-
Weber, Thomas authoredc55f1feb
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
config.yaml.j2 2.25 KiB
debug: true
node-name: "{{ ansible_hostname }}"
token: "{{ token }}"
selinux: "{{ selinux_bool }}"
{% if node_ip is defined %}
node-ip: "{{ node_ip }}"
{% else %}
node-ip: "{{ ansible_default_ipv4.address }}"
{% endif %}
{% if node_taints is defined and node_taints | length > 0 %}
node-taint:
{% for item in node_taints %}
- {{ item }}
{% endfor %}
{% endif %}
{% if node_labels is defined and node_labels | length > 0 %}
node-label:
{% for item in node_labels %}
- {{ item }}
{% endfor %}
{% endif %}
{% if 'master' not in group_names %}
server: "{{ server }}"
{% endif %}
{% if cis_profile is defined %}
profile: "{{ cis_profile }}"
{% endif %}
{% if cloud_provider_name is defined and cloud_provider_name | length > 0 %}
cloud-provider-name: "{{ cloud_provider_name }}"
{% endif %}
{% if node_type == 'server' %}
resolv-conf: "{{ resolv_conf_server }}"
{# disable-cloud-controller: true #}
write-kubeconfig-mode: "0600"
{% if kube_apiserver_args is defined and kube_apiserver_args | length > 0%}
kube-apiserver-arg:
{% for kube_apiserver_arg in kube_apiserver_args %}
- {{ kube_apiserver_arg }}
{% endfor %}
{% endif %}
{% if kubelet_args is defined and kubelet_args | length > 0%}
kubelet-arg:
{% for kubelet_arg in kubelet_args %}
- {{ kubelet_arg }}
{% endfor %}
{% endif %}
{% if disable_kube_proxy is defined and disable_kube_proxy == true %}
disable-kube-proxy: true
{% endif %}
{% if cni is defined and cni | length > 0 %}
cni: "{{ cni }}"
{% elif manifests_config['config-rke2-calico'].enabled and manifests_config['config-rke2-cilium'].enabled%}
cni: multus,calico,cilium
{% elif manifests_config['config-rke2-calico'].enabled%}
cni: calico
{% elif manifests_config['config-rke2-cilium'].enabled%}
cni: cilium
{# disable-kube-proxy: true #TODO also for agents #}
{% endif %}
{% if tls_san is defined and tls_san | length > 0 %}
tls-san:
{% for san in tls_san %}
- {{ san }}
{% endfor %}
{% endif %}
{# Only for Nodes #}
{% else %}
resolv-conf: "{{ resolv_conf_node }}"
{% endif %}
{% if secrets_encryption is defined %}
secrets-encryption: "{{ secrets_encryption }}"
{% endif %}
{# Do not use it:
{% if node_external_ip is defined %}
node-external-ip: "{{ node_external_ip }}"
{% else %}
node-external-ip: "{{ ansible_default_ipv4.address }}"
{% endif %}
#}