summaryrefslogtreecommitdiff
path: root/roles/kubernetes/kubeadm/base
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2023-05-17 01:04:29 +0200
committerChristian Pointner <equinox@spreadspace.org>2023-05-17 01:04:29 +0200
commit85b327699a3ed9f8c7891c352aa1d6eaae5a75b7 (patch)
tree1a7c666f1bd4e6c5eecd818ef216a47a045584b5 /roles/kubernetes/kubeadm/base
parentset spf records for main domains (diff)
kubernetes/kubeadm: add support for node-local dns combined with cilium
Diffstat (limited to 'roles/kubernetes/kubeadm/base')
-rw-r--r--roles/kubernetes/kubeadm/base/tasks/net_cilium.yml6
1 files changed, 3 insertions, 3 deletions
diff --git a/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml b/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
index 8620ffea..d6b583e9 100644
--- a/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
+++ b/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
@@ -1,6 +1,6 @@
---
-- name: make sure kubernetes_enable_nodelocal_dnscache is not set
+- name: make sure local-redirect-policy is confgured when node-local dnscache is enabled
run_once: yes
assert:
- msg: "we currently don't support nodelocal dns-caches when using cilium, please set kubernetes_enable_nodelocal_dnscache to false."
- that: not kubernetes_enable_nodelocal_dnscache
+ msg: "nodelocal dns-caches needs cilium local-redirect policies to be enabled, please enable it like this kubernetes_cilium_config['enable-local-redirect-policy'] = true."
+ that: "(not kubernetes_enable_nodelocal_dnscache) or (('enable-local-redirect-policy' in kubernetes_cilium_config) and (kubernetes_cilium_config['enable-local-redirect-policy']))"