adrien/ansible-role-kubernetes
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

fix lint
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Adrien Reslinger 2020-06-02 22:01:59 +02:00
parent 5380ba2455
commit 04dc68fad0
5 changed files with 46 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

17
tasks/Debian.yml
View file

@ -7,12 +7,19 @@
- docker_ver == "docker_ce" - docker_ver == "docker_ce"
- name: add docker repository - name: add docker repository
apt_repository: repo='deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ansible_distribution_release}} stable' state=present update_cache=yes apt_repository:
repo: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable'
state: present
update_cache: yes
when: when:
- docker_ver == "docker_ce" - docker_ver == "docker_ce"
- name: "Ensure GRUB_CMDLINE_LINUX is updated" - name: "Ensure GRUB_CMDLINE_LINUX is updated"
lineinfile: dest=/etc/default/grub regexp='^(GRUB_CMDLINE_LINUX=".*)"$' line='\1 cgroup_enable=memory swapaccount=1"' backrefs=yes lineinfile:
dest: /etc/default/grub
regexp: '^(GRUB_CMDLINE_LINUX=".*)"$'
line: '\1 cgroup_enable=memory swapaccount=1"'
backrefs: yes
when: when:
- not docker_installed.stat.exists - not docker_installed.stat.exists
@ -22,7 +29,11 @@
- not docker_installed.stat.exists - not docker_installed.stat.exists
- name: "Ensure DEFAULT_FORWARD_POLICY in /etc/default/ufw is updated" - name: "Ensure DEFAULT_FORWARD_POLICY in /etc/default/ufw is updated"
lineinfile: dest=/etc/default/ufw regexp='^(DEFAULT_FORWARD_POLICY=").*"$' line='\1ACCEPT"' backrefs=yes lineinfile:
dest: /etc/default/ufw
regexp: '^(DEFAULT_FORWARD_POLICY=").*"$'
line: '\1ACCEPT"'
backrefs: yes
notify: reload ufw notify: reload ufw
tags: [docker,firewall] tags: [docker,firewall]

10
tasks/RedHat.yml
View file

@ -29,7 +29,7 @@
mode: 0644 mode: 0644
register: need_firewalld_reload register: need_firewalld_reload
when: when:
- kubernetes_server == true - kubernetes_server|bool
#- name: Reload firewalld configuration #- name: Reload firewalld configuration
# service: # service:
@ -37,13 +37,13 @@
# state: reloaded # state: reloaded
# enabled: yes # enabled: yes
# when: # when:
# - kubernetes_server == true # - kubernetes_server|bool
- name: reload firewalld to refresh service list - name: reload firewalld to refresh service list
command: firewall-cmd --reload command: firewall-cmd --reload
when: when:
- need_firewalld_reload is changed - need_firewalld_reload is changed
- kubernetes_server == true - kubernetes_server|bool
# Définir interface # Définir interface
- name: Open Firewalld - name: Open Firewalld
@ -53,6 +53,6 @@
state: enabled state: enabled
immediate: true immediate: true
when: when:
# - need_firewall == true # - need_firewall|bool
# - firewall_name == "firewalld" # - firewall_name == "firewalld"
- kubernetes_server == true - kubernetes_server|bool

25
tasks/install_server.yml
View file

@ -21,8 +21,7 @@
# - kubernetes_cri_changed is changed # - kubernetes_cri_changed is changed
- name: Disable SWAP since kubernetes can't work with swap enabled (1/2) - name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
shell: | command: swapoff -a
swapoff -a
- name: Remove swapfile from /etc/fstab (2/2) - name: Remove swapfile from /etc/fstab (2/2)
mount: mount:
@ -82,10 +81,11 @@
# Install API loadbalancer # Install API loadbalancer
- include_tasks: "load_balancer.yml" - include_tasks: "load_balancer.yml"
when: when:
- kubernetes_master == true - kubernetes_master|bool
- groups['KubernetesMasters'] | length > 1 - groups['KubernetesMasters'] | length > 1
- stat: - name: Check if /etc/kubernetes/admin.conf already existe
stat:
path: /etc/kubernetes/admin.conf path: /etc/kubernetes/admin.conf
register: st register: st
changed_when: False changed_when: False
@ -97,16 +97,17 @@
- st.stat.exists - st.stat.exists
- name: Retreive kubeadm Major version - name: Retreive kubeadm Major version
shell: kubeadm version | sed 's/.*{Major:"\([0-9]\)".*/\1/' shell: set -o pipefail && kubeadm version | sed 's/.*{Major:"\([0-9]\)".*/\1/'
register: kubeadm_version_major register: kubeadm_version_major
changed_when: False changed_when: False
- name: Retreive kubeadm Minor version - name: Retreive kubeadm Minor version
shell: kubeadm version | sed -e 's/.* Minor:"\([0-9]*\)".*/\1/' shell: set -o pipefail && kubeadm version | sed -e 's/.* Minor:"\([0-9]*\)".*/\1/'
register: kubeadm_version_minor register: kubeadm_version_minor
changed_when: False changed_when: False
- set_fact: - name: Defined a default lb_kubemaster
set_fact:
lb_kubemaster: "{{ groups['KubernetesMasters'][0] }}" lb_kubemaster: "{{ groups['KubernetesMasters'][0] }}"
when: when:
- lb_kubemaster is undefined - lb_kubemaster is undefined
@ -201,7 +202,7 @@
dest: /root/kubeadm-config.yaml dest: /root/kubeadm-config.yaml
owner: root owner: root
group: root group: root
mode: 600 mode: 0600
when: when:
- server_enrolled.rc == 1 - server_enrolled.rc == 1
@ -221,7 +222,7 @@
# command: kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes --all node-role.kubernetes.io/master- # command: kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes --all node-role.kubernetes.io/master-
command: kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes '{{ ansible_hostname | lower }}' node-role.kubernetes.io/master- command: kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes '{{ ansible_hostname | lower }}' node-role.kubernetes.io/master-
when: kubernetes_master_taint|bool and current_taint.stdout when: kubernetes_master_taint|bool and current_taint.stdout
# #
# At this point, we have a kubernetes up and running, but ready for it # At this point, we have a kubernetes up and running, but ready for it
# #
@ -234,7 +235,7 @@
mode: 0700 mode: 0700
state: directory state: directory
when: when:
- kubernetes_master == true - kubernetes_master|bool
- name: Copy certificat file on - name: Copy certificat file on
copy: copy:
@ -245,7 +246,7 @@
group: root group: root
mode: 0600 mode: 0600
when: when:
- kubernetes_master == true - kubernetes_master|bool
# #
# Manque autoconfig de .kube/config local # Manque autoconfig de .kube/config local
@ -256,4 +257,4 @@
# src: /etc/kubernetes/pki/ca.crt # src: /etc/kubernetes/pki/ca.crt
# dest: /root/.kube/{{ kubernetes_cluster_name }}/ca.crt # dest: /root/.kube/{{ kubernetes_cluster_name }}/ca.crt
# when: # when:
# - kubernetes_master == true # - kubernetes_master|bigip_pool

2
tasks/load_balancer.yml
View file

@ -2,7 +2,7 @@
- name: Install needed packages - name: Install needed packages
package: package:
name: "{{ item }}" name: "{{ item }}"
state: latest state: present
update_cache: yes update_cache: yes
with_items: with_items:
- keepalived - keepalived

19
tasks/main.yml
View file

@ -2,7 +2,8 @@
- name: Include vars for {{ ansible_os_family }} - name: Include vars for {{ ansible_os_family }}
include_vars: "{{ ansible_os_family }}.yml" include_vars: "{{ ansible_os_family }}.yml"
- set_fact: - name: Define vars for master
set_fact:
kubernetes_server: true kubernetes_server: true
kubernetes_master: true kubernetes_master: true
kubernetes_master_taint: false kubernetes_master_taint: false
@ -10,7 +11,8 @@
- "'KubernetesMasters' in group_names" - "'KubernetesMasters' in group_names"
- "'KubernetesNodes' not in group_names" - "'KubernetesNodes' not in group_names"
- set_fact: - name: Define vars for node
set_fact:
kubernetes_server: true kubernetes_server: true
kubernetes_master: false kubernetes_master: false
kubernetes_master_taint: false kubernetes_master_taint: false
@ -18,7 +20,8 @@
- "'KubernetesNodes' in group_names" - "'KubernetesNodes' in group_names"
- "'KubernetesMasters' not in group_names" - "'KubernetesMasters' not in group_names"
- set_fact: - name: Define vars for taint master
set_fact:
kubernetes_server: true kubernetes_server: true
kubernetes_master: true kubernetes_master: true
kubernetes_master_taint: true kubernetes_master_taint: true
@ -26,7 +29,8 @@
- "'KubernetesNodes' in group_names" - "'KubernetesNodes' in group_names"
- "'KubernetesMasters' in group_names" - "'KubernetesMasters' in group_names"
- set_fact: - name: Define vars for tooling
set_fact:
kubernetes_sever: false kubernetes_sever: false
when: when:
- "'KubernetesMasters' not in group_names" - "'KubernetesMasters' not in group_names"
@ -36,13 +40,16 @@
include_tasks: "{{ ansible_os_family }}.yml" include_tasks: "{{ ansible_os_family }}.yml"
- name: Install kubernetes tools - name: Install kubernetes tools
package: name="{{ kubernetes_package_name }}" state=latest update_cache=yes package:
name: "{{ kubernetes_package_name }}"
state: present
update_cache: yes
# notify: Restart kubelet # notify: Restart kubelet
- name: Include kubernetes server rules - name: Include kubernetes server rules
include_tasks: "install_server.yml" include_tasks: "install_server.yml"
when: when:
- kubernetes_server == true - kubernetes_server|bool
#- name: Install python library for docker #- name: Install python library for docker
# package: name="{{ python_openshift_lib }}" state=latest update_cache=yes # package: name="{{ python_openshift_lib }}" state=latest update_cache=yes