github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 12:15:52 +00:00
Code Issues Projects Releases Wiki Activity

Add ip-masq-agent readiness label by default. Since we are

Browse Source 
setting the non-masq-cidr in the kubelet to 0.0.0.0/0 we
need to ensure the ip-masq-agent runs.

Add node label pre-req back to ip-masq-agent.

Make gce test consistent with gce default scripts.
This commit is contained in:
Daniel Nardo 2017-06-20 08:18:33 -07:00
parent 5e8f44f195
commit fc279e069e
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cluster/addons/ip-masq-agent/ip-masq-agent.yaml
View File

@ -30,6 +30,8 @@ spec:
volumeMounts:
- name: config
mountPath: /etc/config
nodeSelector:
beta.kubernetes.io/masq-agent-ds-ready: "true"
volumes:
- name: config
configMap:

4
cluster/gce/config-default.sh
View File

@ -125,6 +125,10 @@ ENABLE_CLUSTER_MONITORING="${KUBE_ENABLE_CLUSTER_MONITORING:-influxdb}"
# TODO(piosz): remove this in 1.8
NODE_LABELS="${KUBE_NODE_LABELS:-beta.kubernetes.io/fluentd-ds-ready=true}"
# To avoid running the DaemonSet on older version make sure the ip-masq-agent
# only runs when the readiness label is set.
NODE_LABELS="${NODE_LABELS},beta.kubernetes.io/masq-agent-ds-ready=true"
# To avoid running Calico on a node that is not configured appropriately,
# label each Node so that the DaemonSet can run the Pods only on ready Nodes.
if [[ ${NETWORK_POLICY_PROVIDER:-} == "calico" ]]; then

7
cluster/gce/config-test.sh
View File

@ -168,6 +168,10 @@ KUBEPROXY_TEST_ARGS="${KUBEPROXY_TEST_ARGS:-} ${TEST_CLUSTER_API_CONTENT_TYPE}"
# TODO(piosz): remove this in 1.8
NODE_LABELS="${KUBE_NODE_LABELS:-beta.kubernetes.io/fluentd-ds-ready=true}"
# To avoid running the DaemonSet on older version make sure the ip-masq-agent
# only runs when the readiness label is set.
NODE_LABELS="${NODE_LABELS},beta.kubernetes.io/masq-agent-ds-ready=true"
# To avoid running Calico on a node that is not configured appropriately,
# label each Node so that the DaemonSet can run the Pods only on ready Nodes.
if [[ ${NETWORK_POLICY_PROVIDER:-} == "calico" ]]; then
@ -282,6 +286,9 @@ OPENCONTRAIL_PUBLIC_SUBNET="${OPENCONTRAIL_PUBLIC_SUBNET:-10.1.0.0/16}"
# Network Policy plugin specific settings.
NETWORK_POLICY_PROVIDER="${NETWORK_POLICY_PROVIDER:-none}" # calico
# Should the kubelet configure egress masquerade (old way) or let a daemonset do it?
NON_MASQUERADE_CIDR="0.0.0.0/0"
# How should the kubelet configure hairpin mode?
HAIRPIN_MODE="${HAIRPIN_MODE:-promiscuous-bridge}" # promiscuous-bridge, hairpin-veth, none