diff options
3 files changed, 2 insertions, 37 deletions
diff --git a/inventory/group_vars/kubernetes-cluster/vars.yml b/inventory/group_vars/kubernetes-cluster/vars.yml index 3b91f793..85db9949 100644 --- a/inventory/group_vars/kubernetes-cluster/vars.yml +++ b/inventory/group_vars/kubernetes-cluster/vars.yml @@ -2,6 +2,5 @@ kubernetes_node_name: "{{ inventory_hostname }}" kubernetes_network_plugin_replaces_kube_proxy: false -kubernetes_network_plugin_variant: default kubernetes_nodelocal_dnscache_ip: 169.254.20.10 diff --git a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml index 350ecdee..e26fa742 100644 --- a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml +++ b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml @@ -1,16 +1,8 @@ --- -- name: fail if kubernetes_network_plugin_variant is set to with-kube-router - run_once: yes - assert: - msg: Unfortunately using kube-router together with kubeguard does not work at the moment! - that: "kubernetes_network_plugin_variant != 'with-kube-router'" - - name: make sure kubernetes_network_plugin_replaces_kube_proxy is not set - when: - - "kubernetes_network_plugin_variant != 'with-kube-router'" run_once: yes assert: - msg: "kubeguard variant '{{ kubernetes_network_plugin_variant }}' can not replace kube-proxy, please set kubernetes_network_plugin_replaces_kube_proxy to false or configure a differnt kubernetes_network_plugin_variant." + msg: "kubeguard can not replace kube-proxy, please set kubernetes_network_plugin_replaces_kube_proxy to false." that: not kubernetes_network_plugin_replaces_kube_proxy @@ -89,12 +81,3 @@ template: src: net_kubeguard/cni.conflist.j2 dest: /etc/cni/net.d/kubeguard.conflist - -- name: install packages needed for debugging kube-router - when: kubernetes_network_plugin_variant == 'with-kube-router' - apt: - name: - - iptables - - ipvsadm - - ipset - state: present diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml index 66dac49b..94832c38 100644 --- a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml +++ b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml @@ -1,19 +1,2 @@ --- -- name: install kube-router variant - when: "kubernetes_network_plugin_variant == 'with-kube-router'" - block: - - name: generate kubeguard (kube-router) configuration - template: - src: "net_kubeguard/kube-router.{{ kubernetes_network_plugin_version }}.yml.j2" - dest: /etc/kubernetes/network-plugin.yml - - - name: check if kubeguard (kube-router) is already installed - check_mode: no - command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin.yml - failed_when: false - changed_when: false - register: kubeguard_diff_result - - - name: install kubeguard (kube-router) on to the cluster - when: kubeguard_diff_result.rc != 0 - command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin.yml +## nothing to do here |