mirror of
https://github.com/puppetmaster/typhoon.git
synced 2025-01-13 02:39:34 +01:00
bac5acb3bd
* Change kube-proxy, flannel, and calico-node DaemonSet tolerations to tolerate `node.kubernetes.io/not-ready` and `node-role.kubernetes.io/master` (i.e. controllers) explicitly, rather than tolerating all taints * kube-system DaemonSets will no longer tolerate custom node taints by default. Instead, custom node taints must be enumerated to opt-in to scheduling/executing the kube-system DaemonSets * Consider setting the daemonset_tolerations variable of terraform-render-bootstrap at a later date Background: Tolerating all taints ruled out use-cases where certain nodes might legitimately need to keep kube-proxy or CNI networking disabled Related: https://github.com/poseidon/terraform-render-bootstrap/pull/179
19 lines
868 B
HCL
19 lines
868 B
HCL
# Kubernetes assets (kubeconfig, manifests)
|
|
module "bootstrap" {
|
|
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=42723d13a696ea63af8aacc227169395914ecb18"
|
|
|
|
cluster_name = var.cluster_name
|
|
api_servers = [var.k8s_domain_name]
|
|
etcd_servers = var.controllers.*.domain
|
|
asset_dir = var.asset_dir
|
|
networking = var.networking
|
|
network_mtu = var.network_mtu
|
|
network_ip_autodetection_method = var.network_ip_autodetection_method
|
|
pod_cidr = var.pod_cidr
|
|
service_cidr = var.service_cidr
|
|
cluster_domain_suffix = var.cluster_domain_suffix
|
|
enable_reporting = var.enable_reporting
|
|
enable_aggregation = var.enable_aggregation
|
|
}
|
|
|