yolokube/ansible
yolokube/ansible
3
1
Fork 0
Code Issues 3 Pull requests 2 Projects Wiki Activity

fix the cluster creation #14

Merged
aaron merged 16 commits from dev into main 2022-11-23 06:06:35 +01:00
Conversation 4 Commits 16 Files changed 12 +375 -235
aaron commented 2022-11-06 15:24:05 +01:00
Owner
Copy link

The cluster does not build because of Problems with apparmor and kubelet (and probably a ton of other stuff).
In this PR we try to fix it.

  • Firewall
  • Apparmor
  • Kubelet
  • Kube Proxy
The cluster does not build because of Problems with apparmor and kubelet (and probably a ton of other stuff). In this PR we try to fix it. - [x] Firewall - [x] Apparmor - [x] Kubelet - [x] Kube Proxy
aaron self-assigned this 2022-11-06 15:24:05 +01:00
aaron requested review from tom 2022-11-06 15:24:33 +01:00
tom commented 2022-11-16 07:24:57 +01:00
Owner
Copy link

AppArmor can be used for container security, but have to be configured manually. With default settings, AppArmor is ignored anyway, so we should be able to disable it without any problems.

AppArmor can be used for container security, but have to be configured manually. With default settings, AppArmor is ignored anyway, so we should be able to disable it without any problems.
tom commented 2022-11-16 07:27:51 +01:00
Owner
Copy link

Kubelet creates an IPTables chain "KUBE-FIREWALL" which blocks all packets marked with "0x8000". I have now disabled this in the kubeadm configs. Probably with future k8s versions the IPTables support / usage will be dropped anyway.
https://kubernetes.io/blog/2022/09/07/iptables-chains-not-api/

Kubelet creates an IPTables chain "KUBE-FIREWALL" which blocks all packets marked with "0x8000". I have now disabled this in the kubeadm configs. Probably with future k8s versions the IPTables support / usage will be dropped anyway. https://kubernetes.io/blog/2022/09/07/iptables-chains-not-api/
tom changed title from WIP: fix the cluster creation to fix the cluster creation 2022-11-16 09:10:22 +01:00
tom approved these changes 2022-11-16 09:10:44 +01:00
tom commented 2022-11-16 09:11:00 +01:00
Owner
Copy link

ready for squash merge @aaron ? It should solve issue #6, #11, #15 and #22

ready for squash merge @aaron ? It should solve issue [#6](https://git.ar21.de/yolokube/ansible/issues/6), [#11](https://git.ar21.de/yolokube/ansible/issues/11), [#15](https://git.ar21.de/yolokube/ansible/issues/15) and [#22](https://git.ar21.de/yolokube/ansible/issues/22)
aaron merged commit 2faf03c9aa into main 2022-11-23 06:06:35 +01:00
aaron referenced this pull request from a commit 2022-11-23 06:06:36 +01:00
fix the cluster creation (#14)
Sign in to join this conversation.
Reviewers
No reviewers
tom
Labels
Clear labels   
system
CNI

  
system
Common

  
system
Core Deployments

  
system
Infrastructure

  
system
Storage

  
type
bug
Something is not working

  
type
enhancement
New feature

  
type
question
More information is needed

  
type
update
Software needs update

  
type
dependency-dashboard
Only for Renovate Dependency Dashboard

No labels
system
CNI
system
Common
system
Core Deployments
system
Infrastructure
system
Storage
type
bug
type
enhancement
type
question
type
update
type
dependency-dashboard
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
aaron
tom
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
yolokube/ansible!14
No description provided.