diff options
Diffstat (limited to 'sw_config/bmra/patched_k8s.yml')
-rw-r--r-- | sw_config/bmra/patched_k8s.yml | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/sw_config/bmra/patched_k8s.yml b/sw_config/bmra/patched_k8s.yml index 5dfc3bd..fb0d43a 100644 --- a/sw_config/bmra/patched_k8s.yml +++ b/sw_config/bmra/patched_k8s.yml @@ -30,6 +30,10 @@ {%- endif -%} enable_admission_plugins_prepare: >- [EventRateLimit,{% if always_pull_enabled %} AlwaysPullImages,{% endif %} NodeRestriction{% if psp_enabled %}, PodSecurityPolicy{% endif %}] + bmra_docker_version: >- + {% if ansible_distribution_version >= '21.04' %}latest{% else %}19.03{%endif %} + flannel_backend_type: >- + {% if ansible_distribution_version >= '21.04' %}host-gw{% else %}vxlan{%endif %} kube_config_dir: /etc/kubernetes - name: set kube_cert_dir set_fact: @@ -38,15 +42,32 @@ environment: "{{ proxy_env | d({}) }}" any_errors_fatal: true +- hosts: all + tasks: + - name: add docker runtime vars + set_fact: + container_manager: docker + docker_iptables_enabled: true + docker_dns_servers_strict: false + docker_version: "{{ bmra_docker_version }}" + when: container_runtime == "docker" + - name: add containerd runtime vars + set_fact: + container_manager: containerd + etcd_deployment_type: host + containerd_extra_args: |2 + [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry_local_address }}"] + endpoint = ["https://{{ registry_local_address }}"] + [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ registry_local_address }}".tls] + ca_file = "/etc/containers/certs.d/{{ registry_local_address }}/ca.crt" + when: container_runtime == "containerd" - name: run kubespray import_playbook: kubespray/cluster.yml vars: kubeadm_enabled: true multus_conf_file: /host/etc/cni/net.d/templates/00-multus.conf - docker_iptables_enabled: true - docker_dns_servers_strict: false + nginx_image_tag: 1.21.1 override_system_hostname: false - docker_version: '19.03' kube_proxy_mode: iptables enable_nodelocaldns: false system_reserved: true @@ -105,6 +126,7 @@ - name: restart docker daemon to recreate iptables rules systemd: name=docker state=restarted become: yes + when: container_runtime == "docker" - name: restart kubelet to trigger static pods recreation systemd: name=kubelet state=restarted become: yes @@ -144,7 +166,7 @@ roles: - role: cluster_defaults tags: defaults - - role: docker_registry + - role: container_registry tags: registry - role: dockerhub_credentials when: "'/bmra/roles/dockerhub_credentials/vars/main.yml' is file" |