44 lines
1.6 KiB
YAML
44 lines
1.6 KiB
YAML
---
|
|
- name: slurp kubeadm certs
|
|
slurp:
|
|
src: "{{ item }}"
|
|
with_items:
|
|
- "{{ kube_cert_dir }}/apiserver.crt"
|
|
- "{{ kube_cert_dir }}/apiserver.key"
|
|
- "{{ kube_cert_dir }}/apiserver-kubelet-client.crt"
|
|
- "{{ kube_cert_dir }}/apiserver-kubelet-client.key"
|
|
- "{{ kube_cert_dir }}/ca.crt"
|
|
- "{{ kube_cert_dir }}/ca.key"
|
|
- "{{ kube_cert_dir }}/front-proxy-ca.crt"
|
|
- "{{ kube_cert_dir }}/front-proxy-ca.key"
|
|
- "{{ kube_cert_dir }}/front-proxy-client.crt"
|
|
- "{{ kube_cert_dir }}/front-proxy-client.key"
|
|
- "{{ kube_cert_dir }}/sa.key"
|
|
- "{{ kube_cert_dir }}/sa.pub"
|
|
register: kubeadm_certs
|
|
delegate_to: "{{ groups['kube-master']|first }}"
|
|
|
|
- name: kubeadm | write out kubeadm certs
|
|
copy:
|
|
dest: "{{ item.item }}"
|
|
content: "{{ item.content | b64decode }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
no_log: true
|
|
register: copy_kubeadm_certs
|
|
with_items: "{{ kubeadm_certs.results }}"
|
|
when: inventory_hostname != groups['kube-master']|first
|
|
|
|
- name: kubeadm | Init other uninitialized masters
|
|
command: timeout -k 600s 600s {{ bin_dir }}/kubeadm init --config={{ kube_config_dir }}/kubeadm-config.yaml --ignore-preflight-errors=all --skip-phases=addon/coredns
|
|
register: kubeadm_init
|
|
retries: 10
|
|
until: kubeadm_init is succeeded or "field is immutable" in kubeadm_init.stderr
|
|
when:
|
|
- inventory_hostname != groups['kube-master']|first
|
|
- not kubeadm_already_run.stat.exists
|
|
failed_when: kubeadm_init.rc != 0 and "field is immutable" not in kubeadm_init.stderr
|
|
environment:
|
|
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
|
|
notify: Master | restart kubelet
|