diff options
4 files changed, 20 insertions, 1 deletions
diff --git a/inventory/group_vars/k8s-chtest/vars.yml b/inventory/group_vars/k8s-chtest/vars.yml index edc7e232..3ab3fe7a 100644 --- a/inventory/group_vars/k8s-chtest/vars.yml +++ b/inventory/group_vars/k8s-chtest/vars.yml @@ -35,11 +35,12 @@ kubernetes_secrets: # kubernetes_network_plugin: kubeguard kubernetes_network_plugin_replaces_kube_proxy: no +kubernetes_kube_proxy_mode: ipvs kubernetes_enable_nodelocal_dnscache: yes kubeguard: ## Mind that pod_ip_range and service_ip_range overlap and kubeguard ## needs a /24 for addresses assigned to tunnel devices. This means that - ## node_indeces must be in the range between 1 and 191 -> 189 hosts possible + ## node_indeces must be in the range between 1 and 191 -> 190 hosts possible ## ## hardcoded hostnames are not nice but if we do this via host_vars ## the info is spread over multiple files and this makes it more diffcult diff --git a/inventory/group_vars/kubernetes-cluster/vars.yml b/inventory/group_vars/kubernetes-cluster/vars.yml index 5cc246ec..868dc1ab 100644 --- a/inventory/group_vars/kubernetes-cluster/vars.yml +++ b/inventory/group_vars/kubernetes-cluster/vars.yml @@ -3,3 +3,4 @@ kubernetes_node_name: "{{ inventory_hostname }}" kubernetes_network_plugin_replaces_kube_proxy: no kubernetes_enable_nodelocal_dnscache: yes +# kubernetes_kube_proxy_mode: ipvs diff --git a/roles/kubernetes/kubeadm/base/tasks/main.yml b/roles/kubernetes/kubeadm/base/tasks/main.yml index 75c1187a..e339fbcb 100644 --- a/roles/kubernetes/kubeadm/base/tasks/main.yml +++ b/roles/kubernetes/kubeadm/base/tasks/main.yml @@ -72,3 +72,14 @@ - name: prepare network plugin include_tasks: "net_{{ kubernetes_network_plugin }}.yml" + +- name: install extra packages for kube-proxy ipvs mode + when: + - not kubernetes_network_plugin_replaces_kube_proxy + - kubernetes_kube_proxy_mode is defined + - kubernetes_kube_proxy_mode == 'ipvs' + apt: + name: + - ipvsadm + - ipset + state: present diff --git a/roles/kubernetes/kubeadm/control-plane/templates/kubeadm-init.config.j2 b/roles/kubernetes/kubeadm/control-plane/templates/kubeadm-init.config.j2 index 9aba276c..3f6794dc 100644 --- a/roles/kubernetes/kubeadm/control-plane/templates/kubeadm-init.config.j2 +++ b/roles/kubernetes/kubeadm/control-plane/templates/kubeadm-init.config.j2 @@ -58,3 +58,9 @@ cgroupDriver: systemd clusterDNS: - "{{ kubernetes_nodelocal_dnscache_ip }}" {% endif %} +{% if not kubernetes_network_plugin_replaces_kube_proxy and kubernetes_kube_proxy_mode is defined %} +--- +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +kind: KubeProxyConfiguration +mode: {{ kubernetes_kube_proxy_mode }} +{% endif %} |