turn adduser/download roles into meta roles

This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
This commit is contained in:
Paul Czarkowski 2016-05-22 17:25:52 -05:00
parent 094f4d02b8
commit 7de87d958e
11 changed files with 104 additions and 60 deletions

View file

@ -1,8 +1,6 @@
---
- hosts: k8s-cluster
roles:
- { role: adduser, tags: adduser }
- { role: download, tags: download }
- { role: kubernetes/preinstall, tags: preinstall }
- { role: etcd, tags: etcd }
- { role: docker, tags: docker, when: ansible_os_family != "CoreOS" }

View file

@ -0,0 +1,24 @@
---
addusers:
etcd:
name: etcd
comment: "Etcd user"
createhome: yes
home: "/var/lib/etcd"
system: yes
shell: /bin/nologin
kube:
name: kube
comment: "Kubernetes user"
shell: /sbin/nologin
system: yes
group: "{{ kube_cert_group }}"
createhome: no
adduser:
name: "{{ user.name }}"
group: "{{ user.name|default(None) }}"
comment: "{{ user.comment|default(None) }}"
shell: "{{ user.shell|default(None) }}"
system: "{{ user.system|default(None) }}"
createhome: "{{ user.createhome|default(None) }}"

View file

@ -1,28 +1,13 @@
---
- name: gather os specific variables
include_vars: "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}.yml"
- "{{ ansible_os_family|lower }}.yml"
- defaults.yml
paths:
- ../vars
skip: true
- name: User | Create User Group
group: name={{item.group|default(item.name)}} system={{item.system|default(omit)}}
with_items: "{{ addusers }}"
group: name={{user.group|default(user.name)}} system={{user.system|default(omit)}}
- name: User | Create User
user:
comment: "{{item.comment|default(omit)}}"
createhome: "{{item.create_home|default(omit)}}"
group: "{{item.group|default(item.name)}}"
home: "{{item.home|default(omit)}}"
name: "{{item.name}}"
system: "{{item.system|default(omit)}}"
with_items: "{{ addusers }}"
comment: "{{user.comment|default(omit)}}"
createhome: "{{user.create_home|default(omit)}}"
group: "{{user.group|default(user.name)}}"
home: "{{user.home|default(omit)}}"
shell: "{{user.shell|default(omit)}}"
name: "{{user.name}}"
system: "{{user.system|default(omit)}}"

View file

@ -33,7 +33,7 @@ kubelet_checksum: "4adaf40592248eef6fd4fa126464915ea41e624a70dc77178089760ed235e
kube_apiserver_checksum: "6ac99b36b02968459e026fcfc234207c66064b5e11816b69dd8fc234b2ffec1e"
downloads:
- name: calico
calico:
dest: calico/bin/calicoctl
version: "{{calico_version}}"
sha256: "{{ calico_checksum }}"
@ -41,8 +41,7 @@ downloads:
url: "{{ calico_download_url }}"
owner: "root"
mode: "0755"
- name: calico-cni-plugin
calico_cni_plugin:
dest: calico/bin/calico
version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_checksum }}"
@ -50,8 +49,7 @@ downloads:
url: "{{ calico_cni_download_url }}"
owner: "root"
mode: "0755"
- name: calico-cni-plugin-ipam
calico_cni_plugin_ipam:
dest: calico/bin/calico-ipam
version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_ipam_checksum }}"
@ -59,8 +57,7 @@ downloads:
url: "{{ calico_cni_ipam_download_url }}"
owner: "root"
mode: "0755"
- name: weave
weave:
dest: weave/bin/weave
version: "{{weave_version}}"
source_url: "{{weave_download_url}}"
@ -68,8 +65,7 @@ downloads:
sha256: "{{ weave_checksum }}"
owner: "root"
mode: "0755"
- name: etcd
etcd:
version: "{{etcd_version}}"
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
sha256: "{{ etcd_checksum }}"
@ -78,8 +74,7 @@ downloads:
unarchive: true
owner: "etcd"
mode: "0755"
- name: kubernetes-kubelet
kubernetes_kubelet:
version: "{{kube_version}}"
dest: kubernetes/bin/kubelet
sha256: "{{kubelet_checksum}}"
@ -87,8 +82,7 @@ downloads:
url: "{{ kubelet_download_url }}"
owner: "kube"
mode: "0755"
- name: kubernetes-kubectl
kubernetes_kubectl:
dest: kubernetes/bin/kubectl
version: "{{kube_version}}"
sha256: "{{kubectl_checksum}}"
@ -96,8 +90,7 @@ downloads:
url: "{{ kubectl_download_url }}"
owner: "kube"
mode: "0755"
- name: kubernetes-apiserver
kubernetes_apiserver:
dest: kubernetes/bin/kube-apiserver
version: "{{kube_version}}"
sha256: "{{kube_apiserver_checksum}}"
@ -105,3 +98,14 @@ downloads:
url: "{{ apiserver_download_url }}"
owner: "kube"
mode: "0755"
download:
enabled: "{{ file.enabled|default('true') }}"
dest: "{{ file.dest|default(None) }}"
version: "{{ file.version|default(None) }}"
sha256: "{{ file.sha256|default(None) }}"
source_url: "{{ file.source_url|default(None) }}"
url: "{{ file.url|default(None) }}"
unarchive: "{{ file.unarchive|default('false') }}"
owner: "{{ file.owner|default('kube') }}"
mode: "{{ file.mode|default(None) }}"

View file

@ -1,36 +1,39 @@
---
- name: downloading...
debug:
msg: "{{ download.url }}"
when: "{{ download.enabled|bool }}"
- name: Create dest directories
file: path={{local_release_dir}}/{{item.dest|dirname}} state=directory recurse=yes
with_items: "{{ downloads }}"
file: path={{local_release_dir}}/{{download.dest|dirname}} state=directory recurse=yes
when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}"
- name: Download items
get_url:
url: "{{item.url}}"
dest: "{{local_release_dir}}/{{item.dest}}"
sha256sum: "{{item.sha256 | default(omit)}}"
owner: "{{ item.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}"
with_items: "{{ downloads }}"
url: "{{download.url}}"
dest: "{{local_release_dir}}/{{download.dest}}"
sha256sum: "{{download.sha256 | default(omit)}}"
owner: "{{ download.owner|default(omit) }}"
mode: "{{ download.mode|default(omit) }}"
when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}"
- name: Extract archives
unarchive:
src: "{{ local_release_dir }}/{{item.dest}}"
dest: "{{ local_release_dir }}/{{item.dest|dirname}}"
owner: "{{ item.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}"
src: "{{ local_release_dir }}/{{download.dest}}"
dest: "{{ local_release_dir }}/{{download.dest|dirname}}"
owner: "{{ download.owner|default(omit) }}"
mode: "{{ download.mode|default(omit) }}"
copy: no
when: "{{item.unarchive is defined and item.unarchive == True}}"
with_items: "{{ downloads }}"
when: "{{ download.enabled|bool }} and ({{download.unarchive is defined and download.unarchive == True}})"
run_once: "{{ download_run_once|bool }}"
- name: Fix permissions
file:
state: file
path: "{{local_release_dir}}/{{item.dest}}"
owner: "{{ item.owner|default(omit) }}"
mode: "{{ item.mode|default(omit) }}"
when: "{{item.unarchive is not defined or item.unarchive == False}}"
with_items: "{{ downloads }}"
path: "{{local_release_dir}}/{{download.dest}}"
owner: "{{ download.owner|default(omit) }}"
mode: "{{ download.mode|default(omit) }}"
when: "{{ download.enabled|bool }} and ({{download.unarchive is not defined or download.unarchive == False}})"
run_once: "{{ download_run_once|bool }}"

7
roles/etcd/meta/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
dependencies:
- role: adduser
user: "{{ addusers.etcd }}"
when: ansible_os_family != 'CoreOS'
- role: download
file: "{{ downloads.etcd }}"

View file

@ -1,4 +1,8 @@
---
dependencies:
- role: download
file: "{{ downloads.kubernetes_kubectl }}"
- role: download
file: "{{ downloads.kubernetes_apiserver }}"
- { role: etcd }
- { role: kubernetes/node }

View file

@ -1,3 +1,5 @@
---
dependencies:
- role: download
file: "{{ downloads.kubernetes_kubelet }}"
- role: kubernetes/secrets

View file

@ -0,0 +1,5 @@
---
dependencies:
- role: adduser
user: "{{ addusers.kube }}"
when: ansible_os_family != 'CoreOS'

View file

@ -0,0 +1,8 @@
---
dependencies:
- role: download
file: "{{ downloads.calico }}"
- role: download
file: "{{ downloads.calico_cni_plugin }}"
- role: download
file: "{{ downloads.calico_cni_plugin_ipam }}"

View file

@ -0,0 +1,4 @@
---
dependencies:
- role: download
file: "{{ downloads.weave }}"