Browse Source
Merge pull request #3161 from nutellinoit/kube_proxy_nodeport_addresses
--nodeport-addresses added on kube-proxy.manifest.j2 and on k8s-cluster.yml
pull/3107/merge
k8s-ci-robot
6 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with
15 additions and
1 deletions
-
inventory/sample/group_vars/k8s-cluster.yml
-
roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2
-
roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2
-
roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
|
|
|
@ -107,6 +107,11 @@ kube_apiserver_insecure_port: 8080 # (http) |
|
|
|
# Can be ipvs, iptables |
|
|
|
kube_proxy_mode: iptables |
|
|
|
|
|
|
|
# Kube-proxy nodeport address. |
|
|
|
# cidr to bind nodeport services. Flag --nodeport-addresses on kube-proxy manifest |
|
|
|
kube_proxy_nodeport_addresses: false |
|
|
|
# kube_proxy_nodeport_addresses_cidr: 10.0.1.0/24 |
|
|
|
|
|
|
|
## Encrypting Secret Data at Rest (experimental) |
|
|
|
kube_encrypt_secret_data: false |
|
|
|
|
|
|
|
|
|
|
|
@ -22,12 +22,15 @@ kubernetesVersion: {{ kube_version }} |
|
|
|
{% if cloud_provider is defined and cloud_provider not in ["gce", "oci"] %} |
|
|
|
cloudProvider: {{ cloud_provider }} |
|
|
|
{% endif %} |
|
|
|
{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %} |
|
|
|
kubeProxy: |
|
|
|
config: |
|
|
|
{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %} |
|
|
|
featureGates: SupportIPVSProxyMode=true |
|
|
|
mode: ipvs |
|
|
|
{% endif %} |
|
|
|
{% if kube_proxy_nodeport_addresses %} |
|
|
|
nodePortAddresses: [{{ kube_proxy_nodeport_addresses_cidr }}] |
|
|
|
{% endif %} |
|
|
|
authorizationModes: |
|
|
|
{% for mode in authorization_modes %} |
|
|
|
- {{ mode }} |
|
|
|
|
|
|
|
@ -27,6 +27,9 @@ kubeProxy: |
|
|
|
config: |
|
|
|
mode: {{ kube_proxy_mode }} |
|
|
|
hostnameOverride: {{ inventory_hostname }} |
|
|
|
{% if kube_proxy_nodeport_addresses %} |
|
|
|
nodePortAddresses: [{{ kube_proxy_nodeport_addresses_cidr }}] |
|
|
|
{% endif %} |
|
|
|
authorizationModes: |
|
|
|
{% for mode in authorization_modes %} |
|
|
|
- {{ mode }} |
|
|
|
|
|
|
|
@ -43,6 +43,9 @@ spec: |
|
|
|
- --proxy-mode={{ kube_proxy_mode }} |
|
|
|
- --oom-score-adj=-998 |
|
|
|
- --healthz-bind-address={{ kube_proxy_healthz_bind_address }} |
|
|
|
{% if kube_proxy_nodeport_addresses %} |
|
|
|
- --nodeport-addresses={{ kube_proxy_nodeport_addresses_cidr }} |
|
|
|
{% endif %} |
|
|
|
{% if kube_proxy_masquerade_all and kube_proxy_mode == "iptables" %} |
|
|
|
- --masquerade-all |
|
|
|
{% elif kube_proxy_mode == 'ipvs' %} |
|
|
|
|
