Browse Source
Add kube-ipvs0/nodelocaldns to NetworkManager unmanaged-devices (#7315 )
On CentOS 8 they seem to be ignored by default, but better be extra safe
This also make it easy to exclude other network plugin interfaces
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
pull/7343/head
Etienne Champetier
4 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with
43 additions and
31 deletions
roles/kubernetes/preinstall/handlers/main.yml
roles/kubernetes/preinstall/tasks/0062-networkmanager-unmanaged-devices.yml
roles/kubernetes/preinstall/tasks/0063-networkmanager-dns.yml
roles/kubernetes/preinstall/tasks/main.yml
roles/network_plugin/calico/handlers/main.yml
roles/network_plugin/calico/tasks/install.yml
roles/reset/tasks/main.yml
@ -33,7 +33,6 @@
service:
name : NetworkManager.service
state : restarted
when : is_fedora_coreos
- name : Preinstall | reload kubelet
service:
@ -0,0 +1,36 @@
---
- name : NetworkManager | Check if host has NetworkManager
# noqa 303 Should we use service_facts for this?
command : systemctl is-active --quiet NetworkManager.service
register : nm_check
failed_when : false
changed_when : false
- name : NetworkManager | Ensure NetworkManager conf.d dir
file:
path : "/etc/NetworkManager/conf.d"
state : directory
recurse : yes
when : nm_check.rc == 0
- name : NetworkManager | Prevent NetworkManager from managing Calico interfaces (cali*/tunl*/vxlan.calico)
copy:
content : |
[ keyfile]
unmanaged-devices+=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico
dest : /etc/NetworkManager/conf.d/calico.conf
when:
- nm_check.rc == 0
- kube_network_plugin == "calico"
notify : Preinstall | reload NetworkManager
# TODO: add other network_plugin interfaces
- name : NetworkManager | Prevent NetworkManager from managing K8S interfaces (kube-ipvs0/nodelocaldns)
copy:
content : |
[ keyfile]
unmanaged-devices+=interface-name:kube-ipvs0;interface-name:nodelocaldns
dest : /etc/NetworkManager/conf.d/k8s.conf
when : nm_check.rc == 0
notify : Preinstall | reload NetworkManager
@ -39,7 +39,11 @@
- bootstrap-os
- resolvconf
- import_tasks : 0062 -networkmanager.yml
- import_tasks : 0062 -networkmanager-unmanaged-devices.yml
tags:
- bootstrap-os
- import_tasks : 0063 -networkmanager-dns.yml
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
@ -25,9 +25,3 @@
until : crictl_calico_node_remove is succeeded
retries : 5
when : container_manager in ["crio", "containerd"]
- name : Calico | Reload NetworkManager
service:
name : NetworkManager
state : reloaded
when : '"running" in nm_check.stdout'
@ -6,29 +6,6 @@
mode : 0755
remote_src : yes
- name : Calico | Check if host has NetworkManager
# noqa 303 Should we use service_facts for this?
command : systemctl is-active --quiet NetworkManager.service
register : nm_check
failed_when : false
changed_when : false
- name : Calico | Ensure NetworkManager conf.d dir
file:
path : "/etc/NetworkManager/conf.d"
state : directory
recurse : yes
when : nm_check.rc == 0
- name : Calico | Prevent NetworkManager from managing Calico interfaces
copy:
content : |
[ keyfile]
unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico
dest : /etc/NetworkManager/conf.d/calico.conf
when : nm_check.rc == 0
notify : Calico | Reload NetworkManager
- name : Calico | Write Calico cni config
template:
src : "cni-calico.conflist.j2"
@ -257,6 +257,8 @@
- /etc/dnsmasq.d-available
- /etc/etcd.env
- /etc/calico
- /etc/NetworkManager/conf.d/calico.conf
- /etc/NetworkManager/conf.d/k8s.conf
- /etc/weave.env
- /opt/cni
- /etc/dhcp/dhclient.d/zdnsupdate.sh