From bba91a75244b7014020c5608b4d894f03286829f Mon Sep 17 00:00:00 2001
From: Alessio Greggi <ale_grey_91@hotmail.it>
Date: Tue, 5 Apr 2022 14:39:37 +0200
Subject: [PATCH] split kube_feature_gates variable for different kubernetes
components (#8677)
* feat: split kube_feature_gates variable for different kubernetes components
* docs: add kube_feaute_gates componet variables
---
docs/vars.md | 10 ++++++--
.../templates/kubeadm-config.v1beta2.yaml.j2 | 23 +++++++++++--------
roles/kubespray-defaults/defaults/main.yaml | 5 ++++
3 files changed, 26 insertions(+), 12 deletions(-)
diff --git a/docs/vars.md b/docs/vars.md
index acdc3b9a4..00d35e48a 100644
--- a/docs/vars.md
+++ b/docs/vars.md
@@ -88,11 +88,17 @@ following default cluster parameters:
* *cloud_provider* - Enable extra Kubelet option if operating inside GCE or
OpenStack (default is unset)
* *kube_feature_gates* - A list of key=value pairs that describe feature gates for
- alpha/experimental Kubernetes features. (defaults is `[]`)
+ alpha/experimental Kubernetes features. (defaults is `[]`).
+ Additionally, you can use also the following variables to individually customize your kubernetes components installation (they works exactly like `kube_feature_gates`):
+ * *kube_apiserver_feature_gates*
+ * *kube_controller_feature_gates*
+ * *kube_scheduler_feature_gates*
+ * *kube_proxy_feature_gates*
+ * *kubelet_feature_gates*
* *kubeadm_feature_gates* - A list of key=value pairs that describe feature gates for
alpha/experimental Kubeadm features. (defaults is `[]`)
* *authorization_modes* - A list of [authorization mode](
-https://kubernetes.io/docs/admin/authorization/#using-flags-for-your-authorization-module)
+ https://kubernetes.io/docs/admin/authorization/#using-flags-for-your-authorization-module)
that the cluster should be configured for. Defaults to `['Node', 'RBAC']`
(Node and RBAC authorizers).
Note: `Node` and `RBAC` are enabled by default. Previously deployed clusters can be
diff --git a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
index 001a399ea..bf7868bd8 100644
--- a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
@@ -196,8 +196,8 @@ apiServer:
{% for key in kube_kubeadm_apiserver_extra_args %}
{{ key }}: "{{ kube_kubeadm_apiserver_extra_args[key] }}"
{% endfor %}
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
+{% if kube_apiserver_feature_gates or kube_feature_gates %}
+ feature-gates: "{{ kube_apiserver_feature_gates | default(kube_feature_gates, true) | join(',') }}"
{% endif %}
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws", "gce"] %}
cloud-provider: {{ cloud_provider }}
@@ -288,8 +288,8 @@ controllerManager:
bind-address: {{ kube_controller_manager_bind_address }}
leader-elect-lease-duration: {{ kube_controller_manager_leader_elect_lease_duration }}
leader-elect-renew-deadline: {{ kube_controller_manager_leader_elect_renew_deadline }}
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
+{% if kube_controller_feature_gates or kube_feature_gates %}
+ feature-gates: "{{ kube_controller_feature_gates | default(kube_feature_gates, true) | join(',') }}"
{% endif %}
{% for key in kube_kubeadm_controller_extra_args %}
{{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"
@@ -334,8 +334,8 @@ scheduler:
extraArgs:
bind-address: {{ kube_scheduler_bind_address }}
config: {{ kube_config_dir }}/kubescheduler-config.yaml
-{% if kube_feature_gates %}
- feature-gates: {{ kube_feature_gates|join(',') }}
+{% if kube_scheduler_feature_gates or kube_feature_gates %}
+ feature-gates: "{{ kube_scheduler_feature_gates | default(kube_feature_gates, true) | join(',') }}"
{% endif %}
{% if kube_kubeadm_scheduler_extra_args|length > 0 %}
{% for key in kube_kubeadm_scheduler_extra_args %}
@@ -404,9 +404,10 @@ nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
oomScoreAdj: {{ kube_proxy_oom_score_adj }}
portRange: {{ kube_proxy_port_range }}
udpIdleTimeout: {{ kube_proxy_udp_idle_timeout }}
-{% if kube_feature_gates %}
+{% if kube_proxy_feature_gates or kube_feature_gates %}
+{% set feature_gates = ( kube_proxy_feature_gates | default(kube_feature_gates, true) ) %}
featureGates:
-{% for feature in kube_feature_gates %}
+{% for feature in feature_gates %}
{{ feature|replace("=", ": ") }}
{% endfor %}
{% endif %}
@@ -429,9 +430,11 @@ clusterDNS:
{% for dns_address in kubelet_cluster_dns %}
- {{ dns_address }}
{% endfor %}
-{% if kube_feature_gates %}
+{% if kubelet_feature_gates or kube_feature_gates %}
+{% set feature_gates = ( kubelet_feature_gates | default(kube_feature_gates, true) ) %}
featureGates:
-{% for feature in kube_feature_gates %}
+{% for feature in feature_gates %}
{{ feature|replace("=", ": ") }}
{% endfor %}
{% endif %}
+
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index ec586b2a9..a21233c1f 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -489,6 +489,11 @@ kubelet_protect_kernel_defaults: true
## List of key=value pairs that describe feature gates for
## the k8s cluster.
kube_feature_gates: []
+kube_apiserver_feature_gates: []
+kube_controller_feature_gates: []
+kube_scheduler_feature_gates: []
+kube_proxy_feature_gates: []
+kubelet_feature_gates: []
kubeadm_feature_gates: []
# Local volume provisioner storage classes
--
GitLab