diff options
author | Christian Pointner <equinox@spreadspace.org> | 2022-05-08 02:19:02 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2022-05-08 02:19:02 +0200 |
commit | 382f294e9b1dbcc2cb298d6a0cc80234dffcab82 (patch) | |
tree | c4339e341070ef5b2012fd8a9cced42217decd62 /roles/kubernetes/kubeadm/base/templates | |
parent | prepare ch-dione and ch-helene for chtest k8s cluster (diff) | |
parent | kubernetes/kubeadm: fix kubeguard network plugin (diff) |
Merge branch 'topic/k8s-1.24'
Diffstat (limited to 'roles/kubernetes/kubeadm/base/templates')
3 files changed, 20 insertions, 16 deletions
diff --git a/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2 b/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2 index 2e0eaf5d..19118b2e 100644 --- a/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2 +++ b/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2 @@ -16,7 +16,7 @@ defaults option dontlog-normal frontend kube_api -{% if '_kubernetes_masters_' in group_names %} +{% if '_kubernetes_controlplane_nodes_' in group_names %} bind *:6443 {% else %} bind 127.0.0.1:6443 @@ -25,7 +25,7 @@ frontend kube_api default_backend kube_api backend kube_api -{% if '_kubernetes_masters_' in group_names %} +{% if '_kubernetes_controlplane_nodes_' in group_names %} balance first {% else %} balance roundrobin @@ -36,6 +36,6 @@ backend kube_api default-server inter 5s fall 3 rise 2 timeout connect 5s timeout server 3h -{% for master in groups['_kubernetes_masters_'] %} - server {{ master }} {{ hostvars[master].kubernetes_overlay_node_ip | default(hostvars[master].ansible_default_ipv4.address) }}:6442 {% if master == inventory_hostname %}id 1{% endif %} check check-ssl verify none +{% for node in groups['_kubernetes_controlplane_nodes_'] %} + server {{ node }} {{ hostvars[node].kubernetes_overlay_node_ip | default(hostvars[node].ansible_default_ipv4.address) }}:6442 {% if node == inventory_hostname %}id 1{% endif %} check check-ssl verify none {% endfor %} diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.conflist.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.conflist.j2 new file mode 100644 index 00000000..240d86ef --- /dev/null +++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.conflist.j2 @@ -0,0 +1,16 @@ +{ + "cniVersion": "0.3.1", + "name": "kubeguard", + "plugins": [ + { + "type": "bridge", + "bridge": "kubeguard-br0", + "isDefaultGateway": true, + "hairpinMode": true, + "ipam": { + "type": "host-local", + "subnet": "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) }}" + } + } + ] +} diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 deleted file mode 100644 index eb9e3d61..00000000 --- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 +++ /dev/null @@ -1,12 +0,0 @@ -{ - "cniVersion": "0.3.1", - "name": "kubeguard", - "type": "bridge", - "bridge": "kubeguard-br0", - "isDefaultGateway": true, - "hairpinMode": true, - "ipam": { - "type": "host-local", - "subnet": "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) }}" - } -} |