1 files changed, 6 insertions, 7 deletions

diff --git a/roles/kubernetes/kubeadm/master/templates/net_kubeguard/kube-router.0.4.0.yml.j2 b/roles/kubernetes/kubeadm/master/templates/net_kubeguard/kube-router.0.4.0.yml.j2
index 51bfdaae..e343f4a7 100644
--- a/roles/kubernetes/kubeadm/master/templates/net_kubeguard/kube-router.0.4.0.yml.j2
+++ b/roles/kubernetes/kubeadm/master/templates/net_kubeguard/kube-router.0.4.0.yml.j2
@@ -57,6 +57,7 @@ spec:
         image: docker.io/cloudnativelabs/kube-router:v{{ kubernetes_network_plugin_version }}
         imagePullPolicy: Always
         args:
+        - --cluster-cidr={{ kubernetes.pod_ip_range }}
         - --run-router=false
         - --run-firewall=true
         - --run-service-proxy={{ kubernetes_network_plugin_replaces_kube_proxy | string | lower }}
@@ -93,13 +94,11 @@ spec:
           readOnly: false
       hostNetwork: true
       tolerations:
-      - key: CriticalAddonsOnly
-        operator: Exists
       - effect: NoSchedule
-        key: node-role.kubernetes.io/master
         operator: Exists
-      - effect: NoSchedule
-        key: node.kubernetes.io/not-ready
+      - key: CriticalAddonsOnly
+        operator: Exists
+      - effect: NoExecute
         operator: Exists
       volumes:
       - name: lib-modules
@@ -123,7 +122,7 @@ metadata:
   namespace: kube-system
 ---
 kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: kube-router
   namespace: kube-system
@@ -158,7 +157,7 @@ rules:
       - watch
 ---
 kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: kube-router
 roleRef: