Alexandros Kosiaris has submitted this change and it was merged. ( https://gerrit.wikimedia.org/r/329351 )
Change subject: kubernetes apiserver: Allow specifying > 1 apiserver ...................................................................... kubernetes apiserver: Allow specifying > 1 apiserver Allow specifying the apiserver-count parameter. Default to undef in order to be backwards compatible with labs, ensuring we don't break it, and specify it for production where we already got more than one master Change-Id: I26376e5100bec1607e8b2f97fb706a6a9a99b741 --- M hieradata/role/common/kubernetes/master.yaml M modules/k8s/manifests/apiserver.pp M modules/k8s/templates/kube-apiserver.default.erb M modules/profile/manifests/kubernetes/master.pp 4 files changed, 7 insertions(+), 0 deletions(-) Approvals: Alexandros Kosiaris: Looks good to me, approved jenkins-bot: Verified diff --git a/hieradata/role/common/kubernetes/master.yaml b/hieradata/role/common/kubernetes/master.yaml index f07f818..8ec7608 100644 --- a/hieradata/role/common/kubernetes/master.yaml +++ b/hieradata/role/common/kubernetes/master.yaml @@ -13,3 +13,4 @@ - kubernetes1003.eqiad.wmnet - kubernetes1004.eqiad.wmnet profile::kubernetes::master::service_cluster_ip_range: 192.168.30.0/24 +profile::kubernetes::master::apiserver_count: 2 diff --git a/modules/k8s/manifests/apiserver.pp b/modules/k8s/manifests/apiserver.pp index 37679d3..8def3e0 100644 --- a/modules/k8s/manifests/apiserver.pp +++ b/modules/k8s/manifests/apiserver.pp @@ -21,6 +21,7 @@ $host_path_prefixes_allowed = [], $use_package = false, $authz_mode = 'abac', + $apiserver_count = undef, ) { include k8s::users diff --git a/modules/k8s/templates/kube-apiserver.default.erb b/modules/k8s/templates/kube-apiserver.default.erb index 2765ebd..da09d83 100644 --- a/modules/k8s/templates/kube-apiserver.default.erb +++ b/modules/k8s/templates/kube-apiserver.default.erb @@ -32,6 +32,9 @@ --authorization-mode=ABAC \ --authorization-policy-file=/etc/kubernetes/abac \ <%- end -%> +<%- if @apiserver_count -%> +--apiserver-count=<%= @apiserver_count %> \ +<%- end -%> --tls-cert-file=<%= @real_ssl_cert_path %> \ --tls-private-key-file=<%= @real_ssl_key_path %> \ --enforced-docker-registry=<%= @docker_registry %> \ diff --git a/modules/profile/manifests/kubernetes/master.pp b/modules/profile/manifests/kubernetes/master.pp index a8e83cb..bfc5f56 100644 --- a/modules/profile/manifests/kubernetes/master.pp +++ b/modules/profile/manifests/kubernetes/master.pp @@ -3,6 +3,7 @@ $kubenodes=hiera('profile::kubernetes::master::kubenodes'), $docker_registry=hiera('profile::kubernetes::master::docker_registry'), $service_cluster_ip_range=hiera('profile::kubernetes::master::service_cluster_ip_range'), + $apiserver_count=hiera('profile::kubernetes::master::apiserver_count'), ){ base::expose_puppet_certs { '/etc/kubernetes': provide_private => true, @@ -19,6 +20,7 @@ ssl_certificate_name => '', authz_mode => '', service_cluster_ip_range => $service_cluster_ip_range, + apiserver_count => $apiserver_count, } class { '::k8s::scheduler': use_package => true } -- To view, visit https://gerrit.wikimedia.org/r/329351 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I26376e5100bec1607e8b2f97fb706a6a9a99b741 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: Gehel <gleder...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits