Code Review / ta / caas-danm.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Kubernetes 1.16.0 node label fix
[ta/caas-danm.git] / ansible / roles / flannel / templates / flannel-ds.yaml
diff --git a/ansible/roles/flannel/templates/flannel-ds.yaml b/ansible/roles/flannel/templates/flannel-ds.yaml
index 117f9cf..e50f855 100644 (file)
--- a/ansible/roles/flannel/templates/flannel-ds.yaml
+++ b/ansible/roles/flannel/templates/flannel-ds.yaml
@@ -35,12 +35,11 @@ spec:
       priorityClassName: "system-node-critical"
       hostNetwork: true
       dnsPolicy: ClusterFirstWithHostNet
-     # TODO: figure out why flannel needs to run with root to modify network settings on the host
-     # Some setcap calls might be missing on its binary?
+     # TODO: figure out why privileged mode is also not enough for flannel to modify network settings on the host (same problem as watcher)
      #securityContext:
      #     runAsUser: {{ caas.uid.flannel }}
       tolerations:
-      - key: node-role.kubernetes.io/master
+      - key: node.kubernetes.io/master
         operator: Exists
         effect: NoSchedule
       containers:
packages, configures, and integrates the components of all upstream projects related to the network management service. Components are coming from DANM (https://github.com/nokia/danm ), Flannel (https://github.com/coreos/flannel ), and SR-IOV Device Plugin (https://github.com/intel/sriov-network-device-plugin ) repositories.