epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-14 13:54:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

etcd: enable v2 api only if needed (#8001)

Browse Source 
* etcd: enable v2 api only if needed

Only enable v2 API if we have a consumer (flannel)
This reduce the exposed surface for etcd.

* Fix bad group name
This commit is contained in:
Max Gautier
2021-09-22 21:36:32 +02:00
committed by GitHub
parent c8d7f000c9
commit c0e1211abe
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/etcd/templates/etcd.env.j2
View File

@@ -32,8 +32,9 @@ ETCD_MAX_SNAPSHOTS={{ etcd_max_snapshots }}
{% if etcd_max_wals is defined %} {% if etcd_max_wals is defined %}
ETCD_MAX_WALS={{ etcd_max_wals }} ETCD_MAX_WALS={{ etcd_max_wals }}
{% endif %} {% endif %}
# Flannel need etcd v2 API {% if hostvars[groups['k8s_cluster'][0]]['kube_network_plugin'] == 'flannel' %}
ETCD_ENABLE_V2=true ETCD_ENABLE_V2=true
{% endif %}
# TLS settings # TLS settings
ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem