epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-28 09:39:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove --auth-anonymous if kube_api_anonymous_auth is undefined. (#12353)

Browse Source 
Remove --auth-anonymous if kube_api_anonymous_auth in undefined, to avoid
compatibility errors with other arguments of the kube-apiserver, such as
--authentication-config when anonymous field is configured.
This commit is contained in:
Psycho Mantys
2025-07-27 00:20:27 -03:00
committed by GitHub
parent 96c39ae7fd
commit 5b1334102b
3 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
View File

@@ -109,7 +109,10 @@ apiServer:
etcd-compaction-interval: "{{ kube_apiserver_etcd_compaction_interval }}"
default-not-ready-toleration-seconds: "{{ kube_apiserver_pod_eviction_not_ready_timeout_seconds }}"
default-unreachable-toleration-seconds: "{{ kube_apiserver_pod_eviction_unreachable_timeout_seconds }}"
{% if kube_api_anonymous_auth is defined %}
{# TODO: rework once suppport for structured auth lands #}
anonymous-auth: "{{ kube_api_anonymous_auth }}"
{% endif %}
{% if kube_apiserver_use_authorization_config_file %}
authorization-config: "{{ kube_config_dir }}/apiserver-authorization-config-{{ kube_apiserver_authorization_config_api_version }}.yaml"
{% else %}

3
roles/kubernetes/control-plane/templates/kubeadm-config.v1beta4.yaml.j2
View File

@@ -131,8 +131,11 @@ apiServer:
value: "{{ kube_apiserver_pod_eviction_not_ready_timeout_seconds }}"
- name: default-unreachable-toleration-seconds
value: "{{ kube_apiserver_pod_eviction_unreachable_timeout_seconds }}"
{% if kube_api_anonymous_auth is defined %}
{# TODO: rework once suppport for structured auth lands #}
- name: anonymous-auth
value: "{{ kube_api_anonymous_auth }}"
{% endif %}
{% if kube_apiserver_use_authorization_config_file %}
- name: authorization-config
value: "{{ kube_config_dir }}/apiserver-authorization-config-{{ kube_apiserver_authorization_config_api_version }}.yaml"