epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-28 09:39:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Replace kube-master with kube_control_plane (#7256)

Browse Source 
This replaces kube-master with kube_control_plane because of [1]:

  The Kubernetes project is moving away from wording that is
  considered offensive. A new working group WG Naming was created
  to track this work, and the word "master" was declared as offensive.
  A proposal was formalized for replacing the word "master" with
  "control plane". This means it should be removed from source code,
  documentation, and user-facing configuration from Kubernetes and
  its sub-projects.

NOTE: The reason why this changes it to kube_control_plane not
      kube-control-plane is for valid group names on ansible.

[1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
This commit is contained in:
Kenichi Omichi
2021-03-23 17:26:05 -07:00
committed by GitHub
parent d53fd29e34
commit 486b223e01
159 changed files with 564 additions and 485 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
roles/kubernetes-apps/cluster_roles/tasks/main.yml
View File

@@ -9,14 +9,14 @@
until: result.status == 200
retries: 10
delay: 6
when: inventory_hostname == groups['kube-master'][0]
when: inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Check AppArmor status
command: which apparmor_parser
register: apparmor_status
when:
- podsecuritypolicy_enabled
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
failed_when: false
- name: Kubernetes Apps | Set apparmor_enabled
@@ -24,7 +24,7 @@
apparmor_enabled: "{{ apparmor_status.rc == 0 }}"
when:
- podsecuritypolicy_enabled
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Render templates for PodSecurityPolicy
template:
@@ -37,7 +37,7 @@
- {file: psp-crb.yml, type: rolebinding, name: psp-crb}
when:
- podsecuritypolicy_enabled
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Add policies, roles, bindings for PodSecurityPolicy
kube:
@@ -52,7 +52,7 @@
delay: 6
with_items: "{{ psp_manifests.results }}"
when:
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- not item is skipped
loop_control:
label: "{{ item.item.file }}"
@@ -64,7 +64,7 @@
register: node_crb_manifest
when:
- rbac_enabled
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- name: Apply workaround to allow all nodes with cert O=system:nodes to register
kube:
@@ -80,7 +80,7 @@
when:
- rbac_enabled
- node_crb_manifest.changed
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Add webhook ClusterRole that grants access to proxy, stats, log, spec, and metrics on a kubelet
template:
@@ -90,7 +90,7 @@
when:
- rbac_enabled
- kubelet_authorization_mode_webhook
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
tags: node-webhook
- name: Apply webhook ClusterRole
@@ -104,7 +104,7 @@
- rbac_enabled
- kubelet_authorization_mode_webhook
- node_webhook_cr_manifest.changed
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
tags: node-webhook
- name: Kubernetes Apps | Add ClusterRoleBinding for system:nodes to webhook ClusterRole
@@ -115,7 +115,7 @@
when:
- rbac_enabled
- kubelet_authorization_mode_webhook
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
tags: node-webhook
- name: Grant system:nodes the webhook ClusterRole
@@ -129,7 +129,7 @@
- rbac_enabled
- kubelet_authorization_mode_webhook
- node_webhook_crb_manifest.changed
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
tags: node-webhook
- include_tasks: oci.yml
@@ -140,7 +140,7 @@
- name: PriorityClass | Copy k8s-cluster-critical-pc.yml file
copy: src=k8s-cluster-critical-pc.yml dest={{ kube_config_dir }}/k8s-cluster-critical-pc.yml
when: inventory_hostname == groups['kube-master']|last
when: inventory_hostname == groups['kube_control_plane']|last
- name: PriorityClass | Create k8s-cluster-critical
kube:
@@ -149,4 +149,4 @@
resource: "PriorityClass"
filename: "{{ kube_config_dir }}/k8s-cluster-critical-pc.yml"
state: latest
when: inventory_hostname == groups['kube-master']|last
when: inventory_hostname == groups['kube_control_plane']|last

4
roles/kubernetes-apps/cluster_roles/tasks/oci.yml
View File

@@ -6,7 +6,7 @@
when:
- cloud_provider is defined
- cloud_provider == 'oci'
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]
- name: Apply OCI RBAC
kube:
@@ -15,4 +15,4 @@
when:
- cloud_provider is defined
- cloud_provider == 'oci'
- inventory_hostname == groups['kube-master'][0]
- inventory_hostname == groups['kube_control_plane'][0]