diff --git a/roles/docker/tasks/install.yml b/roles/docker/tasks/install.yml index 4880629a8..e2d18d1f6 100644 --- a/roles/docker/tasks/install.yml +++ b/roles/docker/tasks/install.yml @@ -13,7 +13,7 @@ with_items: - aufs-tools - cgroupfs-mount - - docker-engine=1.8.3-0~{{ ansible_distribution_release }} + - docker-engine=1.9.0-0~{{ ansible_distribution_release }} - name: Copy default docker configuration template: src=default-docker.j2 dest=/etc/default/docker backup=yes diff --git a/roles/docker/templates/default-docker.j2 b/roles/docker/templates/default-docker.j2 index 2a332353e..66e3cd2ee 100644 --- a/roles/docker/templates/default-docker.j2 +++ b/roles/docker/templates/default-docker.j2 @@ -4,9 +4,9 @@ #DOCKER="/usr/local/bin/docker" # Use DOCKER_OPTS to modify the daemon startup options. -#{% if kube_network_plugin is defined and kube_network_plugin == "calico" %} -#DOCKER_OPTS="--bridge=cbr0 --iptables=false --ip-masq=false" -#{% endif %} +{% if kube_network_plugin is defined and kube_network_plugin == "calico" %} +DOCKER_OPTS="--bridge=cbr0 --iptables=false --ip-masq=false" +{% endif %} # If you need Docker to use an HTTP proxy, it can also be specified here. #export http_proxy="http://127.0.0.1:3128/" diff --git a/roles/kubernetes/common/defaults/main.yml b/roles/kubernetes/common/defaults/main.yml index 09df9be6b..367a2c34f 100644 --- a/roles/kubernetes/common/defaults/main.yml +++ b/roles/kubernetes/common/defaults/main.yml @@ -31,6 +31,7 @@ kube_cert_group: kube-cert dns_domain: "{{ cluster_name }}" kube_proxy_mode: iptables +kube_master_port: 443 # IP address of the DNS server. # Kubernetes will create a pod with several containers, serving as the DNS # server and expose it under this IP address. The IP address must be from diff --git a/roles/kubernetes/common/tasks/secrets.yml b/roles/kubernetes/common/tasks/secrets.yml index 65107da0b..c61e17d9b 100644 --- a/roles/kubernetes/common/tasks/secrets.yml +++ b/roles/kubernetes/common/tasks/secrets.yml @@ -45,6 +45,10 @@ notify: - restart daemons +- debug: msg="{{groups['kube-master'][0]}} == {{inventory_hostname}}" + tags: + - debug + - include: gen_tokens.yml run_once: true when: inventory_hostname == groups['kube-master'][0] diff --git a/roles/network_plugin/tasks/calico.yml b/roles/network_plugin/tasks/calico.yml index f7042bf50..1e6f5d47a 100644 --- a/roles/network_plugin/tasks/calico.yml +++ b/roles/network_plugin/tasks/calico.yml @@ -1,6 +1,6 @@ --- - name: Calico | Install calicoctl bin - copy: + copy: src={{ local_release_dir }}/calico/bin/calicoctl dest={{ bin_dir }} mode=u+x @@ -11,22 +11,28 @@ - name: Calico | Write calico-node systemd init file template: src=calico/calico-node.service.j2 dest=/etc/systemd/system/calico-node.service - notify: + register: newservice + notify: - reload systemd - restart calico-node +- name: Calico | daemon-reload + command: systemctl daemon-reload + when: newservice|changed + changed_when: False + - name: Calico | Enable calico-node service: name=calico-node enabled=yes state=started - name: Calico | Configure calico-node remove default pool shell: calicoctl pool remove 192.168.0.0/16 - environment: + environment: ETCD_AUTHORITY: "{{ groups['kube-master'][0] }}:4001" run_once: true - name: Calico | Configure calico-node desired pool shell: calicoctl pool add {{ kube_pods_subnet }} - environment: + environment: ETCD_AUTHORITY: "{{ groups['kube-master'][0] }}:4001" run_once: true