richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5938 Commits
34 Branches
82 Tags
155 MiB
Tree: 0ac364dfae
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0ac364dfae'
${ noResults }
kubespray/roles/network_plugin/calico/tasks/check.yml

62 lines
2.2 KiB
Raw Normal View History

calico upgrade to v3 (#3086) * calico upgrade to v3 * update calico_rr version * add missing file * change contents of main.yml as it was left old version * enable network policy by default * remove unneeded task * Fix kubelet calico settings * fix when statement * switch back to node-kubeconfig.yaml
6 years ago
Fix ansible syntax to avoid ansible warnings (one more) (#3536) * warning on meta flush_handlers * avoid rm * avoid "Module remote_tmp /root/.ansible/tmp did not exist and was created with a mode of 0700, this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually" warning on subsequent tasks using blockinfile * is match
6 years ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
calico: check if inventory settings match cluster settings (#6969) If some settings were changed from the default but not commited into an inventory repo, we risk breaking the cluster / cause downtime, so add some extra checks Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Replace kube-master with kube_control_plane (#7256) This replaces kube-master with kube_control_plane because of [1]: The Kubernetes project is moving away from wording that is considered offensive. A new working group WG Naming was created to track this work, and the word "master" was declared as offensive. A proposal was formalized for replacing the word "master" with "control plane". This means it should be removed from source code, documentation, and user-facing configuration from Kubernetes and its sub-projects. NOTE: The reason why this changes it to kube_control_plane not kube-control-plane is for valid group names on ansible. [1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
4 years ago
calico: check if inventory settings match cluster settings (#6969) If some settings were changed from the default but not commited into an inventory repo, we risk breaking the cluster / cause downtime, so add some extra checks Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Calico: fixup check when ipipMode / vxlanMode is not present (#7195) calicoctl.sh get ipPool default-pool -o json { "kind": "IPPool", "apiVersion": "projectcalico.org/v3", "metadata": { "name": "default-pool", ... }, "spec": { "cidr": "10.233.64.0/18", "ipipMode": "Always", "natOutgoing": true, "blockSize": 24, "nodeSelector": "all()" } } Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
calico: check if inventory settings match cluster settings (#6969) If some settings were changed from the default but not commited into an inventory repo, we risk breaking the cluster / cause downtime, so add some extra checks Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
  1. ---
  2. - name: "Check vars defined correctly"
  3. assert:
  4. that:
  5. - "calico_pool_name is defined"
  6. - "calico_pool_name is match('^[a-zA-Z0-9-_\\\\.]{2,63}$')"
  7. msg: "calico_pool_name contains invalid characters"
  9. - name: "Check calico network backend defined correctly"
  10. assert:
  11. that:
  12. - "calico_network_backend in ['bird', 'vxlan', 'none']"
  13. msg: "calico network backend is not 'bird', 'vxlan' or 'none'"
  14. when:
  15. - calico_network_backend is defined
  17. - name: "Check ipip and vxlan mode defined correctly"
  18. assert:
  19. that:
  20. - "calico_ipip_mode in ['Always', 'CrossSubnet', 'Never']"
  21. - "calico_vxlan_mode in ['Always', 'CrossSubnet', 'Never']"
  22. msg: "calico inter host encapsulation mode is not 'Always', 'CrossSubnet' or 'Never'"
  24. - name: "Check ipip and vxlan mode if simultaneously enabled"
  25. assert:
  26. that:
  27. - "calico_vxlan_mode in ['Never']"
  28. msg: "IP in IP and VXLAN mode is mutualy exclusive modes"
  29. when:
  30. - "calico_ipip_mode in ['Always', 'CrossSubnet']"
  32. - name: "Check ipip and vxlan mode if simultaneously enabled"
  33. assert:
  34. that:
  35. - "calico_ipip_mode in ['Never']"
  36. msg: "IP in IP and VXLAN mode is mutualy exclusive modes"
  37. when:
  38. - "calico_vxlan_mode in ['Always', 'CrossSubnet']"
  40. - name: "Get Calico {{ calico_pool_name }} configuration"
  41. command: calicoctl.sh get ipPool {{ calico_pool_name }} -o json
  42. failed_when: False
  43. changed_when: False
  44. register: calico
  45. run_once: True
  46. delegate_to: "{{ groups['kube_control_plane'][0] }}"
  48. - name: "Set calico_pool_conf"
  49. set_fact:
  50. calico_pool_conf: '{{ calico.stdout | from_json }}'
  51. when: calico.rc == 0 and calico.stdout
  53. - name: "Check if inventory match current cluster configuration"
  54. assert:
  55. that:
  56. - calico_pool_conf.spec.blockSize == (calico_pool_blocksize | default(kube_network_node_prefix))
  57. - calico_pool_conf.spec.cidr == (calico_pool_cidr | default(kube_pods_subnet))
  58. - not calico_pool_conf.spec.ipipMode is defined or calico_pool_conf.spec.ipipMode == calico_ipip_mode
  59. - not calico_pool_conf.spec.vxlanMode is defined or calico_pool_conf.spec.vxlanMode == calico_vxlan_mode
  60. msg: "Your inventory doesn't match the current cluster configuration"
  61. when:
  62. - calico_pool_conf is defined