--- - name: "Check_tokens | check if the tokens have already been generated on first master" stat: path: "{{ kube_token_dir }}/tokens.csv" delegate_to: "{{groups['kube-master'][0]}}" register: known_tokens_master run_once: true - name: "Check_tokens | Set default value for 'sync_tokens' and 'gen_tokens' to false" set_fact: sync_tokens: false gen_tokens: false - name: "Check_tokens | Set 'sync_tokens' and 'gen_tokens' to true" set_fact: gen_tokens: true when: not known_tokens_master.stat.exists run_once: true - name: "Check tokens | check if a cert already exists" stat: path: "{{ kube_cert_dir }}/ca.pem" register: known_tokens - name: "Check_tokens | Set 'sync_tokens' to true" set_fact: sync_tokens: true when: >- {%- set tokens = {'sync': False} -%} {%- for server in groups['kube-master'] if (not hostvars[server].known_tokens.stat.exists) or (hostvars[server].known_tokens.stat.checksum != known_tokens_master.stat.checksum|default('')) -%} {%- set _ = tokens.update({'sync': True}) -%} {%- endfor -%} {{ tokens.sync }} run_once: true