Code Review
/
ta
/
caas-danm.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Remove DANM TenantConfig creation
[ta/caas-danm.git]
/
ansible
/
roles
/
flannel
/
templates
/
flannel-ds.yaml
diff --git
a/ansible/roles/flannel/templates/flannel-ds.yaml
b/ansible/roles/flannel/templates/flannel-ds.yaml
index
90e7386
..
eb0c571
100644
(file)
--- a/
ansible/roles/flannel/templates/flannel-ds.yaml
+++ b/
ansible/roles/flannel/templates/flannel-ds.yaml
@@
-32,10
+32,10
@@
spec:
tier: node
{{ caas.kubernetes_component_label }}: flannel
spec:
tier: node
{{ caas.kubernetes_component_label }}: flannel
spec:
+ priorityClassName: "system-node-critical"
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
- # TODO: figure out why flannel needs to run with root to modify network settings on the host
- # Some setcap calls might be missing on its binary?
+ # TODO: figure out why privileged mode is also not enough for flannel to modify network settings on the host (same problem as watcher)
#securityContext:
# runAsUser: {{ caas.uid.flannel }}
tolerations:
#securityContext:
# runAsUser: {{ caas.uid.flannel }}
tolerations:
@@
-62,12
+62,21
@@
spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
valueFrom:
fieldRef:
fieldPath: metadata.namespace
+ resources:
+ requests:
+ cpu: "10m"
volumeMounts:
volumeMounts:
+ - name: time-mount
+ mountPath: /etc/localtime
+ readOnly: true
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
+ - name: time-mount
+ hostPath:
+ path: /etc/localtime
- name: run
hostPath:
path: /run
- name: run
hostPath:
path: /run