Update pre-install verify settings with network checks and etc. (#3504)

* Update pre-install verify settings with network checks and etc. * Remove upstream dns server check. It's bogus
6 years ago · 2117e8167d
1 changed files with 49 additions and 0 deletions
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@ -153,3 +153,52 @@
    - 'calico_version_on_server.stdout != ""'
    - inventory_hostname == groups['kube-master'][0]
  run_once: yes
 - name: "Check that kube_service_addresses is a network range"
  assert:
    that:
      - kube_service_addresses | ipaddr
    msg: "kube_service_addresses is not a valid network range"
  run_once: yes
 - name: "Check that kube_pods_subnet is a network range"
  assert:
    that:
      - kube_pods_subnet | ipaddr
    msg: "kube_pods_subnet is not a valid network range"
  run_once: yes
 - name: "Check that kube_pods_subnet does not collide with kube_service_addresses"
  assert:
    that:
      - kube_pods_subnet | ipaddr(kube_service_addresses) | string == 'None'
    msg: "kube_pods_subnet cannot be the same network segment as kube_service_addresses"
  run_once: yes
 - name: Stop if unknown dns mode
  assert:
    that: dns_mode in ['dnsmasq_kubedns', 'kubedns', 'coredns', 'coredns_dual', 'manual', 'none']
    msg: "dns_mode can only be 'dnsmasq_kubedns', 'kubedns', 'coredns', 'coredns_dual', 'manual' or 'none'"
  when: dns_mode is defined
  run_once: true
 - name: Stop if unknown kube proxy mode
  assert:
    that: kube_proxy_mode in ['iptables', 'ipvs']
    msg: "kube_proxy_mode can only be 'iptables' or 'ipvs'"
  when: kube_proxy_mode is defined
  run_once: true
 - name: Stop if unknown cert_management
  assert:
    that: cert_management in ['script', 'vault']
    msg: "cert_management can only be 'script' or 'vault'"
  when: cert_management is defined
  run_once: true
 - name: Stop if unknown resolvconf_mode
  assert:
    that: resolvconf_mode in ['docker_dns', 'host_resolvconf', 'none']
    msg: "resolvconf_mode can only be 'docker_dns', 'host_resolvconf' or 'none'"
  when: resolvconf_mode is defined
  run_once: true