k8s taint module
This commit is contained in:
parent
75e78ea7c8
commit
73982fd7b7
@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
ansible_host: kube01.balsillie.net
|
ansible_host: kube01.balsillie.net
|
||||||
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGtk+mk1+J3sZ3CA/yS7XV2wH913IdJj0gznmb/nI2nV ladmin@kube01.balsillie.net
|
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGtk+mk1+J3sZ3CA/yS7XV2wH913IdJj0gznmb/nI2nV ladmin@kube01.balsillie.net
|
||||||
|
k8s_remove_control_plane_taint: true
|
@ -1,4 +1,4 @@
|
|||||||
---
|
---
|
||||||
ansible_host: kube02.balsillie.net
|
ansible_host: kube02.balsillie.net
|
||||||
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOfsOJJJ34VT9mHv9moHQAQNTAok8sOr49rVTkIfDn9 ladmin@kube02.balsillie.net
|
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOfsOJJJ34VT9mHv9moHQAQNTAok8sOr49rVTkIfDn9 ladmin@kube02.balsillie.net
|
||||||
|
k8s_remove_control_plane_taint: true
|
@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
ansible_host: kube03.balsillie.net
|
ansible_host: kube03.balsillie.net
|
||||||
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFqYq3CcxziLbWfp/0VpO5uD/HyjiKTXD8t/dAS01Oq ladmin@kube00.balsillie.net
|
ssh_public_key_string: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFqYq3CcxziLbWfp/0VpO5uD/HyjiKTXD8t/dAS01Oq ladmin@kube00.balsillie.net
|
||||||
|
k8s_remove_control_plane_taint: true
|
@ -12,3 +12,10 @@
|
|||||||
become: false
|
become: false
|
||||||
roles:
|
roles:
|
||||||
- k8s_network
|
- k8s_network
|
||||||
|
|
||||||
|
- name: remove control-plane taints
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: false
|
||||||
|
become: false
|
||||||
|
roles:
|
||||||
|
- k8s_taint
|
||||||
|
@ -94,6 +94,9 @@
|
|||||||
content: "{{ calico_default_apiserver | to_nice_yaml }}"
|
content: "{{ calico_default_apiserver | to_nice_yaml }}"
|
||||||
dest: "{{ ansible_search_path[0] }}/files/calico/calico_apiserver.yaml"
|
dest: "{{ ansible_search_path[0] }}/files/calico/calico_apiserver.yaml"
|
||||||
|
|
||||||
|
# TODO two api versions exist for BGP, one only becomes available after calico is online. Do they both work??
|
||||||
|
# crd.projectcalico.org/v1
|
||||||
|
# projectcalico.org/v3
|
||||||
- name: write out calico bgp peer definition
|
- name: write out calico bgp peer definition
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ calico_bgp_peer | to_nice_yaml }}"
|
content: "{{ calico_bgp_peer | to_nice_yaml }}"
|
||||||
|
7
ansible/roles/k8s_taint/tasks/main.yaml
Normal file
7
ansible/roles/k8s_taint/tasks/main.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: loop remove_taint for control plane nodes # This allows scheduling workloads on control plane nodes
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['k8s_control'] }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: node
|
||||||
|
ansible.builtin.include_tasks: remove_taint.yaml
|
9
ansible/roles/k8s_taint/tasks/remove_taint.yaml
Normal file
9
ansible/roles/k8s_taint/tasks/remove_taint.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
- name: remove control-plane taint from control-plane nodes # terminology 'control-plane' replaced 'master' in v1.20, ~Dec 2020
|
||||||
|
when: hostvars[node].k8s_remove_control_plane_taint | default(false)
|
||||||
|
kubernetes.core.k8s_taint:
|
||||||
|
name: "{{ node }}"
|
||||||
|
state: absent
|
||||||
|
taints:
|
||||||
|
- effect: NoSchedule
|
||||||
|
key: node-role.kubernetes.io/control-plane
|
@ -1,6 +1,7 @@
|
|||||||
---
|
---
|
||||||
- name: debug hostname
|
- name: install calicoctl
|
||||||
ansible.builtin.lineinfile:
|
community.general.pacman:
|
||||||
line: 192.168.199.240 k8s.balsillie.net
|
name: calicoctl
|
||||||
insertafter: EOF
|
state: latest
|
||||||
path: /etc/hosts
|
update_cache: yes
|
||||||
|
executable: pikaur
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
- name: scratch testing
|
- name: scratch testing
|
||||||
hosts: k8s_control
|
hosts: localhost
|
||||||
gather_facts: true
|
gather_facts: true
|
||||||
become: true
|
become: false
|
||||||
roles:
|
roles:
|
||||||
- scratch
|
- k8s_taint
|
Loading…
Reference in New Issue
Block a user