summaryrefslogtreecommitdiff
path: root/roles/kubernetes/kubeadm
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2023-05-08 23:02:37 +0200
committerChristian Pointner <equinox@spreadspace.org>2023-05-08 23:02:37 +0200
commit07d88d0caab5fc43fc041bd8dbdd0d5459ccbdd6 (patch)
treeaafe95d672576974e2a9824d1a1a0a9f91f02a30 /roles/kubernetes/kubeadm
parentkubernetes/kubeadm: install k9s on all control-plane nodes (diff)
kubernetes/kubeadm: remove network_plugin_variant config it's not really supported anyway
Diffstat (limited to 'roles/kubernetes/kubeadm')
-rw-r--r--roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml19
-rw-r--r--roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml19
2 files changed, 2 insertions, 36 deletions
diff --git a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
index 350ecdee..e26fa742 100644
--- a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
+++ b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
@@ -1,16 +1,8 @@
---
-- name: fail if kubernetes_network_plugin_variant is set to with-kube-router
- run_once: yes
- assert:
- msg: Unfortunately using kube-router together with kubeguard does not work at the moment!
- that: "kubernetes_network_plugin_variant != 'with-kube-router'"
-
- name: make sure kubernetes_network_plugin_replaces_kube_proxy is not set
- when:
- - "kubernetes_network_plugin_variant != 'with-kube-router'"
run_once: yes
assert:
- msg: "kubeguard variant '{{ kubernetes_network_plugin_variant }}' can not replace kube-proxy, please set kubernetes_network_plugin_replaces_kube_proxy to false or configure a differnt kubernetes_network_plugin_variant."
+ msg: "kubeguard can not replace kube-proxy, please set kubernetes_network_plugin_replaces_kube_proxy to false."
that: not kubernetes_network_plugin_replaces_kube_proxy
@@ -89,12 +81,3 @@
template:
src: net_kubeguard/cni.conflist.j2
dest: /etc/cni/net.d/kubeguard.conflist
-
-- name: install packages needed for debugging kube-router
- when: kubernetes_network_plugin_variant == 'with-kube-router'
- apt:
- name:
- - iptables
- - ipvsadm
- - ipset
- state: present
diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml
index 66dac49b..94832c38 100644
--- a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml
+++ b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml
@@ -1,19 +1,2 @@
---
-- name: install kube-router variant
- when: "kubernetes_network_plugin_variant == 'with-kube-router'"
- block:
- - name: generate kubeguard (kube-router) configuration
- template:
- src: "net_kubeguard/kube-router.{{ kubernetes_network_plugin_version }}.yml.j2"
- dest: /etc/kubernetes/network-plugin.yml
-
- - name: check if kubeguard (kube-router) is already installed
- check_mode: no
- command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin.yml
- failed_when: false
- changed_when: false
- register: kubeguard_diff_result
-
- - name: install kubeguard (kube-router) on to the cluster
- when: kubeguard_diff_result.rc != 0
- command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin.yml
+## nothing to do here