Merge "Added system IPs to services "NO_PROXY" list"
This commit is contained in:
Zuul
Gerrit Code Review
commit
a0505b075d
|
|
@ -18,12 +18,11 @@ class platform::containerd::proxyconfig{
|
|||
# inherit the proxy setting from docker
|
||||
$http_proxy = $::platform::docker::params::http_proxy
|
||||
$https_proxy = $::platform::docker::params::https_proxy
|
||||
if $::platform::docker::params::no_proxy {
|
||||
# Containerd doesn't work with the NO_PROXY environment
|
||||
# variable if it has IPv6 addresses with square brackets,
|
||||
# remove the square brackets
|
||||
$no_proxy = regsubst($::platform::docker::params::no_proxy, '\\[|\\]', '', 'G')
|
||||
}
|
||||
|
||||
# Containerd doesn't work with the NO_PROXY environment
|
||||
# variable if it has IPv6 addresses with square brackets,
|
||||
# remove the square brackets
|
||||
$no_proxy = regsubst($::platform::docker::params::no_proxy_complete_list, '\\[|\\]', '', 'G')
|
||||
|
||||
if $http_proxy or $https_proxy {
|
||||
file { '/etc/systemd/system/containerd.service.d':
|
||||
|
|
@ -45,6 +44,15 @@ class platform::containerd::proxyconfig{
|
|||
logoutput => true,
|
||||
refreshonly => true,
|
||||
} ~> Service['containerd']
|
||||
} else {
|
||||
file { '/etc/systemd/system/containerd.service.d/http-proxy.conf':
|
||||
ensure => absent,
|
||||
}
|
||||
~> exec { 'perform systemctl daemon reload for containerd proxy':
|
||||
command => 'systemctl daemon-reload',
|
||||
logoutput => true,
|
||||
refreshonly => true,
|
||||
} ~> Service['containerd']
|
||||
}
|
||||
|
||||
service { 'containerd':
|
||||
|
|
|
|||
|
|
@ -24,19 +24,67 @@ class platform::docker::params (
|
|||
$ghcr_registry_secure = true,
|
||||
$registryk8s_registry_secure = true,
|
||||
$icr_registry_secure = true,
|
||||
) { }
|
||||
) {
|
||||
|
||||
include ::platform::network::oam::params
|
||||
include ::platform::network::mgmt::params
|
||||
include ::platform::network::cluster_host::params
|
||||
include ::platform::kubernetes::params
|
||||
|
||||
if $::platform::network::mgmt::params::subnet_version == $::platform::params::ipv6 {
|
||||
$localhost_address = '::1'
|
||||
} else {
|
||||
$localhost_address = '127.0.0.1'
|
||||
}
|
||||
|
||||
if $::platform::params::system_mode == 'simplex' {
|
||||
$no_proxy_unfiltered_list = @("EOL"/L)
|
||||
localhost,${localhost_address},registry.local,\
|
||||
${platform::network::oam::params::gateway_address},\
|
||||
${platform::network::oam::params::controller_address},\
|
||||
${platform::network::oam::params::controller0_address},\
|
||||
${platform::network::mgmt::params::gateway_address},\
|
||||
${platform::network::mgmt::params::controller_address},\
|
||||
${platform::network::mgmt::params::controller0_address},\
|
||||
${platform::network::cluster_host::params::gateway_address},\
|
||||
${platform::network::cluster_host::params::controller_address},\
|
||||
${platform::network::cluster_host::params::controller0_address},\
|
||||
${platform::kubernetes::params::apiserver_cluster_ip},\
|
||||
${platform::kubernetes::params::dns_service_ip},\
|
||||
cluster.local,${no_proxy}
|
||||
| -EOL
|
||||
} else {
|
||||
$no_proxy_unfiltered_list = @("EOL"/L)
|
||||
localhost,${localhost_address},registry.local,\
|
||||
${platform::network::oam::params::gateway_address},\
|
||||
${platform::network::oam::params::controller_address},\
|
||||
${platform::network::oam::params::controller0_address},\
|
||||
${platform::network::oam::params::controller1_address},\
|
||||
${platform::network::mgmt::params::gateway_address},\
|
||||
${platform::network::mgmt::params::controller_address},\
|
||||
${platform::network::mgmt::params::controller0_address},\
|
||||
${platform::network::mgmt::params::controller1_address},\
|
||||
${platform::network::cluster_host::params::gateway_address},\
|
||||
${platform::network::cluster_host::params::controller_address},\
|
||||
${platform::network::cluster_host::params::controller0_address},\
|
||||
${platform::network::cluster_host::params::controller1_address},\
|
||||
${platform::kubernetes::params::apiserver_cluster_ip},\
|
||||
${platform::kubernetes::params::dns_service_ip},\
|
||||
cluster.local,${no_proxy}
|
||||
| -EOL
|
||||
}
|
||||
|
||||
# Remove duplicates.
|
||||
$no_proxy_complete_list = split($no_proxy_unfiltered_list, ',').unique.join(',')
|
||||
}
|
||||
|
||||
class platform::docker::proxyconfig
|
||||
inherits ::platform::docker::params {
|
||||
include ::platform::docker::install
|
||||
|
||||
if $::osfamily == 'Debian' {
|
||||
if $::platform::docker::params::no_proxy {
|
||||
# Docker on Debian doesn't work with the NO_PROXY environment variable if it
|
||||
# has IPv6 addresses with square brackets, thus remove the square brackets
|
||||
$no_proxy = regsubst($::platform::docker::params::no_proxy, '\\[|\\]', '', 'G')
|
||||
}
|
||||
}
|
||||
# Docker on Debian doesn't work with the NO_PROXY environment variable if it
|
||||
# has IPv6 addresses with square brackets, thus remove the square brackets
|
||||
$no_proxy = regsubst($::platform::docker::params::no_proxy_complete_list, '\\[|\\]', '', 'G')
|
||||
|
||||
if $http_proxy or $https_proxy {
|
||||
file { '/etc/systemd/system/docker.service.d':
|
||||
|
|
@ -57,6 +105,15 @@ class platform::docker::proxyconfig
|
|||
logoutput => true,
|
||||
refreshonly => true,
|
||||
} ~> Service['docker']
|
||||
} else {
|
||||
file { '/etc/systemd/system/docker.service.d/http-proxy.conf':
|
||||
ensure => absent,
|
||||
}
|
||||
~> exec { 'perform systemctl daemon reload for docker proxy':
|
||||
command => 'systemctl daemon-reload',
|
||||
logoutput => true,
|
||||
refreshonly => true,
|
||||
} ~> Service['docker']
|
||||
}
|
||||
|
||||
service { 'docker':
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ class platform::kubernetes::params (
|
|||
$kubelet_version = undef,
|
||||
$node_ip = undef,
|
||||
$service_domain = undef,
|
||||
$apiserver_cluster_ip = undef,
|
||||
$dns_service_ip = undef,
|
||||
$host_labels = [],
|
||||
$k8s_cpuset = undef,
|
||||
|
|
|
|||
Loading…
Reference in New Issue