From 9d5d945bdbefc7bb58f2ecbbf1e5195c254248ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Masset?= <smasset@users.noreply.github.com>
Date: Mon, 20 Jun 2022 10:36:06 +0200
Subject: [PATCH] [MASTER] Add missing configuration for extra tolerations
(#8908)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Added new configuration item for extra tolerations in policy controllers
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Added new configuration item for extra tolerations in DNS autoscaler
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Aligned existing handling of extra DNS tolerations
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
---
roles/kubernetes-apps/ansible/defaults/main.yml | 4 ++++
.../ansible/templates/coredns-deployment.yml.j2 | 2 +-
roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 | 3 +++
.../calico/templates/calico-kube-controllers.yml.j2 | 3 +++
4 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index dfaba4821..9a7020052 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -26,6 +26,7 @@ nodelocaldns_secondary_prometheus_port: 9255
dns_autoscaler_cpu_requests: 20m
dns_autoscaler_memory_requests: 10Mi
dns_autoscaler_deployment_nodeselector: "kubernetes.io/os: linux"
+# dns_autoscaler_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]
# etcd metrics
# etcd_metrics_service_labels:
@@ -83,3 +84,6 @@ dashboard_master_toleration: true
# Override dashboard default settings
dashboard_token_ttl: 900
dashboard_skip_login: false
+
+# Policy Controllers
+# policy_controller_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index 270fbf18d..fa8106935 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -34,7 +34,7 @@ spec:
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
-{% if dns_extra_tolerations | default(None) %}
+{% if dns_extra_tolerations is defined %}
{{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
{% endif %}
affinity:
diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
index d6cba1dd7..6ea165183 100644
--- a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
@@ -45,6 +45,9 @@ spec:
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
+{% if dns_autoscaler_extra_tolerations is defined %}
+ {{ dns_autoscaler_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
+{% endif %}
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
diff --git a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
index e55e90a59..35e4959bb 100644
--- a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
+++ b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
@@ -28,6 +28,9 @@ spec:
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
+{% if policy_controller_extra_tolerations is defined %}
+ {{ policy_controller_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }}
+{% endif %}
priorityClassName: system-cluster-critical
containers:
- name: calico-kube-controllers
--
GitLab