c12s-kubespray/roles/kubernetes/preinstall/tasks/0090-etchosts.yml

---
- name: Hosts | create list from inventory
  set_fact:
    etc_hosts_inventory_block: |-
      {% for item in (groups['k8s_cluster'] + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique -%}
      {% if 'access_ip' in hostvars[item] or 'ip' in hostvars[item] or 'ansible_default_ipv4' in hostvars[item] -%}
      {{ hostvars[item]['access_ip'] | default(hostvars[item]['ip'] | default(hostvars[item]['ansible_default_ipv4']['address'])) }}
      {%- if ('ansible_hostname' in hostvars[item] and item != hostvars[item]['ansible_hostname']) %} {{ hostvars[item]['ansible_hostname'] }}.{{ dns_domain }} {{ hostvars[item]['ansible_hostname'] }} {% else %} {{ item }}.{{ dns_domain }} {{ item }} {% endif %}

      {% endif %}
      {% endfor %}
  delegate_to: localhost
  connection: local
  delegate_facts: yes
  run_once: yes

- name: Hosts | populate inventory into hosts file
  blockinfile:
    path: /etc/hosts
    block: "{{ hostvars.localhost.etc_hosts_inventory_block }}"
    state: present
    create: yes
    backup: yes
    unsafe_writes: yes
    marker: "# Ansible inventory hosts {mark}"
    mode: 0644
  when: populate_inventory_to_hosts_file

- name: Hosts | populate kubernetes loadbalancer address into hosts file
  lineinfile:
    dest: /etc/hosts
    regexp: ".*{{ apiserver_loadbalancer_domain_name }}$"
    line: "{{ loadbalancer_apiserver.address }} {{ apiserver_loadbalancer_domain_name }}"
    state: present
    backup: yes
    unsafe_writes: yes
  when:
    - loadbalancer_apiserver is defined
    - loadbalancer_apiserver.address is defined

- name: Hosts | Retrieve hosts file content
  slurp:
    src: /etc/hosts
  register: etc_hosts_content

- name: Hosts | Extract existing entries for localhost from hosts file
  set_fact:
    etc_hosts_localhosts_dict: >-
      {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
      {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
  with_items: "{{ (etc_hosts_content['content'] | b64decode).splitlines() }}"
  when:
    - etc_hosts_content.content is defined
    - (item is match('^::1 .*') or item is match('^127.0.0.1 .*'))

- name: Hosts | Update target hosts file entries dict with required entries
  set_fact:
    etc_hosts_localhosts_dict_target: >-
      {%- set target_entries = (etc_hosts_localhosts_dict|default({})).get(item.key, []) | difference(item.value.get('unexpected' ,[])) -%}
      {{ etc_hosts_localhosts_dict_target|default({}) | combine({item.key: (target_entries + item.value.expected)|unique}) }}
  loop: "{{ etc_hosts_localhost_entries|dict2items }}"

- name: Hosts | Update (if necessary) hosts file
  lineinfile:
    dest: /etc/hosts
    line: "{{ item.key }} {{ item.value|join(' ') }}"
    regexp: "^{{ item.key }}.*$"
    state: present
    backup: yes
    unsafe_writes: yes
  loop: "{{ etc_hosts_localhosts_dict_target|default({})|dict2items }}"

# gather facts to update ansible_fqdn
- name: Update facts
  setup:
    gather_subset: min
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`---`
Calculate inventory list only once (#5956) 2020-04-16 13:12:45 +00:00			`- name: Hosts \| create list from inventory`
			`set_fact:`
			`etc_hosts_inventory_block: \|-`
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones 2021-04-29 12:20:50 +00:00			`{% for item in (groups['k8s_cluster'] + groups['etcd']\|default([]) + groups['calico_rr']\|default([]))\|unique -%}`
Calculate inventory list only once (#5956) 2020-04-16 13:12:45 +00:00			`{% if 'access_ip' in hostvars[item] or 'ip' in hostvars[item] or 'ansible_default_ipv4' in hostvars[item] -%}`
			`{{ hostvars[item]['access_ip'] \| default(hostvars[item]['ip'] \| default(hostvars[item]['ansible_default_ipv4']['address'])) }}`
fix 0090-etchosts (#7634) 2022-01-11 09:03:16 +00:00			`{%- if ('ansible_hostname' in hostvars[item] and item != hostvars[item]['ansible_hostname']) %} {{ hostvars[item]['ansible_hostname'] }}.{{ dns_domain }} {{ hostvars[item]['ansible_hostname'] }} {% else %} {{ item }}.{{ dns_domain }} {{ item }} {% endif %}`

Remove hard dependence on facts for all nodes (#4304) * Remove hard dependence on facts for all nodes * Update main.yaml * Update main.yaml 2019-03-05 11:04:39 +00:00			`{% endif %}`
switch /etc/hosts to use blockinfile 2016-09-14 15:14:26 +00:00			`{% endfor %}`
Calculate inventory list only once (#5956) 2020-04-16 13:12:45 +00:00			`delegate_to: localhost`
Use `connection: local` when `delegate_to: localhost` (#6322) This will avoid SSH connection on the local host 2020-06-25 15:14:38 +00:00			`connection: local`
Calculate inventory list only once (#5956) 2020-04-16 13:12:45 +00:00			`delegate_facts: yes`
			`run_once: yes`

			`- name: Hosts \| populate inventory into hosts file`
			`blockinfile:`
			`path: /etc/hosts`
			`block: "{{ hostvars.localhost.etc_hosts_inventory_block }}"`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`state: present`
On CoreOS, /etc/hosts does not always exist. 2016-02-23 12:04:58 +00:00			`create: yes`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`backup: yes`
[jjo] add DIND support to contrib/ (#3468) * [jjo] add DIND support to contrib/ - add contrib/dind with ansible playbook to create "node" containers, and setup them to mimic host nodes as much as possible (using Ubuntu images), see contrib/dind/README.md - nodes' /etc/hosts editing via `blockinfile` and `lineinfile` need `unsafe_writes: yes` because /etc/hosts are mounted by docker, and thus can't be handled atomically (modify copy + rename) * dind-host role: set node container hostname on creation * add "Resulting deployment" section with some CLI outputs * typo * selectable node_distro: debian, ubuntu * some fixes for node_distro: ubuntu * cpu optimization: add early `pkill -STOP agetty` * typo * add centos dind support ;) * add kubespray-dind.yaml, support fedora - add kubespray-dind.yaml (former custom.yaml at README.md) - rework README.md as per above - use some YAML power to share distros' commonality - add fedora support * create unique /etc/machine-id and other updates - create unique /etc/machine-id in each docker node, used as seed for e.g. weave mac addresses - with above, now netchecker 100% passes WoHooOO! :tada: :tada: :tada: - updated README.md output from (1.12.1, verified netcheck) * minor typos * fix centos node creation, needs earlier udevadm removal to avoid flaky facts, also verified netcheck Ok \o/ * add Q&D test-distros.sh, back to manual /etc/machine-id hack * run-test-distros.sh cosmetics and minor fixes * run-test-distros.sh: $rc fix and minor formatting changes * run-test-distros.sh output cosmetics 2018-10-15 07:44:02 +00:00			`unsafe_writes: yes`
switch /etc/hosts to use blockinfile 2016-09-14 15:14:26 +00:00			`marker: "# Ansible inventory hosts {mark}"`
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8 2021-07-12 07:00:47 +00:00			`mode: 0644`
added flag for not populating inventory entries to etc hosts file 2017-06-30 12:17:03 +00:00			`when: populate_inventory_to_hosts_file`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00
			`- name: Hosts \| populate kubernetes loadbalancer address into hosts file`
			`lineinfile:`
			`dest: /etc/hosts`
			`regexp: ".*{{ apiserver_loadbalancer_domain_name }}$"`
Revert "Fix external lb error (#8299)" (#8360) This reverts commit 4f2e4524b8f730bf40b62b249143380c457d7dc4. 2022-01-03 09:37:00 +00:00			`line: "{{ loadbalancer_apiserver.address }} {{ apiserver_loadbalancer_domain_name }}"`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`state: present`
			`backup: yes`
[jjo] add DIND support to contrib/ (#3468) * [jjo] add DIND support to contrib/ - add contrib/dind with ansible playbook to create "node" containers, and setup them to mimic host nodes as much as possible (using Ubuntu images), see contrib/dind/README.md - nodes' /etc/hosts editing via `blockinfile` and `lineinfile` need `unsafe_writes: yes` because /etc/hosts are mounted by docker, and thus can't be handled atomically (modify copy + rename) * dind-host role: set node container hostname on creation * add "Resulting deployment" section with some CLI outputs * typo * selectable node_distro: debian, ubuntu * some fixes for node_distro: ubuntu * cpu optimization: add early `pkill -STOP agetty` * typo * add centos dind support ;) * add kubespray-dind.yaml, support fedora - add kubespray-dind.yaml (former custom.yaml at README.md) - rework README.md as per above - use some YAML power to share distros' commonality - add fedora support * create unique /etc/machine-id and other updates - create unique /etc/machine-id in each docker node, used as seed for e.g. weave mac addresses - with above, now netchecker 100% passes WoHooOO! :tada: :tada: :tada: - updated README.md output from (1.12.1, verified netcheck) * minor typos * fix centos node creation, needs earlier udevadm removal to avoid flaky facts, also verified netcheck Ok \o/ * add Q&D test-distros.sh, back to manual /etc/machine-id hack * run-test-distros.sh cosmetics and minor fixes * run-test-distros.sh: $rc fix and minor formatting changes * run-test-distros.sh output cosmetics 2018-10-15 07:44:02 +00:00			`unsafe_writes: yes`
Ansible 2.3 support - Fix when clauses in various places - Update requirements.txt - Fix README.md Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com> 2017-04-26 12:11:13 +00:00			`when:`
			`- loadbalancer_apiserver is defined`
			`- loadbalancer_apiserver.address is defined`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00
Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 10:10:49 +00:00			`- name: Hosts \| Retrieve hosts file content`
			`slurp:`
			`src: /etc/hosts`
			`register: etc_hosts_content`

			`- name: Hosts \| Extract existing entries for localhost from hosts file`
			`set_fact:`
same work with less lines 2018-08-24 12:06:07 +00:00			`etc_hosts_localhosts_dict: >-`
Add .editorconfig file (#6307) 2020-06-29 19:39:59 +00:00			`{%- set splitted = (item \| regex_replace('[ \t]+', ' ')\|regex_replace('#.*$')\|trim).split( ' ') -%}`
			`{{ etc_hosts_localhosts_dict\|default({}) \| combine({splitted[0]: splitted[1::] }) }}`
ansible-lint: Don't use bare variables (#4608) Circumvented one false positive from ansible-lint Moved a block of jinja magic into its own variable 2019-04-24 05:20:00 +00:00			`with_items: "{{ (etc_hosts_content['content'] \| b64decode).splitlines() }}"`
Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 10:10:49 +00:00			`when:`
			`- etc_hosts_content.content is defined`
Fix ansible syntax to avoid ansible warnings (one more) (#3536) * warning on meta flush_handlers * avoid rm * avoid "Module remote_tmp /root/.ansible/tmp did not exist and was created with a mode of 0700, this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually" warning on subsequent tasks using blockinfile * is match 2018-10-17 19:27:11 +00:00			`- (item is match('^::1 .') or item is match('^127.0.0.1 .'))`
Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 10:10:49 +00:00
			`- name: Hosts \| Update target hosts file entries dict with required entries`
			`set_fact:`
			`etc_hosts_localhosts_dict_target: >-`
Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1 2018-08-31 14:33:18 +00:00			`{%- set target_entries = (etc_hosts_localhosts_dict\|default({})).get(item.key, []) \| difference(item.value.get('unexpected' ,[])) -%}`
same work with less lines 2018-08-24 12:06:07 +00:00			`{{ etc_hosts_localhosts_dict_target\|default({}) \| combine({item.key: (target_entries + item.value.expected)\|unique}) }}`
Replace deprecated 'with_dict' with 'loop' (#7442) 2021-04-05 20:45:19 +00:00			`loop: "{{ etc_hosts_localhost_entries\|dict2items }}"`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00
Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 10:10:49 +00:00			`- name: Hosts \| Update (if necessary) hosts file`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`lineinfile:`
			`dest: /etc/hosts`
Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 10:10:49 +00:00			`line: "{{ item.key }} {{ item.value\|join(' ') }}"`
			`regexp: "^{{ item.key }}.*$"`
move /etc/hosts configuration in 'preinstall' role 2016-01-20 16:37:23 +00:00			`state: present`
			`backup: yes`
[jjo] add DIND support to contrib/ (#3468) * [jjo] add DIND support to contrib/ - add contrib/dind with ansible playbook to create "node" containers, and setup them to mimic host nodes as much as possible (using Ubuntu images), see contrib/dind/README.md - nodes' /etc/hosts editing via `blockinfile` and `lineinfile` need `unsafe_writes: yes` because /etc/hosts are mounted by docker, and thus can't be handled atomically (modify copy + rename) * dind-host role: set node container hostname on creation * add "Resulting deployment" section with some CLI outputs * typo * selectable node_distro: debian, ubuntu * some fixes for node_distro: ubuntu * cpu optimization: add early `pkill -STOP agetty` * typo * add centos dind support ;) * add kubespray-dind.yaml, support fedora - add kubespray-dind.yaml (former custom.yaml at README.md) - rework README.md as per above - use some YAML power to share distros' commonality - add fedora support * create unique /etc/machine-id and other updates - create unique /etc/machine-id in each docker node, used as seed for e.g. weave mac addresses - with above, now netchecker 100% passes WoHooOO! :tada: :tada: :tada: - updated README.md output from (1.12.1, verified netcheck) * minor typos * fix centos node creation, needs earlier udevadm removal to avoid flaky facts, also verified netcheck Ok \o/ * add Q&D test-distros.sh, back to manual /etc/machine-id hack * run-test-distros.sh cosmetics and minor fixes * run-test-distros.sh: $rc fix and minor formatting changes * run-test-distros.sh output cosmetics 2018-10-15 07:44:02 +00:00			`unsafe_writes: yes`
add default empty value for etc_hosts_localhosts_dict_target (#7567) 2021-04-28 18:34:50 +00:00			`loop: "{{ etc_hosts_localhosts_dict_target\|default({})\|dict2items }}"`
Fix scaling (#5889) * etcd: etcd-events doesn't depend on etcd_cluster_setup Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * etcd: remove condition already present on include_tasks Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * etcd: fix scaling up Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * etcd: use access_addresses, do not delegate to etcd[0] We want to wait for the full cluster to be healthy, so use all the cluster addresses Also we should be able to run the playbook when etcd[0] is down (not tested), so do not delegate to etcd[0] Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> etcd: use failed_when for health check unhealthy cluster is expected on first run, so use failed_when instead of ignore_errors to remove scary red messages Also use run_once Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * kubernetes/preinstall: ensure ansible_fqdn is up to date after changing /etc/hosts Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * kubernetes/master: regenerate apiserver cert if needed Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> 2020-04-08 08:27:43 +00:00
			`# gather facts to update ansible_fqdn`
			`- name: Update facts`
			`setup:`
			`gather_subset: min`