From b787b76c6c58459a5cb52700e4ce4bacbb5b8d97 Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Tue, 20 Mar 2018 12:06:34 +0000 Subject: [PATCH 1/5] Update kube-apiserver.manifest.j2 Ensure that kube-apiserver will respond even if one of the nodes are down. --- .../master/templates/manifests/kube-apiserver.manifest.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 index c1685410d..1d9d843fb 100644 --- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 @@ -42,6 +42,7 @@ spec: - --insecure-bind-address={{ kube_apiserver_insecure_bind_address }} - --bind-address={{ kube_apiserver_bind_address }} - --apiserver-count={{ kube_apiserver_count }} + - --endpoint-reconciler-type=lease - --admission-control={{ kube_apiserver_admission_control | join(',') }} - --service-cluster-ip-range={{ kube_service_addresses }} - --service-node-port-range={{ kube_apiserver_node_port_range }} From d9453f323b3c591e8fc1a05d3b85559527c05f46 Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Tue, 20 Mar 2018 12:16:35 +0000 Subject: [PATCH 2/5] Update kube-apiserver.manifest.j2 --- .../master/templates/manifests/kube-apiserver.manifest.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 index 1d9d843fb..45eaf6db0 100644 --- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 @@ -42,7 +42,9 @@ spec: - --insecure-bind-address={{ kube_apiserver_insecure_bind_address }} - --bind-address={{ kube_apiserver_bind_address }} - --apiserver-count={{ kube_apiserver_count }} +{% if kube_version | version_compare('v1.9', '>=') %} - --endpoint-reconciler-type=lease +{% endif %} - --admission-control={{ kube_apiserver_admission_control | join(',') }} - --service-cluster-ip-range={{ kube_service_addresses }} - --service-node-port-range={{ kube_apiserver_node_port_range }} From d2fd7b74623cb45397f1e0dcd9f55e8a29b7c7f4 Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Tue, 20 Mar 2018 12:19:53 +0000 Subject: [PATCH 3/5] Update kube-apiserver.manifest.j2 --- .../master/templates/manifests/kube-apiserver.manifest.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 index 45eaf6db0..350eeaabd 100644 --- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 @@ -42,9 +42,9 @@ spec: - --insecure-bind-address={{ kube_apiserver_insecure_bind_address }} - --bind-address={{ kube_apiserver_bind_address }} - --apiserver-count={{ kube_apiserver_count }} -{% if kube_version | version_compare('v1.9', '>=') %} +{% if kube_version | version_compare('v1.9', '>=') %} - --endpoint-reconciler-type=lease -{% endif %} +{% endif %} - --admission-control={{ kube_apiserver_admission_control | join(',') }} - --service-cluster-ip-range={{ kube_service_addresses }} - --service-node-port-range={{ kube_apiserver_node_port_range }} From 6c4e5e0e3d020de86ec19fc744206fc79e84d0e0 Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Tue, 20 Mar 2018 13:30:57 +0000 Subject: [PATCH 4/5] Update kubeadm-config.yaml.j2 --- roles/kubernetes/master/templates/kubeadm-config.yaml.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 index a15107c94..d3b77bb9b 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 @@ -36,6 +36,9 @@ apiServerExtraArgs: insecure-port: "{{ kube_apiserver_insecure_port }}" admission-control: {{ kube_apiserver_admission_control | join(',') }} apiserver-count: "{{ kube_apiserver_count }}" +{% if kube_version | version_compare('v1.9', '>=') %} + endpoint-reconciler-type: lease +{% endif %} service-node-port-range: {{ kube_apiserver_node_port_range }} kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}" {% if kube_basic_auth|default(true) %} From 13e47e73c8c890bc05ce2b6cad74161c6a74e49a Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Tue, 20 Mar 2018 13:33:36 +0000 Subject: [PATCH 5/5] Update kubeadm-config.yaml.j2 As requested --- roles/kubernetes/master/templates/kubeadm-config.yaml.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 index a15107c94..844421d32 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.yaml.j2 @@ -36,6 +36,9 @@ apiServerExtraArgs: insecure-port: "{{ kube_apiserver_insecure_port }}" admission-control: {{ kube_apiserver_admission_control | join(',') }} apiserver-count: "{{ kube_apiserver_count }}" +{% if kube_version | version_compare('v1.9', '>=') %} + endpoint-reconciler-type: lease +{% endif %} service-node-port-range: {{ kube_apiserver_node_port_range }} kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}" {% if kube_basic_auth|default(true) %}