turn adduser/download roles into meta roles
This should make things a little more composable, by making these roles meta roles that perform no actions by default we allow each role to own its own resources.
This commit is contained in:
parent
094f4d02b8
commit
7de87d958e
11 changed files with 104 additions and 60 deletions
|
@ -1,8 +1,6 @@
|
|||
---
|
||||
- hosts: k8s-cluster
|
||||
roles:
|
||||
- { role: adduser, tags: adduser }
|
||||
- { role: download, tags: download }
|
||||
- { role: kubernetes/preinstall, tags: preinstall }
|
||||
- { role: etcd, tags: etcd }
|
||||
- { role: docker, tags: docker, when: ansible_os_family != "CoreOS" }
|
||||
|
|
24
roles/adduser/defaults/main.yml
Normal file
24
roles/adduser/defaults/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
addusers:
|
||||
etcd:
|
||||
name: etcd
|
||||
comment: "Etcd user"
|
||||
createhome: yes
|
||||
home: "/var/lib/etcd"
|
||||
system: yes
|
||||
shell: /bin/nologin
|
||||
kube:
|
||||
name: kube
|
||||
comment: "Kubernetes user"
|
||||
shell: /sbin/nologin
|
||||
system: yes
|
||||
group: "{{ kube_cert_group }}"
|
||||
createhome: no
|
||||
|
||||
adduser:
|
||||
name: "{{ user.name }}"
|
||||
group: "{{ user.name|default(None) }}"
|
||||
comment: "{{ user.comment|default(None) }}"
|
||||
shell: "{{ user.shell|default(None) }}"
|
||||
system: "{{ user.system|default(None) }}"
|
||||
createhome: "{{ user.createhome|default(None) }}"
|
|
@ -1,28 +1,13 @@
|
|||
---
|
||||
- name: gather os specific variables
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
|
||||
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
|
||||
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
|
||||
- "{{ ansible_distribution|lower }}.yml"
|
||||
- "{{ ansible_os_family|lower }}.yml"
|
||||
- defaults.yml
|
||||
paths:
|
||||
- ../vars
|
||||
skip: true
|
||||
|
||||
- name: User | Create User Group
|
||||
group: name={{item.group|default(item.name)}} system={{item.system|default(omit)}}
|
||||
with_items: "{{ addusers }}"
|
||||
group: name={{user.group|default(user.name)}} system={{user.system|default(omit)}}
|
||||
|
||||
- name: User | Create User
|
||||
user:
|
||||
comment: "{{item.comment|default(omit)}}"
|
||||
createhome: "{{item.create_home|default(omit)}}"
|
||||
group: "{{item.group|default(item.name)}}"
|
||||
home: "{{item.home|default(omit)}}"
|
||||
name: "{{item.name}}"
|
||||
system: "{{item.system|default(omit)}}"
|
||||
with_items: "{{ addusers }}"
|
||||
comment: "{{user.comment|default(omit)}}"
|
||||
createhome: "{{user.create_home|default(omit)}}"
|
||||
group: "{{user.group|default(user.name)}}"
|
||||
home: "{{user.home|default(omit)}}"
|
||||
shell: "{{user.shell|default(omit)}}"
|
||||
name: "{{user.name}}"
|
||||
system: "{{user.system|default(omit)}}"
|
||||
|
|
|
@ -33,7 +33,7 @@ kubelet_checksum: "4adaf40592248eef6fd4fa126464915ea41e624a70dc77178089760ed235e
|
|||
kube_apiserver_checksum: "6ac99b36b02968459e026fcfc234207c66064b5e11816b69dd8fc234b2ffec1e"
|
||||
|
||||
downloads:
|
||||
- name: calico
|
||||
calico:
|
||||
dest: calico/bin/calicoctl
|
||||
version: "{{calico_version}}"
|
||||
sha256: "{{ calico_checksum }}"
|
||||
|
@ -41,8 +41,7 @@ downloads:
|
|||
url: "{{ calico_download_url }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: calico-cni-plugin
|
||||
calico_cni_plugin:
|
||||
dest: calico/bin/calico
|
||||
version: "{{calico_cni_version}}"
|
||||
sha256: "{{ calico_cni_checksum }}"
|
||||
|
@ -50,8 +49,7 @@ downloads:
|
|||
url: "{{ calico_cni_download_url }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: calico-cni-plugin-ipam
|
||||
calico_cni_plugin_ipam:
|
||||
dest: calico/bin/calico-ipam
|
||||
version: "{{calico_cni_version}}"
|
||||
sha256: "{{ calico_cni_ipam_checksum }}"
|
||||
|
@ -59,8 +57,7 @@ downloads:
|
|||
url: "{{ calico_cni_ipam_download_url }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: weave
|
||||
weave:
|
||||
dest: weave/bin/weave
|
||||
version: "{{weave_version}}"
|
||||
source_url: "{{weave_download_url}}"
|
||||
|
@ -68,8 +65,7 @@ downloads:
|
|||
sha256: "{{ weave_checksum }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: etcd
|
||||
etcd:
|
||||
version: "{{etcd_version}}"
|
||||
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
|
||||
sha256: "{{ etcd_checksum }}"
|
||||
|
@ -78,8 +74,7 @@ downloads:
|
|||
unarchive: true
|
||||
owner: "etcd"
|
||||
mode: "0755"
|
||||
|
||||
- name: kubernetes-kubelet
|
||||
kubernetes_kubelet:
|
||||
version: "{{kube_version}}"
|
||||
dest: kubernetes/bin/kubelet
|
||||
sha256: "{{kubelet_checksum}}"
|
||||
|
@ -87,8 +82,7 @@ downloads:
|
|||
url: "{{ kubelet_download_url }}"
|
||||
owner: "kube"
|
||||
mode: "0755"
|
||||
|
||||
- name: kubernetes-kubectl
|
||||
kubernetes_kubectl:
|
||||
dest: kubernetes/bin/kubectl
|
||||
version: "{{kube_version}}"
|
||||
sha256: "{{kubectl_checksum}}"
|
||||
|
@ -96,8 +90,7 @@ downloads:
|
|||
url: "{{ kubectl_download_url }}"
|
||||
owner: "kube"
|
||||
mode: "0755"
|
||||
|
||||
- name: kubernetes-apiserver
|
||||
kubernetes_apiserver:
|
||||
dest: kubernetes/bin/kube-apiserver
|
||||
version: "{{kube_version}}"
|
||||
sha256: "{{kube_apiserver_checksum}}"
|
||||
|
@ -105,3 +98,14 @@ downloads:
|
|||
url: "{{ apiserver_download_url }}"
|
||||
owner: "kube"
|
||||
mode: "0755"
|
||||
|
||||
download:
|
||||
enabled: "{{ file.enabled|default('true') }}"
|
||||
dest: "{{ file.dest|default(None) }}"
|
||||
version: "{{ file.version|default(None) }}"
|
||||
sha256: "{{ file.sha256|default(None) }}"
|
||||
source_url: "{{ file.source_url|default(None) }}"
|
||||
url: "{{ file.url|default(None) }}"
|
||||
unarchive: "{{ file.unarchive|default('false') }}"
|
||||
owner: "{{ file.owner|default('kube') }}"
|
||||
mode: "{{ file.mode|default(None) }}"
|
||||
|
|
|
@ -1,36 +1,39 @@
|
|||
---
|
||||
- name: downloading...
|
||||
debug:
|
||||
msg: "{{ download.url }}"
|
||||
when: "{{ download.enabled|bool }}"
|
||||
|
||||
- name: Create dest directories
|
||||
file: path={{local_release_dir}}/{{item.dest|dirname}} state=directory recurse=yes
|
||||
with_items: "{{ downloads }}"
|
||||
file: path={{local_release_dir}}/{{download.dest|dirname}} state=directory recurse=yes
|
||||
when: "{{ download.enabled|bool }}"
|
||||
run_once: "{{ download_run_once|bool }}"
|
||||
|
||||
- name: Download items
|
||||
get_url:
|
||||
url: "{{item.url}}"
|
||||
dest: "{{local_release_dir}}/{{item.dest}}"
|
||||
sha256sum: "{{item.sha256 | default(omit)}}"
|
||||
owner: "{{ item.owner|default(omit) }}"
|
||||
mode: "{{ item.mode|default(omit) }}"
|
||||
with_items: "{{ downloads }}"
|
||||
url: "{{download.url}}"
|
||||
dest: "{{local_release_dir}}/{{download.dest}}"
|
||||
sha256sum: "{{download.sha256 | default(omit)}}"
|
||||
owner: "{{ download.owner|default(omit) }}"
|
||||
mode: "{{ download.mode|default(omit) }}"
|
||||
when: "{{ download.enabled|bool }}"
|
||||
run_once: "{{ download_run_once|bool }}"
|
||||
|
||||
- name: Extract archives
|
||||
unarchive:
|
||||
src: "{{ local_release_dir }}/{{item.dest}}"
|
||||
dest: "{{ local_release_dir }}/{{item.dest|dirname}}"
|
||||
owner: "{{ item.owner|default(omit) }}"
|
||||
mode: "{{ item.mode|default(omit) }}"
|
||||
src: "{{ local_release_dir }}/{{download.dest}}"
|
||||
dest: "{{ local_release_dir }}/{{download.dest|dirname}}"
|
||||
owner: "{{ download.owner|default(omit) }}"
|
||||
mode: "{{ download.mode|default(omit) }}"
|
||||
copy: no
|
||||
when: "{{item.unarchive is defined and item.unarchive == True}}"
|
||||
with_items: "{{ downloads }}"
|
||||
when: "{{ download.enabled|bool }} and ({{download.unarchive is defined and download.unarchive == True}})"
|
||||
run_once: "{{ download_run_once|bool }}"
|
||||
|
||||
- name: Fix permissions
|
||||
file:
|
||||
state: file
|
||||
path: "{{local_release_dir}}/{{item.dest}}"
|
||||
owner: "{{ item.owner|default(omit) }}"
|
||||
mode: "{{ item.mode|default(omit) }}"
|
||||
when: "{{item.unarchive is not defined or item.unarchive == False}}"
|
||||
with_items: "{{ downloads }}"
|
||||
path: "{{local_release_dir}}/{{download.dest}}"
|
||||
owner: "{{ download.owner|default(omit) }}"
|
||||
mode: "{{ download.mode|default(omit) }}"
|
||||
when: "{{ download.enabled|bool }} and ({{download.unarchive is not defined or download.unarchive == False}})"
|
||||
run_once: "{{ download_run_once|bool }}"
|
||||
|
|
7
roles/etcd/meta/main.yml
Normal file
7
roles/etcd/meta/main.yml
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: adduser
|
||||
user: "{{ addusers.etcd }}"
|
||||
when: ansible_os_family != 'CoreOS'
|
||||
- role: download
|
||||
file: "{{ downloads.etcd }}"
|
|
@ -1,4 +1,8 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: download
|
||||
file: "{{ downloads.kubernetes_kubectl }}"
|
||||
- role: download
|
||||
file: "{{ downloads.kubernetes_apiserver }}"
|
||||
- { role: etcd }
|
||||
- { role: kubernetes/node }
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: download
|
||||
file: "{{ downloads.kubernetes_kubelet }}"
|
||||
- role: kubernetes/secrets
|
||||
|
|
5
roles/kubernetes/preinstall/meta/main.yml
Normal file
5
roles/kubernetes/preinstall/meta/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: adduser
|
||||
user: "{{ addusers.kube }}"
|
||||
when: ansible_os_family != 'CoreOS'
|
8
roles/network_plugin/calico/meta/main.yml
Normal file
8
roles/network_plugin/calico/meta/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: download
|
||||
file: "{{ downloads.calico }}"
|
||||
- role: download
|
||||
file: "{{ downloads.calico_cni_plugin }}"
|
||||
- role: download
|
||||
file: "{{ downloads.calico_cni_plugin_ipam }}"
|
4
roles/network_plugin/weave/meta/main.yml
Normal file
4
roles/network_plugin/weave/meta/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: download
|
||||
file: "{{ downloads.weave }}"
|
Loading…
Reference in a new issue