From fd422a0646b9010452e0ccf70273abcac22cab15 Mon Sep 17 00:00:00 2001 From: Kuldip Madnani Date: Fri, 12 Oct 2018 13:46:39 -0500 Subject: [PATCH] Add Priority class for tiller and fix tiller override. (#3494) * Added Priority class to tiller installation and also fixed tiller override implementation. * Added changes to handle priority classes separately in tiller, instead of using the variable tiller_override --- roles/kubernetes-apps/helm/tasks/main.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml index c3b8c26f5..65695d4fc 100644 --- a/roles/kubernetes-apps/helm/tasks/main.yml +++ b/roles/kubernetes-apps/helm/tasks/main.yml @@ -45,7 +45,8 @@ --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }} {% if rbac_enabled %} --service-account=tiller{% endif %} {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %} - {% if tiller_override is defined %} --override {{ tiller_override }}{% endif %} + {% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %} + {% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %} {% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %} {% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %} {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %} @@ -64,15 +65,16 @@ {% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %} {% if rbac_enabled %} --service-account=tiller{% endif %} {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %} - {% if tiller_override is defined %} --override {{ tiller_override }}{% endif %} + {% if kube_version|version_compare('v1.11.1', '>=') %} --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}{% endif %} + {% if tiller_override is defined and tiller_override != "" %} --override {{ tiller_override }}{% endif %} {% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %} {% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %} {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %} - --debug --dry-run - | kubectl apply -f - + --output yaml + | {{bin_dir}}/kubectl apply -f - changed_when: false when: - - tiller_override is defined + - (tiller_override is defined and tiller_override != "") or (kube_version|version_compare('v1.11.1', '>=')) - inventory_hostname == groups['kube-master'][0] environment: "{{proxy_env}}"