From 586ad89d50d3900b8e2de98086bf5d982c20e5f6 Mon Sep 17 00:00:00 2001
From: Robert Neumann <r0b2g1t@users.noreply.github.com>
Date: Wed, 10 Apr 2019 13:14:12 +0200
Subject: [PATCH] Fix for unknown 'kubernetes.io' or 'k8s.io' labels specified
with --node-labels (#4320)
* Fix the file path for all.yml and k8s-cluster.yml
* Fix --node-labels namespace error "unknown labels specified"
* Update templates and configs kubelet node-labels
---
inventory/sample/group_vars/k8s-cluster/addons.yml | 4 ++--
.../ansible/templates/coredns-deployment.yml.j2 | 4 ++--
roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 | 2 +-
.../kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 | 4 ++--
.../oci/templates/oci-cloud-provider.yml.j2 | 4 ++--
.../ingress_controller/ingress_nginx/defaults/main.yml | 2 +-
.../templates/metrics-server-deployment.yaml.j2 | 4 ++--
.../calico/templates/calico-kube-controllers.yml.j2 | 2 +-
roles/kubernetes/master/tasks/kubeadm-setup.yml | 2 +-
.../master/templates/kubeadm-config.v1alpha2.yaml.j2 | 2 +-
.../master/templates/kubeadm-config.v1alpha3.yaml.j2 | 2 +-
.../master/templates/kubeadm-config.v1beta1.yaml.j2 | 2 +-
roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 | 6 +++---
.../network_plugin/contiv/templates/contiv-api-proxy.yml.j2 | 2 +-
.../contiv/templates/contiv-etcd-proxy.yml.j2 | 2 +-
roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 | 2 +-
.../network_plugin/contiv/templates/contiv-netmaster.yml.j2 | 2 +-
.../network_plugin/multus/templates/multus-daemonset.yml.j2 | 2 +-
18 files changed, 25 insertions(+), 25 deletions(-)
diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml
index 7f83e3876..cf8726ef3 100644
--- a/inventory/sample/group_vars/k8s-cluster/addons.yml
+++ b/inventory/sample/group_vars/k8s-cluster/addons.yml
@@ -60,9 +60,9 @@ cephfs_provisioner_enabled: false
ingress_nginx_enabled: false
# ingress_nginx_host_network: false
# ingress_nginx_nodeselector:
-# node-role.kubernetes.io/node: ""
+# node.kubernetes.io/node: ""
# ingress_nginx_tolerations:
-# - key: "node-role.kubernetes.io/master"
+# - key: "node.kubernetes.io/master"
# operator: "Equal"
# value: ""
# effect: "NoSchedule"
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index fd7bfc9fa..2f17e425d 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -30,7 +30,7 @@ spec:
beta.kubernetes.io/os: linux
serviceAccountName: coredns
tolerations:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
@@ -46,7 +46,7 @@ spec:
- weight: 100
preference:
matchExpressions:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
operator: In
values:
- ""
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index f079bf122..0e00258b8 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -195,7 +195,7 @@ spec:
serviceAccountName: kubernetes-dashboard
{% if dashboard_master_toleration %}
tolerations:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
effect: NoSchedule
{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2 b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
index df9bd3623..edd5120ce 100644
--- a/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2
@@ -45,7 +45,7 @@ spec:
tolerations:
- effect: NoSchedule
operator: Equal
- key: node-role.kubernetes.io/master
+ key: node.kubernetes.io/master
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
@@ -58,7 +58,7 @@ spec:
- weight: 100
preference:
matchExpressions:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
operator: In
values:
- ""
diff --git a/roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2 b/roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2
index e926d7609..0777b4fc1 100644
--- a/roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2
+++ b/roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2
@@ -35,12 +35,12 @@ spec:
serviceAccountName: cloud-controller-manager
hostNetwork: true
nodeSelector:
- node-role.kubernetes.io/master: ""
+ node.kubernetes.io/master: ""
tolerations:
- key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
effect: NoSchedule
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
operator: Exists
effect: NoSchedule
volumes:
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
index e330817de..23fbd7491 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
@@ -2,7 +2,7 @@
ingress_nginx_namespace: "ingress-nginx"
ingress_nginx_host_network: false
ingress_nginx_nodeselector:
- node-role.kubernetes.io/node: ""
+ node.kubernetes.io/node: ""
ingress_nginx_tolerations: []
ingress_nginx_insecure_port: 80
ingress_nginx_secure_port: 443
diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
index aa54bd373..b115b82af 100644
--- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
@@ -116,7 +116,7 @@ spec:
name: metrics-server-config
{% if not masters_are_not_tainted %}
tolerations:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
@@ -127,7 +127,7 @@ spec:
- weight: 100
preference:
matchExpressions:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
operator: In
values:
- ""
diff --git a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2 b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
index 1e7b8240d..5ce52b1d5 100644
--- a/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
+++ b/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
@@ -29,7 +29,7 @@ spec:
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
effect: NoSchedule
{% if kube_version is version('v1.11.1', '>=') %}
priorityClassName: system-cluster-critical
diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml
index c8178a18b..e10847c9b 100644
--- a/roles/kubernetes/master/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml
@@ -176,7 +176,7 @@
- old_apiserver_cert.stat.exists
- name: kubeadm | Remove taint for master with node role
- command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node-role.kubernetes.io/master:NoSchedule-"
+ command: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf taint node {{ inventory_hostname }} node.kubernetes.io/master:NoSchedule-"
delegate_to: "{{groups['kube-master']|first}}"
when: inventory_hostname in groups['kube-node']
failed_when: false
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2
index 6f9cd4458..9281b4c45 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2
@@ -224,7 +224,7 @@ nodeRegistration:
{% if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] %}
taints:
- effect: NoSchedule
- key: node-role.kubernetes.io/master
+ key: node.kubernetes.io/master
{% endif %}
{% if container_manager == 'crio' %}
criSocket: /var/run/crio/crio.sock
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
index 6dc736651..33c768bec 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
@@ -10,7 +10,7 @@ nodeRegistration:
{% if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] %}
taints:
- effect: NoSchedule
- key: node-role.kubernetes.io/master
+ key: node.kubernetes.io/master
{% endif %}
{% if container_manager == 'crio' %}
criSocket: /var/run/crio/crio.sock
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
index 0243ce382..ba7832281 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
@@ -10,7 +10,7 @@ nodeRegistration:
{% if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] %}
taints:
- effect: NoSchedule
- key: node-role.kubernetes.io/master
+ key: node.kubernetes.io/master
{% endif %}
{% if container_manager == 'crio' %}
criSocket: /var/run/crio/crio.sock
diff --git a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
index 6c46dba1e..2d40ac98b 100644
--- a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
@@ -85,12 +85,12 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
{# Kubelet node labels #}
{% set role_node_labels = [] %}
{% if inventory_hostname in groups['kube-master'] %}
-{% set dummy = role_node_labels.append("node-role.kubernetes.io/master=''") %}
+{% set dummy = role_node_labels.append("node.kubernetes.io/master=''") %}
{% if not standalone_kubelet|bool %}
-{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
+{% set dummy = role_node_labels.append("node.kubernetes.io/node=''") %}
{% endif %}
{% else %}
-{% set dummy = role_node_labels.append("node-role.kubernetes.io/node=''") %}
+{% set dummy = role_node_labels.append("node.kubernetes.io/node=''") %}
{% endif %}
{% if nvidia_gpu_nodes is defined and nvidia_accelerator_enabled|bool %}
{% if inventory_hostname in nvidia_gpu_nodes %}
diff --git a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
index c1604d0b5..5a4fa486e 100644
--- a/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-api-proxy.yml.j2
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: ""
+ node.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
index a16ee5755..44cadb0d5 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
@@ -21,7 +21,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/node: ""
+ node.kubernetes.io/node: ""
containers:
- name: contiv-etcd-proxy
image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
index e320f5b24..41a56ae2b 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
@@ -21,7 +21,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: ""
+ node.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
diff --git a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2 b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
index a39938f77..6ccacdfc2 100644
--- a/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netmaster.yml.j2
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
hostPID: true
nodeSelector:
- node-role.kubernetes.io/master: ""
+ node.kubernetes.io/master: ""
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
diff --git a/roles/network_plugin/multus/templates/multus-daemonset.yml.j2 b/roles/network_plugin/multus/templates/multus-daemonset.yml.j2
index 11cf427d0..2967e6c1d 100644
--- a/roles/network_plugin/multus/templates/multus-daemonset.yml.j2
+++ b/roles/network_plugin/multus/templates/multus-daemonset.yml.j2
@@ -18,7 +18,7 @@ spec:
nodeSelector:
beta.kubernetes.io/arch: amd64
tolerations:
- - key: node-role.kubernetes.io/master
+ - key: node.kubernetes.io/master
operator: Exists
effect: NoSchedule
serviceAccountName: multus