Idempotency fixes (#1838)

This commit is contained in:
Matthew Mosesohn 2017-10-25 21:19:40 +01:00 committed by GitHub
parent 7123956ecd
commit 86fb669fd3
9 changed files with 25 additions and 8 deletions

View file

@ -288,8 +288,6 @@ def main():
else: else:
module.fail_json(msg='Unrecognized state %s.' % state) module.fail_json(msg='Unrecognized state %s.' % state)
if result:
changed = True
module.exit_json(changed=changed, module.exit_json(changed=changed,
msg='success: %s' % (' '.join(result)) msg='success: %s' % (' '.join(result))
) )

View file

@ -16,6 +16,7 @@
- name: "Gen_certs | Get etcd certificate serials" - name: "Gen_certs | Get etcd certificate serials"
shell: "openssl x509 -in {{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem -noout -serial | cut -d= -f2" shell: "openssl x509 -in {{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem -noout -serial | cut -d= -f2"
register: "etcd_client_cert_serial_result" register: "etcd_client_cert_serial_result"
changed_when: false
when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort
- name: Set etcd_client_cert_serial - name: Set etcd_client_cert_serial

View file

@ -11,6 +11,7 @@
shell: "{{ bin_dir }}/kubectl -n {{ system_namespace }} get rs calico-policy-controller -o=jsonpath='{$.spec.template.spec.containers[:1].image}' | cut -d':' -f2" shell: "{{ bin_dir }}/kubectl -n {{ system_namespace }} get rs calico-policy-controller -o=jsonpath='{$.spec.template.spec.containers[:1].image}' | cut -d':' -f2"
register: existing_calico_policy_version register: existing_calico_policy_version
run_once: true run_once: true
changed_when: false
failed_when: false failed_when: false
# FIXME(mattymo): This should not be necessary # FIXME(mattymo): This should not be necessary

View file

@ -12,10 +12,24 @@
- include: users-file.yml - include: users-file.yml
when: kube_basic_auth|default(true) when: kube_basic_auth|default(true)
- name: Compare host kubectl with hyperkube container
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /usr/bin/cmp /hyperkube /systembindir/kubectl"
register: kubectl_task_compare_result
until: kubectl_task_compare_result.rc in [0,1,2]
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
changed_when: false
failed_when: "kubectl_task_compare_result.rc not in [0,1,2]"
tags:
- hyperkube
- kubectl
- upgrade
- name: Copy kubectl from hyperkube container - name: Copy kubectl from hyperkube container
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp /hyperkube /systembindir/kubectl" command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp /hyperkube /systembindir/kubectl"
register: kube_task_result when: kubectl_task_compare_result.rc != 0
until: kube_task_result.rc == 0 register: kubectl_task_result
until: kubectl_task_result.rc == 0
retries: 4 retries: 4
delay: "{{ retry_stagger | random + 3 }}" delay: "{{ retry_stagger | random + 3 }}"
changed_when: false changed_when: false
@ -26,7 +40,7 @@
- name: Install kubectl bash completion - name: Install kubectl bash completion
shell: "{{ bin_dir }}/kubectl completion bash >/etc/bash_completion.d/kubectl.sh" shell: "{{ bin_dir }}/kubectl completion bash >/etc/bash_completion.d/kubectl.sh"
when: ansible_os_family in ["Debian","RedHat"] when: kubectl_task_compare_result.rc != 0 and ansible_os_family in ["Debian","RedHat"]
tags: tags:
- kubectl - kubectl

View file

@ -5,6 +5,7 @@
ETCDCTL_API: 2 ETCDCTL_API: 2
register: old_data_exists register: old_data_exists
delegate_to: "{{groups['etcd'][0]}}" delegate_to: "{{groups['etcd'][0]}}"
changed_when: false
when: kube_apiserver_storage_backend == "etcd3" when: kube_apiserver_storage_backend == "etcd3"
failed_when: false failed_when: false

View file

@ -2,6 +2,7 @@
- name: look up docker cgroup driver - name: look up docker cgroup driver
shell: "docker info | grep 'Cgroup Driver' | awk -F': ' '{ print $2; }'" shell: "docker info | grep 'Cgroup Driver' | awk -F': ' '{ print $2; }'"
register: docker_cgroup_driver_result register: docker_cgroup_driver_result
changed_when: false
- set_fact: - set_fact:
standalone_kubelet: >- standalone_kubelet: >-

View file

@ -8,4 +8,5 @@
- name: "Pre-upgrade | ensure kubelet container is stopped if using host deployment" - name: "Pre-upgrade | ensure kubelet container is stopped if using host deployment"
command: docker stop kubelet command: docker stop kubelet
failed_when: false failed_when: false
changed_when: false
when: kubelet_deployment_type == 'host' when: kubelet_deployment_type == 'host'

View file

@ -60,7 +60,7 @@
- upgrade - upgrade
- name: Calico | Copy cni plugins from calico/cni container - name: Calico | Copy cni plugins from calico/cni container
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp -a /opt/cni/bin/* /cnibindir/'" command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp /opt/cni/bin/* /cnibindir/'"
register: cni_task_result register: cni_task_result
until: cni_task_result.rc == 0 until: cni_task_result.rc == 0
retries: 4 retries: 4

View file

@ -30,6 +30,7 @@
set /{{ cluster_name }}/network/config \ set /{{ cluster_name }}/network/config \
'{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }' '{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }'
delegate_to: "{{groups['etcd'][0]}}" delegate_to: "{{groups['etcd'][0]}}"
changed_when: false
run_once: true run_once: true
- name: Canal | Create canal node manifests - name: Canal | Create canal node manifests
@ -61,7 +62,7 @@
- upgrade - upgrade
- name: Canal | Copy cni plugins from calico/cni - name: Canal | Copy cni plugins from calico/cni
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp -a /opt/cni/bin/* /cnibindir/'" command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp /opt/cni/bin/* /cnibindir/'"
register: cni_task_result register: cni_task_result
until: cni_task_result.rc == 0 until: cni_task_result.rc == 0
retries: 4 retries: 4
@ -86,7 +87,6 @@
mode: 0755 mode: 0755
owner: root owner: root
group: root group: root
changed_when: false
- name: Canal | Create network policy directory - name: Canal | Create network policy directory
file: file: