From fd422a0646b9010452e0ccf70273abcac22cab15 Mon Sep 17 00:00:00 2001
From: Kuldip Madnani <k.madnani84@gmail.com>
Date: Fri, 12 Oct 2018 13:46:39 -0500
Subject: [PATCH] Add Priority class for tiller and fix tiller override.
 (#3494)

* Added Priority class to tiller installation and also fixed tiller override implementation.

* Added changes to handle priority classes separately in tiller, instead of using the variable tiller_override
---
 roles/kubernetes-apps/helm/tasks/main.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index c3b8c26f5..65695d4fc 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -45,7 +45,8 @@
     --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
     {% if rbac_enabled %} --service-account=tiller{% endif %}
     {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
-    {% if tiller_override is defined %} --override {{ tiller_override }}{% endif %}
+    {% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
+    {% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %}
     {% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
     {% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
     {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
@@ -64,15 +65,16 @@
     {% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
     {% if rbac_enabled %} --service-account=tiller{% endif %}
     {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
-    {% if tiller_override is defined %} --override {{ tiller_override }}{% endif %}
+    {% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %}
+    {% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %}
     {% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
     {% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
     {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
-    --debug --dry-run
-    | kubectl apply -f -
+    --output yaml
+    | {{bin_dir}}/kubectl apply -f -
   changed_when: false
   when:
-    - tiller_override is defined
+    - (tiller_override is defined and tiller_override != "") or (kube_version|version_compare('v1.11.1', '>='))
     - inventory_hostname == groups['kube-master'][0]
   environment: "{{proxy_env}}"
 
-- 
GitLab