diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 index 3517e472b..5f082c22e 100644 --- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 @@ -31,8 +31,6 @@ spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - - key: "CriticalAddonsOnly" - operator: "Exists" {% if dns_extra_tolerations | default(None) %} {{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }} {% endif %} diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 index 18b7227b8..f0c80f517 100644 --- a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 @@ -30,7 +30,6 @@ spec: labels: k8s-app: dns-autoscaler{{ coredns_ordinal_suffix }} annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' spec: priorityClassName: system-cluster-critical @@ -43,8 +42,6 @@ spec: - effect: NoSchedule operator: Equal key: node-role.kubernetes.io/master - - key: "CriticalAddonsOnly" - operator: "Exists" affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 index 158757523..6ef230d95 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 @@ -27,8 +27,6 @@ spec: operator: "Exists" - effect: NoExecute operator: "Exists" - - key: "CriticalAddonsOnly" - operator: "Exists" containers: - name: node-cache image: "{{ nodelocaldns_image_repo }}:{{ nodelocaldns_image_tag }}" diff --git a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2 b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2 index f570cf2b3..021694dd6 100644 --- a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2 +++ b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2 @@ -20,9 +20,6 @@ spec: kubernetes.io/os: linux serviceAccount: ebs-csi-controller-sa priorityClassName: system-cluster-critical - tolerations: - - key: CriticalAddonsOnly - operator: Exists containers: - name: ebs-plugin image: {{ aws_ebs_csi_plugin_image_repo }}:{{ aws_ebs_csi_plugin_image_tag }} diff --git a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2 b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2 index 9175e24b3..3c86e882c 100644 --- a/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2 +++ b/roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-nodeservice.yml.j2 @@ -20,9 +20,6 @@ spec: kubernetes.io/os: linux hostNetwork: true priorityClassName: system-node-critical - tolerations: - - key: CriticalAddonsOnly - operator: Exists containers: - name: ebs-plugin securityContext: diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 index dfe1e69ac..deaa3554a 100644 --- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 +++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 @@ -120,8 +120,6 @@ spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - - key: "CriticalAddonsOnly" - operator: "Exists" {% endif %} affinity: nodeAffinity: diff --git a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 index b5db15c56..94f2630b4 100644 --- a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 +++ b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 @@ -24,8 +24,6 @@ spec: hostNetwork: true serviceAccountName: calico-kube-controllers tolerations: - - key: CriticalAddonsOnly - operator: Exists - key: node-role.kubernetes.io/master effect: NoSchedule priorityClassName: system-cluster-critical diff --git a/roles/network_plugin/canal/templates/canal-node.yaml.j2 b/roles/network_plugin/canal/templates/canal-node.yaml.j2 index 8a737c374..ad3414802 100644 --- a/roles/network_plugin/canal/templates/canal-node.yaml.j2 +++ b/roles/network_plugin/canal/templates/canal-node.yaml.j2 @@ -21,9 +21,6 @@ spec: serviceAccountName: canal tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" volumes: # Used by calico/node. - name: lib-modules diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 index 9cdc04cba..43a96821f 100755 --- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 +++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 @@ -16,11 +16,6 @@ spec: prometheus.io/port: "9090" prometheus.io/scrape: "true" {% endif %} - # This annotation plus the CriticalAddonsOnly toleration makes - # cilium to be a critical pod in the cluster, which ensures cilium - # gets priority scheduling. - # https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/ - scheduler.alpha.kubernetes.io/critical-pod: "" scheduler.alpha.kubernetes.io/tolerations: '[{"key":"dedicated","operator":"Equal","value":"master","effect":"NoSchedule"}]' labels: k8s-app: cilium diff --git a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 index 74c60896f..e69e07c7a 100644 --- a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 @@ -29,9 +29,6 @@ spec: node-role.kubernetes.io/master: "" tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" serviceAccountName: contiv-netmaster containers: - name: contiv-api-proxy diff --git a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 index 6d6938823..80884d719 100644 --- a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2 @@ -21,9 +21,6 @@ spec: hostPID: true tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" serviceAccountName: contiv-netplugin containers: - name: contiv-ovs-cleanup diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 index 5a8fae489..d0b5d2155 100644 --- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 @@ -23,9 +23,6 @@ spec: node-role.kubernetes.io/master: "" tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" initContainers: - name: contiv-etcd-init image: {{ contiv_etcd_init_image_repo }}:{{ contiv_etcd_init_image_tag }} diff --git a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 index 2ffa8962b..ad3411f03 100644 --- a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 @@ -29,9 +29,6 @@ spec: node-role.kubernetes.io/master: "" tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" serviceAccountName: contiv-netmaster containers: - name: contiv-netmaster diff --git a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 index 80c4e32fc..c21399fb6 100644 --- a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2 @@ -26,9 +26,6 @@ spec: hostPID: true tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" serviceAccountName: contiv-netplugin initContainers: - name: contiv-netplugin-init diff --git a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 index 56680b0bd..0b05588ba 100644 --- a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2 @@ -23,9 +23,6 @@ spec: hostPID: true tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" containers: # Runs ovs containers on each Kubernetes node. - name: contiv-ovsdb-server diff --git a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 b/roles/network_plugin/kube-router/templates/kube-router.yml.j2 index f1a46e870..2510a861f 100644 --- a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 +++ b/roles/network_plugin/kube-router/templates/kube-router.yml.j2 @@ -112,9 +112,6 @@ spec: {% endif %} tolerations: - operator: Exists - # Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12) - - key: CriticalAddonsOnly - operator: "Exists" volumes: {% if kube_router_enable_dsr %} - name: docker-socket