default(inventory_hostname) }}
- criSocket: {{ cri_socket }}
diff --git a/roles/kubernetes/node/tasks/kubelet.yml b/roles/kubernetes/node/tasks/kubelet.yml
index ca3945615..c4cd2d92a 100644
--- a/roles/kubernetes/node/tasks/kubelet.yml
+++ b/roles/kubernetes/node/tasks/kubelet.yml
@@ -10,30 +10,27 @@
command: "{{ bin_dir }}/kubeadm version -o short"
register: kubeadm_output
-- name: sets kubeadm api version to v1beta1
+- name: sets kubelet api version to v1beta1
set_fact:
- kubeadmConfig_api_version: v1beta1
- when: kubeadm_output.stdout is version('v1.13.0', '>=')
+ kubeletConfig_api_version: v1beta1
tags:
- kubelet
- kubeadm
- name: Write kubelet environment config file (kubeadm)
template:
- src: "kubelet.env.{{ kubeadmConfig_api_version }}.j2"
+ src: "kubelet.env.{{ kubeletConfig_api_version }}.j2"
dest: "{{ kube_config_dir }}/kubelet.env"
backup: yes
notify: Node | restart kubelet
- when: kubeadm_output.stdout is version('v1.13.0', '>=')
tags:
- kubelet
- kubeadm
- name: Write kubelet config file
template:
- src: "kubelet-config.{{ kubeadmConfig_api_version }}.yaml.j2"
+ src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2"
dest: "{{ kube_config_dir }}/kubelet-config.yaml"
- when: kubeadm_output.stdout is version('v1.13.0', '>=')
tags:
- kubelet
- kubeadm
--
GitLab