summaryrefslogtreecommitdiff
path: root/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml')
-rw-r--r--roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml13
1 files changed, 12 insertions, 1 deletions
diff --git a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
index 37b5030d..2d706a03 100644
--- a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
+++ b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
@@ -1,8 +1,10 @@
---
- name: make sure kubernetes_network_plugin_replaces_kube_proxy is not set
+ when:
+ - kubernetes_network_plugin_variant != 'with-kube-router'
run_once: yes
assert:
- msg: "this network plugin can not replace kube-proxy please set kubernetes_network_plugin_replaces_kube_proxy to false."
+ msg: "kubeguard variant '{{ kubernetes_network_plugin_variant }}' can not replace kube-proxy please set kubernetes_network_plugin_replaces_kube_proxy to false or configure a differnt kubernetes_network_plugin_variant."
that:
- not kubernetes_network_plugin_replaces_kube_proxy
@@ -82,3 +84,12 @@
template:
src: net_kubeguard/cni.json.j2
dest: /etc/cni/net.d/kubeguard.json
+
+- name: install packages needed for debugging kube-router
+ when: kubernetes_network_plugin_variant == 'with-kube-router'
+ apt:
+ name:
+ - iptables
+ - ipvsadm
+ - ipset
+ state: present
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-07 19:16:29 +0000