From 741de6051c6d411f697ae419a80a162157066d00 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Mon, 29 Apr 2019 09:36:19 +0300 Subject: [PATCH] Fix nodeselectors for contiv and nginx-ingress (#4662) * Fix nodeselectors for contiv and nginx-ingress Change-Id: Ib3eb6bd87193c69a90ee944c9164a0b6792c79ba * Set kube proxy mode to iptables for addons task Change-Id: Iff71a71f672405c74b4708c71db15ddc4391a53a --- inventory/sample/group_vars/k8s-cluster/addons.yml | 2 +- .../ingress_controller/ingress_nginx/defaults/main.yml | 2 +- .../contiv/templates/contiv-etcd-proxy.yml.j2 | 9 +++++++-- tests/files/packet_centos7-flannel-addons.yml | 1 + 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml index 69f977e50..2547da7ab 100644 --- a/inventory/sample/group_vars/k8s-cluster/addons.yml +++ b/inventory/sample/group_vars/k8s-cluster/addons.yml @@ -79,7 +79,7 @@ rbd_provisioner_enabled: false ingress_nginx_enabled: false # ingress_nginx_host_network: false # ingress_nginx_nodeselector: -# node-role.kubernetes.io/node: "" +# beta.kubernetes.io/os: "linux": "" # ingress_nginx_tolerations: # - key: "node-role.kubernetes.io/master" # operator: "Equal" diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml index e330817de..05b72ea90 100644 --- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml +++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml @@ -2,7 +2,7 @@ ingress_nginx_namespace: "ingress-nginx" ingress_nginx_host_network: false ingress_nginx_nodeselector: - node-role.kubernetes.io/node: "" + beta.kubernetes.io/os: "linux" ingress_nginx_tolerations: [] ingress_nginx_insecure_port: 80 ingress_nginx_secure_port: 443 diff --git a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 index a16ee5755..18e36ba9e 100644 --- a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 +++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 @@ -20,8 +20,13 @@ spec: {% endif %} hostNetwork: true hostPID: true - nodeSelector: - node-role.kubernetes.io/node: "" + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: DoesNotExist containers: - name: contiv-etcd-proxy image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }} diff --git a/tests/files/packet_centos7-flannel-addons.yml b/tests/files/packet_centos7-flannel-addons.yml index 9e71f32e5..fe26cc5d9 100644 --- a/tests/files/packet_centos7-flannel-addons.yml +++ b/tests/files/packet_centos7-flannel-addons.yml @@ -6,6 +6,7 @@ mode: ha # Kubespray settings kubeadm_control_plane: true kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085 +kube_proxy_mode: iptables kube_network_plugin: flannel helm_enabled: true kubernetes_audit: true