Idempotency fixes (#1838)
This commit is contained in:
parent
7123956ecd
commit
86fb669fd3
9 changed files with 25 additions and 8 deletions
|
@ -288,8 +288,6 @@ def main():
|
||||||
else:
|
else:
|
||||||
module.fail_json(msg='Unrecognized state %s.' % state)
|
module.fail_json(msg='Unrecognized state %s.' % state)
|
||||||
|
|
||||||
if result:
|
|
||||||
changed = True
|
|
||||||
module.exit_json(changed=changed,
|
module.exit_json(changed=changed,
|
||||||
msg='success: %s' % (' '.join(result))
|
msg='success: %s' % (' '.join(result))
|
||||||
)
|
)
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
- name: "Gen_certs | Get etcd certificate serials"
|
- name: "Gen_certs | Get etcd certificate serials"
|
||||||
shell: "openssl x509 -in {{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem -noout -serial | cut -d= -f2"
|
shell: "openssl x509 -in {{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem -noout -serial | cut -d= -f2"
|
||||||
register: "etcd_client_cert_serial_result"
|
register: "etcd_client_cert_serial_result"
|
||||||
|
changed_when: false
|
||||||
when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort
|
when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort
|
||||||
|
|
||||||
- name: Set etcd_client_cert_serial
|
- name: Set etcd_client_cert_serial
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
shell: "{{ bin_dir }}/kubectl -n {{ system_namespace }} get rs calico-policy-controller -o=jsonpath='{$.spec.template.spec.containers[:1].image}' | cut -d':' -f2"
|
shell: "{{ bin_dir }}/kubectl -n {{ system_namespace }} get rs calico-policy-controller -o=jsonpath='{$.spec.template.spec.containers[:1].image}' | cut -d':' -f2"
|
||||||
register: existing_calico_policy_version
|
register: existing_calico_policy_version
|
||||||
run_once: true
|
run_once: true
|
||||||
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
|
||||||
# FIXME(mattymo): This should not be necessary
|
# FIXME(mattymo): This should not be necessary
|
||||||
|
|
|
@ -12,10 +12,24 @@
|
||||||
- include: users-file.yml
|
- include: users-file.yml
|
||||||
when: kube_basic_auth|default(true)
|
when: kube_basic_auth|default(true)
|
||||||
|
|
||||||
|
- name: Compare host kubectl with hyperkube container
|
||||||
|
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /usr/bin/cmp /hyperkube /systembindir/kubectl"
|
||||||
|
register: kubectl_task_compare_result
|
||||||
|
until: kubectl_task_compare_result.rc in [0,1,2]
|
||||||
|
retries: 4
|
||||||
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
|
changed_when: false
|
||||||
|
failed_when: "kubectl_task_compare_result.rc not in [0,1,2]"
|
||||||
|
tags:
|
||||||
|
- hyperkube
|
||||||
|
- kubectl
|
||||||
|
- upgrade
|
||||||
|
|
||||||
- name: Copy kubectl from hyperkube container
|
- name: Copy kubectl from hyperkube container
|
||||||
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp /hyperkube /systembindir/kubectl"
|
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp /hyperkube /systembindir/kubectl"
|
||||||
register: kube_task_result
|
when: kubectl_task_compare_result.rc != 0
|
||||||
until: kube_task_result.rc == 0
|
register: kubectl_task_result
|
||||||
|
until: kubectl_task_result.rc == 0
|
||||||
retries: 4
|
retries: 4
|
||||||
delay: "{{ retry_stagger | random + 3 }}"
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
@ -26,7 +40,7 @@
|
||||||
|
|
||||||
- name: Install kubectl bash completion
|
- name: Install kubectl bash completion
|
||||||
shell: "{{ bin_dir }}/kubectl completion bash >/etc/bash_completion.d/kubectl.sh"
|
shell: "{{ bin_dir }}/kubectl completion bash >/etc/bash_completion.d/kubectl.sh"
|
||||||
when: ansible_os_family in ["Debian","RedHat"]
|
when: kubectl_task_compare_result.rc != 0 and ansible_os_family in ["Debian","RedHat"]
|
||||||
tags:
|
tags:
|
||||||
- kubectl
|
- kubectl
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
ETCDCTL_API: 2
|
ETCDCTL_API: 2
|
||||||
register: old_data_exists
|
register: old_data_exists
|
||||||
delegate_to: "{{groups['etcd'][0]}}"
|
delegate_to: "{{groups['etcd'][0]}}"
|
||||||
|
changed_when: false
|
||||||
when: kube_apiserver_storage_backend == "etcd3"
|
when: kube_apiserver_storage_backend == "etcd3"
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
- name: look up docker cgroup driver
|
- name: look up docker cgroup driver
|
||||||
shell: "docker info | grep 'Cgroup Driver' | awk -F': ' '{ print $2; }'"
|
shell: "docker info | grep 'Cgroup Driver' | awk -F': ' '{ print $2; }'"
|
||||||
register: docker_cgroup_driver_result
|
register: docker_cgroup_driver_result
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
standalone_kubelet: >-
|
standalone_kubelet: >-
|
||||||
|
|
|
@ -8,4 +8,5 @@
|
||||||
- name: "Pre-upgrade | ensure kubelet container is stopped if using host deployment"
|
- name: "Pre-upgrade | ensure kubelet container is stopped if using host deployment"
|
||||||
command: docker stop kubelet
|
command: docker stop kubelet
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
changed_when: false
|
||||||
when: kubelet_deployment_type == 'host'
|
when: kubelet_deployment_type == 'host'
|
||||||
|
|
|
@ -60,7 +60,7 @@
|
||||||
- upgrade
|
- upgrade
|
||||||
|
|
||||||
- name: Calico | Copy cni plugins from calico/cni container
|
- name: Calico | Copy cni plugins from calico/cni container
|
||||||
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp -a /opt/cni/bin/* /cnibindir/'"
|
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp /opt/cni/bin/* /cnibindir/'"
|
||||||
register: cni_task_result
|
register: cni_task_result
|
||||||
until: cni_task_result.rc == 0
|
until: cni_task_result.rc == 0
|
||||||
retries: 4
|
retries: 4
|
||||||
|
|
|
@ -30,6 +30,7 @@
|
||||||
set /{{ cluster_name }}/network/config \
|
set /{{ cluster_name }}/network/config \
|
||||||
'{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }'
|
'{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }'
|
||||||
delegate_to: "{{groups['etcd'][0]}}"
|
delegate_to: "{{groups['etcd'][0]}}"
|
||||||
|
changed_when: false
|
||||||
run_once: true
|
run_once: true
|
||||||
|
|
||||||
- name: Canal | Create canal node manifests
|
- name: Canal | Create canal node manifests
|
||||||
|
@ -61,7 +62,7 @@
|
||||||
- upgrade
|
- upgrade
|
||||||
|
|
||||||
- name: Canal | Copy cni plugins from calico/cni
|
- name: Canal | Copy cni plugins from calico/cni
|
||||||
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp -a /opt/cni/bin/* /cnibindir/'"
|
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp /opt/cni/bin/* /cnibindir/'"
|
||||||
register: cni_task_result
|
register: cni_task_result
|
||||||
until: cni_task_result.rc == 0
|
until: cni_task_result.rc == 0
|
||||||
retries: 4
|
retries: 4
|
||||||
|
@ -86,7 +87,6 @@
|
||||||
mode: 0755
|
mode: 0755
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
- name: Canal | Create network policy directory
|
- name: Canal | Create network policy directory
|
||||||
file:
|
file:
|
||||||
|
|
Loading…
Reference in a new issue