Puppet Class: k8s::node

Defined in:
manifests/node.pp

Summary

Installs a Kubernetes node

Overview

Parameters:

  • ca_cert (Stdlib::Unixpath) (defaults to: "${cert_path}/ca.pem")

    path to the ca cert

  • cert_path (Stdlib::Unixpath) (defaults to: '/var/lib/kubelet/pki')

    path to cert files

  • ensure (K8s::Ensure) (defaults to: $k8s::ensure)

    set ensure for installation or deinstallation

  • firewall_type (Optional[K8s::Firewall]) (defaults to: $k8s::firewall_type)

    define the type of firewall to use

  • manage_firewall (Boolean) (defaults to: $k8s::manage_firewall)

    whether to manage firewall or not

  • manage_kernel_modules (Boolean) (defaults to: $k8s::manage_kernel_modules)

    whether to load kernel modules or not

  • manage_kubelet (Boolean) (defaults to: true)

    whether to manage kublet or not

  • manage_proxy (Boolean) (defaults to: $k8s::manage_kube_proxy == 'on-node')

    whether to manage kube-proxy or not

  • manage_sysctl_settings (Boolean) (defaults to: $k8s::manage_sysctl_settings)

    whether to manage sysctl settings or not

  • control_plane_url (Stdlib::HTTPUrl) (defaults to: $k8s::control_plane_url)

    cluster API connection

  • node_auth (K8s::Node_auth) (defaults to: $k8s::node_auth)

    type of node authentication

  • node_cert (Optional[Stdlib::Unixpath]) (defaults to: undef)

    path to node cert file

  • node_key (Optional[Stdlib::Unixpath]) (defaults to: undef)

    path to node key file

  • node_token (Optional[Sensitive[String]]) (defaults to: undef)

    k8s token to join a cluster

  • proxy_auth (K8s::Proxy_auth) (defaults to: 'incluster')

    which proxy auth to use

  • proxy_cert (Optional[Stdlib::Unixpath]) (defaults to: undef)

    path to proxy cert file

  • proxy_key (Optional[Stdlib::Unixpath]) (defaults to: undef)

    path to proxy key file

  • proxy_token (Optional[Sensitive[String]]) (defaults to: undef)

    k8s token for kube-proxy

  • puppetdb_discovery_tag (String[1]) (defaults to: $k8s::puppetdb_discovery_tag)

    enable puppetdb resource searching

  • manage_simple_cni (Boolean) (defaults to: false)

    toggle to use a simple bridge network for containers

  • manage_crictl (Boolean) (defaults to: false) 


24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'manifests/node.pp', line 24

class k8s::node (
  K8s::Ensure $ensure = $k8s::ensure,

  Stdlib::HTTPUrl $control_plane_url = $k8s::control_plane_url,
  K8s::Node_auth $node_auth          = $k8s::node_auth,
  K8s::Proxy_auth $proxy_auth        = 'incluster',

  Boolean $manage_kubelet           = true,
  Boolean $manage_proxy             = $k8s::manage_kube_proxy == 'on-node',
  Boolean $manage_crictl            = false,
  Boolean $manage_firewall          = $k8s::manage_firewall,
  Boolean $manage_kernel_modules    = $k8s::manage_kernel_modules,
  Boolean $manage_sysctl_settings   = $k8s::manage_sysctl_settings,
  Boolean $manage_simple_cni        = false,
  String[1] $puppetdb_discovery_tag = $k8s::puppetdb_discovery_tag,

  Stdlib::Unixpath $cert_path = '/var/lib/kubelet/pki',
  Stdlib::Unixpath $ca_cert   = "${cert_path}/ca.pem",

  # For cert auth
  Optional[Stdlib::Unixpath] $node_cert = undef,
  Optional[Stdlib::Unixpath] $node_key  = undef,

  Optional[Stdlib::Unixpath] $proxy_cert = undef,
  Optional[Stdlib::Unixpath] $proxy_key  = undef,

  # For token and bootstrap auth
  Optional[Sensitive[String]] $node_token  = undef,
  Optional[Sensitive[String]] $proxy_token = undef,

  Optional[K8s::Firewall] $firewall_type = $k8s::firewall_type,
) {
  if $manage_crictl {
    include k8s::install::crictl
  }
  if $manage_kubelet {
    include k8s::node::kubelet
  }
  if $manage_proxy {
    include k8s::node::kube_proxy
  }
  if $manage_simple_cni {
    include k8s::node::simple_cni
  }
}