Update k8s version & can chose network interface

2021-06-27 02:49:55 +02:00 · 2021-06-27 02:49:55 +02:00 · 1b665fa94c
commit 1b665fa94c
parent 738896b356
5 changed files with 27 additions and 9 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -2,8 +2,9 @@
 # value for kubernetes_cri: containerd, cri-o
 #kubernetes_cri: "containerd"
 kubernetes_server: false
 kubernetes_interface: '{{ ansible_default_ipv4.interface }}'
 # value for kuberntes_network: flannel, calico, weave-net
 #kubernetes_network: weave-net
 kubernetes_kubeproxy_mode: ipvs
-kubernetes_version: 1.20.6
+kubernetes_version: 1.21.2
 kubernetes_pods_network: "10.244.0.0/16"
--- a/tasks/cluster_kubeadm.yml
+++ b/tasks/cluster_kubeadm.yml
@ -136,11 +136,23 @@
    mode: 0644
  with_items:
    - "systemd/system/kubelet.service.d/0-kubelet-extra-args.conf"
    - "systemd/system/kubelet.service.d/11-cgroups.conf"
    - "sysconfig/kubelet"
  when:
    - ansible_service_mgr == "systemd"
 - name: Configure kubelet service for CRI-O
  template:
    src: "etc/{{ item }}.j2"
    dest: "/etc/{{ item }}"
    group: root
    owner: root
    mode: 0644
  with_items:
    - "systemd/system/kubelet.service.d/11-cgroups.conf"
  when:
    - ansible_service_mgr == "systemd"
    - kubernetes_cri == "cri-o"
 - name: Configure kubelet service
  template:
    src: "etc/{{ item }}.j2"
--- a/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2
+++ b/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2
@ -1,2 +1,2 @@
 [Service]
-Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_default_ipv4.address }}"
+Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}"
--- a/templates/etc/systemd/system/kubelet.service.d/11-cgroups.conf.j2
+++ b/templates/etc/systemd/system/kubelet.service.d/11-cgroups.conf.j2
@ -0,0 +1,5 @@
 # https://stackoverflow.com/a/57456786
 # https://stackoverflow.com/questions/57456667/failed-to-get-kubelets-cgroup
 [Service]
 CPUAccounting=true
 MemoryAccounting=true
--- a/templates/kubeadm-config.yaml.j2
+++ b/templates/kubeadm-config.yaml.j2
@ -32,7 +32,7 @@ nodeRegistration:
 {% elif kubernetes_cri == "cri-o" %}
    container-runtime-endpoint: "unix:///var/run/crio/crio.sock"
 {% endif %}
-    node-ip: {{ ansible_default_ipv4.address }}
+    node-ip: {{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}
 #    read-only-port: "10255"
  ignorePreflightErrors:
  - SystemVerification
@ -43,7 +43,7 @@ nodeRegistration:
  - IsPrivilegedUser
 {% endif %}
 localAPIEndpoint:
-  advertiseAddress: "{{ ansible_default_ipv4.address }}"
+  advertiseAddress: "{{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}"
  bindPort: 6443
 {% if kubernetes_master|bool and groups['KubernetesMasterConfigured_' ~ kubernetes_cluster_name] is defined %}
 certificateKey: "{{ kubernetes_certificateKey.stdout }}"
@ -56,11 +56,11 @@ kubernetesVersion: stable
 {% if lbip_kubeapiserver is defined %}
 controlPlaneEndpoint: "{{ lbip_kubeapiserver }}:6443"
 {% else %}
-controlPlaneEndpoint: "{{ ansible_default_ipv4.address }}:6443"
+controlPlaneEndpoint: "{{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}:6443"
 {% endif %}
 apiServer:
  extraArgs:
-    enable-admission-plugins: NodeRestriction,PodSecurityPolicy
+    enable-admission-plugins: NodeRestriction
    authorization-mode: "Node,RBAC"
    audit-policy-file: "/etc/kubernetes/policies/audit-policy.yaml"
    audit-log-path: "/var/log/apiserver/audit.log"
@ -109,7 +109,7 @@ kind: JoinConfiguration
 {% if kubernetes_master|bool %}
 controlPlane:
  localAPIEndpoint:
-    advertiseAddress: "{{ ansible_default_ipv4.address }}"
+    advertiseAddress: "{{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}"
    bindPort: 6443
 {% if groups['KubernetesMasterConfigured_' ~ kubernetes_cluster_name] is defined %}
  certificateKey: "{{ kubernetes_certificateKey.stdout }}"
@ -125,7 +125,7 @@ discovery:
 {% endif %}
 nodeRegistration:
  kubeletExtraArgs:
-    node-ip: {{ ansible_default_ipv4.address }}
+    node-ip: {{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}
 #    read-only-port: "10255"
  ignorePreflightErrors:
  - SystemVerification
`@ -1,2 +1,2 @@`
	`[Service]`	`[Service]`
	`Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_default_ipv4.address }}"`	`Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}"`