Etcd server istead of proxy

In version 3.4.0 etcd fixed it's high availability issue,
so etcd proxy no longer needed for HA.

Change-Id: Ia34b4f0faf60b4c60b75ed24f9b75578c5ae2cb9
Signed-off-by: Balazs Szekeres <balazs.szekeres@nokia.com>

diff --git a/ansible/roles/kube_master/defaults/main.yaml b/ansible/roles/kube_master/defaults/main.yaml
index 9e22c4d..fad1e09 100644 (file)
--- a/ansible/roles/kube_master/defaults/main.yaml
+++ b/ansible/roles/kube_master/defaults/main.yaml
@@ -47,7 +47,10 @@ apiserver_params:
   - "--bind-address={{ apiserver }}"
   - "--client-ca-file=/etc/openssl/ca.pem"
   - "--enable-bootstrap-token-auth=true"
-  - "--etcd-servers=http://{{ hostvars[hostname]['networking']['infra_internal']['ip'] }}:{{ caas.etcd_proxy_port }}{% for host in ( groups['caas_master'] | reject('search', hostname) ) %},http://{{ hostvars[host]['networking']['infra_internal']['ip'] }}:{{ caas.etcd_proxy_port }}{% endfor %}"
+  - "--etcd-cafile=/etc/etcd/ssl/ca.pem"
+  - "--etcd-certfile=/etc/etcd/ssl/etcd{{ nodeindex }}.pem"
+  - "--etcd-keyfile=/etc/etcd/ssl/etcd{{ nodeindex }}-key.pem"
+  - "--etcd-servers=http://{{ hostvars[hostname]['networking']['infra_internal']['ip'] }}:{{ caas.etcd_api_port }}{% for host in ( groups['caas_master'] | reject('search', hostname) ) %},http://{{ hostvars[host]['networking']['infra_internal']['ip'] }}:{{ caas.etcd_api_port }}{% endfor %}"
   - "--experimental-encryption-provider-config={{ caas.cert_path }}/{{ caas._secrets_conf }}"
   - "--feature-gates={{ apiserver_feature_gates | get_kube_options }}"
   - "--insecure-port=0"

diff --git a/caas-kubernetes.spec b/caas-kubernetes.spec
index 6e4acbf..eeffa02 100644 (file)
--- a/caas-kubernetes.spec
+++ b/caas-kubernetes.spec
@@ -15,7 +15,7 @@
 %define COMPONENT kubernetes
 %define RPM_NAME caas-%{COMPONENT}
 %define RPM_MAJOR_VERSION 1.15.3
-%define RPM_MINOR_VERSION 3
+%define RPM_MINOR_VERSION 4
 %define IMAGE_TAG %{RPM_MAJOR_VERSION}-%{RPM_MINOR_VERSION}
 %define KUBERNETESPAUSE_VERSION 3.1