mirror of https://github.com/k3s-io/k3s
Code clean up
Koonwah Chen
parent
bb8272ead4
commit
37059e7efa
|
|
@ -180,6 +180,16 @@ if [[ ${NETWORK_POLICY_PROVIDER:-} == "calico" ]]; then
|
|||
NON_MASTER_NODE_LABELS="${NON_MASTER_NODE_LABELS:+${NON_MASTER_NODE_LABELS},}projectcalico.org/ds-ready=true"
|
||||
fi
|
||||
|
||||
# Optional: Enable netd.
|
||||
ENABLE_NETD="${KUBE_ENABLE_NETD:-false}"
|
||||
CUSTOM_NETD_YAML="${KUBE_CUSTOM_NETD_YAML:-}"
|
||||
|
||||
# To avoid running netd on a node that is not configured appropriately,
|
||||
# label each Node so that the DaemonSet can run the Pods only on ready Nodes.
|
||||
if [[ ${ENABLE_NETD:-} == "true" ]]; then
|
||||
NON_MASTER_NODE_LABELS="${NON_MASTER_NODE_LABELS:+${NON_MASTER_NODE_LABELS},}beta.kubernetes.io/kube-netd-ready=true"
|
||||
fi
|
||||
|
||||
# Enable metadata concealment by firewalling pod traffic to the metadata server
|
||||
# and run a proxy daemonset on nodes.
|
||||
#
|
||||
|
|
@ -349,10 +359,6 @@ STORAGE_BACKEND=${STORAGE_BACKEND:-}
|
|||
# Networking plugin specific settings.
|
||||
NETWORK_PROVIDER="${NETWORK_PROVIDER:-kubenet}" # none, kubenet
|
||||
|
||||
# Optional: Enable netd.
|
||||
ENABLE_NETD="${KUBE_ENABLE_NETD:-false}"
|
||||
CUSTOM_NETD_YAML="${KUBE_CUSTOM_NETD_YAML:-}"
|
||||
|
||||
# Network Policy plugin specific settings.
|
||||
NETWORK_POLICY_PROVIDER="${NETWORK_POLICY_PROVIDER:-none}" # calico
|
||||
|
||||
|
|
|
|||
|
|
@ -2241,7 +2241,7 @@ function setup-netd-manifest {
|
|||
mkdir -p "${dst_dir}/netd"
|
||||
touch "${netd_file}"
|
||||
if [ -n "${CUSTOM_NETD_YAML:-}" ]; then
|
||||
# Replace with custom GKE netd deployment.
|
||||
# Replace with custom GCP netd deployment.
|
||||
cat > "${netd_file}" <<EOF
|
||||
$(echo "$CUSTOM_NETD_YAML")
|
||||
EOF
|
||||
|
|
|
|||
|
|
@ -530,9 +530,6 @@ function build-node-labels {
|
|||
if [[ -n "${NON_MASTER_NODE_LABELS:-}" && "${master}" != "true" ]]; then
|
||||
node_labels="${node_labels:+${node_labels},}${NON_MASTER_NODE_LABELS}"
|
||||
fi
|
||||
if [[ "${ENABLE_NETD:-}" == "true" && "${master}" != "true" ]]; then
|
||||
node_labels="${node_labels:+${node_labels},}beta.kubernetes.io/kube-netd-ready=true"
|
||||
fi
|
||||
echo $node_labels
|
||||
}
|
||||
|
||||
|
|
@ -645,7 +642,7 @@ function construct-kubelet-flags {
|
|||
# Network plugin
|
||||
if [[ -n "${NETWORK_PROVIDER:-}" || -n "${NETWORK_POLICY_PROVIDER:-}" ]]; then
|
||||
flags+=" --cni-bin-dir=/home/kubernetes/bin"
|
||||
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then
|
||||
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" || "${ENABLE_NETD:-}" == "true" ]]; then
|
||||
# Calico uses CNI always.
|
||||
# Note that network policy won't work for master node.
|
||||
if [[ "${master}" == "true" ]]; then
|
||||
|
|
@ -655,20 +652,13 @@ function construct-kubelet-flags {
|
|||
fi
|
||||
else
|
||||
# Otherwise use the configured value.
|
||||
if [[ "${ENABLE_NETD:-}" == "true" && "${master}" != "true" ]]; then
|
||||
flags+=" --network-plugin=cni"
|
||||
else
|
||||
flags+=" --network-plugin=${NETWORK_PROVIDER}"
|
||||
fi
|
||||
|
||||
fi
|
||||
fi
|
||||
if [[ -n "${NON_MASQUERADE_CIDR:-}" ]]; then
|
||||
if [[ "${ENABLE_NETD:-}" == "true" && "${master}" != "true" ]]; then
|
||||
flags+=" --non-masquerade-cidr=0.0.0.0/0"
|
||||
else
|
||||
flags+=" --non-masquerade-cidr=${NON_MASQUERADE_CIDR}"
|
||||
fi
|
||||
fi
|
||||
flags+=" --volume-plugin-dir=${VOLUME_PLUGIN_DIR}"
|
||||
if [[ -n "${ENABLE_CUSTOM_METRICS:-}" ]]; then
|
||||
flags+=" --enable-custom-metrics=${ENABLE_CUSTOM_METRICS}"
|
||||
|
|
@ -861,6 +851,7 @@ RUNTIME_CONFIG: $(yaml-quote ${RUNTIME_CONFIG})
|
|||
CA_CERT: $(yaml-quote ${CA_CERT_BASE64:-})
|
||||
KUBELET_CERT: $(yaml-quote ${KUBELET_CERT_BASE64:-})
|
||||
KUBELET_KEY: $(yaml-quote ${KUBELET_KEY_BASE64:-})
|
||||
NETWORK_PROVIDER: $(yaml-quote ${NETWORK_PROVIDER:-})
|
||||
NETWORK_POLICY_PROVIDER: $(yaml-quote ${NETWORK_POLICY_PROVIDER:-})
|
||||
PREPULL_E2E_IMAGES: $(yaml-quote ${PREPULL_E2E_IMAGES:-})
|
||||
HAIRPIN_MODE: $(yaml-quote ${HAIRPIN_MODE:-})
|
||||
|
|
@ -868,6 +859,7 @@ E2E_STORAGE_TEST_ENVIRONMENT: $(yaml-quote ${E2E_STORAGE_TEST_ENVIRONMENT:-})
|
|||
KUBE_DOCKER_REGISTRY: $(yaml-quote ${KUBE_DOCKER_REGISTRY:-})
|
||||
KUBE_ADDON_REGISTRY: $(yaml-quote ${KUBE_ADDON_REGISTRY:-})
|
||||
MULTIZONE: $(yaml-quote ${MULTIZONE:-})
|
||||
NON_MASQUERADE_CIDR: $(yaml-quote ${NON_MASQUERADE_CIDR:-})
|
||||
ENABLE_DEFAULT_STORAGE_CLASS: $(yaml-quote ${ENABLE_DEFAULT_STORAGE_CLASS:-})
|
||||
ENABLE_APISERVER_BASIC_AUDIT: $(yaml-quote ${ENABLE_APISERVER_BASIC_AUDIT:-})
|
||||
ENABLE_APISERVER_ADVANCED_AUDIT: $(yaml-quote ${ENABLE_APISERVER_ADVANCED_AUDIT:-})
|
||||
|
|
@ -911,17 +903,6 @@ ENABLE_NETD: $(yaml-quote ${ENABLE_NETD:-false})
|
|||
CUSTOM_NETD_YAML: |
|
||||
$(echo "${CUSTOM_NETD_YAML:-}" | sed -e "s/'/''/g")
|
||||
EOF
|
||||
if [[ ${ENABLE_NETD:-} == "true" && "${master}" == "false" ]]; then
|
||||
cat >>$file <<EOF
|
||||
NETWORK_PROVIDER: $(yaml-quote "cni")
|
||||
NON_MASQUERADE_CIDR: $(yaml-quote "0.0.0.0/0")
|
||||
EOF
|
||||
else
|
||||
cat >>$file <<EOF
|
||||
NETWORK_PROVIDER: $(yaml-quote ${NETWORK_PROVIDER:-})
|
||||
NON_MASQUERADE_CIDR: $(yaml-quote ${NON_MASQUERADE_CIDR:-})
|
||||
EOF
|
||||
fi
|
||||
if [[ "${master}" == "true" && "${MASTER_OS_DISTRIBUTION}" == "gci" ]] || \
|
||||
[[ "${master}" == "false" && "${NODE_OS_DISTRIBUTION}" == "gci" ]] || \
|
||||
[[ "${master}" == "true" && "${MASTER_OS_DISTRIBUTION}" == "cos" ]] || \
|
||||
|
|
|
|||
Loading…
Reference in New Issue