--- - hosts: kube-node tasks: - name: Test tunl0 routes shell: "! /sbin/ip ro | grep '/26 via' | grep -v tunl0" when: - (ipip|default(false) or cloud_provider is defined) - kube_network_plugin == 'calico' - hosts: k8s-cluster vars: agent_report_interval: 10 netcheck_namespace: default netchecker_port: 31081 tasks: - name: Force binaries directory for Container Linux by CoreOS set_fact: bin_dir: "/opt/bin" when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] - set_fact: bin_dir: "/usr/local/bin" when: not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] - name: Wait for netchecker server shell: "{{ bin_dir }}/kubectl get pods -o wide --namespace {{ netcheck_namespace }} | grep ^netchecker-server" delegate_to: "{{ groups['kube-master'][0] }}" run_once: true register: ncs_pod until: ncs_pod.stdout.find('Running') != -1 retries: 3 delay: 10 - name: Wait for netchecker agents shell: "{{ bin_dir }}/kubectl get pods -o wide --namespace {{ netcheck_namespace }} | grep '^netchecker-agent-.*Running'" run_once: true delegate_to: "{{ groups['kube-master'][0] }}" register: nca_pod until: nca_pod.stdout_lines|length >= groups['k8s-cluster']|intersect(ansible_play_hosts)|length * 2 retries: 3 delay: 10 failed_when: false - command: "{{ bin_dir }}/kubectl -n {{ netcheck_namespace }} describe pod -l app={{ item }}" run_once: true delegate_to: "{{ groups['kube-master'][0] }}" no_log: false with_items: - netchecker-agent - netchecker-agent-hostnet when: not nca_pod is success - debug: var=nca_pod.stdout_lines failed_when: not nca_pod is success run_once: true - name: Get netchecker agents uri: url=http://{{ ansible_default_ipv4.address }}:{{ netchecker_port }}/api/v1/agents/ return_content=yes run_once: true delegate_to: "{{ groups['kube-master'][0] }}" register: agents retries: 18 delay: "{{ agent_report_interval }}" until: agents.content|length > 0 and agents.content[0] == '{' and agents.content|from_json|length >= groups['k8s-cluster']|intersect(ansible_play_hosts)|length * 2 failed_when: false no_log: true - debug: var=agents.content|from_json failed_when: not agents is success and not agents.content=='{}' run_once: true when: - agents.content is defined - agents.content - agents.content[0] == '{' - name: Check netchecker status uri: url=http://{{ ansible_default_ipv4.address }}:{{ netchecker_port }}/api/v1/connectivity_check status_code=200 return_content=yes delegate_to: "{{ groups['kube-master'][0] }}" run_once: true register: result retries: 3 delay: "{{ agent_report_interval }}" until: result.content|length > 0 and result.content[0] == '{' no_log: true failed_when: false when: - agents.content != '{}' - debug: var=ncs_pod run_once: true when: not result is success - command: "{{ bin_dir }}/kubectl -n kube-system logs -l k8s-app=kube-proxy" run_once: true when: not result is success delegate_to: "{{ groups['kube-master'][0] }}" no_log: false - command: "{{ bin_dir }}/kubectl -n kube-system logs -l k8s-app={{ item }} --all-containers" run_once: true when: not result is success delegate_to: "{{ groups['kube-master'][0] }}" no_log: false with_items: - kube-router - flannel - contiv-ovs - contiv-netplugin - contiv-netmaster - canal-node - calico-node - cilium - debug: var=result.content|from_json failed_when: not result is success run_once: true when: - not agents.content == '{}' - result.content - result.content[0] == '{' - debug: var=result failed_when: not result is success run_once: true when: - not agents.content == '{}' - debug: msg="Cannot get reports from agents, consider as PASSING" run_once: true when: - agents.content == '{}' - name: Create macvlan network conf # We cannot use only shell: below because Ansible will render the text # with leading spaces, which means the shell will never find the string # EOF at the beginning of a line. We can avoid Ansible's unhelpful # heuristics by using the cmd parameter like this: shell: cmd: | cat <