Allow workers on all control planes

2025-11-01 01:19:25 +01:00 · 2024-02-05 07:21:25 -07:00 · 2024-02-05 07:21:25 -07:00 · 8eef1aabd6
commit 8eef1aabd6
parent bd382a4d47
2 changed files with 15 additions and 0 deletions
--- a/tasks/control-plane-aux-setup.yml
+++ b/tasks/control-plane-aux-setup.yml
@ -1,6 +1,15 @@
 ---
 - name: Join control node to Kubernetes control plane.
  command: "{{ kubernetes_join_command }} --control-plane --apiserver-advertise-address {{ kubernetes_apiserver_advertise_address }} --apiserver-bind-port 6443 --certificate-key {{ kubernetes_certificate }} --ignore-preflight-errors='all'"
+  register: join_ctrl_plane
  args:
    creates: /etc/kubernetes/kubelet.conf
  tags: ["skip_ansible_lint"]
+
+- name: Allow pods on control plane (if configured).
+  command: "kubectl taint nodes {{ inventory_hostname_short }} node-role.kubernetes.io/control-plane-"
+  register: taint_removed
+  changed_when: "'removed' in taint_removed.stdout"
+  when:
+    - kubernetes_allow_pods_on_control_plane | bool
+    - join_ctrl_plane.changed
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -104,3 +104,9 @@
    - inventory_hostname != groups['k8s_control_plane'][0]
    - inventory_hostname == item
  loop: "{{ groups['k8s_control_plane'] }}"
+
+- name: Allow pods on control plane (if configured).
+  command: "kubectl taint nodes --all node-role.kubernetes.io/control-plane-"
+  when:
+    - kubernetes_allow_pods_on_control_plane | bool
+    - not kubernetes_init_stat.stat.exists