diff options
Diffstat (limited to 'roles/kubernetes/kubeadm/base/templates')
-rw-r--r-- | roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 (renamed from roles/kubernetes/kubeadm/base/templates/net_kubeguard/k8s.json.j2) | 4 | ||||
-rw-r--r-- | roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 | 4 | ||||
-rw-r--r-- | roles/kubernetes/kubeadm/base/templates/net_kubeguard/interface.service.j2 (renamed from roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-interfaces.service.j2) | 0 | ||||
-rw-r--r-- | roles/kubernetes/kubeadm/base/templates/net_kubeguard/peer.service.j2 (renamed from roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-peer.service.j2) | 8 |
4 files changed, 8 insertions, 8 deletions
diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/k8s.json.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 index 65b1357a..eb9e3d61 100644 --- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/k8s.json.j2 +++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2 @@ -1,8 +1,8 @@ { "cniVersion": "0.3.1", - "name": "k8s", + "name": "kubeguard", "type": "bridge", - "bridge": "kube-br0", + "bridge": "kubeguard-br0", "isDefaultGateway": true, "hairpinMode": true, "ipam": { diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 index d8153102..f940d413 100644 --- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 +++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 @@ -9,12 +9,12 @@ INET_IF="{{ ansible_default_ipv4.interface }}" POD_NET_CIDR="{{ kubernetes.pod_ip_range }}" {% set br_net = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) -%} -BR_IF="kube-br0" +BR_IF="kubeguard-br0" BR_IP="{{ br_net | ipaddr(1) | ipaddr('address') }}" BR_IP_CIDR="{{ br_net | ipaddr(1) }}" BR_NET_CIDR="{{ br_net }}" -TUN_IF="kube-wg0" +TUN_IF="kubeguard-wg0" TUN_IP_CIDR="{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, 0) | ipaddr(kubeguard.node_index[inventory_hostname]) }}" diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-interfaces.service.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/interface.service.j2 index 35fc8f90..35fc8f90 100644 --- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-interfaces.service.j2 +++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/interface.service.j2 diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-peer.service.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/peer.service.j2 index 92300253..c9d96a5a 100644 --- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-peer.service.j2 +++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/peer.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Kubernetes Network Peer {{ peer }} After=network.target -Requires=kubeguard-interfaces.service -After=kubeguard-interfaces.service +Requires=kubeguard-interface.service +After=kubeguard-interface.service {% set pod_ip_self = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') -%} {% set pod_net_peer = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[peer]) -%} @@ -28,8 +28,8 @@ ExecStop=/sbin/ip route del {{ pod_net_peer }} ExecStop=/sbin/ip link set down dev {{ direct_interface }} ExecStop=/sbin/ip addr del {{ direct_ip }} dev {{ direct_interface }} {% else %} -ExecStart=/usr/bin/wg set kube-wg0 peer {{ wg_pubkey }} allowed-ips {{ wg_allowedips }} endpoint {{ wg_host }}:{{ wg_port }} persistent-keepalive 10 -ExecStop=/usr/bin/wg set kube-wg0 peer {{ wg_pubkey }} remove +ExecStart=/usr/bin/wg set kubeguard-wg0 peer {{ wg_pubkey }} allowed-ips {{ wg_allowedips }} endpoint {{ wg_host }}:{{ wg_port }} persistent-keepalive 10 +ExecStop=/usr/bin/wg set kubeguard-wg0 peer {{ wg_pubkey }} remove {% endif %} RemainAfterExit=yes |