scl/kubespray
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adjust the table style to make it easier to read (#9731)

Browse Source 
Signed-off-by: Fish-pro <zechun.chen@daocloud.io>
This commit is contained in:
Fish-pro
2023-01-31 16:56:48 +08:00
committed by GitHub
parent 36c6de9abd
commit c0c2cd6e03
6 changed files with 178 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

250
docs/ansible.md
View File

@ -25,7 +25,7 @@ test -f requirements-$ANSIBLE_VERSION.yml && \
Based on the table below and the available python version for your ansible host you should choose the appropriate ansible version to use with kubespray. Based on the table below and the available python version for your ansible host you should choose the appropriate ansible version to use with kubespray.
| Ansible Version | Python Version | | Ansible Version | Python Version |
| --------------- | -------------- | |-----------------|----------------|
| 2.11 | 2.7,3.5-3.9 | | 2.11 | 2.7,3.5-3.9 |
| 2.12 | 3.8-3.10 | | 2.12 | 3.8-3.10 |
@ -104,135 +104,135 @@ the `-e` runtime flags (most simple way) or other layers described in the docs.
Kubespray uses only a few layers to override things (or expect them to Kubespray uses only a few layers to override things (or expect them to
be overridden for roles): be overridden for roles):
Layer | Comment | Layer | Comment |
------|-------- |----------------------------------------|------------------------------------------------------------------------------|
**role defaults** | provides best UX to override things for Kubespray deployments | **role defaults** | provides best UX to override things for Kubespray deployments |
inventory vars | Unused | inventory vars | Unused |
**inventory group_vars** | Expects users to use ``all.yml``,``k8s_cluster.yml`` etc. to override things | **inventory group_vars** | Expects users to use ``all.yml``,``k8s_cluster.yml`` etc. to override things |
inventory host_vars | Unused | inventory host_vars | Unused |
playbook group_vars | Unused | playbook group_vars | Unused |
playbook host_vars | Unused | playbook host_vars | Unused |
**host facts** | Kubespray overrides for internal roles' logic, like state flags | **host facts** | Kubespray overrides for internal roles' logic, like state flags |
play vars | Unused | play vars | Unused |
play vars_prompt | Unused | play vars_prompt | Unused |
play vars_files | Unused | play vars_files | Unused |
registered vars | Unused | registered vars | Unused |
set_facts | Kubespray overrides those, for some places | set_facts | Kubespray overrides those, for some places |
**role and include vars** | Provides bad UX to override things! Use extra vars to enforce | **role and include vars** | Provides bad UX to override things! Use extra vars to enforce |
block vars (only for tasks in block) | Kubespray overrides for internal roles' logic | block vars (only for tasks in block) | Kubespray overrides for internal roles' logic |
task vars (only for the task) | Unused for roles, but only for helper scripts | task vars (only for the task) | Unused for roles, but only for helper scripts |
**extra vars** (always win precedence) | override with ``ansible-playbook -e @foo.yml`` | **extra vars** (always win precedence) | override with ``ansible-playbook -e @foo.yml`` |
## Ansible tags ## Ansible tags
The following tags are defined in playbooks: The following tags are defined in playbooks:
| Tag name | Used for | Tag name | Used for |
|--------------------------------|--------- |--------------------------------|-------------------------------------------------------|
| annotate | Create kube-router annotation | annotate | Create kube-router annotation |
| apps | K8s apps definitions | apps | K8s apps definitions |
| asserts | Check tasks for download role | asserts | Check tasks for download role |
| aws-ebs-csi-driver | Configuring csi driver: aws-ebs | aws-ebs-csi-driver | Configuring csi driver: aws-ebs |
| azure-csi-driver | Configuring csi driver: azure | azure-csi-driver | Configuring csi driver: azure |
| bastion | Setup ssh config for bastion | bastion | Setup ssh config for bastion |
| bootstrap-os | Anything related to host OS configuration | bootstrap-os | Anything related to host OS configuration |
| calico | Network plugin Calico | calico | Network plugin Calico |
| calico_rr | Configuring Calico route reflector | calico_rr | Configuring Calico route reflector |
| canal | Network plugin Canal | canal | Network plugin Canal |
| cephfs-provisioner | Configuring CephFS | cephfs-provisioner | Configuring CephFS |
| cert-manager | Configuring certificate manager for K8s | cert-manager | Configuring certificate manager for K8s |
| cilium | Network plugin Cilium | cilium | Network plugin Cilium |
| cinder-csi-driver | Configuring csi driver: cinder | cinder-csi-driver | Configuring csi driver: cinder |
| client | Kubernetes clients role | client | Kubernetes clients role |
| cloud-provider | Cloud-provider related tasks | cloud-provider | Cloud-provider related tasks |
| cluster-roles | Configuring cluster wide application (psp ...) | cluster-roles | Configuring cluster wide application (psp ...) |
| cni | CNI plugins for Network Plugins | cni | CNI plugins for Network Plugins |
| containerd | Configuring containerd engine runtime for hosts | containerd | Configuring containerd engine runtime for hosts |
| container_engine_accelerator | Enable nvidia accelerator for runtimes | container_engine_accelerator | Enable nvidia accelerator for runtimes |
| container-engine | Configuring container engines | container-engine | Configuring container engines |
| container-runtimes | Configuring container runtimes | container-runtimes | Configuring container runtimes |
| coredns | Configuring coredns deployment | coredns | Configuring coredns deployment |
| crio | Configuring crio container engine for hosts | crio | Configuring crio container engine for hosts |
| crun | Configuring crun runtime | crun | Configuring crun runtime |
| csi-driver | Configuring csi driver | csi-driver | Configuring csi driver |
| dashboard | Installing and configuring the Kubernetes Dashboard | dashboard | Installing and configuring the Kubernetes Dashboard |
| dns | Remove dns entries when resetting | dns | Remove dns entries when resetting |
| docker | Configuring docker engine runtime for hosts | docker | Configuring docker engine runtime for hosts |
| download | Fetching container images to a delegate host | download | Fetching container images to a delegate host |
| etcd | Configuring etcd cluster | etcd | Configuring etcd cluster |
| etcd-secrets | Configuring etcd certs/keys | etcd-secrets | Configuring etcd certs/keys |
| etchosts | Configuring /etc/hosts entries for hosts | etchosts | Configuring /etc/hosts entries for hosts |
| external-cloud-controller | Configure cloud controllers | external-cloud-controller | Configure cloud controllers |
| external-openstack | Cloud controller : openstack | external-openstack | Cloud controller : openstack |
| external-provisioner | Configure external provisioners | external-provisioner | Configure external provisioners |
| external-vsphere | Cloud controller : vsphere | external-vsphere | Cloud controller : vsphere |
| facts | Gathering facts and misc check results | facts | Gathering facts and misc check results |
| files | Remove files when resetting | files | Remove files when resetting |
| flannel | Network plugin flannel | flannel | Network plugin flannel |
| gce | Cloud-provider GCP | gce | Cloud-provider GCP |
| gcp-pd-csi-driver | Configuring csi driver: gcp-pd | gcp-pd-csi-driver | Configuring csi driver: gcp-pd |
| gvisor | Configuring gvisor runtime | gvisor | Configuring gvisor runtime |
| helm | Installing and configuring Helm | helm | Installing and configuring Helm |
| ingress-controller | Configure ingress controllers | ingress-controller | Configure ingress controllers |
| ingress_alb | AWS ALB Ingress Controller | ingress_alb | AWS ALB Ingress Controller |
| init | Windows kubernetes init nodes | init | Windows kubernetes init nodes |
| iptables | Flush and clear iptable when resetting | iptables | Flush and clear iptable when resetting |
| k8s-pre-upgrade | Upgrading K8s cluster | k8s-pre-upgrade | Upgrading K8s cluster |
| k8s-secrets | Configuring K8s certs/keys | k8s-secrets | Configuring K8s certs/keys |
| k8s-gen-tokens | Configuring K8s tokens | k8s-gen-tokens | Configuring K8s tokens |
| kata-containers | Configuring kata-containers runtime | kata-containers | Configuring kata-containers runtime |
| krew | Install and manage krew | krew | Install and manage krew |
| kubeadm | Roles linked to kubeadm tasks | kubeadm | Roles linked to kubeadm tasks |
| kube-apiserver | Configuring static pod kube-apiserver | kube-apiserver | Configuring static pod kube-apiserver |
| kube-controller-manager | Configuring static pod kube-controller-manager | kube-controller-manager | Configuring static pod kube-controller-manager |
| kube-vip | Installing and configuring kube-vip | kube-vip | Installing and configuring kube-vip |
| kubectl | Installing kubectl and bash completion | kubectl | Installing kubectl and bash completion |
| kubelet | Configuring kubelet service | kubelet | Configuring kubelet service |
| kube-ovn | Network plugin kube-ovn | kube-ovn | Network plugin kube-ovn |
| kube-router | Network plugin kube-router | kube-router | Network plugin kube-router |
| kube-proxy | Configuring static pod kube-proxy | kube-proxy | Configuring static pod kube-proxy |
| localhost | Special steps for the localhost (ansible runner) | localhost | Special steps for the localhost (ansible runner) |
| local-path-provisioner | Configure External provisioner: local-path | local-path-provisioner | Configure External provisioner: local-path |
| local-volume-provisioner | Configure External provisioner: local-volume | local-volume-provisioner | Configure External provisioner: local-volume |
| macvlan | Network plugin macvlan | macvlan | Network plugin macvlan |
| master | Configuring K8s master node role | master | Configuring K8s master node role |
| metallb | Installing and configuring metallb | metallb | Installing and configuring metallb |
| metrics_server | Configuring metrics_server | metrics_server | Configuring metrics_server |
| netchecker | Installing netchecker K8s app | netchecker | Installing netchecker K8s app |
| network | Configuring networking plugins for K8s | network | Configuring networking plugins for K8s |
| mounts | Umount kubelet dirs when reseting | mounts | Umount kubelet dirs when reseting |
| multus | Network plugin multus | multus | Network plugin multus |
| nginx | Configuring LB for kube-apiserver instances | nginx | Configuring LB for kube-apiserver instances |
| node | Configuring K8s minion (compute) node role | node | Configuring K8s minion (compute) node role |
| nodelocaldns | Configuring nodelocaldns daemonset | nodelocaldns | Configuring nodelocaldns daemonset |
| node-label | Tasks linked to labeling of nodes | node-label | Tasks linked to labeling of nodes |
| node-webhook | Tasks linked to webhook (grating access to resources) | node-webhook | Tasks linked to webhook (grating access to resources) |
| nvidia_gpu | Enable nvidia accelerator for runtimes | nvidia_gpu | Enable nvidia accelerator for runtimes |
| oci | Cloud provider: oci | oci | Cloud provider: oci |
| persistent_volumes | Configure csi volumes | persistent_volumes | Configure csi volumes |
| persistent_volumes_aws_ebs_csi | Configuring csi driver: aws-ebs | persistent_volumes_aws_ebs_csi | Configuring csi driver: aws-ebs |
| persistent_volumes_cinder_csi | Configuring csi driver: cinder | persistent_volumes_cinder_csi | Configuring csi driver: cinder |
| persistent_volumes_gcp_pd_csi | Configuring csi driver: gcp-pd | persistent_volumes_gcp_pd_csi | Configuring csi driver: gcp-pd |
| persistent_volumes_openstack | Configuring csi driver: openstack | persistent_volumes_openstack | Configuring csi driver: openstack |
| policy-controller | Configuring Calico policy controller | policy-controller | Configuring Calico policy controller |
| post-remove | Tasks running post-remove operation | post-remove | Tasks running post-remove operation |
| post-upgrade | Tasks running post-upgrade operation | post-upgrade | Tasks running post-upgrade operation |
| pre-remove | Tasks running pre-remove operation | pre-remove | Tasks running pre-remove operation |
| pre-upgrade | Tasks running pre-upgrade operation | pre-upgrade | Tasks running pre-upgrade operation |
| preinstall | Preliminary configuration steps | preinstall | Preliminary configuration steps |
| registry | Configuring local docker registry | registry | Configuring local docker registry |
| reset | Tasks running doing the node reset | reset | Tasks running doing the node reset |
| resolvconf | Configuring /etc/resolv.conf for hosts/apps | resolvconf | Configuring /etc/resolv.conf for hosts/apps |
| rbd-provisioner | Configure External provisioner: rdb | rbd-provisioner | Configure External provisioner: rdb |
| services | Remove services (etcd, kubelet etc...) when resetting | services | Remove services (etcd, kubelet etc...) when resetting |
| snapshot | Enabling csi snapshot | snapshot | Enabling csi snapshot |
| snapshot-controller | Configuring csi snapshot controller | snapshot-controller | Configuring csi snapshot controller |
| upgrade | Upgrading, f.e. container images/binaries | upgrade | Upgrading, f.e. container images/binaries |
| upload | Distributing images/binaries across hosts | upload | Distributing images/binaries across hosts |
| vsphere-csi-driver | Configuring csi driver: vsphere | vsphere-csi-driver | Configuring csi driver: vsphere |
| weave | Network plugin Weave | weave | Network plugin Weave |
| win_nodes | Running windows specific tasks | win_nodes | Running windows specific tasks |
| youki | Configuring youki runtime | youki | Configuring youki runtime |
Note: Use the ``bash scripts/gen_tags.sh`` command to generate a list of all Note: Use the ``bash scripts/gen_tags.sh`` command to generate a list of all
tags found in the codebase. New tags will be listed with the empty "Used for" tags found in the codebase. New tags will be listed with the empty "Used for"

2
docs/arch.md
View File

@ -7,7 +7,7 @@ The following table shows the impact of the CPU architecture on compatible featu
- amd64 + arm64: Cluster with a mix of x86/amd64 and arm64 CPUs - amd64 + arm64: Cluster with a mix of x86/amd64 and arm64 CPUs
| kube_network_plugin | amd64 | arm64 | amd64 + arm64 | | kube_network_plugin | amd64 | arm64 | amd64 + arm64 |
| ------------------- | ----- | ----- | ------------- | |---------------------|-------|-------|---------------|
| Calico | Y | Y | Y | | Calico | Y | Y | Y |
| Weave | Y | Y | Y | | Weave | Y | Y | Y |
| Flannel | Y | N | N | | Flannel | Y | N | N |

24
docs/aws.md
View File

@ -67,15 +67,15 @@ export REGION="us-east-2"
Declare the cloud config variables for the `aws` provider as follows. Setting these variables are optional and depend on your use case. Declare the cloud config variables for the `aws` provider as follows. Setting these variables are optional and depend on your use case.
Variable|Type|Comment | Variable | Type | Comment |
---|---|--- |------------------------------------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
aws_zone|string|Force set the AWS zone. Recommended to leave blank. | aws_zone | string | Force set the AWS zone. Recommended to leave blank. |
aws_vpc|string|The AWS VPC flag enables the possibility to run the master components on a different aws account, on a different cloud provider or on-premise. If the flag is set also the KubernetesClusterTag must be provided | aws_vpc | string | The AWS VPC flag enables the possibility to run the master components on a different aws account, on a different cloud provider or on-premise. If the flag is set also the KubernetesClusterTag must be provided |
aws_subnet_id|string|SubnetID enables using a specific subnet to use for ELB's | aws_subnet_id | string | SubnetID enables using a specific subnet to use for ELB's |
aws_route_table_id|string|RouteTableID enables using a specific RouteTable | aws_route_table_id | string | RouteTableID enables using a specific RouteTable |
aws_role_arn|string|RoleARN is the IAM role to assume when interaction with AWS APIs | aws_role_arn | string | RoleARN is the IAM role to assume when interaction with AWS APIs |
aws_kubernetes_cluster_tag|string|KubernetesClusterTag is the legacy cluster id we'll use to identify our cluster resources | aws_kubernetes_cluster_tag | string | KubernetesClusterTag is the legacy cluster id we'll use to identify our cluster resources |
aws_kubernetes_cluster_id|string|KubernetesClusterID is the cluster id we'll use to identify our cluster resources | aws_kubernetes_cluster_id | string | KubernetesClusterID is the cluster id we'll use to identify our cluster resources |
aws_disable_security_group_ingress|bool|The aws provider creates an inbound rule per load balancer on the node security group. However, this can run into the AWS security group rule limit of 50 if many LoadBalancers are created. This flag disables the automatic ingress creation. It requires that the user has setup a rule that allows inbound traffic on kubelet ports from the local VPC subnet (so load balancers can access it). E.g. 10.82.0.0/16 30000-32000. | aws_disable_security_group_ingress | bool | The aws provider creates an inbound rule per load balancer on the node security group. However, this can run into the AWS security group rule limit of 50 if many LoadBalancers are created. This flag disables the automatic ingress creation. It requires that the user has setup a rule that allows inbound traffic on kubelet ports from the local VPC subnet (so load balancers can access it). E.g. 10.82.0.0/16 30000-32000. |
aws_elb_security_group|string|Only in Kubelet version >= 1.7 : AWS has a hard limit of 500 security groups. For large clusters creating a security group for each ELB can cause the max number of security groups to be reached. If this is set instead of creating a new Security group for each ELB this security group will be used instead. | aws_elb_security_group | string | Only in Kubelet version >= 1.7 : AWS has a hard limit of 500 security groups. For large clusters creating a security group for each ELB can cause the max number of security groups to be reached. If this is set instead of creating a new Security group for each ELB this security group will be used instead. |
aws_disable_strict_zone_check|bool|During the instantiation of an new AWS cloud provider, the detected region is validated against a known set of regions. In a non-standard, AWS like environment (e.g. Eucalyptus), this check may be undesirable. Setting this to true will disable the check and provide a warning that the check was skipped. Please note that this is an experimental feature and work-in-progress for the moment. | aws_disable_strict_zone_check | bool | During the instantiation of an new AWS cloud provider, the detected region is validated against a known set of regions. In a non-standard, AWS like environment (e.g. Eucalyptus), this check may be undesirable. Setting this to true will disable the check and provide a warning that the check was skipped. Please note that this is an experimental feature and work-in-progress for the moment. |

4
docs/vsphere-csi.md
View File

@ -15,7 +15,7 @@ To set the number of replicas for the vSphere CSI controller, you can change `vs
You need to source the vSphere credentials you use to deploy your machines that will host Kubernetes. You need to source the vSphere credentials you use to deploy your machines that will host Kubernetes.
| Variable | Required | Type | Choices | Default | Comment | | Variable | Required | Type | Choices | Default | Comment |
|---------------------------------------------|----------|---------|----------------------------|---------------------------|---------------------------------------------------------------------------------------------------------------------| |-------------------------------------------------|----------|---------|-----------------|-------------------------|-----------------------------------------------------------------------------------------------------------------------------|
| external_vsphere_vcenter_ip | TRUE | string | | | IP/URL of the vCenter | | external_vsphere_vcenter_ip | TRUE | string | | | IP/URL of the vCenter |
| external_vsphere_vcenter_port | TRUE | string | | "443" | Port of the vCenter API | | external_vsphere_vcenter_port | TRUE | string | | "443" | Port of the vCenter API |
| external_vsphere_insecure | TRUE | string | "true", "false" | "true" | set to "true" if the host above uses a self-signed cert | | external_vsphere_insecure | TRUE | string | "true", "false" | "true" | set to "true" if the host above uses a self-signed cert |
@ -33,7 +33,7 @@ You need to source the vSphere credentials you use to deploy your machines that
| vsphere_csi_provisioner_image_tag | TRUE | string | | "v2.1.0" | CSI provisioner image tag to use | | vsphere_csi_provisioner_image_tag | TRUE | string | | "v2.1.0" | CSI provisioner image tag to use |
| vsphere_csi_node_driver_registrar_image_tag | TRUE | string | | "v1.1.0" | CSI node driver registrar image tag to use | | vsphere_csi_node_driver_registrar_image_tag | TRUE | string | | "v1.1.0" | CSI node driver registrar image tag to use |
| vsphere_csi_driver_image_tag | TRUE | string | | "v1.0.2" | CSI driver image tag to use | | vsphere_csi_driver_image_tag | TRUE | string | | "v1.0.2" | CSI driver image tag to use |
| vsphere_csi_resizer_tag | TRUE | string | | "v1.1.0" | CSI resizer image tag to use | vsphere_csi_resizer_tag | TRUE | string | | "v1.1.0" | CSI resizer image tag to use |
| vsphere_csi_aggressive_node_drain | FALSE | boolean | | false | Enable aggressive node drain strategy | | vsphere_csi_aggressive_node_drain | FALSE | boolean | | false | Enable aggressive node drain strategy |
| vsphere_csi_aggressive_node_unreachable_timeout | FALSE | int | 300 | | Timeout till node will be drained when it in an unreachable state | | vsphere_csi_aggressive_node_unreachable_timeout | FALSE | int | 300 | | Timeout till node will be drained when it in an unreachable state |
| vsphere_csi_aggressive_node_not_ready_timeout | FALSE | int | 300 | | Timeout till node will be drained when it in not-ready state | | vsphere_csi_aggressive_node_not_ready_timeout | FALSE | int | 300 | | Timeout till node will be drained when it in not-ready state |

2
docs/vsphere.md
View File

@ -91,7 +91,7 @@ cloud_provider: vsphere
Then, in the same file, you need to declare your vCenter credentials following the description below. Then, in the same file, you need to declare your vCenter credentials following the description below.
| Variable | Required | Type | Choices | Default | Comment | | Variable | Required | Type | Choices | Default | Comment |
|------------------------------|----------|---------|----------------------------|---------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |------------------------------|----------|---------|----------------------------|---------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| vsphere_vcenter_ip | TRUE | string | | | IP/URL of the vCenter | | vsphere_vcenter_ip | TRUE | string | | | IP/URL of the vCenter |
| vsphere_vcenter_port | TRUE | integer | | | Port of the vCenter API. Commonly 443 | | vsphere_vcenter_port | TRUE | integer | | | Port of the vCenter API. Commonly 443 |
| vsphere_insecure | TRUE | integer | 1, 0 | | set to 1 if the host above uses a self-signed cert | | vsphere_insecure | TRUE | integer | 1, 0 | | set to 1 if the host above uses a self-signed cert |