Flannel RBAC Fix
Fixes a bug that can occur if `cni-flannel-rbac.yml` was written but the playbook failed before it was applied. Uses the same approach as calico.
This commit is contained in:
Chad Swenson
parent
5c5e879c2c
commit
16ae2c1809
2 changed files with 17 additions and 24 deletions
|
|
@ -1,19 +1,14 @@
|
||||||
---
|
---
|
||||||
- name: "Flannel | Create ServiceAccount ClusterRole and ClusterRoleBinding"
|
|
||||||
command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/cni-flannel-rbac.yml"
|
|
||||||
run_once: true
|
|
||||||
when: rbac_enabled and flannel_rbac_manifest.changed
|
|
||||||
|
|
||||||
- name: Flannel | Start Resources
|
- name: Flannel | Start Resources
|
||||||
kube:
|
kube:
|
||||||
name: "kube-flannel"
|
name: "{{item.item.name}}"
|
||||||
kubectl: "{{ bin_dir }}/kubectl"
|
namespace: "{{ system_namespace }}"
|
||||||
filename: "{{ kube_config_dir }}/cni-flannel.yml"
|
kubectl: "{{bin_dir}}/kubectl"
|
||||||
resource: "ds"
|
resource: "{{item.item.type}}"
|
||||||
namespace: "{{system_namespace}}"
|
filename: "{{kube_config_dir}}/{{item.item.file}}"
|
||||||
state: "latest"
|
state: "latest"
|
||||||
with_items: "{{ flannel_manifest.changed }}"
|
with_items: "{{ flannel_node_manifests.results }}"
|
||||||
when: inventory_hostname == groups['kube-master'][0]
|
when: inventory_hostname == groups['kube-master'][0] and not item|skipped
|
||||||
|
|
||||||
- name: Flannel | Wait for flannel subnet.env file presence
|
- name: Flannel | Wait for flannel subnet.env file presence
|
||||||
wait_for:
|
wait_for:
|
||||||
|
|
|
||||||
|
|
@ -1,16 +1,14 @@
|
||||||
---
|
---
|
||||||
- include: pre-upgrade.yml
|
- include: pre-upgrade.yml
|
||||||
|
|
||||||
- name: Flannel | Create cni-flannel-rbac manifest
|
- name: Flannel | Create Flannel manifests
|
||||||
template:
|
template:
|
||||||
src: cni-flannel-rbac.yml.j2
|
src: "{{item.file}}.j2"
|
||||||
dest: "{{ kube_config_dir }}/cni-flannel-rbac.yml"
|
dest: "{{kube_config_dir}}/{{item.file}}"
|
||||||
register: flannel_rbac_manifest
|
with_items:
|
||||||
when: inventory_hostname == groups['kube-master'][0] and rbac_enabled
|
- {name: flannel, file: cni-flannel-rbac.yml, type: sa}
|
||||||
|
- {name: kube-flannel, file: cni-flannel.yml, type: ds}
|
||||||
- name: Flannel | Create cni-flannel manifest
|
register: flannel_node_manifests
|
||||||
template:
|
when:
|
||||||
src: cni-flannel.yml.j2
|
- inventory_hostname in groups['kube-master']
|
||||||
dest: "{{ kube_config_dir }}/cni-flannel.yml"
|
- rbac_enabled or item.type not in rbac_resources
|
||||||
register: flannel_manifest
|
|
||||||
when: inventory_hostname == groups['kube-master'][0]
|
|
||||||
Loading…
Reference in a new issue