2015-10-03 20:19:50 +00:00
|
|
|
---
|
2016-07-08 09:59:21 +00:00
|
|
|
- include: pre-upgrade.yml
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: k8s-pre-upgrade
|
2015-12-16 22:49:01 +00:00
|
|
|
|
2016-07-25 10:56:58 +00:00
|
|
|
- name: Copy kubectl from hyperkube container
|
2016-12-23 14:44:44 +00:00
|
|
|
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp /hyperkube /systembindir/kubectl"
|
2016-09-13 12:36:01 +00:00
|
|
|
register: kube_task_result
|
|
|
|
until: kube_task_result.rc == 0
|
|
|
|
retries: 4
|
2016-09-15 09:23:27 +00:00
|
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
2016-01-22 15:37:07 +00:00
|
|
|
changed_when: false
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: [hyperkube, kubectl, upgrade]
|
2015-12-11 10:52:20 +00:00
|
|
|
|
2017-01-17 17:36:58 +00:00
|
|
|
- name: Install kubectl bash completion
|
|
|
|
shell: "{{ bin_dir }}/kubectl completion bash >/etc/bash_completion.d/kubectl.sh"
|
2016-11-14 08:22:46 +00:00
|
|
|
when: ansible_os_family in ["Debian","RedHat"]
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: kubectl
|
2016-11-14 08:22:46 +00:00
|
|
|
|
2017-01-17 17:36:58 +00:00
|
|
|
- name: Set kubectl bash completion file
|
|
|
|
file:
|
|
|
|
path: /etc/bash_completion.d/kubectl.sh
|
2016-11-14 08:22:46 +00:00
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: 0755
|
2017-01-17 17:36:58 +00:00
|
|
|
when: ansible_os_family in ["Debian","RedHat"]
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: [kubectl, upgrade]
|
2016-11-14 08:22:46 +00:00
|
|
|
|
2016-07-08 09:59:21 +00:00
|
|
|
- name: Write kube-apiserver manifest
|
2016-01-22 13:25:33 +00:00
|
|
|
template:
|
2016-07-08 09:59:21 +00:00
|
|
|
src: manifests/kube-apiserver.manifest.j2
|
|
|
|
dest: "{{ kube_manifest_dir }}/kube-apiserver.manifest"
|
2016-09-27 09:54:12 +00:00
|
|
|
notify: Master | wait for the apiserver to be running
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: kube-apiserver
|
2016-01-22 13:25:33 +00:00
|
|
|
|
2016-09-27 09:54:12 +00:00
|
|
|
- meta: flush_handlers
|
2016-12-13 10:43:06 +00:00
|
|
|
|
2017-04-18 12:59:14 +00:00
|
|
|
- name: Write kube system namespace manifest
|
|
|
|
template:
|
|
|
|
src: namespace.j2
|
2017-02-17 21:22:34 +00:00
|
|
|
dest: "{{kube_config_dir}}/{{system_namespace}}-ns.yml"
|
2015-12-11 10:52:20 +00:00
|
|
|
run_once: yes
|
|
|
|
when: inventory_hostname == groups['kube-master'][0]
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: apps
|
2015-12-11 10:52:20 +00:00
|
|
|
|
2016-12-13 10:43:06 +00:00
|
|
|
- name: Check if kube system namespace exists
|
|
|
|
command: "{{ bin_dir }}/kubectl get ns {{system_namespace}}"
|
2016-01-14 14:19:45 +00:00
|
|
|
register: 'kubesystem'
|
|
|
|
changed_when: False
|
2016-05-08 15:11:09 +00:00
|
|
|
failed_when: False
|
2016-01-14 14:19:45 +00:00
|
|
|
run_once: yes
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: apps
|
2016-01-14 14:19:45 +00:00
|
|
|
|
2016-12-13 10:43:06 +00:00
|
|
|
- name: Create kube system namespace
|
|
|
|
command: "{{ bin_dir }}/kubectl create -f {{kube_config_dir}}/{{system_namespace}}-ns.yml"
|
2017-03-23 15:55:37 +00:00
|
|
|
retries: 4
|
|
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
2017-03-24 15:29:28 +00:00
|
|
|
register: create_system_ns
|
|
|
|
until: create_system_ns.rc == 0
|
2016-01-14 14:19:45 +00:00
|
|
|
changed_when: False
|
2016-01-22 13:25:33 +00:00
|
|
|
when: kubesystem|failed and inventory_hostname == groups['kube-master'][0]
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: apps
|
2016-01-14 14:19:45 +00:00
|
|
|
|
2017-06-28 15:32:29 +00:00
|
|
|
- name: Lay Down kubelet PSP Resources (RBAC)
|
|
|
|
template:
|
|
|
|
src: "{{item.file}}"
|
|
|
|
dest: "{{kube_config_dir}}/{{item.file}}"
|
|
|
|
with_items:
|
|
|
|
- {name: kubelet-psp, file: kubelet-psp.yaml, type: psp}
|
|
|
|
- {name: kubelet-psp, file: kubelet-psp-clusterrole.yaml, type: clusterrole}
|
|
|
|
- {name: kubelet-psp, file: kubelet-psp-clusterrolebinding.yaml, type: clusterrolebinding}
|
|
|
|
register: manifests
|
|
|
|
when: dns_mode != 'none' and inventory_hostname == groups['kube-master'][0] and rbac_enabled and psp_enabled
|
|
|
|
tags: apps
|
|
|
|
|
|
|
|
- name: Apply kubelet PSP Resources (RBAC)
|
|
|
|
kube:
|
|
|
|
name: "{{item.item.name}}"
|
|
|
|
namespace: "{{ system_namespace }}"
|
|
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
|
|
resource: "{{item.item.type}}"
|
|
|
|
filename: "{{kube_config_dir}}/{{item.item.file}}"
|
|
|
|
state: "{{item.changed | ternary('latest','present') }}"
|
|
|
|
with_items: "{{ manifests.results }}"
|
|
|
|
failed_when: manifests|failed and "Error from server (AlreadyExists)" not in manifests.msg
|
|
|
|
when: dns_mode != 'none' and inventory_hostname == groups['kube-master'][0] and rbac_enabled and psp_enabled
|
|
|
|
tags: apps
|
|
|
|
|
2017-06-27 04:27:25 +00:00
|
|
|
- name: Write kube-scheduler kubeconfig
|
2015-12-11 10:52:20 +00:00
|
|
|
template:
|
2017-06-27 04:27:25 +00:00
|
|
|
src: kube-scheduler-kubeconfig.yaml.j2
|
|
|
|
dest: "{{ kube_config_dir }}/kube-scheduler-kubeconfig.yaml"
|
|
|
|
tags: kube-scheduler
|
2015-12-11 10:52:20 +00:00
|
|
|
|
|
|
|
- name: Write kube-scheduler manifest
|
|
|
|
template:
|
|
|
|
src: manifests/kube-scheduler.manifest.j2
|
2016-03-21 21:25:09 +00:00
|
|
|
dest: "{{ kube_manifest_dir }}/kube-scheduler.manifest"
|
2016-09-27 09:54:12 +00:00
|
|
|
notify: Master | wait for kube-scheduler
|
2016-12-08 13:36:00 +00:00
|
|
|
tags: kube-scheduler
|
2017-03-06 10:22:13 +00:00
|
|
|
|
2017-06-27 04:27:25 +00:00
|
|
|
- name: Write kube-controller-manager kubeconfig
|
|
|
|
template:
|
|
|
|
src: kube-controller-manager-kubeconfig.yaml.j2
|
|
|
|
dest: "{{ kube_config_dir }}/kube-controller-manager-kubeconfig.yaml"
|
|
|
|
tags: kube-controller-manager
|
|
|
|
|
|
|
|
- name: Write kube-controller-manager manifest
|
|
|
|
template:
|
|
|
|
src: manifests/kube-controller-manager.manifest.j2
|
|
|
|
dest: "{{ kube_manifest_dir }}/kube-controller-manager.manifest"
|
|
|
|
notify: Master | wait for kube-controller-manager
|
|
|
|
tags: kube-controller-manager
|
|
|
|
|
2017-03-06 10:22:13 +00:00
|
|
|
- include: post-upgrade.yml
|
|
|
|
tags: k8s-post-upgrade
|
|
|
|
|