turn adduser/download roles into meta roles

This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
This commit is contained in:
Paul Czarkowski 2016-05-22 17:25:52 -05:00
parent 094f4d02b8
commit 7de87d958e
11 changed files with 104 additions and 60 deletions

View file

@ -1,8 +1,6 @@
--- ---
- hosts: k8s-cluster - hosts: k8s-cluster
roles: roles:
- { role: adduser, tags: adduser }
- { role: download, tags: download }
- { role: kubernetes/preinstall, tags: preinstall } - { role: kubernetes/preinstall, tags: preinstall }
- { role: etcd, tags: etcd } - { role: etcd, tags: etcd }
- { role: docker, tags: docker, when: ansible_os_family != "CoreOS" } - { role: docker, tags: docker, when: ansible_os_family != "CoreOS" }

View file

@ -0,0 +1,24 @@
---
addusers:
etcd:
name: etcd
comment: "Etcd user"
createhome: yes
home: "/var/lib/etcd"
system: yes
shell: /bin/nologin
kube:
name: kube
comment: "Kubernetes user"
shell: /sbin/nologin
system: yes
group: "{{ kube_cert_group }}"
createhome: no
adduser:
name: "{{ user.name }}"
group: "{{ user.name|default(None) }}"
comment: "{{ user.comment|default(None) }}"
shell: "{{ user.shell|default(None) }}"
system: "{{ user.system|default(None) }}"
createhome: "{{ user.createhome|default(None) }}"

View file

@ -1,28 +1,13 @@
--- ---
- name: gather os specific variables
include_vars: "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}.yml"
- "{{ ansible_os_family|lower }}.yml"
- defaults.yml
paths:
- ../vars
skip: true
- name: User | Create User Group - name: User | Create User Group
group: name={{item.group|default(item.name)}} system={{item.system|default(omit)}} group: name={{user.group|default(user.name)}} system={{user.system|default(omit)}}
with_items: "{{ addusers }}"
- name: User | Create User - name: User | Create User
user: user:
comment: "{{item.comment|default(omit)}}" comment: "{{user.comment|default(omit)}}"
createhome: "{{item.create_home|default(omit)}}" createhome: "{{user.create_home|default(omit)}}"
group: "{{item.group|default(item.name)}}" group: "{{user.group|default(user.name)}}"
home: "{{item.home|default(omit)}}" home: "{{user.home|default(omit)}}"
name: "{{item.name}}" shell: "{{user.shell|default(omit)}}"
system: "{{item.system|default(omit)}}" name: "{{user.name}}"
with_items: "{{ addusers }}" system: "{{user.system|default(omit)}}"

View file

@ -33,7 +33,7 @@ kubelet_checksum: "4adaf40592248eef6fd4fa126464915ea41e624a70dc77178089760ed235e
kube_apiserver_checksum: "6ac99b36b02968459e026fcfc234207c66064b5e11816b69dd8fc234b2ffec1e" kube_apiserver_checksum: "6ac99b36b02968459e026fcfc234207c66064b5e11816b69dd8fc234b2ffec1e"
downloads: downloads:
- name: calico calico:
dest: calico/bin/calicoctl dest: calico/bin/calicoctl
version: "{{calico_version}}" version: "{{calico_version}}"
sha256: "{{ calico_checksum }}" sha256: "{{ calico_checksum }}"
@ -41,8 +41,7 @@ downloads:
url: "{{ calico_download_url }}" url: "{{ calico_download_url }}"
owner: "root" owner: "root"
mode: "0755" mode: "0755"
calico_cni_plugin:
- name: calico-cni-plugin
dest: calico/bin/calico dest: calico/bin/calico
version: "{{calico_cni_version}}" version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_checksum }}" sha256: "{{ calico_cni_checksum }}"
@ -50,8 +49,7 @@ downloads:
url: "{{ calico_cni_download_url }}" url: "{{ calico_cni_download_url }}"
owner: "root" owner: "root"
mode: "0755" mode: "0755"
calico_cni_plugin_ipam:
- name: calico-cni-plugin-ipam
dest: calico/bin/calico-ipam dest: calico/bin/calico-ipam
version: "{{calico_cni_version}}" version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_ipam_checksum }}" sha256: "{{ calico_cni_ipam_checksum }}"
@ -59,8 +57,7 @@ downloads:
url: "{{ calico_cni_ipam_download_url }}" url: "{{ calico_cni_ipam_download_url }}"
owner: "root" owner: "root"
mode: "0755" mode: "0755"
weave:
- name: weave
dest: weave/bin/weave dest: weave/bin/weave
version: "{{weave_version}}" version: "{{weave_version}}"
source_url: "{{weave_download_url}}" source_url: "{{weave_download_url}}"
@ -68,8 +65,7 @@ downloads:
sha256: "{{ weave_checksum }}" sha256: "{{ weave_checksum }}"
owner: "root" owner: "root"
mode: "0755" mode: "0755"
etcd:
- name: etcd
version: "{{etcd_version}}" version: "{{etcd_version}}"
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz" dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
sha256: "{{ etcd_checksum }}" sha256: "{{ etcd_checksum }}"
@ -78,8 +74,7 @@ downloads:
unarchive: true unarchive: true
owner: "etcd" owner: "etcd"
mode: "0755" mode: "0755"
kubernetes_kubelet:
- name: kubernetes-kubelet
version: "{{kube_version}}" version: "{{kube_version}}"
dest: kubernetes/bin/kubelet dest: kubernetes/bin/kubelet
sha256: "{{kubelet_checksum}}" sha256: "{{kubelet_checksum}}"
@ -87,8 +82,7 @@ downloads:
url: "{{ kubelet_download_url }}" url: "{{ kubelet_download_url }}"
owner: "kube" owner: "kube"
mode: "0755" mode: "0755"
kubernetes_kubectl:
- name: kubernetes-kubectl
dest: kubernetes/bin/kubectl dest: kubernetes/bin/kubectl
version: "{{kube_version}}" version: "{{kube_version}}"
sha256: "{{kubectl_checksum}}" sha256: "{{kubectl_checksum}}"
@ -96,8 +90,7 @@ downloads:
url: "{{ kubectl_download_url }}" url: "{{ kubectl_download_url }}"
owner: "kube" owner: "kube"
mode: "0755" mode: "0755"
kubernetes_apiserver:
- name: kubernetes-apiserver
dest: kubernetes/bin/kube-apiserver dest: kubernetes/bin/kube-apiserver
version: "{{kube_version}}" version: "{{kube_version}}"
sha256: "{{kube_apiserver_checksum}}" sha256: "{{kube_apiserver_checksum}}"
@ -105,3 +98,14 @@ downloads:
url: "{{ apiserver_download_url }}" url: "{{ apiserver_download_url }}"
owner: "kube" owner: "kube"
mode: "0755" mode: "0755"
download:
enabled: "{{ file.enabled|default('true') }}"
dest: "{{ file.dest|default(None) }}"
version: "{{ file.version|default(None) }}"
sha256: "{{ file.sha256|default(None) }}"
source_url: "{{ file.source_url|default(None) }}"
url: "{{ file.url|default(None) }}"
unarchive: "{{ file.unarchive|default('false') }}"
owner: "{{ file.owner|default('kube') }}"
mode: "{{ file.mode|default(None) }}"

View file

@ -1,36 +1,39 @@
--- ---
- name: downloading...
debug:
msg: "{{ download.url }}"
when: "{{ download.enabled|bool }}"
- name: Create dest directories - name: Create dest directories
file: path={{local_release_dir}}/{{item.dest|dirname}} state=directory recurse=yes file: path={{local_release_dir}}/{{download.dest|dirname}} state=directory recurse=yes
with_items: "{{ downloads }}" when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}" run_once: "{{ download_run_once|bool }}"
- name: Download items - name: Download items
get_url: get_url:
url: "{{item.url}}" url: "{{download.url}}"
dest: "{{local_release_dir}}/{{item.dest}}" dest: "{{local_release_dir}}/{{download.dest}}"
sha256sum: "{{item.sha256 | default(omit)}}" sha256sum: "{{download.sha256 | default(omit)}}"
owner: "{{ item.owner|default(omit) }}" owner: "{{ download.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}" mode: "{{ download.mode|default(omit) }}"
with_items: "{{ downloads }}" when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}" run_once: "{{ download_run_once|bool }}"
- name: Extract archives - name: Extract archives
unarchive: unarchive:
src: "{{ local_release_dir }}/{{item.dest}}" src: "{{ local_release_dir }}/{{download.dest}}"
dest: "{{ local_release_dir }}/{{item.dest|dirname}}" dest: "{{ local_release_dir }}/{{download.dest|dirname}}"
owner: "{{ item.owner|default(omit) }}" owner: "{{ download.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}" mode: "{{ download.mode|default(omit) }}"
copy: no copy: no
when: "{{item.unarchive is defined and item.unarchive == True}}" when: "{{ download.enabled|bool }} and ({{download.unarchive is defined and download.unarchive == True}})"
with_items: "{{ downloads }}"
run_once: "{{ download_run_once|bool }}" run_once: "{{ download_run_once|bool }}"
- name: Fix permissions - name: Fix permissions
file: file:
state: file state: file
path: "{{local_release_dir}}/{{item.dest}}" path: "{{local_release_dir}}/{{download.dest}}"
owner: "{{ item.owner|default(omit) }}" owner: "{{ download.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}" mode: "{{ download.mode|default(omit) }}"
when: "{{item.unarchive is not defined or item.unarchive == False}}" when: "{{ download.enabled|bool }} and ({{download.unarchive is not defined or download.unarchive == False}})"
with_items: "{{ downloads }}"
run_once: "{{ download_run_once|bool }}" run_once: "{{ download_run_once|bool }}"

7
roles/etcd/meta/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
dependencies:
- role: adduser
user: "{{ addusers.etcd }}"
when: ansible_os_family != 'CoreOS'
- role: download
file: "{{ downloads.etcd }}"

View file

@ -1,4 +1,8 @@
--- ---
dependencies: dependencies:
- role: download
file: "{{ downloads.kubernetes_kubectl }}"
- role: download
file: "{{ downloads.kubernetes_apiserver }}"
- { role: etcd } - { role: etcd }
- { role: kubernetes/node } - { role: kubernetes/node }

View file

@ -1,3 +1,5 @@
--- ---
dependencies: dependencies:
- role: kubernetes/secrets - role: download
file: "{{ downloads.kubernetes_kubelet }}"
- role: kubernetes/secrets

View file

@ -0,0 +1,5 @@
---
dependencies:
- role: adduser
user: "{{ addusers.kube }}"
when: ansible_os_family != 'CoreOS'

View file

@ -0,0 +1,8 @@
---
dependencies:
- role: download
file: "{{ downloads.calico }}"
- role: download
file: "{{ downloads.calico_cni_plugin }}"
- role: download
file: "{{ downloads.calico_cni_plugin_ipam }}"

View file

@ -0,0 +1,4 @@
---
dependencies:
- role: download
file: "{{ downloads.weave }}"