diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml index 88cf81e1d3b..3f45637f8be 100644 --- a/roles/kubernetes-apps/ansible/defaults/main.yml +++ b/roles/kubernetes-apps/ansible/defaults/main.yml @@ -13,6 +13,22 @@ dns_prevent_single_point_failure: "{{ 'true' if dns_min_replicas | int > 1 else enable_coredns_reverse_dns_lookups: true coredns_ordinal_suffix: "" # dns_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}] +coredns_affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + k8s-app: kube-dns{{ coredns_ordinal_suffix }} + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + preference: + matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: In + values: + - "" coredns_deployment_nodeselector: "kubernetes.io/os: linux" coredns_default_zone_cache_block: | cache 30 diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 index e929dba6286..52c0375ab67 100644 --- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 @@ -38,21 +38,9 @@ spec: {{ dns_extra_tolerations | list | to_nice_yaml(indent=2) | indent(8) }} {% endif %} affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: "kubernetes.io/hostname" - labelSelector: - matchLabels: - k8s-app: kube-dns{{ coredns_ordinal_suffix }} - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - preference: - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: In - values: - - "" +{% if coredns_affinity is defined %} + {{ coredns_affinity | to_nice_yaml(indent=2) | indent(8) }} +{% endif %} containers: - name: coredns image: "{{ coredns_image_repo }}:{{ coredns_image_tag }}"