diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-06-20 17:23:44 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-06-20 17:23:44 +0200 |
commit | c2d634aaba07caa564056693bc5454f1582426ea (patch) | |
tree | c9efda06801f107ef6c9de396a964caa501f48da /roles/kubernetes/kubeadm/base/tasks | |
parent | kubernetes: add node pruning role (diff) |
kubeguard: add kube-router variant
Diffstat (limited to 'roles/kubernetes/kubeadm/base/tasks')
-rw-r--r-- | roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml index 37b5030d..2d706a03 100644 --- a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml +++ b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml @@ -1,8 +1,10 @@ --- - name: make sure kubernetes_network_plugin_replaces_kube_proxy is not set + when: + - kubernetes_network_plugin_variant != 'with-kube-router' run_once: yes assert: - msg: "this network plugin can not replace kube-proxy please set kubernetes_network_plugin_replaces_kube_proxy to false." + msg: "kubeguard variant '{{ kubernetes_network_plugin_variant }}' can not replace kube-proxy please set kubernetes_network_plugin_replaces_kube_proxy to false or configure a differnt kubernetes_network_plugin_variant." that: - not kubernetes_network_plugin_replaces_kube_proxy @@ -82,3 +84,12 @@ template: src: net_kubeguard/cni.json.j2 dest: /etc/cni/net.d/kubeguard.json + +- name: install packages needed for debugging kube-router + when: kubernetes_network_plugin_variant == 'with-kube-router' + apt: + name: + - iptables + - ipvsadm + - ipset + state: present |