From 4c1e0b188de11161c694746eb9e6e1a10d33252e Mon Sep 17 00:00:00 2001
From: Joel Seguillon <joel.seguillon@gmail.com>
Date: Mon, 29 Jun 2020 21:39:59 +0200
Subject: [PATCH] Add .editorconfig file (#6307)
---
.editorconfig | 15 ++++++++
.gitlab-ci/terraform.yml | 2 +-
.gitlab-ci/vagrant.yml | 2 +-
Dockerfile | 12 +++----
_config.yml | 2 +-
.../glusterfs-kubernetes-endpoint.json.j2 | 2 +-
.../templates/glusterfs-kubernetes-pv.yml.j2 | 2 +-
.../tasks/bootstrap/start_vault_temp.yml | 10 +++---
.../vault/tasks/bootstrap/sync_secrets.yml | 6 ++--
.../roles/vault/tasks/shared/check_etcd.yml | 4 +--
.../roles/vault/tasks/shared/check_vault.yml | 4 +--
.../roles/vault/tasks/shared/create_role.yml | 20 +++++------
.../roles/vault/tasks/shared/gen_userpass.yml | 8 ++---
.../roles/vault/templates/http-proxy.conf.j2 | 2 +-
inventory/sample/group_vars/etcd.yml | 2 +-
.../apt_preferences.d/debian_containerd.j2 | 6 ++--
.../containerd/vars/debian.yml | 6 ++--
.../containerd/vars/ubuntu-amd64.yml | 6 ++--
roles/container-engine/docker/vars/debian.yml | 12 +++----
.../docker/vars/ubuntu-amd64.yml | 12 +++----
.../docker/vars/ubuntu-arm64.yml | 12 +++----
roles/etcd/tasks/check_certs.yml | 16 ++++-----
roles/etcd/tasks/gen_certs_script.yml | 6 ++--
roles/etcd/tasks/install_etcdctl_docker.yml | 6 ++--
.../controller-manager-config.yml.j2 | 14 ++++----
.../templates/node-webhook-cr.yml.j2 | 2 +-
.../csi_driver/cinder/defaults/main.yml | 2 +-
.../cinder-csi-controllerplugin-rbac.yml.j2 | 2 +-
.../gcp_pd/templates/gcp-pd-csi-setup.yml.j2 | 2 +-
.../local_path_provisioner/defaults/main.yml | 2 +-
.../templates/local-path-storage-ns.yml.j2 | 2 +-
.../templates/local-path-storage-sa.yml.j2 | 2 +-
.../templates/alb-ingress-clusterrole.yml.j2 | 2 +-
.../templates/alb-ingress-deploy.yml.j2 | 6 ++--
.../templates/crd-certificate.yml.j2 | 2 +-
.../templates/kubeadm-config.v1beta2.yaml.j2 | 36 +++++++++----------
.../webhook-token-auth-config.yaml.j2 | 2 +-
roles/kubernetes/node-label/tasks/main.yml | 2 +-
.../preinstall/tasks/0090-etchosts.yml | 4 +--
.../kubernetes/tokens/tasks/check-tokens.yml | 6 ++--
roles/kubespray-defaults/defaults/main.yaml | 8 ++---
roles/network_plugin/calico/tasks/install.yml | 36 +++++++++----------
.../calico/templates/calico-node.yml.j2 | 8 ++---
.../calico/templates/calico-typha.yml.j2 | 22 ++++++------
.../calico/templates/kdd-crds.yml.j2 | 2 +-
roles/network_plugin/contiv/tasks/main.yml | 6 ++--
.../contiv/templates/contiv-cleanup.yml.j2 | 18 +++++-----
.../contiv/templates/contiv-config.yml.j2 | 12 +++----
.../contiv/templates/contiv-etcd-proxy.yml.j2 | 12 +++----
.../contiv/templates/contiv-netplugin.yml.j2 | 4 +--
.../contiv/templates/contiv-ovs.yml.j2 | 18 +++++-----
.../network_plugin/kube-ovn/defaults/main.yml | 2 +-
.../templates/cni-kube-ovn-crd.yml.j2 | 2 +-
.../kube-ovn/templates/cni-ovn.yml.j2 | 2 +-
.../kube-router/defaults/main.yml | 2 +-
.../multus/files/multus-clusterrole.yml | 2 +-
roles/upgrade/pre-upgrade/tasks/main.yml | 8 ++---
.../roles/kubevirt-images/defaults/main.yml | 2 +-
.../files/packet_centos7-weave-upgrade-ha.yml | 2 +-
tests/files/packet_centos8-kube-ovn.yml | 2 +-
tests/files/packet_debian10-containerd.yml | 2 +-
tests/files/tf-elastx_ubuntu18-calico.yml | 2 +-
tests/files/vagrant_ubuntu18-flannel.yml | 2 +-
tests/files/vagrant_ubuntu20-flannel.yml | 2 +-
tests/testcases/010_check-apiserver.yml | 2 +-
tests/testcases/015_check-nodes-ready.yml | 2 +-
tests/testcases/030_check-network.yml | 4 +--
67 files changed, 232 insertions(+), 217 deletions(-)
create mode 100644 .editorconfig
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 000000000..6da030f91
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,15 @@
+root = true
+
+[*.{yaml,yml,yml.j2,yaml.j2}]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true
+insert_final_newline = true
+charset = utf-8
+
+[{Dockerfile}]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true
+insert_final_newline = true
+charset = utf-8
diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml
index 0bd133f0d..241cbe53e 100644
--- a/.gitlab-ci/terraform.yml
+++ b/.gitlab-ci/terraform.yml
@@ -171,4 +171,4 @@ tf-elastx_ubuntu18-calico:
TF_VAR_flavor_k8s_master: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2
TF_VAR_flavor_k8s_node: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2
TF_VAR_image: ubuntu-18.04-server-latest
- TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'
\ No newline at end of file
+ TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'
diff --git a/.gitlab-ci/vagrant.yml b/.gitlab-ci/vagrant.yml
index fcc5de459..7861dbe3c 100644
--- a/.gitlab-ci/vagrant.yml
+++ b/.gitlab-ci/vagrant.yml
@@ -51,4 +51,4 @@ vagrant_ubuntu18-weave-medium:
vagrant_ubuntu20-flannel:
stage: deploy-part2
extends: .vagrant
- when: on_success
\ No newline at end of file
+ when: on_success
diff --git a/Dockerfile b/Dockerfile
index 67ac6f81b..fd3eec5a6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,12 +6,12 @@ RUN apt update -y && \
apt install -y \
libssl-dev python3-dev sshpass apt-transport-https jq moreutils \
ca-certificates curl gnupg2 software-properties-common python3-pip rsync
-RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
- add-apt-repository \
- "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
- $(lsb_release -cs) \
- stable" \
- && apt update -y && apt-get install docker-ce -y
+RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
+ add-apt-repository \
+ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+ $(lsb_release -cs) \
+ stable" \
+ && apt update -y && apt-get install docker-ce -y
COPY . .
RUN /usr/bin/python3 -m pip install pip -U && /usr/bin/python3 -m pip install -r tests/requirements.txt && python3 -m pip install -r requirements.txt && update-alternatives --install /usr/bin/python python /usr/bin/python3 1
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.5/bin/linux/amd64/kubectl \
diff --git a/_config.yml b/_config.yml
index a2b6bf07e..9b686697c 100644
--- a/_config.yml
+++ b/_config.yml
@@ -1,2 +1,2 @@
---
-theme: jekyll-theme-slate
\ No newline at end of file
+theme: jekyll-theme-slate
diff --git a/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-endpoint.json.j2 b/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-endpoint.json.j2
index 9619139e4..866c09f3e 100644
--- a/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-endpoint.json.j2
+++ b/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-endpoint.json.j2
@@ -8,7 +8,7 @@
{% for host in groups['gfs-cluster'] %}
{
"addresses": [
- {
+ {
"ip": "{{hostvars[host]['ip']|default(hostvars[host].ansible_default_ipv4['address'])}}"
}
],
diff --git a/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-pv.yml.j2 b/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-pv.yml.j2
index 4eef00535..f6ba4358e 100644
--- a/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-pv.yml.j2
+++ b/contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-pv.yml.j2
@@ -1,7 +1,7 @@
apiVersion: v1
kind: PersistentVolume
metadata:
- name: glusterfs
+ name: glusterfs
spec:
capacity:
storage: "{{ hostvars[groups['gfs-cluster'][0]].gluster_disk_size_gb }}Gi"
diff --git a/contrib/vault/roles/vault/tasks/bootstrap/start_vault_temp.yml b/contrib/vault/roles/vault/tasks/bootstrap/start_vault_temp.yml
index 9ff327366..77398009c 100644
--- a/contrib/vault/roles/vault/tasks/bootstrap/start_vault_temp.yml
+++ b/contrib/vault/roles/vault/tasks/bootstrap/start_vault_temp.yml
@@ -6,11 +6,11 @@
- name: bootstrap/start_vault_temp | Start single node Vault with file backend
command: >
- docker run -d --cap-add=IPC_LOCK --name {{ vault_temp_container_name }}
- -p {{ vault_port }}:{{ vault_port }}
- -e 'VAULT_LOCAL_CONFIG={{ vault_temp_config|to_json }}'
- -v /etc/vault:/etc/vault
- {{ vault_image_repo }}:{{ vault_version }} server
+ docker run -d --cap-add=IPC_LOCK --name {{ vault_temp_container_name }}
+ -p {{ vault_port }}:{{ vault_port }}
+ -e 'VAULT_LOCAL_CONFIG={{ vault_temp_config|to_json }}'
+ -v /etc/vault:/etc/vault
+ {{ vault_image_repo }}:{{ vault_version }} server
- name: bootstrap/start_vault_temp | Start again single node Vault with file backend
command: docker start {{ vault_temp_container_name }}
diff --git a/contrib/vault/roles/vault/tasks/bootstrap/sync_secrets.yml b/contrib/vault/roles/vault/tasks/bootstrap/sync_secrets.yml
index dff1f16dd..5471ea520 100644
--- a/contrib/vault/roles/vault/tasks/bootstrap/sync_secrets.yml
+++ b/contrib/vault/roles/vault/tasks/bootstrap/sync_secrets.yml
@@ -21,9 +21,9 @@
- name: bootstrap/sync_secrets | Print out warning message if secrets are not available and vault is initialized
pause:
prompt: >
- Vault orchestration may not be able to proceed. The Vault cluster is initialized, but
- 'root_token' or 'unseal_keys' were not found in {{ vault_secrets_dir }}. These are
- needed for many vault orchestration steps.
+ Vault orchestration may not be able to proceed. The Vault cluster is initialized, but
+ 'root_token' or 'unseal_keys' were not found in {{ vault_secrets_dir }}. These are
+ needed for many vault orchestration steps.
when: vault_cluster_is_initialized and not vault_secrets_available
- name: bootstrap/sync_secrets | Cat root_token from a vault host
diff --git a/contrib/vault/roles/vault/tasks/shared/check_etcd.yml b/contrib/vault/roles/vault/tasks/shared/check_etcd.yml
index f8599d536..444228701 100644
--- a/contrib/vault/roles/vault/tasks/shared/check_etcd.yml
+++ b/contrib/vault/roles/vault/tasks/shared/check_etcd.yml
@@ -25,6 +25,6 @@
- name: check_etcd | Fail if etcd is not available and needed
fail:
msg: >
- Unable to start Vault cluster! Etcd is not available at
- {{ vault_etcd_url.split(',') | first }} however it is needed by Vault as a backend.
+ Unable to start Vault cluster! Etcd is not available at
+ {{ vault_etcd_url.split(',') | first }} however it is needed by Vault as a backend.
when: vault_etcd_needed|d() and not vault_etcd_available
diff --git a/contrib/vault/roles/vault/tasks/shared/check_vault.yml b/contrib/vault/roles/vault/tasks/shared/check_vault.yml
index c10904801..32571f479 100644
--- a/contrib/vault/roles/vault/tasks/shared/check_vault.yml
+++ b/contrib/vault/roles/vault/tasks/shared/check_vault.yml
@@ -46,7 +46,7 @@
set_fact:
vault_cluster_is_initialized: >-
{{ vault_is_initialized or
- hostvars[item]['vault_is_initialized'] or
- ('value' in vault_etcd_exists.stdout|default('')) }}
+ hostvars[item]['vault_is_initialized'] or
+ ('value' in vault_etcd_exists.stdout|default('')) }}
with_items: "{{ groups.vault }}"
run_once: true
diff --git a/contrib/vault/roles/vault/tasks/shared/create_role.yml b/contrib/vault/roles/vault/tasks/shared/create_role.yml
index d3aa3e441..792f75484 100644
--- a/contrib/vault/roles/vault/tasks/shared/create_role.yml
+++ b/contrib/vault/roles/vault/tasks/shared/create_role.yml
@@ -6,9 +6,9 @@
ca_cert: "{{ vault_cert_dir }}/ca.pem"
name: "{{ create_role_name }}"
rules: >-
- {%- if create_role_policy_rules|d("default") == "default" -%}
- {{
- { 'path': {
+ {%- if create_role_policy_rules|d("default") == "default" -%}
+ {{
+ { 'path': {
create_role_mount_path + '/issue/' + create_role_name: {'policy': 'write'},
create_role_mount_path + '/roles/' + create_role_name: {'policy': 'read'}
}} | to_json + '\n'
@@ -24,13 +24,13 @@
ca_cert: "{{ vault_cert_dir }}/ca.pem"
secret: "{{ create_role_mount_path }}/roles/{{ create_role_name }}"
data: |
- {%- if create_role_options|d("default") == "default" -%}
- {
- allow_any_name: true
- }
- {%- else -%}
- {{ create_role_options | to_json }}
- {%- endif -%}
+ {%- if create_role_options|d("default") == "default" -%}
+ {
+ allow_any_name: true
+ }
+ {%- else -%}
+ {{ create_role_options | to_json }}
+ {%- endif -%}
## Userpass based auth method
diff --git a/contrib/vault/roles/vault/tasks/shared/gen_userpass.yml b/contrib/vault/roles/vault/tasks/shared/gen_userpass.yml
index a49b443e3..e609fc41a 100644
--- a/contrib/vault/roles/vault/tasks/shared/gen_userpass.yml
+++ b/contrib/vault/roles/vault/tasks/shared/gen_userpass.yml
@@ -18,8 +18,8 @@
- name: shared/gen_userpass | Copy credentials to all hosts in the group
copy:
content: >
- {{
- {'username': gen_userpass_username,
- 'password': gen_userpass_password} | to_nice_json(indent=4)
- }}
+ {{
+ {'username': gen_userpass_username,
+ 'password': gen_userpass_password} | to_nice_json(indent=4)
+ }}
dest: "{{ vault_roles_dir }}/{{ gen_userpass_role }}/userpass"
diff --git a/contrib/vault/roles/vault/templates/http-proxy.conf.j2 b/contrib/vault/roles/vault/templates/http-proxy.conf.j2
index 0e24a9d77..e79047771 100644
--- a/contrib/vault/roles/vault/templates/http-proxy.conf.j2
+++ b/contrib/vault/roles/vault/templates/http-proxy.conf.j2
@@ -1,2 +1,2 @@
[Service]
-Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %}
\ No newline at end of file
+Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %}
diff --git a/inventory/sample/group_vars/etcd.yml b/inventory/sample/group_vars/etcd.yml
index 737482f7e..cbc388e43 100644
--- a/inventory/sample/group_vars/etcd.yml
+++ b/inventory/sample/group_vars/etcd.yml
@@ -19,4 +19,4 @@
# etcd_peer_client_auth: true
## Settings for etcd deployment type
-etcd_deployment_type: docker
\ No newline at end of file
+etcd_deployment_type: docker
diff --git a/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2 b/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2
index 896d70ff9..5299573b3 100644
--- a/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2
+++ b/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2
@@ -1,3 +1,3 @@
-Package: {{ containerd_package }}
-Pin: version {{ containerd_version }}*
-Pin-Priority: 1001
+Package: {{ containerd_package }}
+Pin: version {{ containerd_version }}*
+Pin-Priority: 1001
diff --git a/roles/container-engine/containerd/vars/debian.yml b/roles/container-engine/containerd/vars/debian.yml
index 66aa5f08c..108625d32 100644
--- a/roles/container-engine/containerd/vars/debian.yml
+++ b/roles/container-engine/containerd/vars/debian.yml
@@ -15,8 +15,8 @@ containerd_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb {{ containerd_debian_repo_base_url }}
- {{ ansible_distribution_release|lower }}
- {{ containerd_debian_repo_component }}
+ deb {{ containerd_debian_repo_base_url }}
+ {{ ansible_distribution_release|lower }}
+ {{ containerd_debian_repo_component }}
runc_binary: /usr/bin/runc
diff --git a/roles/container-engine/containerd/vars/ubuntu-amd64.yml b/roles/container-engine/containerd/vars/ubuntu-amd64.yml
index a57cf5030..013df1537 100644
--- a/roles/container-engine/containerd/vars/ubuntu-amd64.yml
+++ b/roles/container-engine/containerd/vars/ubuntu-amd64.yml
@@ -15,8 +15,8 @@ containerd_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb {{ containerd_ubuntu_repo_base_url }}
- {{ ansible_distribution_release|lower }}
- {{ containerd_ubuntu_repo_component }}
+ deb {{ containerd_ubuntu_repo_base_url }}
+ {{ ansible_distribution_release|lower }}
+ {{ containerd_ubuntu_repo_component }}
runc_binary: /usr/bin/runc
diff --git a/roles/container-engine/docker/vars/debian.yml b/roles/container-engine/docker/vars/debian.yml
index e19c090a3..c266302eb 100644
--- a/roles/container-engine/docker/vars/debian.yml
+++ b/roles/container-engine/docker/vars/debian.yml
@@ -41,9 +41,9 @@ docker_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb {{ docker_debian_repo_base_url }}
- {{ ansible_distribution_release|lower }}
- stable
+ deb {{ docker_debian_repo_base_url }}
+ {{ ansible_distribution_release|lower }}
+ stable
dockerproject_repo_key_info:
pkg_key: apt_key
@@ -55,6 +55,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb {{ docker_debian_repo_base_url }}
- {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
- main
+ deb {{ docker_debian_repo_base_url }}
+ {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+ main
diff --git a/roles/container-engine/docker/vars/ubuntu-amd64.yml b/roles/container-engine/docker/vars/ubuntu-amd64.yml
index ea9f143d0..0f264e5e3 100644
--- a/roles/container-engine/docker/vars/ubuntu-amd64.yml
+++ b/roles/container-engine/docker/vars/ubuntu-amd64.yml
@@ -41,9 +41,9 @@ docker_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
- {{ ansible_distribution_release|lower }}
- stable
+ deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+ {{ ansible_distribution_release|lower }}
+ stable
dockerproject_repo_key_info:
pkg_key: apt_key
@@ -55,6 +55,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
- {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
- main
+ deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+ {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+ main
diff --git a/roles/container-engine/docker/vars/ubuntu-arm64.yml b/roles/container-engine/docker/vars/ubuntu-arm64.yml
index fd25b6bcb..bd35458e5 100644
--- a/roles/container-engine/docker/vars/ubuntu-arm64.yml
+++ b/roles/container-engine/docker/vars/ubuntu-arm64.yml
@@ -37,9 +37,9 @@ docker_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
- {{ ansible_distribution_release|lower }}
- stable
+ deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+ {{ ansible_distribution_release|lower }}
+ stable
dockerproject_repo_key_info:
pkg_key: apt_key
@@ -51,6 +51,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
- deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
- {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
- main
+ deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+ {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+ main
diff --git a/roles/etcd/tasks/check_certs.yml b/roles/etcd/tasks/check_certs.yml
index aa77e4d09..d3aaa9c23 100644
--- a/roles/etcd/tasks/check_certs.yml
+++ b/roles/etcd/tasks/check_certs.yml
@@ -30,14 +30,14 @@
with_items: "{{ expected_files }}"
vars:
expected_files: >-
- ['{{ etcd_cert_dir }}/ca.pem',
- {% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %}
- {% for host in all_etcd_hosts %}
- '{{ etcd_cert_dir }}/node-{{ host }}-key.pem',
- '{{ etcd_cert_dir }}/admin-{{ host }}-key.pem',
- '{{ etcd_cert_dir }}/member-{{ host }}-key.pem'
- {% if not loop.last %}{{','}}{% endif %}
- {% endfor %}]
+ ['{{ etcd_cert_dir }}/ca.pem',
+ {% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %}
+ {% for host in all_etcd_hosts %}
+ '{{ etcd_cert_dir }}/node-{{ host }}-key.pem',
+ '{{ etcd_cert_dir }}/admin-{{ host }}-key.pem',
+ '{{ etcd_cert_dir }}/member-{{ host }}-key.pem'
+ {% if not loop.last %}{{','}}{% endif %}
+ {% endfor %}]
- name: "Check_certs | Set 'gen_master_certs' to true"
set_fact:
diff --git a/roles/etcd/tasks/gen_certs_script.yml b/roles/etcd/tasks/gen_certs_script.yml
index adc7c99e8..651b76719 100644
--- a/roles/etcd/tasks/gen_certs_script.yml
+++ b/roles/etcd/tasks/gen_certs_script.yml
@@ -111,9 +111,9 @@
- name: Gen_certs | Set cert names per node
set_fact:
- my_etcd_node_certs: ['ca.pem',
- 'node-{{ inventory_hostname }}.pem',
- 'node-{{ inventory_hostname }}-key.pem']
+ my_etcd_node_certs: [ 'ca.pem',
+ 'node-{{ inventory_hostname }}.pem',
+ 'node-{{ inventory_hostname }}-key.pem']
tags:
- facts
diff --git a/roles/etcd/tasks/install_etcdctl_docker.yml b/roles/etcd/tasks/install_etcdctl_docker.yml
index 1d87ccc8e..74ae07f18 100644
--- a/roles/etcd/tasks/install_etcdctl_docker.yml
+++ b/roles/etcd/tasks/install_etcdctl_docker.yml
@@ -1,9 +1,9 @@
---
- name: Install | Copy etcdctl binary from docker container
command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy;
- {{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
- {{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl &&
- {{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy"
+ {{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
+ {{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl &&
+ {{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy"
register: etcdctl_install_result
until: etcdctl_install_result.rc == 0
retries: "{{ etcd_retries }}"
diff --git a/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2 b/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
index 695cc55b4..b8dcc60fa 100644
--- a/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
+++ b/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
@@ -18,14 +18,14 @@ auth:
useInstancePrincipals: true
{% else %}
useInstancePrincipals: false
-
+
region: {{ oci_region_id }}
tenancy: {{ oci_tenancy_id }}
user: {{ oci_user_id }}
- key: |
+ key: |
{{ oci_private_key }}
- {% if oci_private_key_passphrase is defined %}
+ {% if oci_private_key_passphrase is defined %}
passphrase: {{ oci_private_key_passphrase }}
{% endif %}
@@ -75,16 +75,16 @@ loadBalancer:
# Optional rate limit controls for accessing OCI API
rateLimiter:
{% if oci_rate_limit.rate_limit_qps_read %}
- rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
+ rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
{% endif %}
{% if oci_rate_limit.rate_limit_qps_write %}
- rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
+ rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
{% endif %}
{% if oci_rate_limit.rate_limit_bucket_read %}
- rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
+ rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
{% endif %}
{% if oci_rate_limit.rate_limit_bucket_write %}
- rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
+ rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
{% endif %}
{% endif %}
diff --git a/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2 b/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2
index 8c339235d..bf9aaf73f 100644
--- a/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2
+++ b/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2
@@ -17,4 +17,4 @@ rules:
- nodes/spec
- nodes/metrics
verbs:
- - "*"
\ No newline at end of file
+ - "*"
diff --git a/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml b/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
index 9aa039339..5444f33c5 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
+++ b/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
@@ -14,4 +14,4 @@ cinder_cacert: "{{ lookup('env','OS_CACERT') }}"
# For now, only Cinder v3 is supported in Cinder CSI driver
cinder_blockstorage_version: "v3"
-cinder_csi_controller_replicas: 1
\ No newline at end of file
+cinder_csi_controller_replicas: 1
diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
index 241c67af3..2ca3e4486 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
@@ -8,7 +8,7 @@ metadata:
namespace: kube-system
---
-# external attacher
+# external attacher
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
diff --git a/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2 b/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2
index 65018ffab..4c693b3fd 100644
--- a/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2
@@ -197,4 +197,4 @@ roleRef:
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
- namespace: kube-system
\ No newline at end of file
+ namespace: kube-system
diff --git a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml
index fa7b8b3a5..278518b15 100644
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml
@@ -6,4 +6,4 @@ local_path_provisioner_reclaim_policy: Delete
local_path_provisioner_claim_root: /opt/local-path-provisioner/
local_path_provisioner_is_default_storageclass: "true"
local_path_provisioner_debug: false
-local_path_provisioner_helper_image_tag: "latest"
\ No newline at end of file
+local_path_provisioner_helper_image_tag: "latest"
diff --git a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2 b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2
index 5f178256f..1e8c6ceda 100644
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2
@@ -2,4 +2,4 @@
apiVersion: v1
kind: Namespace
metadata:
- name: {{ local_path_provisioner_namespace }}
\ No newline at end of file
+ name: {{ local_path_provisioner_namespace }}
diff --git a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2 b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2
index d126a5b34..128a106d0 100644
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2
@@ -3,4 +3,4 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: local-path-provisioner-service-account
- namespace: {{ local_path_provisioner_namespace }}
\ No newline at end of file
+ namespace: {{ local_path_provisioner_namespace }}
diff --git a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2 b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2
index 4d776f149..bc030950e 100644
--- a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2
@@ -10,4 +10,4 @@ rules:
verbs: ["list", "create", "get", "update", "watch", "patch"]
- apiGroups: ["", "extensions"]
resources: ["nodes", "pods", "secrets", "services", "namespaces"]
- verbs: ["get", "list", "watch"]
\ No newline at end of file
+ verbs: ["get", "list", "watch"]
diff --git a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2 b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2
index dc95b1df1..a3d2834ac 100644
--- a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2
@@ -33,7 +33,7 @@ spec:
# Limit the namespace where this ALB Ingress Controller deployment will
# resolve ingress resources. If left commented, all namespaces are used.
#- --watch-namespace=your-k8s-namespace
-
+
# Setting the ingress-class flag below will ensure that only ingress resources with the
# annotation kubernetes.io/ingress.class: "alb" are respected by the controller. You may
# choose any class you'd like for this controller to respect.
@@ -42,7 +42,7 @@ spec:
# by the ALB Ingress Controller, providing distinction between
# clusters.
- --cluster-name={{ cluster_name }}
-
+
# Enables logging on all outbound requests sent to the AWS API.
# If logging is desired, set to true.
# - ---aws-api-debug
@@ -71,4 +71,4 @@ spec:
terminationGracePeriodSeconds: 30
{% if rbac_enabled %}
serviceAccountName: alb-ingress
-{% endif %}
\ No newline at end of file
+{% endif %}
diff --git a/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2 b/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2
index 2b5b40005..9b6fcd252 100644
--- a/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2
@@ -20,4 +20,4 @@ spec:
shortNames:
- cert
- certs
-
+
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
index 19619d763..25a71c073 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
@@ -325,32 +325,32 @@ apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
bindAddress: {{ kube_proxy_bind_address }}
clientConnection:
- acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
- burst: {{ kube_proxy_client_burst }}
- contentType: {{ kube_proxy_client_content_type }}
- kubeconfig: {{ kube_proxy_client_kubeconfig }}
- qps: {{ kube_proxy_client_qps }}
+ acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
+ burst: {{ kube_proxy_client_burst }}
+ contentType: {{ kube_proxy_client_content_type }}
+ kubeconfig: {{ kube_proxy_client_kubeconfig }}
+ qps: {{ kube_proxy_client_qps }}
clusterCIDR: {{ kube_pods_subnet }}
configSyncPeriod: {{ kube_proxy_config_sync_period }}
conntrack:
- maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
- min: {{ kube_proxy_conntrack_min }}
- tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
- tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
+ maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
+ min: {{ kube_proxy_conntrack_min }}
+ tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
+ tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
enableProfiling: {{ kube_proxy_enable_profiling }}
healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
hostnameOverride: {{ kube_override_hostname }}
iptables:
- masqueradeAll: {{ kube_proxy_masquerade_all }}
- masqueradeBit: {{ kube_proxy_masquerade_bit }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- syncPeriod: {{ kube_proxy_sync_period }}
+ masqueradeAll: {{ kube_proxy_masquerade_all }}
+ masqueradeBit: {{ kube_proxy_masquerade_bit }}
+ minSyncPeriod: {{ kube_proxy_min_sync_period }}
+ syncPeriod: {{ kube_proxy_sync_period }}
ipvs:
- excludeCIDRs: {{ kube_proxy_exclude_cidrs }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- scheduler: {{ kube_proxy_scheduler }}
- syncPeriod: {{ kube_proxy_sync_period }}
- strictARP: {{ kube_proxy_strict_arp }}
+ excludeCIDRs: {{ kube_proxy_exclude_cidrs }}
+ minSyncPeriod: {{ kube_proxy_min_sync_period }}
+ scheduler: {{ kube_proxy_scheduler }}
+ syncPeriod: {{ kube_proxy_sync_period }}
+ strictARP: {{ kube_proxy_strict_arp }}
metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
mode: {{ kube_proxy_mode }}
nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
diff --git a/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2 b/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2
index 15559732c..265a91cc3 100644
--- a/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2
+++ b/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2
@@ -14,4 +14,4 @@ contexts:
- context:
cluster: webhook-token-auth-cluster
user: webhook-token-auth-user
- name: webhook-token-auth
\ No newline at end of file
+ name: webhook-token-auth
diff --git a/roles/kubernetes/node-label/tasks/main.yml b/roles/kubernetes/node-label/tasks/main.yml
index 646fd0981..aa5ffe815 100644
--- a/roles/kubernetes/node-label/tasks/main.yml
+++ b/roles/kubernetes/node-label/tasks/main.yml
@@ -40,7 +40,7 @@
- name: Set label to node
command: >-
- {{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true
+ {{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true
loop: "{{ role_node_labels + inventory_node_labels }}"
delegate_to: "{{ groups['kube-master'][0] }}"
changed_when: false
diff --git a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
index 5b34d2d75..a8c40f6f9 100644
--- a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
+++ b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
@@ -44,8 +44,8 @@
- name: Hosts | Extract existing entries for localhost from hosts file
set_fact:
etc_hosts_localhosts_dict: >-
- {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
- {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
+ {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
+ {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
with_items: "{{ (etc_hosts_content['content'] | b64decode).splitlines() }}"
when:
- etc_hosts_content.content is defined
diff --git a/roles/kubernetes/tokens/tasks/check-tokens.yml b/roles/kubernetes/tokens/tasks/check-tokens.yml
index 5d2792873..160f46bb8 100644
--- a/roles/kubernetes/tokens/tasks/check-tokens.yml
+++ b/roles/kubernetes/tokens/tasks/check-tokens.yml
@@ -27,9 +27,9 @@
sync_tokens: >-
{%- set tokens = {'sync': False} -%}
{%- for server in groups['kube-master'] | intersect(ansible_play_batch)
- if (not hostvars[server].known_tokens.stat.exists) or
- (hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%}
- {%- set _ = tokens.update({'sync': True}) -%}
+ if (not hostvars[server].known_tokens.stat.exists) or
+ (hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%}
+ {%- set _ = tokens.update({'sync': True}) -%}
{%- endfor -%}
{{ tokens.sync }}
run_once: true
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index c794c6404..c659d3cf9 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -434,13 +434,13 @@ loadbalancer_apiserver_type: "nginx"
apiserver_loadbalancer_domain_name: "lb-apiserver.kubernetes.local"
kube_apiserver_endpoint: |-
{% if loadbalancer_apiserver is defined -%}
- https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
+ https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
{%- elif not is_kube_master and loadbalancer_apiserver_localhost -%}
- https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
+ https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
{%- elif is_kube_master -%}
- https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }}
+ https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }}
{%- else -%}
- https://{{ first_kube_master }}:{{ kube_apiserver_port }}
+ https://{{ first_kube_master }}:{{ kube_apiserver_port }}
{%- endif %}
kube_apiserver_insecure_endpoint: >-
http://{{ kube_apiserver_insecure_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_insecure_port }}
diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
index 838e134a9..77aeba6ef 100644
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -198,11 +198,11 @@
"apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer",
"metadata": {
- "name": "global-{{ item.router_id }}"
+ "name": "global-{{ item.router_id }}"
},
"spec": {
- "asNumber": "{{ item.as }}",
- "peerIP": "{{ item.router_id }}"
+ "asNumber": "{{ item.as }}",
+ "peerIP": "{{ item.router_id }}"
}}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output
retries: 4
@@ -220,11 +220,11 @@
"apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer",
"metadata": {
- "name": "peer-to-rrs"
+ "name": "peer-to-rrs"
},
"spec": {
- "nodeSelector": "!has(i-am-a-route-reflector)",
- "peerSelector": "has(i-am-a-route-reflector)"
+ "nodeSelector": "!has(i-am-a-route-reflector)",
+ "peerSelector": "has(i-am-a-route-reflector)"
}}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output
retries: 4
@@ -242,11 +242,11 @@
"apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer",
"metadata": {
- "name": "rr-mesh"
+ "name": "rr-mesh"
},
"spec": {
- "nodeSelector": "has(i-am-a-route-reflector)",
- "peerSelector": "has(i-am-a-route-reflector)"
+ "nodeSelector": "has(i-am-a-route-reflector)",
+ "peerSelector": "has(i-am-a-route-reflector)"
}}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output
retries: 4
@@ -315,13 +315,13 @@
"apiVersion": "projectcalico.org/v3",
"kind": "Node",
"metadata": {
- "name": "{{ inventory_hostname }}"
+ "name": "{{ inventory_hostname }}"
},
"spec": {
- "bgp": {
- "asNumber": "{{ local_as }}"
- },
- "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
+ "bgp": {
+ "asNumber": "{{ local_as }}"
+ },
+ "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
}}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output
retries: 4
@@ -339,12 +339,12 @@
"apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer",
"metadata": {
- "name": "{{ inventory_hostname }}-{{ item.router_id }}"
+ "name": "{{ inventory_hostname }}-{{ item.router_id }}"
},
"spec": {
- "asNumber": "{{ item.as }}",
- "node": "{{ inventory_hostname }}",
- "peerIP": "{{ item.router_id }}"
+ "asNumber": "{{ item.as }}",
+ "node": "{{ inventory_hostname }}",
+ "peerIP": "{{ item.router_id }}"
}}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output
retries: 4
diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2
index 6e3f19d8e..7413a8fad 100644
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -368,10 +368,10 @@ spec:
secret:
secretName: typha-client
items:
- - key: tls.crt
- path: typha-client.crt
- - key: tls.key
- path: typha-client.key
+ - key: tls.crt
+ path: typha-client.crt
+ - key: tls.key
+ path: typha-client.key
- name: typha-cacert
hostPath:
path: "/etc/kubernetes/ssl/"
diff --git a/roles/network_plugin/calico/templates/calico-typha.yml.j2 b/roles/network_plugin/calico/templates/calico-typha.yml.j2
index 279e694c1..31cce13aa 100644
--- a/roles/network_plugin/calico/templates/calico-typha.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-typha.yml.j2
@@ -145,17 +145,17 @@ spec:
periodSeconds: 10
{% if typha_secure %}
volumes:
- - name: typha-server
- secret:
- secretName: typha-server
- items:
- - key: tls.crt
- path: server_certificate.pem
- - key: tls.key
- path: server_key.pem
- - name: cacert
- hostPath:
- path: "{{ kube_cert_dir }}"
+ - name: typha-server
+ secret:
+ secretName: typha-server
+ items:
+ - key: tls.crt
+ path: server_certificate.pem
+ - key: tls.key
+ path: server_key.pem
+ - name: cacert
+ hostPath:
+ path: "{{ kube_cert_dir }}"
{% endif %}
---
diff --git a/roles/network_plugin/calico/templates/kdd-crds.yml.j2 b/roles/network_plugin/calico/templates/kdd-crds.yml.j2
index 7decacc49..88294a887 100644
--- a/roles/network_plugin/calico/templates/kdd-crds.yml.j2
+++ b/roles/network_plugin/calico/templates/kdd-crds.yml.j2
@@ -3,7 +3,7 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
- name: felixconfigurations.crd.projectcalico.org
+ name: felixconfigurations.crd.projectcalico.org
spec:
scope: Cluster
group: crd.projectcalico.org
diff --git a/roles/network_plugin/contiv/tasks/main.yml b/roles/network_plugin/contiv/tasks/main.yml
index 81ca64bdc..f79e1e6fd 100644
--- a/roles/network_plugin/contiv/tasks/main.yml
+++ b/roles/network_plugin/contiv/tasks/main.yml
@@ -146,9 +146,9 @@
- name: Contiv | Copy netctl binary from docker container
command: sh -c "{{ docker_bin_dir }}/docker rm -f netctl-binarycopy;
- {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
- {{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl &&
- {{ docker_bin_dir }}/docker rm -f netctl-binarycopy"
+ {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
+ {{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl &&
+ {{ docker_bin_dir }}/docker rm -f netctl-binarycopy"
register: contiv_task_result
until: contiv_task_result.rc == 0
retries: 4
diff --git a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
index 80884d719..5909e461f 100644
--- a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
@@ -29,15 +29,15 @@ spec:
securityContext:
privileged: true
volumeMounts:
- - mountPath: /etc/openvswitch
- name: etc-openvswitch
- readOnly: false
- - mountPath: /var/run
- name: var-run
- readOnly: false
- - mountPath: /opt/cni/bin
- name: cni-bin-dir
- readOnly: false
+ - mountPath: /etc/openvswitch
+ name: etc-openvswitch
+ readOnly: false
+ - mountPath: /var/run
+ name: var-run
+ readOnly: false
+ - mountPath: /opt/cni/bin
+ name: cni-bin-dir
+ readOnly: false
readinessProbe:
exec:
command:
diff --git a/roles/network_plugin/contiv/templates/contiv-config.yml.j2 b/roles/network_plugin/contiv/templates/contiv-config.yml.j2
index 18b7748eb..48f128ee7 100644
--- a/roles/network_plugin/contiv/templates/contiv-config.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-config.yml.j2
@@ -22,10 +22,10 @@ data:
}
contiv_k8s_config: |-
{
- "K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
- "K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
- "K8S_KEY": "",
- "K8S_CERT": "",
- "K8S_TOKEN": "",
- "SVC_SUBNET": "{{ kube_service_addresses }}"
+ "K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
+ "K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
+ "K8S_KEY": "",
+ "K8S_CERT": "",
+ "K8S_TOKEN": "",
+ "SVC_SUBNET": "{{ kube_service_addresses }}"
}
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
index 9725a0f2a..675d1cd6d 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
@@ -20,12 +20,12 @@ spec:
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: node-role.kubernetes.io/master
- operator: DoesNotExist
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: node-role.kubernetes.io/master
+ operator: DoesNotExist
containers:
- name: contiv-etcd-proxy
image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
diff --git a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
index c21399fb6..b5b21fcb8 100644
--- a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
@@ -78,8 +78,8 @@ spec:
value: kubernetes
- name: CONTIV_NETPLUGIN_VTEP_IP
valueFrom:
- fieldRef:
- fieldPath: status.podIP
+ fieldRef:
+ fieldPath: status.podIP
- name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
diff --git a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
index 0b05588ba..edebbeaeb 100644
--- a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
@@ -57,15 +57,15 @@ spec:
name: contiv-config
key: contiv_ovs_vswitchd_extra_flags
volumeMounts:
- - mountPath: /etc/openvswitch
- name: etc-openvswitch
- readOnly: false
- - mountPath: /lib/modules
- name: lib-modules
- readOnly: true
- - mountPath: /var/run
- name: var-run
- readOnly: false
+ - mountPath: /etc/openvswitch
+ name: etc-openvswitch
+ readOnly: false
+ - mountPath: /lib/modules
+ name: lib-modules
+ readOnly: true
+ - mountPath: /var/run
+ name: var-run
+ readOnly: false
volumes:
# Used by contiv-ovs
- name: etc-openvswitch
diff --git a/roles/network_plugin/kube-ovn/defaults/main.yml b/roles/network_plugin/kube-ovn/defaults/main.yml
index 9cc4c5c84..8f02a8cf1 100644
--- a/roles/network_plugin/kube-ovn/defaults/main.yml
+++ b/roles/network_plugin/kube-ovn/defaults/main.yml
@@ -13,4 +13,4 @@ kube_ovn_pinger_cpu_limit: 200m
kube_ovn_pinger_memory_limit: 400Mi
traffic_mirror: true
-encap_checksum: true
\ No newline at end of file
+encap_checksum: true
diff --git a/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2 b/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2
index fc6eba4bc..8e58ed272 100644
--- a/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2
+++ b/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2
@@ -104,4 +104,4 @@ spec:
JSONPath: .spec.providerInterfaceName
- name: Subnet
type: string
- JSONPath: .spec.subnet
\ No newline at end of file
+ JSONPath: .spec.subnet
diff --git a/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2 b/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2
index 7b639d6d2..2ffe0dd61 100644
--- a/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2
+++ b/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2
@@ -349,4 +349,4 @@ spec:
path: /var/log/openvswitch
- name: host-log-ovn
hostPath:
- path: /var/log/ovn
\ No newline at end of file
+ path: /var/log/ovn
diff --git a/roles/network_plugin/kube-router/defaults/main.yml b/roles/network_plugin/kube-router/defaults/main.yml
index 885e3474e..a1e68feea 100644
--- a/roles/network_plugin/kube-router/defaults/main.yml
+++ b/roles/network_plugin/kube-router/defaults/main.yml
@@ -57,4 +57,4 @@ kube_router_enable_metrics: false
kube_router_metrics_path: /metrics
# Prometheus metrics port to use
-kube_router_metrics_port: 9255
\ No newline at end of file
+kube_router_metrics_port: 9255
diff --git a/roles/network_plugin/multus/files/multus-clusterrole.yml b/roles/network_plugin/multus/files/multus-clusterrole.yml
index ec2ec3a06..b574069cd 100644
--- a/roles/network_plugin/multus/files/multus-clusterrole.yml
+++ b/roles/network_plugin/multus/files/multus-clusterrole.yml
@@ -25,4 +25,4 @@ rules:
verbs:
- create
- patch
- - update
\ No newline at end of file
+ - update
diff --git a/roles/upgrade/pre-upgrade/tasks/main.yml b/roles/upgrade/pre-upgrade/tasks/main.yml
index a8b149394..f47954b1c 100644
--- a/roles/upgrade/pre-upgrade/tasks/main.yml
+++ b/roles/upgrade/pre-upgrade/tasks/main.yml
@@ -3,8 +3,8 @@
# Node NotReady: type = ready, status = Unknown
- name: See if node is in ready state
shell: >-
- {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
- -o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }'
+ {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
+ -o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }'
register: kubectl_node_ready
delegate_to: "{{ groups['kube-master'][0] }}"
failed_when: false
@@ -14,8 +14,8 @@
# else unschedulable key doesn't exist
- name: See if node is schedulable
shell: >-
- {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
- -o jsonpath='{ .spec.unschedulable }'
+ {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
+ -o jsonpath='{ .spec.unschedulable }'
register: kubectl_node_schedulable
delegate_to: "{{ groups['kube-master'][0] }}"
failed_when: false
diff --git a/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml b/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
index 8c5b3bf94..4798b539d 100644
--- a/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
+++ b/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
@@ -70,4 +70,4 @@ images:
filename: openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2
url: https://download.opensuse.org/repositories/Cloud:/Images:/Leap_15.1/images/openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2
checksum: sha256:e3c016a889505c5ae51dafe6eedc836a9e9546ab951fdc96f07eb35e34d12b8c
- converted: true
\ No newline at end of file
+ converted: true
diff --git a/tests/files/packet_centos7-weave-upgrade-ha.yml b/tests/files/packet_centos7-weave-upgrade-ha.yml
index 8a2576532..d455a9f7a 100644
--- a/tests/files/packet_centos7-weave-upgrade-ha.yml
+++ b/tests/files/packet_centos7-weave-upgrade-ha.yml
@@ -10,4 +10,4 @@ kubernetes_audit: true
dns_min_replicas: 1
# Needed to upgrade from 1.16 to 1.17, otherwise upgrade is partial and bug followed
-upgrade_cluster_setup: true
\ No newline at end of file
+upgrade_cluster_setup: true
diff --git a/tests/files/packet_centos8-kube-ovn.yml b/tests/files/packet_centos8-kube-ovn.yml
index 6fab50204..a58dc0c69 100644
--- a/tests/files/packet_centos8-kube-ovn.yml
+++ b/tests/files/packet_centos8-kube-ovn.yml
@@ -6,4 +6,4 @@ mode: default
# Kubespray settings
kube_network_plugin: kube-ovn
deploy_netchecker: true
-dns_min_replicas: 1
\ No newline at end of file
+dns_min_replicas: 1
diff --git a/tests/files/packet_debian10-containerd.yml b/tests/files/packet_debian10-containerd.yml
index e00a2904f..4503f71b0 100644
--- a/tests/files/packet_debian10-containerd.yml
+++ b/tests/files/packet_debian10-containerd.yml
@@ -14,4 +14,4 @@ helm_version: v3.1.0
# https://gitlab.com/miouge/kubespray-ci/-/blob/a4fd5ed6857807f1c353cb60848aedebaf7d2c94/manifests/http-proxy.yml#L42
http_proxy: http://172.30.30.30:8888
-https_proxy: http://172.30.30.30:8888
\ No newline at end of file
+https_proxy: http://172.30.30.30:8888
diff --git a/tests/files/tf-elastx_ubuntu18-calico.yml b/tests/files/tf-elastx_ubuntu18-calico.yml
index 53e03d7fe..43ef55aa3 100644
--- a/tests/files/tf-elastx_ubuntu18-calico.yml
+++ b/tests/files/tf-elastx_ubuntu18-calico.yml
@@ -4,4 +4,4 @@ deploy_netchecker: true
sonobuoy_enabled: true
# Ignore ping errors
-ignore_assert_errors: true
\ No newline at end of file
+ignore_assert_errors: true
diff --git a/tests/files/vagrant_ubuntu18-flannel.yml b/tests/files/vagrant_ubuntu18-flannel.yml
index e878a5e38..d4543a901 100644
--- a/tests/files/vagrant_ubuntu18-flannel.yml
+++ b/tests/files/vagrant_ubuntu18-flannel.yml
@@ -4,4 +4,4 @@
kube_network_plugin: flannel
deploy_netchecker: true
-dns_min_replicas: 1
\ No newline at end of file
+dns_min_replicas: 1
diff --git a/tests/files/vagrant_ubuntu20-flannel.yml b/tests/files/vagrant_ubuntu20-flannel.yml
index e878a5e38..d4543a901 100644
--- a/tests/files/vagrant_ubuntu20-flannel.yml
+++ b/tests/files/vagrant_ubuntu20-flannel.yml
@@ -4,4 +4,4 @@
kube_network_plugin: flannel
deploy_netchecker: true
-dns_min_replicas: 1
\ No newline at end of file
+dns_min_replicas: 1
diff --git a/tests/testcases/010_check-apiserver.yml b/tests/testcases/010_check-apiserver.yml
index bb865727d..330e5e6bf 100644
--- a/tests/testcases/010_check-apiserver.yml
+++ b/tests/testcases/010_check-apiserver.yml
@@ -17,4 +17,4 @@
that:
- apiserver_response.json.gitVersion == kube_version
fail_msg: "apiserver version different than expected {{ kube_version }}"
- when: kube_version is defined
\ No newline at end of file
+ when: kube_version is defined
diff --git a/tests/testcases/015_check-nodes-ready.yml b/tests/testcases/015_check-nodes-ready.yml
index 14a3468f5..be8370cc3 100644
--- a/tests/testcases/015_check-nodes-ready.yml
+++ b/tests/testcases/015_check-nodes-ready.yml
@@ -30,4 +30,4 @@
# Check that all nodes are Status=Ready
- '(get_nodes_yaml.stdout | from_yaml)["items"] | map(attribute = "status.conditions") | map("items2dict", key_name="type", value_name="status") | map(attribute="Ready") | list | min'
retries: 30
- delay: 10
\ No newline at end of file
+ delay: 10
diff --git a/tests/testcases/030_check-network.yml b/tests/testcases/030_check-network.yml
index 4e8903439..bee470ef7 100644
--- a/tests/testcases/030_check-network.yml
+++ b/tests/testcases/030_check-network.yml
@@ -51,13 +51,13 @@
- name: Get hostnet pods
command: "{{ bin_dir }}/kubectl get pods -n test -o
- jsonpath='{range .items[?(.spec.hostNetwork)]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
+ jsonpath='{range .items[?(.spec.hostNetwork)]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
register: hostnet_pods
no_log: true
- name: Get running pods
command: "{{ bin_dir }}/kubectl get pods -n test -o
- jsonpath='{range .items[?(.status.phase==\"Running\")]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
+ jsonpath='{range .items[?(.status.phase==\"Running\")]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
register: running_pods
no_log: true
--
GitLab