User facing variables:
For hooks where a variable-per-hook is exposed, see hooks && plugins
| name | scope | default | usage |
|---|---|---|---|
| any_errors_fatal | playbook invocation | true | Restore the default value to keep continue despite of some host's tasks failure. Due to the nature of a linked distribitued system, this has been set as default |
| kube_cp_group | playbook invocation | "kube_control_plane" | name of the ansible group for install control plane nodes |
| kube_worker_group | playbook invocation | "kube_workers" | name of the ansible group for installing pure worker nodes |
| upgrade_cp_serial | playbook invocation | "1" | Specify ansible batch size (https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html#setting-the-batch-size-with-serial) during control plane nodes upgrade phase. Default to 1 (1 node at a time) |
| upgrade_worker_serial | playbook invocation | "1" | Specify ansible batch size (https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html#setting-the-batch-size-with-serial) during pure worker nodes upgrade phase. Defaul to 1 (1 node at a time ) |
| apiserver_manifest | control plane | "/etc/kubernetes/manifests/kube-apiserver.yaml" | filename to stat for presence in the process to discover already running control-plane |
| cluster_config | control plane | {} | config to be used by kubeadm for the kind: CluserConfiguration |
| control_plane_endpoint | control plane | "" (let kubeadm default) | control the "controlPlaneEndpoint" entry of the cluster_config. Could also be set as part of the cluster_config. Default to nothing but ansible-kubeadm will fail if not set in case of multi-control-plane nodes cluster |
| cp_health_check_bypass | control_plane | false | Bypass check on control-plane health |
| enable_kubeadm_patches | control plane | true | Deploy patches and pass kubeadm_patch_dir to kubeadm so that patch are applied |
| kube_control_plane_cidr | control plane | "" (let kubeadm default) | CIDR (eg "192.168.99.0/24") filter addresses for _etcd_metrics_bind_address, _kube_apiserver_advertise_address, _kube_controller_manager_bind_address, _kube_scheduler_bind_address |
| kube_apiserver_advertise_cidr | control plane | "" (let kubeadm default) | CIDR (eg "192.168.99.0/24") filter the advertise address to _kube_apiserver_advertise_address (override kube_control_plane_cidr) |
| kube_controller_manager_bind_cidr | control plane | "" (let kubeadm default) | CIDR (eg "192.168.99.0/24") filter the bind address for _kube_controller_manager_bind_address (override kube_control_plane_cidr) |
| kube_scheduler_bind_cidr | control plane | "" (let kubeadm default) | CIDR (eg "192.168.99.0/24") filter the bind address for _kube_scheduler_bind_address (override kube_control_plane_cidr) |
| kube_version | control plane | "{{ default_kube_version }}" | desired version of kubernetes cluster, and tooling |
| kubeadm_extra_patches | control plane | {} | dictionnary containing extra kubeadm patches to deploy (key = "filename", value = "patch to template") |
| kubeadm_ignore_preflight_errors | control plane | [] | list of errors passed to kubeadm during init, each element generate a --ignore-preflight-errors={{error}} command argument |
| kubeadm_patch_dir | control plane | "/etc/kubeadm/directory" | directory containing patch for kubeadm |
| kubeadm_patch_owner | control plane | "root" | owner of the patches created in kubeadm_patch_dir |
| kubeadm_patch_group | control plane | "root" | group of the patched created in kubeadm_patch_dir |
| kubeadm_patch_mode | control plane | "0750" | permission mode of the patches created in kubeadm_patch_dir |
| kubeadm_patch_dir_owner | control plane | "{{ kubeadm_patch_owner }}" | owner of the directory kubeadm_patch_dir |
| kubeadm_patch_dir_group | control plane | "{{ kubeadm_patch_group }}" | group of the directory kubeadm_patch_dir |
| kubeadm_patch_dir_mode | control plane | "0750" | permission mode of the directory kubeadm_patch_dir |
| kubeconfig_admin | control plane | "/etc/kubernetes/admin.conf" | filename of the kubeconfig used for interacting with kubernetes API |
| kubelet_config | control plane | {} | config to be used by kubeadm for the kind: KubeletConfiguration |
| kubeproxy_config | control plane | {} | config to be user by kubeadm for the kind: KubeProxyConfiguration |
| kubelet_node_cidr | control plane | "" (let kubeadm default) | CIDR (eg "192.168.99.0/24") filter the address for _kubelet_node_ip |
| action_reasons_review_skip | nodes | false | skip the ansible pause task that occurs when changes are required to a running cluster |
| apiserver_proxy_stack_dir | nodes | "/etc/docker-compose/apiserver-proxy" | directory of docker-compose stack for apiserver_proxy |
| apiserver_proxy_port | nodes | 7443 | listen port for apiserver_proxy |
| apiserver_proxy_apiserver_port | nodes | 6443 | apiserver port targeted by apiserver_proxy |
| apiserver_proxy_use_docker | nodes | false | deploy apiserver_proxy via Docker. When false use haproxy for loadbalancer |
| force_apt_update | nodes | false | force source list refresh |
| kubeadm_plugins_dir | nodes | "{{ inventory_dir }}" | directory where to look for hooks. (Not directly, in a kubeadm.<hok_name>.d subfolder |
| pause_before_drain | nodes | false | Pause before the drain of the node |
| pause_before_upgrade | nodes | false | Pause before the upgrade of the node |
| pause_after_drain_and_node_upgrade | nodes | false | Pause after the upgrade of the node in case of a drain. Use hook if you need to run pause after upgrade unconditionnaly |
| repo_refresh_time | nodes | 86400 (1 day) | Number of second after which the apt/yum cache is not considered up to date, and forced to be refresh. Set to -1 to not update the repo automatically. Set to 0 for forcing refresh (same as force_apt_update). |
Internal variables:
| name | scope | default | usage |
|---|---|---|---|
| _control_plane | roles | false | trigger control_plane fonction of various roles (join_nodes, find_ip, packages) |
| _etcd_metrics_bind_address | roles | Make etcd bind the _etcd_metrics_bind_address to expose prometheus metrics |
|
| _kube_apiserver_advertise_address | roles | Interface object | |
| _kube_controller_manager_bind_address | roles | Interface object | |
| _kube_scheduler_bind_address | roles | Interface object | |
| _kubelet_node_ip | roles | Interface object | |
| _apiserver_proxy_haproxy_version | nodes | "2.6.*" | HAProxy version to install via package for apiserver_proxy |