External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-05-11 03:17:40 -02:30
Code Issues Packages Projects Releases Wiki Activity

[kubernetes] drop support for configuring insecure apiserver

Browse Source
This commit is contained in:
Calin Cristian Andrei
2022-06-14 12:57:54 +03:00
committed by Kubernetes Prow Robot
parent c2700266b0
commit 24c8ba832a
7 changed files with 0 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/kubernetes/control-plane/defaults/main/main.yml
View File

@@ -2,9 +2,6 @@
# disable upgrade cluster
upgrade_cluster_setup: false
# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
kube_apiserver_insecure_bind_address: 127.0.0.1
# By default the external API listens on all interfaces, this can be changed to
# listen on a specific address/interface.
# NOTE: If you specific address/interface and use loadbalancer_apiserver_localhost

6
roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
View File

@@ -121,12 +121,6 @@ apiServer:
{% endif %}
authorization-mode: {{ authorization_modes | join(',') }}
bind-address: {{ kube_apiserver_bind_address }}
{% if kube_apiserver_insecure_port|string != "0" %}
insecure-bind-address: {{ kube_apiserver_insecure_bind_address }}
{% endif %}
{% if kube_version is version('v1.24.0','<') %}
insecure-port: "{{ kube_apiserver_insecure_port }}"
{% endif %}
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
enable-admission-plugins: {{ kube_apiserver_enable_admission_plugins | join(',') }}
{% endif %}