c12s-kubespray/roles/kubernetes/kubeadm/tasks/main.yml

142 lines
4.2 KiB
YAML
Raw Normal View History

---
- name: Set kubeadm_discovery_address
set_fact:
kubeadm_discovery_address: >-
2018-08-07 10:25:31 +00:00
{%- if "127.0.0.1" in kube_apiserver_endpoint or "localhost" in kube_apiserver_endpoint -%}
{{ first_kube_master }}:{{ kube_apiserver_port }}
{%- else -%}
{{ kube_apiserver_endpoint }}
{%- endif %}
tags:
- facts
- name: Check if kubelet.conf exists
stat:
path: "{{ kube_config_dir }}/kubelet.conf"
register: kubelet_conf
- name: Calculate kubeadm CA cert hash
shell: openssl x509 -pubkey -in {{ kube_cert_dir }}/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
register: kubeadm_ca_hash
delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true
- name: Create kubeadm token for joining nodes with 24h expiration (default)
command: "{{ bin_dir }}/kubeadm token create"
run_once: true
register: temp_token
delegate_to: "{{ groups['kube-master'][0] }}"
- name: gets the kubeadm version
command: "{{ bin_dir }}/kubeadm version -o short"
register: kubeadm_output
- name: sets kubeadm api version to v1alpha1
set_fact:
kubeadmConfig_api_version: v1alpha1
when: kubeadm_output.stdout is version('v1.11.0', '<')
- name: sets kubeadm api version to v1alpha2
set_fact:
kubeadmConfig_api_version: v1alpha2
when:
- kubeadm_output.stdout is version('v1.11.0', '>=')
- kubeadm_output.stdout is version('v1.12.0', '<')
- name: sets kubeadm api version to v1alpha3
set_fact:
kubeadmConfig_api_version: v1alpha3
when:
- kubeadm_output.stdout is version('v1.12.0', '>=')
- kubeadm_output.stdout is version('v1.13.0', '<')
- name: sets kubeadm api version to v1beta1
set_fact:
kubeadmConfig_api_version: v1beta1
when: kubeadm_output.stdout is version('v1.13.0', '>=')
- name: Create kubeadm client config
template:
src: "kubeadm-client.conf.{{ kubeadmConfig_api_version }}.j2"
2018-12-19 13:16:14 +00:00
dest: "{{ kube_config_dir }}/kubeadm-client.conf"
backup: yes
when: not is_kube_master
vars:
kubeadm_token: "{{ temp_token.stdout }}"
- name: Join to cluster if needed
2018-09-18 23:48:45 +00:00
environment:
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
when: not is_kube_master and (not kubelet_conf.stat.exists)
block:
- name: Join to cluster
command: >-
{{ bin_dir }}/kubeadm join
--config {{ kube_config_dir}}/kubeadm-client.conf
register: kubeadm_join
async: 60
poll: 15
rescue:
- name: Join to cluster with ignores
command: >-
{{ bin_dir }}/kubeadm join
--config {{ kube_config_dir}}/kubeadm-client.conf
--ignore-preflight-errors=all
register: kubeadm_join
async: 60
poll: 15
always:
- name: Display kubeadm join stderr if any
when: kubeadm_join is failed
debug:
message: |
Joined with warnings
{{ kubeadm_join.stderr_lines }}
- name: Wait for kubelet bootstrap to create config
wait_for:
path: "{{ kube_config_dir }}/kubelet.conf"
delay: 1
timeout: 60
- name: Update server field in kubelet kubeconfig
2018-06-07 09:46:15 +00:00
lineinfile:
dest: "{{ kube_config_dir }}/kubelet.conf"
regexp: 'server:'
line: ' server: {{ kube_apiserver_endpoint }}'
backup: yes
when:
- kubeadm_config_api_fqdn is not defined
- not is_kube_master
- kubeadm_discovery_address != kube_apiserver_endpoint
notify: restart kubelet
# FIXME(mattymo): Reconcile kubelet kubeconfig filename for both deploy modes
- name: Symlink kubelet kubeconfig for calico/canal
file:
src: "{{ kube_config_dir }}/kubelet.conf"
dest: "{{ kube_config_dir }}/node-kubeconfig.yaml"
state: link
force: yes
when:
- kube_network_plugin in ['calico','canal']
- calico_version is version('v3.3.0', '<')
# FIXME(jjo): need to post-remove kube-proxy until https://github.com/kubernetes/kubeadm/issues/776
# is fixed
- name: Delete kube-proxy daemonset if kube_proxy_remove set, e.g. kube_network_plugin providing proxy services
shell: "{{ bin_dir }}/kubectl --kubeconfig /etc/kubernetes/admin.conf delete daemonset -n kube-system kube-proxy"
delegate_to: "{{groups['kube-master']|first}}"
run_once: true
when:
- kube_proxy_remove
- is_kube_master
- kubeadm_discovery_address != kube_apiserver_endpoint
tags:
- kube-proxy