diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml
index a05a3ab7cffb4bd3f20245c13209aa6f86a3dd3e..0d81eef181a52426d80aaf276057258fc5b68ab9 100644
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@@ -30,7 +30,6 @@
- name: download | Get kubeadm binary and list of required images
include_tasks: prep_kubeadm_images.yml
when:
- - kube_version is version('v1.11.0', '>=')
- not skip_downloads|default(false)
- inventory_hostname in groups['kube-master']
tags:
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index c14d65af142fb7ccc29efb808ab82e51808cf6f0..428fdb8257a0485287f6d045682d0f684e98b279 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -140,9 +140,7 @@ spec:
labels:
k8s-app: kubernetes-dashboard
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
containers:
- name: kubernetes-dashboard
image: {{ dashboard_image_repo }}:{{ dashboard_image_tag }}
diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
index 9cacf6079e8a68a0c7cc2bd651bb1f5c4daf1654..53e691c9577aeec97a5db6dce377a1c6218894fb 100644
--- a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
@@ -34,9 +34,7 @@ spec:
scheduler.alpha.kubernetes.io/critical-pod: ""
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
securityContext:
supplementalGroups: [ 65534 ]
fsGroup: 65534
diff --git a/roles/kubernetes-apps/ansible/templates/netchecker-agent-ds.yml.j2 b/roles/kubernetes-apps/ansible/templates/netchecker-agent-ds.yml.j2
index 414e79abc0ba8f209a25073defe6db060c54363c..c91733cb3405820b1bb051ff794e16e229725d73 100644
--- a/roles/kubernetes-apps/ansible/templates/netchecker-agent-ds.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/netchecker-agent-ds.yml.j2
@@ -12,9 +12,7 @@ spec:
labels:
app: netchecker-agent
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
tolerations:
- effect: NoSchedule
operator: Exists
diff --git a/roles/kubernetes-apps/ansible/templates/netchecker-agent-hostnet-ds.yml.j2 b/roles/kubernetes-apps/ansible/templates/netchecker-agent-hostnet-ds.yml.j2
index c41e6f3f24f4166d73e7868302227ccfa37aae7d..22eb2db6895e7baa0cae9d260978fe7b7ae5454e 100644
--- a/roles/kubernetes-apps/ansible/templates/netchecker-agent-hostnet-ds.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/netchecker-agent-hostnet-ds.yml.j2
@@ -16,9 +16,7 @@ spec:
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
beta.kubernetes.io/os: linux
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
tolerations:
- effect: NoSchedule
operator: Exists
diff --git a/roles/kubernetes-apps/ansible/templates/netchecker-server-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/netchecker-server-deployment.yml.j2
index 28327e124ea1c5db4915eb9c0465024835dbff3d..76d50e4a4eae079d8fc32f0634cfb793950612bf 100644
--- a/roles/kubernetes-apps/ansible/templates/netchecker-server-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/netchecker-server-deployment.yml.j2
@@ -11,9 +11,7 @@ spec:
app: netchecker-server
namespace: {{ netcheck_namespace }}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if netcheck_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
containers:
- name: netchecker-server
image: "{{ netcheck_server_image_repo }}:{{ netcheck_server_image_tag }}"
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 61c8a547625014ecae35a3503d222b7a9a2da613..98f877caa431930e7ffd0fc63f181e106baf63c2 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -19,9 +19,7 @@ spec:
prometheus.io/scrape: 'true'
prometheus.io/port: '9253'
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
serviceAccountName: nodelocaldns
hostNetwork: true
dnsPolicy: Default # Don't use cluster DNS.
diff --git a/roles/kubernetes-apps/cluster_roles/tasks/main.yml b/roles/kubernetes-apps/cluster_roles/tasks/main.yml
index 3a4b0fcc1caa830e30af37b9d783c92664d76da1..91955ea8adca0871e20e4e44544c0694e414e0be 100644
--- a/roles/kubernetes-apps/cluster_roles/tasks/main.yml
+++ b/roles/kubernetes-apps/cluster_roles/tasks/main.yml
@@ -140,9 +140,7 @@
- name: PriorityClass | Copy k8s-cluster-critical-pc.yml file
copy: src=k8s-cluster-critical-pc.yml dest={{ kube_config_dir }}/k8s-cluster-critical-pc.yml
- when:
- - kube_version is version('v1.11.1', '>=')
- - inventory_hostname == groups['kube-master']|last
+ when: inventory_hostname == groups['kube-master']|last
- name: PriorityClass | Create k8s-cluster-critical
kube:
@@ -151,6 +149,4 @@
resource: "PriorityClass"
filename: "{{ kube_config_dir }}/k8s-cluster-critical-pc.yml"
state: latest
- when:
- - kube_version is version('v1.11.1', '>=')
- - inventory_hostname == groups['kube-master']|last
+ when: inventory_hostname == groups['kube-master']|last
diff --git a/roles/kubernetes-apps/cluster_roles/templates/psp.yml.j2 b/roles/kubernetes-apps/cluster_roles/templates/psp.yml.j2
index e6dd7d1a178970e9301b6e281713cf237194ae96..b96186e3ebdfc7ef3dab5b48bc45778ce3dc6fde 100644
--- a/roles/kubernetes-apps/cluster_roles/templates/psp.yml.j2
+++ b/roles/kubernetes-apps/cluster_roles/templates/psp.yml.j2
@@ -43,10 +43,8 @@ spec:
- min: 1
max: 65535
readOnlyRootFilesystem: false
-{% if kube_version is version('v1.12.1', '>=') %}
forbiddenSysctls:
- '*'
-{% endif %}
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
@@ -79,8 +77,6 @@ spec:
fsGroup:
rule: 'RunAsAny'
readOnlyRootFilesystem: false
-{% if kube_version is version('v1.12.1', '>=') %}
# This will fail if allowed-unsafe-sysctls is not set accordingly in kubelet flags
allowedUnsafeSysctls:
- '*'
-{% endif %}
diff --git a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2 b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
index e75c8feff2f8dba33b67ee0d3cbafa1a415d156c..ac3bb33db2bc546030b44db450029c6d664f9598 100644
--- a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
@@ -19,9 +19,7 @@ spec:
app: cephfs-provisioner
version: {{ cephfs_provisioner_image_tag }}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if cephfs_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccount: cephfs-provisioner
containers:
- name: cephfs-provisioner
diff --git a/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/templates/local-volume-provisioner-ds.yml.j2 b/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/templates/local-volume-provisioner-ds.yml.j2
index b1c05c244facfb37960ae3581a92d537e044a436..f6be8cc77494e39d29ffbbe9f49f7d614a67f4c1 100644
--- a/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/templates/local-volume-provisioner-ds.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/templates/local-volume-provisioner-ds.yml.j2
@@ -18,9 +18,7 @@ spec:
k8s-app: local-volume-provisioner
version: {{ local_volume_provisioner_image_tag }}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if local_volume_provisioner_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccountName: local-volume-provisioner
tolerations:
- effect: NoSchedule
diff --git a/roles/kubernetes-apps/external_provisioner/rbd_provisioner/templates/deploy-rbd-provisioner.yml.j2 b/roles/kubernetes-apps/external_provisioner/rbd_provisioner/templates/deploy-rbd-provisioner.yml.j2
index 0d66bac882ef0d52248fb314d2aaea8257e742ed..dccc16564036531b8f547a6cd68096d2b0eb967d 100644
--- a/roles/kubernetes-apps/external_provisioner/rbd_provisioner/templates/deploy-rbd-provisioner.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/rbd_provisioner/templates/deploy-rbd-provisioner.yml.j2
@@ -21,9 +21,7 @@ spec:
app: rbd-provisioner
version: {{ rbd_provisioner_image_tag }}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if rbd_provisioner_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccount: rbd-provisioner
containers:
- name: rbd-provisioner
diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index 900261fd2958d8602de82076a579c95a477b3458..ecb3688a7463da9e78200bfcc1c0e611229a2067 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -45,7 +45,7 @@
--upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
- {% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
+ --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
@@ -66,7 +66,7 @@
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
- {% if kube_version is version('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
+ --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
{% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
@@ -76,7 +76,6 @@
| {{ bin_dir }}/kubectl apply -f -
changed_when: false
when:
- - (tiller_override is defined and tiller_override) or (kube_version is version('v1.11.1', '>='))
- inventory_hostname == groups['kube-master'][0]
environment: "{{ proxy_env }}"
diff --git a/roles/kubernetes-apps/ingress_controller/cert_manager/templates/deploy-cert-manager.yml.j2 b/roles/kubernetes-apps/ingress_controller/cert_manager/templates/deploy-cert-manager.yml.j2
index edc952b5a7e4d934e72a57ac68cce880a906fb8e..daf82ebe058c0f0219192124f025571b372847df 100644
--- a/roles/kubernetes-apps/ingress_controller/cert_manager/templates/deploy-cert-manager.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/cert_manager/templates/deploy-cert-manager.yml.j2
@@ -22,9 +22,7 @@ spec:
release: cert-manager
annotations:
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if cert_manager_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccountName: cert-manager
containers:
- name: cert-manager
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
index f8499cbd6151986c7b71f390ddafaaa26c802f97..8c48089d55a2602dad549dd688cb57fec1456f81 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
@@ -34,9 +34,7 @@ spec:
tolerations:
{{ ingress_nginx_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
{% endif %}
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if ingress_nginx_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
containers:
- name: ingress-nginx-controller
image: {{ ingress_nginx_controller_image_repo }}:{{ ingress_nginx_controller_image_tag }}
diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
index 126bb37cdcca33709734d166baad9c1b52f2a31e..a536cfd352704357dadbe294f699bcdec1e04591 100644
--- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
@@ -23,9 +23,7 @@ spec:
annotations:
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
serviceAccountName: metrics-server
containers:
- name: metrics-server
diff --git a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
index f015046e550eba96454341d4e1e7671511e0c3a5..84e057de9db899575b41f84a66cc01b02f50a5ce 100644
--- a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
+++ b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
@@ -32,9 +32,7 @@ spec:
operator: Exists
- key: node-role.kubernetes.io/master
effect: NoSchedule
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
containers:
- name: calico-kube-controllers
image: {{ calico_policy_image_repo }}:{{ calico_policy_image_tag }}
diff --git a/roles/kubernetes-apps/registry/templates/registry-proxy-ds.yml.j2 b/roles/kubernetes-apps/registry/templates/registry-proxy-ds.yml.j2
index 71f29d8424f09ed792015157fa5212de3f853df3..8b7740a607b1d8a23e242166e5843e880ccf8e22 100644
--- a/roles/kubernetes-apps/registry/templates/registry-proxy-ds.yml.j2
+++ b/roles/kubernetes-apps/registry/templates/registry-proxy-ds.yml.j2
@@ -21,9 +21,7 @@ spec:
kubernetes.io/cluster-service: "true"
version: v{{ registry_proxy_image_tag }}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if registry_namespace == 'kube-system' %}system-node-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccountName: registry-proxy
containers:
- name: registry-proxy
diff --git a/roles/kubernetes-apps/registry/templates/registry-rs.yml.j2 b/roles/kubernetes-apps/registry/templates/registry-rs.yml.j2
index df3bed9d7c321c664b7adfc2836def5534ac235b..c4b6040a955135e8cc4516d79b5d0f83fa2914ed 100644
--- a/roles/kubernetes-apps/registry/templates/registry-rs.yml.j2
+++ b/roles/kubernetes-apps/registry/templates/registry-rs.yml.j2
@@ -22,9 +22,7 @@ spec:
version: v{{ registry_image_tag }}
kubernetes.io/cluster-service: "true"
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: {% if registry_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{{''}}
-{% endif %}
serviceAccountName: registry
containers:
- name: registry
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
index 61df859d9be816bc96ad2eb698f4fda5eb2f704b..b7b0f2c30e252d355229bf19293e1d8b8e0f7fc2 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
@@ -90,7 +90,7 @@ imageRepository: {{ kube_image_repo }}
useHyperKubeImage: false
apiServer:
extraArgs:
-{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
+{% if kube_api_anonymous_auth is defined %}
anonymous-auth: "{{ kube_api_anonymous_auth }}"
{% endif %}
authorization-mode: {{ authorization_modes | join(',') }}
@@ -106,9 +106,7 @@ apiServer:
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
{% endif %}
apiserver-count: "{{ kube_apiserver_count }}"
-{% if kube_version is version('v1.9', '>=') %}
endpoint-reconciler-type: lease
-{% endif %}
{% if etcd_events_cluster_enabled %}
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
{% endif %}
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
index 7414460c1253576873ba82e5fe40d35a60dd08e2..3d13577fe2098de9c9e1ad5a1952909ee103747a 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
@@ -94,7 +94,7 @@ imageRepository: {{ kube_image_repo }}
useHyperKubeImage: false
apiServer:
extraArgs:
-{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=') %}
+{% if kube_api_anonymous_auth is defined %}
anonymous-auth: "{{ kube_api_anonymous_auth }}"
{% endif %}
authorization-mode: {{ authorization_modes | join(',') }}
@@ -110,9 +110,7 @@ apiServer:
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
{% endif %}
apiserver-count: "{{ kube_apiserver_count }}"
-{% if kube_version is version('v1.9', '>=') %}
endpoint-reconciler-type: lease
-{% endif %}
{% if etcd_events_cluster_enabled %}
etcd-servers-overrides: "/events#{{ etcd_events_access_addresses_semicolon }}"
{% endif %}
diff --git a/roles/kubernetes/node/templates/cloud-configs/aws-cloud-config.j2 b/roles/kubernetes/node/templates/cloud-configs/aws-cloud-config.j2
index c1fe086494ae14e8ae2b1f7960bb3ec19c4bca2b..f6d0c3de06fa98a9e49e113a6ef42547123f310c 100644
--- a/roles/kubernetes/node/templates/cloud-configs/aws-cloud-config.j2
+++ b/roles/kubernetes/node/templates/cloud-configs/aws-cloud-config.j2
@@ -1,17 +1,11 @@
[Global]
-{% if kube_version is version('v1.6', '>=') %}
zone={{ aws_zone|default("") }}
vpc={{ aws_vpc|default("") }}
subnetId={{ aws_subnet_id|default("") }}
routeTableId={{ aws_route_table_id|default("") }}
-{% if kube_version is version('v1.10', '>=') %}
roleArn={{ aws_role_arn|default("") }}
-{% endif %}
kubernetesClusterTag={{ aws_kubernetes_cluster_tag|default("") }}
kubernetesClusterId={{ aws_kubernetes_cluster_id|default("") }}
disableSecurityGroupIngress={{ "true" if aws_disable_security_group_ingress|default(False) else "false" }}
disableStrictZoneCheck={{ "true" if aws_disable_strict_zone_check|default(False) else "false" }}
-{% if kube_version is version('v1.7', '>=') %}
elbSecurityGroup={{ aws_elb_security_group|default("") }}
-{% endif %}
-{% endif %}
diff --git a/roles/kubernetes/node/templates/cloud-configs/vsphere-cloud-config.j2 b/roles/kubernetes/node/templates/cloud-configs/vsphere-cloud-config.j2
index fda0dd19960aab8122f2635bf70f781dd2fd6d19..2cda7f6d6cdc1a24674f9f6f3e2ca3aa269c41b1 100644
--- a/roles/kubernetes/node/templates/cloud-configs/vsphere-cloud-config.j2
+++ b/roles/kubernetes/node/templates/cloud-configs/vsphere-cloud-config.j2
@@ -4,22 +4,7 @@ password = "{{ vsphere_password }}"
port = {{ vsphere_vcenter_port }}
insecure-flag = {{ vsphere_insecure }}
-{% if kube_version is version('v1.9.2', '>=') %}
datacenters = "{{ vsphere_datacenter }}"
-{% else %}
-datastore = "{{ vsphere_datastore }}"
-datacenter = "{{ vsphere_datacenter }}"
-working-dir = "{{ vsphere_working_dir }}"
-server = "{{ vsphere_vcenter_ip }}"
-{% if vsphere_vm_uuid is defined and vsphere_vm_uuid != "" %}
-vm-uuid = "{{ vsphere_vm_uuid }}"
-{% endif %}
-{% if vsphere_vm_name is defined and vsphere_vm_name != "" %}
-vm-name = "{{ vsphere_vm_name }}"
-{% endif %}
-{% endif %}
-
-{% if kube_version is version('v1.9.2', '>=') %}
[VirtualCenter "{{ vsphere_vcenter_ip }}"]
@@ -32,7 +17,6 @@ default-datastore = "{{ vsphere_datastore }}"
{% if vsphere_resource_pool is defined and vsphere_resource_pool != "" %}
resourcepool-path = "{{ vsphere_resource_pool }}"
{% endif %}
-{% endif %}
[Disk]
@@ -43,7 +27,6 @@ scsicontrollertype = {{ vsphere_scsi_controller_type }}
public-network = {{ vsphere_public_network }}
{% endif %}
-{% if kube_version is version('v1.12.0', '>=') %}
[Labels]
{% if vsphere_zone_category is defined and vsphere_zone_category != "" %}
zone = {{ vsphere_zone_category }}
@@ -51,4 +34,3 @@ zone = {{ vsphere_zone_category }}
{% if vsphere_region_category is defined and vsphere_region_category != "" %}
region = {{ vsphere_region_category }}
{% endif %}
-{% endif %}
diff --git a/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
index 6b46f5b4840ac8e041cba1401cc2000a782b2bbf..6210b30fc21853157ded7da48cab42af69c418ef 100644
--- a/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
@@ -13,9 +13,7 @@ spec:
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
beta.kubernetes.io/os: linux
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
containers:
- name: haproxy
image: {{ haproxy_image_repo }}:{{ haproxy_image_tag }}
diff --git a/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
index beb3e966051644f34a0b903c725641f54ceec601..b4ea84c58e788f4f4d3749fcba5fbc35c27cb7f5 100644
--- a/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
@@ -13,9 +13,7 @@ spec:
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
beta.kubernetes.io/os: linux
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
containers:
- name: nginx-proxy
image: {{ nginx_image_repo }}:{{ nginx_image_tag }}
diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
index 55266c9239a913103e28ee794bb3ca7c12e539d0..6f62f95369c03b02e021ff72e5736888023e93ff 100755
--- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
@@ -26,9 +26,7 @@ spec:
prometheus.io/port: "9090"
{% endif %}
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
serviceAccountName: cilium
initContainers:
- name: clean-cilium-state
diff --git a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
index 82f94d6ece8ca4b064f78e296e85b3af0d851064..156c3d9a0634f8a4162f5adcc4841cda4be16abf 100644
--- a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
@@ -16,9 +16,7 @@ spec:
labels:
k8s-app: contiv-api-proxy
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
# The API proxy must run in the host network namespace so that
# it isn't governed by policy that would prevent it from working.
hostNetwork: true
diff --git a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
index 3cd9cf399ebc7b227fcad438813ac6bdaf13fc8a..a1354f4259b92c8497e5e10e112151c636999929 100644
--- a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
@@ -15,9 +15,7 @@ spec:
labels:
k8s-app: contiv-cleanup
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
index b1754f838338e929bf2aebade43d1dc3fc053d5a..6651ad9a5c978174458ce6019720de30bf53fe8a 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
@@ -15,9 +15,7 @@ spec:
labels:
k8s-app: contiv-etcd-proxy
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
index 2a788c98e9f663a0a0641a805c7f655f1a282f36..0b49bbfa4689690802e859f19a35801ed872e6cd 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
@@ -15,9 +15,7 @@ spec:
labels:
k8s-app: contiv-etcd
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
diff --git a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
index 5e2ae26a20ad27c02335842a4710e135438b6481..e3d3907893e4ea534f1b501b65d3481af91354bd 100644
--- a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
@@ -16,9 +16,7 @@ spec:
labels:
k8s-app: contiv-netmaster
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
# The netmaster must run in the host network namespace so that
# it isn't governed by policy that would prevent it from working.
hostNetwork: true
diff --git a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
index 449a6f9f3fe95b9bd77331e8f28f4695f41524d2..a3cf6bc9e98ee20ac0fb6ba6af83afde29b4f8cc 100644
--- a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
@@ -20,9 +20,7 @@ spec:
labels:
k8s-app: contiv-netplugin
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
diff --git a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
index c521e8fd5de7506866e93603b7f8ef995b4cc9d7..4bb4be09600a0a70d0d706edd92e07ec3d57070d 100644
--- a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
@@ -17,9 +17,7 @@ spec:
labels:
k8s-app: contiv-ovs
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: true
diff --git a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
index 11e498ccad86d7dbf939d88bb093eee2eaed4932..c549e080413a2dfe27e906eb991395186738bc77 100644
--- a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
+++ b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
@@ -52,9 +52,7 @@ spec:
tier: node
k8s-app: flannel
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
serviceAccountName: flannel
nodeSelector:
beta.kubernetes.io/os: linux
diff --git a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
index a915281cb536593088041b20013af297264b5817..cc820882473d529e2b4f687eb1b012fca610716c 100644
--- a/roles/network_plugin/kube-router/templates/kube-router.yml.j2
+++ b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
@@ -61,9 +61,7 @@ spec:
k8s-app: kube-router
tier: node
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
-{% endif %}
serviceAccountName: kube-router
containers:
- name: kube-router
diff --git a/roles/network_plugin/weave/templates/weave-net.yml.j2 b/roles/network_plugin/weave/templates/weave-net.yml.j2
index 40e6104979b7fd3962f0ef30e42cf4ac18b1ab9b..33931fd4878b603684c2a6e220e9ffbfcff35a6e 100644
--- a/roles/network_plugin/weave/templates/weave-net.yml.j2
+++ b/roles/network_plugin/weave/templates/weave-net.yml.j2
@@ -115,9 +115,7 @@ items:
labels:
name: weave-net
spec:
-{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-node-critical
-{% endif %}
containers:
- name: weave
command: