From 3f30f88a3524623321f51ef7aa46ebb6c83ff4d2 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 11 May 2023 22:56:10 +0200 Subject: kubernetes/kubeadm: revamp handling of dns-cache and prepare for net-plugin dependant variations --- .../control-plane/tasks/net_kube-router.yml | 26 +++++++++++++++++++--- .../kubeadm/control-plane/tasks/net_kubeguard.yml | 19 +++++++++++++++- .../kubeadm/control-plane/tasks/net_none.yml | 5 ++++- .../kubeadm/control-plane/tasks/primary.yml | 24 +++++--------------- 4 files changed, 50 insertions(+), 24 deletions(-) (limited to 'roles/kubernetes/kubeadm/control-plane/tasks') diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/net_kube-router.yml b/roles/kubernetes/kubeadm/control-plane/tasks/net_kube-router.yml index 4584e583..aad6467b 100644 --- a/roles/kubernetes/kubeadm/control-plane/tasks/net_kube-router.yml +++ b/roles/kubernetes/kubeadm/control-plane/tasks/net_kube-router.yml @@ -2,15 +2,35 @@ - name: generate kube-router configuration template: src: "net_kube-router/config.{{ kubernetes_network_plugin_version }}.yml.j2" - dest: /etc/kubernetes/network-plugin.yml + dest: /etc/kubernetes/network-plugin/config.yml - name: check if kube-router is already installed check_mode: no - command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin.yml + command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin/config.yml failed_when: false changed_when: false register: kube_router_diff_result - name: install kube-router on to the cluster when: kube_router_diff_result.rc != 0 - command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin.yml + command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin/config.yml + + +- name: install node-local dns cache + when: kubernetes_enable_nodelocal_dnscache + block: + - name: generate node-local dns cache config + template: + src: net_kube-router/node-local-dns.yml.j2 + dest: /etc/kubernetes/network-plugin/node-local-dns.yml + + - name: check if node-local dns cache is already installed + check_mode: no + command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin/node-local-dns.yml + failed_when: false + changed_when: false + register: kube_node_local_dns_diff_result + + - name: install node-local dns cache + when: kube_node_local_dns_diff_result.rc != 0 + command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin/node-local-dns.yml diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml index 94832c38..05428ea1 100644 --- a/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml +++ b/roles/kubernetes/kubeadm/control-plane/tasks/net_kubeguard.yml @@ -1,2 +1,19 @@ --- -## nothing to do here +- name: install node-local dns cache + when: kubernetes_enable_nodelocal_dnscache + block: + - name: generate node-local dns cache config + template: + src: net_kubeguard/node-local-dns.yml.j2 + dest: /etc/kubernetes/network-plugin/node-local-dns.yml + + - name: check if node-local dns cache is already installed + check_mode: no + command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/network-plugin/node-local-dns.yml + failed_when: false + changed_when: false + register: kube_node_local_dns_diff_result + + - name: install node-local dns cache + when: kube_node_local_dns_diff_result.rc != 0 + command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin/node-local-dns.yml diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/net_none.yml b/roles/kubernetes/kubeadm/control-plane/tasks/net_none.yml index bf1a16d5..4b5824d4 100644 --- a/roles/kubernetes/kubeadm/control-plane/tasks/net_none.yml +++ b/roles/kubernetes/kubeadm/control-plane/tasks/net_none.yml @@ -1,2 +1,5 @@ --- -## this "plugin" is for testing purposes only +- name: install node-local dns cache + when: kubernetes_enable_nodelocal_dnscache + debug: + msg: "the 'none' network-plugin is intended to manually install/test network-plugins and since the exact deployment variant for the node-local dns cache is highly dependent on what the network plugin supports we do not install anything here. If the network plugin does not support nodelocal dns caches at all you may want to set kubernetes_enable_nodelocal_dnscache to false." diff --git a/roles/kubernetes/kubeadm/control-plane/tasks/primary.yml b/roles/kubernetes/kubeadm/control-plane/tasks/primary.yml index 36195235..c0591032 100644 --- a/roles/kubernetes/kubeadm/control-plane/tasks/primary.yml +++ b/roles/kubernetes/kubeadm/control-plane/tasks/primary.yml @@ -101,26 +101,12 @@ kube_bootstrap_ca_cert_hash: "sha256:{{ kube_ca_openssl.stdout }}" -## install node-local-dns - -- name: generate node-local dns cache config - template: - src: node-local-dns.yml.j2 - dest: /etc/kubernetes/node-local-dns.yml - -- name: check if node-local dns cache is already installed - check_mode: no - command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -f /etc/kubernetes/node-local-dns.yml - failed_when: false - changed_when: false - register: kube_node_local_dns_diff_result - -- name: install node-local dns cache - when: kube_node_local_dns_diff_result.rc != 0 - command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/node-local-dns.yml - - ## Network Plugin +- name: create network plugin config directory + file: + path: /etc/kubernetes/network-plugin + state: directory + - name: install network plugin include_tasks: "net_{{ kubernetes_network_plugin }}.yml" -- cgit v1.2.3