Add .editorconfig file (#6307)

This commit is contained in:
Joel Seguillon 2020-06-29 21:39:59 +02:00 committed by GitHub
parent 09b23f96d7
commit 4c1e0b188d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
67 changed files with 232 additions and 217 deletions

15
.editorconfig Normal file
View file

@ -0,0 +1,15 @@
root = true
[*.{yaml,yml,yml.j2,yaml.j2}]
indent_style = space
indent_size = 2
trim_trailing_whitespace = true
insert_final_newline = true
charset = utf-8
[{Dockerfile}]
indent_style = space
indent_size = 2
trim_trailing_whitespace = true
insert_final_newline = true
charset = utf-8

View file

@ -171,4 +171,4 @@ tf-elastx_ubuntu18-calico:
TF_VAR_flavor_k8s_master: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2 TF_VAR_flavor_k8s_master: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2
TF_VAR_flavor_k8s_node: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2 TF_VAR_flavor_k8s_node: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2
TF_VAR_image: ubuntu-18.04-server-latest TF_VAR_image: ubuntu-18.04-server-latest
TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]' TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'

View file

@ -51,4 +51,4 @@ vagrant_ubuntu18-weave-medium:
vagrant_ubuntu20-flannel: vagrant_ubuntu20-flannel:
stage: deploy-part2 stage: deploy-part2
extends: .vagrant extends: .vagrant
when: on_success when: on_success

View file

@ -6,12 +6,12 @@ RUN apt update -y && \
apt install -y \ apt install -y \
libssl-dev python3-dev sshpass apt-transport-https jq moreutils \ libssl-dev python3-dev sshpass apt-transport-https jq moreutils \
ca-certificates curl gnupg2 software-properties-common python3-pip rsync ca-certificates curl gnupg2 software-properties-common python3-pip rsync
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \ RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
add-apt-repository \ add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \ $(lsb_release -cs) \
stable" \ stable" \
&& apt update -y && apt-get install docker-ce -y && apt update -y && apt-get install docker-ce -y
COPY . . COPY . .
RUN /usr/bin/python3 -m pip install pip -U && /usr/bin/python3 -m pip install -r tests/requirements.txt && python3 -m pip install -r requirements.txt && update-alternatives --install /usr/bin/python python /usr/bin/python3 1 RUN /usr/bin/python3 -m pip install pip -U && /usr/bin/python3 -m pip install -r tests/requirements.txt && python3 -m pip install -r requirements.txt && update-alternatives --install /usr/bin/python python /usr/bin/python3 1
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.5/bin/linux/amd64/kubectl \ RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.5/bin/linux/amd64/kubectl \

View file

@ -1,2 +1,2 @@
--- ---
theme: jekyll-theme-slate theme: jekyll-theme-slate

View file

@ -8,7 +8,7 @@
{% for host in groups['gfs-cluster'] %} {% for host in groups['gfs-cluster'] %}
{ {
"addresses": [ "addresses": [
{ {
"ip": "{{hostvars[host]['ip']|default(hostvars[host].ansible_default_ipv4['address'])}}" "ip": "{{hostvars[host]['ip']|default(hostvars[host].ansible_default_ipv4['address'])}}"
} }
], ],

View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata: metadata:
name: glusterfs name: glusterfs
spec: spec:
capacity: capacity:
storage: "{{ hostvars[groups['gfs-cluster'][0]].gluster_disk_size_gb }}Gi" storage: "{{ hostvars[groups['gfs-cluster'][0]].gluster_disk_size_gb }}Gi"

View file

@ -6,11 +6,11 @@
- name: bootstrap/start_vault_temp | Start single node Vault with file backend - name: bootstrap/start_vault_temp | Start single node Vault with file backend
command: > command: >
docker run -d --cap-add=IPC_LOCK --name {{ vault_temp_container_name }} docker run -d --cap-add=IPC_LOCK --name {{ vault_temp_container_name }}
-p {{ vault_port }}:{{ vault_port }} -p {{ vault_port }}:{{ vault_port }}
-e 'VAULT_LOCAL_CONFIG={{ vault_temp_config|to_json }}' -e 'VAULT_LOCAL_CONFIG={{ vault_temp_config|to_json }}'
-v /etc/vault:/etc/vault -v /etc/vault:/etc/vault
{{ vault_image_repo }}:{{ vault_version }} server {{ vault_image_repo }}:{{ vault_version }} server
- name: bootstrap/start_vault_temp | Start again single node Vault with file backend - name: bootstrap/start_vault_temp | Start again single node Vault with file backend
command: docker start {{ vault_temp_container_name }} command: docker start {{ vault_temp_container_name }}

View file

@ -21,9 +21,9 @@
- name: bootstrap/sync_secrets | Print out warning message if secrets are not available and vault is initialized - name: bootstrap/sync_secrets | Print out warning message if secrets are not available and vault is initialized
pause: pause:
prompt: > prompt: >
Vault orchestration may not be able to proceed. The Vault cluster is initialized, but Vault orchestration may not be able to proceed. The Vault cluster is initialized, but
'root_token' or 'unseal_keys' were not found in {{ vault_secrets_dir }}. These are 'root_token' or 'unseal_keys' were not found in {{ vault_secrets_dir }}. These are
needed for many vault orchestration steps. needed for many vault orchestration steps.
when: vault_cluster_is_initialized and not vault_secrets_available when: vault_cluster_is_initialized and not vault_secrets_available
- name: bootstrap/sync_secrets | Cat root_token from a vault host - name: bootstrap/sync_secrets | Cat root_token from a vault host

View file

@ -25,6 +25,6 @@
- name: check_etcd | Fail if etcd is not available and needed - name: check_etcd | Fail if etcd is not available and needed
fail: fail:
msg: > msg: >
Unable to start Vault cluster! Etcd is not available at Unable to start Vault cluster! Etcd is not available at
{{ vault_etcd_url.split(',') | first }} however it is needed by Vault as a backend. {{ vault_etcd_url.split(',') | first }} however it is needed by Vault as a backend.
when: vault_etcd_needed|d() and not vault_etcd_available when: vault_etcd_needed|d() and not vault_etcd_available

View file

@ -46,7 +46,7 @@
set_fact: set_fact:
vault_cluster_is_initialized: >- vault_cluster_is_initialized: >-
{{ vault_is_initialized or {{ vault_is_initialized or
hostvars[item]['vault_is_initialized'] or hostvars[item]['vault_is_initialized'] or
('value' in vault_etcd_exists.stdout|default('')) }} ('value' in vault_etcd_exists.stdout|default('')) }}
with_items: "{{ groups.vault }}" with_items: "{{ groups.vault }}"
run_once: true run_once: true

View file

@ -6,9 +6,9 @@
ca_cert: "{{ vault_cert_dir }}/ca.pem" ca_cert: "{{ vault_cert_dir }}/ca.pem"
name: "{{ create_role_name }}" name: "{{ create_role_name }}"
rules: >- rules: >-
{%- if create_role_policy_rules|d("default") == "default" -%} {%- if create_role_policy_rules|d("default") == "default" -%}
{{ {{
{ 'path': { { 'path': {
create_role_mount_path + '/issue/' + create_role_name: {'policy': 'write'}, create_role_mount_path + '/issue/' + create_role_name: {'policy': 'write'},
create_role_mount_path + '/roles/' + create_role_name: {'policy': 'read'} create_role_mount_path + '/roles/' + create_role_name: {'policy': 'read'}
}} | to_json + '\n' }} | to_json + '\n'
@ -24,13 +24,13 @@
ca_cert: "{{ vault_cert_dir }}/ca.pem" ca_cert: "{{ vault_cert_dir }}/ca.pem"
secret: "{{ create_role_mount_path }}/roles/{{ create_role_name }}" secret: "{{ create_role_mount_path }}/roles/{{ create_role_name }}"
data: | data: |
{%- if create_role_options|d("default") == "default" -%} {%- if create_role_options|d("default") == "default" -%}
{ {
allow_any_name: true allow_any_name: true
} }
{%- else -%} {%- else -%}
{{ create_role_options | to_json }} {{ create_role_options | to_json }}
{%- endif -%} {%- endif -%}
## Userpass based auth method ## Userpass based auth method

View file

@ -18,8 +18,8 @@
- name: shared/gen_userpass | Copy credentials to all hosts in the group - name: shared/gen_userpass | Copy credentials to all hosts in the group
copy: copy:
content: > content: >
{{ {{
{'username': gen_userpass_username, {'username': gen_userpass_username,
'password': gen_userpass_password} | to_nice_json(indent=4) 'password': gen_userpass_password} | to_nice_json(indent=4)
}} }}
dest: "{{ vault_roles_dir }}/{{ gen_userpass_role }}/userpass" dest: "{{ vault_roles_dir }}/{{ gen_userpass_role }}/userpass"

View file

@ -1,2 +1,2 @@
[Service] [Service]
Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %} Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %}

View file

@ -19,4 +19,4 @@
# etcd_peer_client_auth: true # etcd_peer_client_auth: true
## Settings for etcd deployment type ## Settings for etcd deployment type
etcd_deployment_type: docker etcd_deployment_type: docker

View file

@ -1,3 +1,3 @@
Package: {{ containerd_package }} Package: {{ containerd_package }}
Pin: version {{ containerd_version }}* Pin: version {{ containerd_version }}*
Pin-Priority: 1001 Pin-Priority: 1001

View file

@ -15,8 +15,8 @@ containerd_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb {{ containerd_debian_repo_base_url }} deb {{ containerd_debian_repo_base_url }}
{{ ansible_distribution_release|lower }} {{ ansible_distribution_release|lower }}
{{ containerd_debian_repo_component }} {{ containerd_debian_repo_component }}
runc_binary: /usr/bin/runc runc_binary: /usr/bin/runc

View file

@ -15,8 +15,8 @@ containerd_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb {{ containerd_ubuntu_repo_base_url }} deb {{ containerd_ubuntu_repo_base_url }}
{{ ansible_distribution_release|lower }} {{ ansible_distribution_release|lower }}
{{ containerd_ubuntu_repo_component }} {{ containerd_ubuntu_repo_component }}
runc_binary: /usr/bin/runc runc_binary: /usr/bin/runc

View file

@ -41,9 +41,9 @@ docker_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb {{ docker_debian_repo_base_url }} deb {{ docker_debian_repo_base_url }}
{{ ansible_distribution_release|lower }} {{ ansible_distribution_release|lower }}
stable stable
dockerproject_repo_key_info: dockerproject_repo_key_info:
pkg_key: apt_key pkg_key: apt_key
@ -55,6 +55,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb {{ docker_debian_repo_base_url }} deb {{ docker_debian_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main main

View file

@ -41,9 +41,9 @@ docker_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }} deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution_release|lower }} {{ ansible_distribution_release|lower }}
stable stable
dockerproject_repo_key_info: dockerproject_repo_key_info:
pkg_key: apt_key pkg_key: apt_key
@ -55,6 +55,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }} deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main main

View file

@ -37,9 +37,9 @@ docker_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }} deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution_release|lower }} {{ ansible_distribution_release|lower }}
stable stable
dockerproject_repo_key_info: dockerproject_repo_key_info:
pkg_key: apt_key pkg_key: apt_key
@ -51,6 +51,6 @@ dockerproject_repo_info:
pkg_repo: apt_repository pkg_repo: apt_repository
repos: repos:
- > - >
deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }} deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main main

View file

@ -30,14 +30,14 @@
with_items: "{{ expected_files }}" with_items: "{{ expected_files }}"
vars: vars:
expected_files: >- expected_files: >-
['{{ etcd_cert_dir }}/ca.pem', ['{{ etcd_cert_dir }}/ca.pem',
{% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %} {% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %}
{% for host in all_etcd_hosts %} {% for host in all_etcd_hosts %}
'{{ etcd_cert_dir }}/node-{{ host }}-key.pem', '{{ etcd_cert_dir }}/node-{{ host }}-key.pem',
'{{ etcd_cert_dir }}/admin-{{ host }}-key.pem', '{{ etcd_cert_dir }}/admin-{{ host }}-key.pem',
'{{ etcd_cert_dir }}/member-{{ host }}-key.pem' '{{ etcd_cert_dir }}/member-{{ host }}-key.pem'
{% if not loop.last %}{{','}}{% endif %} {% if not loop.last %}{{','}}{% endif %}
{% endfor %}] {% endfor %}]
- name: "Check_certs | Set 'gen_master_certs' to true" - name: "Check_certs | Set 'gen_master_certs' to true"
set_fact: set_fact:

View file

@ -111,9 +111,9 @@
- name: Gen_certs | Set cert names per node - name: Gen_certs | Set cert names per node
set_fact: set_fact:
my_etcd_node_certs: ['ca.pem', my_etcd_node_certs: [ 'ca.pem',
'node-{{ inventory_hostname }}.pem', 'node-{{ inventory_hostname }}.pem',
'node-{{ inventory_hostname }}-key.pem'] 'node-{{ inventory_hostname }}-key.pem']
tags: tags:
- facts - facts

View file

@ -1,9 +1,9 @@
--- ---
- name: Install | Copy etcdctl binary from docker container - name: Install | Copy etcdctl binary from docker container
command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy; command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy;
{{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} && {{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
{{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl && {{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl &&
{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy" {{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy"
register: etcdctl_install_result register: etcdctl_install_result
until: etcdctl_install_result.rc == 0 until: etcdctl_install_result.rc == 0
retries: "{{ etcd_retries }}" retries: "{{ etcd_retries }}"

View file

@ -18,14 +18,14 @@ auth:
useInstancePrincipals: true useInstancePrincipals: true
{% else %} {% else %}
useInstancePrincipals: false useInstancePrincipals: false
region: {{ oci_region_id }} region: {{ oci_region_id }}
tenancy: {{ oci_tenancy_id }} tenancy: {{ oci_tenancy_id }}
user: {{ oci_user_id }} user: {{ oci_user_id }}
key: | key: |
{{ oci_private_key }} {{ oci_private_key }}
{% if oci_private_key_passphrase is defined %} {% if oci_private_key_passphrase is defined %}
passphrase: {{ oci_private_key_passphrase }} passphrase: {{ oci_private_key_passphrase }}
{% endif %} {% endif %}
@ -75,16 +75,16 @@ loadBalancer:
# Optional rate limit controls for accessing OCI API # Optional rate limit controls for accessing OCI API
rateLimiter: rateLimiter:
{% if oci_rate_limit.rate_limit_qps_read %} {% if oci_rate_limit.rate_limit_qps_read %}
rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }} rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
{% endif %} {% endif %}
{% if oci_rate_limit.rate_limit_qps_write %} {% if oci_rate_limit.rate_limit_qps_write %}
rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }} rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
{% endif %} {% endif %}
{% if oci_rate_limit.rate_limit_bucket_read %} {% if oci_rate_limit.rate_limit_bucket_read %}
rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }} rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
{% endif %} {% endif %}
{% if oci_rate_limit.rate_limit_bucket_write %} {% if oci_rate_limit.rate_limit_bucket_write %}
rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }} rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
{% endif %} {% endif %}
{% endif %} {% endif %}

View file

@ -17,4 +17,4 @@ rules:
- nodes/spec - nodes/spec
- nodes/metrics - nodes/metrics
verbs: verbs:
- "*" - "*"

View file

@ -14,4 +14,4 @@ cinder_cacert: "{{ lookup('env','OS_CACERT') }}"
# For now, only Cinder v3 is supported in Cinder CSI driver # For now, only Cinder v3 is supported in Cinder CSI driver
cinder_blockstorage_version: "v3" cinder_blockstorage_version: "v3"
cinder_csi_controller_replicas: 1 cinder_csi_controller_replicas: 1

View file

@ -8,7 +8,7 @@ metadata:
namespace: kube-system namespace: kube-system
--- ---
# external attacher # external attacher
kind: ClusterRole kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:

View file

@ -197,4 +197,4 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: csi-gce-pd-node-sa name: csi-gce-pd-node-sa
namespace: kube-system namespace: kube-system

View file

@ -6,4 +6,4 @@ local_path_provisioner_reclaim_policy: Delete
local_path_provisioner_claim_root: /opt/local-path-provisioner/ local_path_provisioner_claim_root: /opt/local-path-provisioner/
local_path_provisioner_is_default_storageclass: "true" local_path_provisioner_is_default_storageclass: "true"
local_path_provisioner_debug: false local_path_provisioner_debug: false
local_path_provisioner_helper_image_tag: "latest" local_path_provisioner_helper_image_tag: "latest"

View file

@ -2,4 +2,4 @@
apiVersion: v1 apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
name: {{ local_path_provisioner_namespace }} name: {{ local_path_provisioner_namespace }}

View file

@ -3,4 +3,4 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: local-path-provisioner-service-account name: local-path-provisioner-service-account
namespace: {{ local_path_provisioner_namespace }} namespace: {{ local_path_provisioner_namespace }}

View file

@ -10,4 +10,4 @@ rules:
verbs: ["list", "create", "get", "update", "watch", "patch"] verbs: ["list", "create", "get", "update", "watch", "patch"]
- apiGroups: ["", "extensions"] - apiGroups: ["", "extensions"]
resources: ["nodes", "pods", "secrets", "services", "namespaces"] resources: ["nodes", "pods", "secrets", "services", "namespaces"]
verbs: ["get", "list", "watch"] verbs: ["get", "list", "watch"]

View file

@ -33,7 +33,7 @@ spec:
# Limit the namespace where this ALB Ingress Controller deployment will # Limit the namespace where this ALB Ingress Controller deployment will
# resolve ingress resources. If left commented, all namespaces are used. # resolve ingress resources. If left commented, all namespaces are used.
#- --watch-namespace=your-k8s-namespace #- --watch-namespace=your-k8s-namespace
# Setting the ingress-class flag below will ensure that only ingress resources with the # Setting the ingress-class flag below will ensure that only ingress resources with the
# annotation kubernetes.io/ingress.class: "alb" are respected by the controller. You may # annotation kubernetes.io/ingress.class: "alb" are respected by the controller. You may
# choose any class you'd like for this controller to respect. # choose any class you'd like for this controller to respect.
@ -42,7 +42,7 @@ spec:
# by the ALB Ingress Controller, providing distinction between # by the ALB Ingress Controller, providing distinction between
# clusters. # clusters.
- --cluster-name={{ cluster_name }} - --cluster-name={{ cluster_name }}
# Enables logging on all outbound requests sent to the AWS API. # Enables logging on all outbound requests sent to the AWS API.
# If logging is desired, set to true. # If logging is desired, set to true.
# - ---aws-api-debug # - ---aws-api-debug
@ -71,4 +71,4 @@ spec:
terminationGracePeriodSeconds: 30 terminationGracePeriodSeconds: 30
{% if rbac_enabled %} {% if rbac_enabled %}
serviceAccountName: alb-ingress serviceAccountName: alb-ingress
{% endif %} {% endif %}

View file

@ -20,4 +20,4 @@ spec:
shortNames: shortNames:
- cert - cert
- certs - certs

View file

@ -325,32 +325,32 @@ apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration kind: KubeProxyConfiguration
bindAddress: {{ kube_proxy_bind_address }} bindAddress: {{ kube_proxy_bind_address }}
clientConnection: clientConnection:
acceptContentTypes: {{ kube_proxy_client_accept_content_types }} acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
burst: {{ kube_proxy_client_burst }} burst: {{ kube_proxy_client_burst }}
contentType: {{ kube_proxy_client_content_type }} contentType: {{ kube_proxy_client_content_type }}
kubeconfig: {{ kube_proxy_client_kubeconfig }} kubeconfig: {{ kube_proxy_client_kubeconfig }}
qps: {{ kube_proxy_client_qps }} qps: {{ kube_proxy_client_qps }}
clusterCIDR: {{ kube_pods_subnet }} clusterCIDR: {{ kube_pods_subnet }}
configSyncPeriod: {{ kube_proxy_config_sync_period }} configSyncPeriod: {{ kube_proxy_config_sync_period }}
conntrack: conntrack:
maxPerCore: {{ kube_proxy_conntrack_max_per_core }} maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
min: {{ kube_proxy_conntrack_min }} min: {{ kube_proxy_conntrack_min }}
tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }} tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }} tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
enableProfiling: {{ kube_proxy_enable_profiling }} enableProfiling: {{ kube_proxy_enable_profiling }}
healthzBindAddress: {{ kube_proxy_healthz_bind_address }} healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
hostnameOverride: {{ kube_override_hostname }} hostnameOverride: {{ kube_override_hostname }}
iptables: iptables:
masqueradeAll: {{ kube_proxy_masquerade_all }} masqueradeAll: {{ kube_proxy_masquerade_all }}
masqueradeBit: {{ kube_proxy_masquerade_bit }} masqueradeBit: {{ kube_proxy_masquerade_bit }}
minSyncPeriod: {{ kube_proxy_min_sync_period }} minSyncPeriod: {{ kube_proxy_min_sync_period }}
syncPeriod: {{ kube_proxy_sync_period }} syncPeriod: {{ kube_proxy_sync_period }}
ipvs: ipvs:
excludeCIDRs: {{ kube_proxy_exclude_cidrs }} excludeCIDRs: {{ kube_proxy_exclude_cidrs }}
minSyncPeriod: {{ kube_proxy_min_sync_period }} minSyncPeriod: {{ kube_proxy_min_sync_period }}
scheduler: {{ kube_proxy_scheduler }} scheduler: {{ kube_proxy_scheduler }}
syncPeriod: {{ kube_proxy_sync_period }} syncPeriod: {{ kube_proxy_sync_period }}
strictARP: {{ kube_proxy_strict_arp }} strictARP: {{ kube_proxy_strict_arp }}
metricsBindAddress: {{ kube_proxy_metrics_bind_address }} metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
mode: {{ kube_proxy_mode }} mode: {{ kube_proxy_mode }}
nodePortAddresses: {{ kube_proxy_nodeport_addresses }} nodePortAddresses: {{ kube_proxy_nodeport_addresses }}

View file

@ -14,4 +14,4 @@ contexts:
- context: - context:
cluster: webhook-token-auth-cluster cluster: webhook-token-auth-cluster
user: webhook-token-auth-user user: webhook-token-auth-user
name: webhook-token-auth name: webhook-token-auth

View file

@ -40,7 +40,7 @@
- name: Set label to node - name: Set label to node
command: >- command: >-
{{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true {{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true
loop: "{{ role_node_labels + inventory_node_labels }}" loop: "{{ role_node_labels + inventory_node_labels }}"
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
changed_when: false changed_when: false

View file

@ -44,8 +44,8 @@
- name: Hosts | Extract existing entries for localhost from hosts file - name: Hosts | Extract existing entries for localhost from hosts file
set_fact: set_fact:
etc_hosts_localhosts_dict: >- etc_hosts_localhosts_dict: >-
{%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%} {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
{{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }} {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
with_items: "{{ (etc_hosts_content['content'] | b64decode).splitlines() }}" with_items: "{{ (etc_hosts_content['content'] | b64decode).splitlines() }}"
when: when:
- etc_hosts_content.content is defined - etc_hosts_content.content is defined

View file

@ -27,9 +27,9 @@
sync_tokens: >- sync_tokens: >-
{%- set tokens = {'sync': False} -%} {%- set tokens = {'sync': False} -%}
{%- for server in groups['kube-master'] | intersect(ansible_play_batch) {%- for server in groups['kube-master'] | intersect(ansible_play_batch)
if (not hostvars[server].known_tokens.stat.exists) or if (not hostvars[server].known_tokens.stat.exists) or
(hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%} (hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%}
{%- set _ = tokens.update({'sync': True}) -%} {%- set _ = tokens.update({'sync': True}) -%}
{%- endfor -%} {%- endfor -%}
{{ tokens.sync }} {{ tokens.sync }}
run_once: true run_once: true

View file

@ -434,13 +434,13 @@ loadbalancer_apiserver_type: "nginx"
apiserver_loadbalancer_domain_name: "lb-apiserver.kubernetes.local" apiserver_loadbalancer_domain_name: "lb-apiserver.kubernetes.local"
kube_apiserver_endpoint: |- kube_apiserver_endpoint: |-
{% if loadbalancer_apiserver is defined -%} {% if loadbalancer_apiserver is defined -%}
https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }} https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
{%- elif not is_kube_master and loadbalancer_apiserver_localhost -%} {%- elif not is_kube_master and loadbalancer_apiserver_localhost -%}
https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }} https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
{%- elif is_kube_master -%} {%- elif is_kube_master -%}
https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }} https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }}
{%- else -%} {%- else -%}
https://{{ first_kube_master }}:{{ kube_apiserver_port }} https://{{ first_kube_master }}:{{ kube_apiserver_port }}
{%- endif %} {%- endif %}
kube_apiserver_insecure_endpoint: >- kube_apiserver_insecure_endpoint: >-
http://{{ kube_apiserver_insecure_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_insecure_port }} http://{{ kube_apiserver_insecure_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_insecure_port }}

View file

@ -198,11 +198,11 @@
"apiVersion": "projectcalico.org/v3", "apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer", "kind": "BGPPeer",
"metadata": { "metadata": {
"name": "global-{{ item.router_id }}" "name": "global-{{ item.router_id }}"
}, },
"spec": { "spec": {
"asNumber": "{{ item.as }}", "asNumber": "{{ item.as }}",
"peerIP": "{{ item.router_id }}" "peerIP": "{{ item.router_id }}"
}}' | {{ bin_dir }}/calicoctl.sh apply -f - }}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output register: output
retries: 4 retries: 4
@ -220,11 +220,11 @@
"apiVersion": "projectcalico.org/v3", "apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer", "kind": "BGPPeer",
"metadata": { "metadata": {
"name": "peer-to-rrs" "name": "peer-to-rrs"
}, },
"spec": { "spec": {
"nodeSelector": "!has(i-am-a-route-reflector)", "nodeSelector": "!has(i-am-a-route-reflector)",
"peerSelector": "has(i-am-a-route-reflector)" "peerSelector": "has(i-am-a-route-reflector)"
}}' | {{ bin_dir }}/calicoctl.sh apply -f - }}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output register: output
retries: 4 retries: 4
@ -242,11 +242,11 @@
"apiVersion": "projectcalico.org/v3", "apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer", "kind": "BGPPeer",
"metadata": { "metadata": {
"name": "rr-mesh" "name": "rr-mesh"
}, },
"spec": { "spec": {
"nodeSelector": "has(i-am-a-route-reflector)", "nodeSelector": "has(i-am-a-route-reflector)",
"peerSelector": "has(i-am-a-route-reflector)" "peerSelector": "has(i-am-a-route-reflector)"
}}' | {{ bin_dir }}/calicoctl.sh apply -f - }}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output register: output
retries: 4 retries: 4
@ -315,13 +315,13 @@
"apiVersion": "projectcalico.org/v3", "apiVersion": "projectcalico.org/v3",
"kind": "Node", "kind": "Node",
"metadata": { "metadata": {
"name": "{{ inventory_hostname }}" "name": "{{ inventory_hostname }}"
}, },
"spec": { "spec": {
"bgp": { "bgp": {
"asNumber": "{{ local_as }}" "asNumber": "{{ local_as }}"
}, },
"orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}] "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
}}' | {{ bin_dir }}/calicoctl.sh apply -f - }}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output register: output
retries: 4 retries: 4
@ -339,12 +339,12 @@
"apiVersion": "projectcalico.org/v3", "apiVersion": "projectcalico.org/v3",
"kind": "BGPPeer", "kind": "BGPPeer",
"metadata": { "metadata": {
"name": "{{ inventory_hostname }}-{{ item.router_id }}" "name": "{{ inventory_hostname }}-{{ item.router_id }}"
}, },
"spec": { "spec": {
"asNumber": "{{ item.as }}", "asNumber": "{{ item.as }}",
"node": "{{ inventory_hostname }}", "node": "{{ inventory_hostname }}",
"peerIP": "{{ item.router_id }}" "peerIP": "{{ item.router_id }}"
}}' | {{ bin_dir }}/calicoctl.sh apply -f - }}' | {{ bin_dir }}/calicoctl.sh apply -f -
register: output register: output
retries: 4 retries: 4

View file

@ -368,10 +368,10 @@ spec:
secret: secret:
secretName: typha-client secretName: typha-client
items: items:
- key: tls.crt - key: tls.crt
path: typha-client.crt path: typha-client.crt
- key: tls.key - key: tls.key
path: typha-client.key path: typha-client.key
- name: typha-cacert - name: typha-cacert
hostPath: hostPath:
path: "/etc/kubernetes/ssl/" path: "/etc/kubernetes/ssl/"

View file

@ -145,17 +145,17 @@ spec:
periodSeconds: 10 periodSeconds: 10
{% if typha_secure %} {% if typha_secure %}
volumes: volumes:
- name: typha-server - name: typha-server
secret: secret:
secretName: typha-server secretName: typha-server
items: items:
- key: tls.crt - key: tls.crt
path: server_certificate.pem path: server_certificate.pem
- key: tls.key - key: tls.key
path: server_key.pem path: server_key.pem
- name: cacert - name: cacert
hostPath: hostPath:
path: "{{ kube_cert_dir }}" path: "{{ kube_cert_dir }}"
{% endif %} {% endif %}
--- ---

View file

@ -3,7 +3,7 @@
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: felixconfigurations.crd.projectcalico.org name: felixconfigurations.crd.projectcalico.org
spec: spec:
scope: Cluster scope: Cluster
group: crd.projectcalico.org group: crd.projectcalico.org

View file

@ -146,9 +146,9 @@
- name: Contiv | Copy netctl binary from docker container - name: Contiv | Copy netctl binary from docker container
command: sh -c "{{ docker_bin_dir }}/docker rm -f netctl-binarycopy; command: sh -c "{{ docker_bin_dir }}/docker rm -f netctl-binarycopy;
{{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} && {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
{{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl && {{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl &&
{{ docker_bin_dir }}/docker rm -f netctl-binarycopy" {{ docker_bin_dir }}/docker rm -f netctl-binarycopy"
register: contiv_task_result register: contiv_task_result
until: contiv_task_result.rc == 0 until: contiv_task_result.rc == 0
retries: 4 retries: 4

View file

@ -29,15 +29,15 @@ spec:
securityContext: securityContext:
privileged: true privileged: true
volumeMounts: volumeMounts:
- mountPath: /etc/openvswitch - mountPath: /etc/openvswitch
name: etc-openvswitch name: etc-openvswitch
readOnly: false readOnly: false
- mountPath: /var/run - mountPath: /var/run
name: var-run name: var-run
readOnly: false readOnly: false
- mountPath: /opt/cni/bin - mountPath: /opt/cni/bin
name: cni-bin-dir name: cni-bin-dir
readOnly: false readOnly: false
readinessProbe: readinessProbe:
exec: exec:
command: command:

View file

@ -22,10 +22,10 @@ data:
} }
contiv_k8s_config: |- contiv_k8s_config: |-
{ {
"K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}", "K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
"K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt", "K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
"K8S_KEY": "", "K8S_KEY": "",
"K8S_CERT": "", "K8S_CERT": "",
"K8S_TOKEN": "", "K8S_TOKEN": "",
"SVC_SUBNET": "{{ kube_service_addresses }}" "SVC_SUBNET": "{{ kube_service_addresses }}"
} }

View file

@ -20,12 +20,12 @@ spec:
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
hostPID: true hostPID: true
affinity: affinity:
nodeAffinity: nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution: requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms: nodeSelectorTerms:
- matchExpressions: - matchExpressions:
- key: node-role.kubernetes.io/master - key: node-role.kubernetes.io/master
operator: DoesNotExist operator: DoesNotExist
containers: containers:
- name: contiv-etcd-proxy - name: contiv-etcd-proxy
image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }} image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}

View file

@ -78,8 +78,8 @@ spec:
value: kubernetes value: kubernetes
- name: CONTIV_NETPLUGIN_VTEP_IP - name: CONTIV_NETPLUGIN_VTEP_IP
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: status.podIP fieldPath: status.podIP
- name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS - name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:

View file

@ -57,15 +57,15 @@ spec:
name: contiv-config name: contiv-config
key: contiv_ovs_vswitchd_extra_flags key: contiv_ovs_vswitchd_extra_flags
volumeMounts: volumeMounts:
- mountPath: /etc/openvswitch - mountPath: /etc/openvswitch
name: etc-openvswitch name: etc-openvswitch
readOnly: false readOnly: false
- mountPath: /lib/modules - mountPath: /lib/modules
name: lib-modules name: lib-modules
readOnly: true readOnly: true
- mountPath: /var/run - mountPath: /var/run
name: var-run name: var-run
readOnly: false readOnly: false
volumes: volumes:
# Used by contiv-ovs # Used by contiv-ovs
- name: etc-openvswitch - name: etc-openvswitch

View file

@ -13,4 +13,4 @@ kube_ovn_pinger_cpu_limit: 200m
kube_ovn_pinger_memory_limit: 400Mi kube_ovn_pinger_memory_limit: 400Mi
traffic_mirror: true traffic_mirror: true
encap_checksum: true encap_checksum: true

View file

@ -104,4 +104,4 @@ spec:
JSONPath: .spec.providerInterfaceName JSONPath: .spec.providerInterfaceName
- name: Subnet - name: Subnet
type: string type: string
JSONPath: .spec.subnet JSONPath: .spec.subnet

View file

@ -349,4 +349,4 @@ spec:
path: /var/log/openvswitch path: /var/log/openvswitch
- name: host-log-ovn - name: host-log-ovn
hostPath: hostPath:
path: /var/log/ovn path: /var/log/ovn

View file

@ -57,4 +57,4 @@ kube_router_enable_metrics: false
kube_router_metrics_path: /metrics kube_router_metrics_path: /metrics
# Prometheus metrics port to use # Prometheus metrics port to use
kube_router_metrics_port: 9255 kube_router_metrics_port: 9255

View file

@ -25,4 +25,4 @@ rules:
verbs: verbs:
- create - create
- patch - patch
- update - update

View file

@ -3,8 +3,8 @@
# Node NotReady: type = ready, status = Unknown # Node NotReady: type = ready, status = Unknown
- name: See if node is in ready state - name: See if node is in ready state
shell: >- shell: >-
{{ bin_dir }}/kubectl get node {{ inventory_hostname }} {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
-o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }' -o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }'
register: kubectl_node_ready register: kubectl_node_ready
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
failed_when: false failed_when: false
@ -14,8 +14,8 @@
# else unschedulable key doesn't exist # else unschedulable key doesn't exist
- name: See if node is schedulable - name: See if node is schedulable
shell: >- shell: >-
{{ bin_dir }}/kubectl get node {{ inventory_hostname }} {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
-o jsonpath='{ .spec.unschedulable }' -o jsonpath='{ .spec.unschedulable }'
register: kubectl_node_schedulable register: kubectl_node_schedulable
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
failed_when: false failed_when: false

View file

@ -70,4 +70,4 @@ images:
filename: openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2 filename: openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2
url: https://download.opensuse.org/repositories/Cloud:/Images:/Leap_15.1/images/openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2 url: https://download.opensuse.org/repositories/Cloud:/Images:/Leap_15.1/images/openSUSE-Leap-15.1-OpenStack.x86_64-0.0.4-Build6.106.qcow2
checksum: sha256:e3c016a889505c5ae51dafe6eedc836a9e9546ab951fdc96f07eb35e34d12b8c checksum: sha256:e3c016a889505c5ae51dafe6eedc836a9e9546ab951fdc96f07eb35e34d12b8c
converted: true converted: true

View file

@ -10,4 +10,4 @@ kubernetes_audit: true
dns_min_replicas: 1 dns_min_replicas: 1
# Needed to upgrade from 1.16 to 1.17, otherwise upgrade is partial and bug followed # Needed to upgrade from 1.16 to 1.17, otherwise upgrade is partial and bug followed
upgrade_cluster_setup: true upgrade_cluster_setup: true

View file

@ -6,4 +6,4 @@ mode: default
# Kubespray settings # Kubespray settings
kube_network_plugin: kube-ovn kube_network_plugin: kube-ovn
deploy_netchecker: true deploy_netchecker: true
dns_min_replicas: 1 dns_min_replicas: 1

View file

@ -14,4 +14,4 @@ helm_version: v3.1.0
# https://gitlab.com/miouge/kubespray-ci/-/blob/a4fd5ed6857807f1c353cb60848aedebaf7d2c94/manifests/http-proxy.yml#L42 # https://gitlab.com/miouge/kubespray-ci/-/blob/a4fd5ed6857807f1c353cb60848aedebaf7d2c94/manifests/http-proxy.yml#L42
http_proxy: http://172.30.30.30:8888 http_proxy: http://172.30.30.30:8888
https_proxy: http://172.30.30.30:8888 https_proxy: http://172.30.30.30:8888

View file

@ -4,4 +4,4 @@ deploy_netchecker: true
sonobuoy_enabled: true sonobuoy_enabled: true
# Ignore ping errors # Ignore ping errors
ignore_assert_errors: true ignore_assert_errors: true

View file

@ -4,4 +4,4 @@
kube_network_plugin: flannel kube_network_plugin: flannel
deploy_netchecker: true deploy_netchecker: true
dns_min_replicas: 1 dns_min_replicas: 1

View file

@ -4,4 +4,4 @@
kube_network_plugin: flannel kube_network_plugin: flannel
deploy_netchecker: true deploy_netchecker: true
dns_min_replicas: 1 dns_min_replicas: 1

View file

@ -17,4 +17,4 @@
that: that:
- apiserver_response.json.gitVersion == kube_version - apiserver_response.json.gitVersion == kube_version
fail_msg: "apiserver version different than expected {{ kube_version }}" fail_msg: "apiserver version different than expected {{ kube_version }}"
when: kube_version is defined when: kube_version is defined

View file

@ -30,4 +30,4 @@
# Check that all nodes are Status=Ready # Check that all nodes are Status=Ready
- '(get_nodes_yaml.stdout | from_yaml)["items"] | map(attribute = "status.conditions") | map("items2dict", key_name="type", value_name="status") | map(attribute="Ready") | list | min' - '(get_nodes_yaml.stdout | from_yaml)["items"] | map(attribute = "status.conditions") | map("items2dict", key_name="type", value_name="status") | map(attribute="Ready") | list | min'
retries: 30 retries: 30
delay: 10 delay: 10

View file

@ -51,13 +51,13 @@
- name: Get hostnet pods - name: Get hostnet pods
command: "{{ bin_dir }}/kubectl get pods -n test -o command: "{{ bin_dir }}/kubectl get pods -n test -o
jsonpath='{range .items[?(.spec.hostNetwork)]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'" jsonpath='{range .items[?(.spec.hostNetwork)]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
register: hostnet_pods register: hostnet_pods
no_log: true no_log: true
- name: Get running pods - name: Get running pods
command: "{{ bin_dir }}/kubectl get pods -n test -o command: "{{ bin_dir }}/kubectl get pods -n test -o
jsonpath='{range .items[?(.status.phase==\"Running\")]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'" jsonpath='{range .items[?(.status.phase==\"Running\")]}{.metadata.name} {.status.podIP} {.status.containerStatuses} {end}'"
register: running_pods register: running_pods
no_log: true no_log: true