diff --git a/defaults/main.yml b/defaults/main.yml index 3bbf3a5..09766e1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,4 +5,4 @@ kubernetes_server: false # value for kuberntes_network: flannel, calico, weave-net #kubernetes_network: weave-net kubernetes_kubeproxy_mode: ipvs -kubernetes_version: 1.20.1 +kubernetes_version: 1.19.4 diff --git a/tasks/cluster_k3s.yml b/tasks/cluster_k3s.yml index 9727eb0..c93d09a 100644 --- a/tasks/cluster_k3s.yml +++ b/tasks/cluster_k3s.yml @@ -13,7 +13,7 @@ - name: retreive k3s binary for x86_64 get_url: - url: "https://github.com/rancher/k3s/releases/download/v1.20.2%2Bk3s1/k3s" + url: "https://github.com/rancher/k3s/releases/download/v1.19.5%2Bk3s2/k3s" dest: "/usr/local/bin/k3s" group: root owner: root @@ -24,7 +24,7 @@ - name: retreive k3s binary for arm64 get_url: - url: "https://github.com/rancher/k3s/releases/download/v1.20.2%2Bk3s1/k3s-arm64" + url: "https://github.com/rancher/k3s/releases/download/v1.19.5%2Bk3s2/k3s-arm64" dest: "/usr/local/bin/k3s" group: root owner: root @@ -35,7 +35,7 @@ - name: retreive k3s binary for armv6/armv7 get_url: - url: "https://github.com/rancher/k3s/releases/download/v1.20.2%2Bk3s1/k3s-armhf" + url: "https://github.com/rancher/k3s/releases/download/v1.19.5%2Bk3s2/k3s-armhf" dest: "/usr/local/bin/k3s" group: root owner: root diff --git a/tasks/cluster_kubeadm.yml b/tasks/cluster_kubeadm.yml index c15325d..dca5102 100644 --- a/tasks/cluster_kubeadm.yml +++ b/tasks/cluster_kubeadm.yml @@ -30,7 +30,7 @@ when: - kubernetes_kubeproxy_mode == "ipvs" -- name: Load IPVS kernel module for EL7 +- name: Load IPVS kernel module modprobe: name: "{{ item }}" state: present @@ -43,23 +43,6 @@ - nf_conntrack_ipv6 when: - kubernetes_kubeproxy_mode == "ipvs" - - ansible_os_family == "RedHat" - - ansible_distribution_major_version == '7' - -- name: Load IPVS kernel module for EL8 - modprobe: - name: "{{ item }}" - state: present - with_items: - - ip_vs - - ip_vs_rr - - ip_vs_wrr - - ip_vs_sh - - nf_conntrack - when: - - kubernetes_kubeproxy_mode == "ipvs" - - ansible_os_family == "RedHat" - - ansible_distribution_major_version == '8' - name: Create thin volumes for kubernetes lvol: @@ -199,12 +182,16 @@ when: - groups['KubernetesMasterConfigured'] is not defined - groups['KubernetesMasters'][0] == ansible_hostname + - kubeadm_version_major.stdout | int == 1 + - kubeadm_version_minor.stdout | int >= 15 - name: Init Kubernetes on {{ groups['KubernetesMasters'][0] }} command: kubeadm init --config=/root/kubeadm-config.yaml when: - groups['KubernetesMasterConfigured'] is not defined - groups['KubernetesMasters'][0] == ansible_hostname + - kubeadm_version_major.stdout | int == 1 + - kubeadm_version_minor.stdout | int >= 15 - name: Add {{ ansible_hostname }} to KubernetesMasterConfigured group group_by: @@ -221,8 +208,6 @@ register: server_enrolled changed_when: False ignore_errors: yes - when: - - groups['KubernetesMasterConfigured'] is not defined #- name: Deploy kubeadm config # template: @@ -233,6 +218,8 @@ # mode: 600 # when: # - not groups['KubernetesMasters'][0] == ansible_hostname +# - kubeadm_version_major.stdout | int == 1 +# - kubeadm_version_minor.stdout | int >= 15 # - server_enrolled.rc == 1 - name: Retreive certificats key on {{ lb_kubemaster }} @@ -240,16 +227,16 @@ register: kubernetes_certificateKey delegate_to: "{{ lb_kubemaster }}" when: - - groups['KubernetesMasterConfigured'] is not defined - server_enrolled.rc == 1 - kubernetes_master|bool + - kubeadm_version_major.stdout | int == 1 + - kubeadm_version_minor.stdout | int >= 15 - name: Retreive token on "{{ lb_kubemaster }}" command: kubeadm token create register: kubetoken delegate_to: "{{ lb_kubemaster }}" when: - - groups['KubernetesMasterConfigured'] is not defined - server_enrolled.rc == 1 - name: Retreive hash certificat @@ -262,7 +249,6 @@ register: cacerthash delegate_to: "{{ lb_kubemaster }}" when: - - groups['KubernetesMasterConfigured'] is not defined - server_enrolled.rc == 1 - name: Deploy kubeadm config @@ -273,11 +259,11 @@ group: root mode: 0600 when: - - groups['KubernetesMasterConfigured'] is not defined - server_enrolled.rc == 1 - name: Join '{{ ansible_hostname }}' to Kubernetes cluster command: kubeadm join --config=/root/kubeadm-config.yaml when: - - groups['KubernetesMasterConfigured'] is not defined + - kubeadm_version_major.stdout | int == 1 + - kubeadm_version_minor.stdout | int >= 15 - server_enrolled.rc == 1 diff --git a/tasks/install_server.yml b/tasks/install_server.yml index 0dac5ad..7fb8a12 100644 --- a/tasks/install_server.yml +++ b/tasks/install_server.yml @@ -100,15 +100,12 @@ # - kubernetes_master|bigip_pool - name: Check if a node is still tainted - command: kubectl --kubeconfig=/etc/kubernetes/admin.conf get nodes '{{ ansible_hostname | lower }}' -o jsonpath='{.spec.taints}' + command: kubectl get nodes '{{ ansible_hostname | lower }}' -o jsonpath='{.spec.taints}' + when: kubernetes_master_taint register: current_taint - when: - - kubernetes_master_taint|bool - name: taint the machine if needed # command: kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes --all node-role.kubernetes.io/master- command: kubectl taint nodes '{{ ansible_hostname | lower }}' node-role.kubernetes.io/master- - when: - - kubernetes_master_taint|bool - - current_taint.stdout + when: kubernetes_master_taint|bool and current_taint.stdout diff --git a/templates/etc/modules-load.d/ipvs.conf.j2 b/templates/etc/modules-load.d/ipvs.conf.j2 index 85753cc..3ba283c 100644 --- a/templates/etc/modules-load.d/ipvs.conf.j2 +++ b/templates/etc/modules-load.d/ipvs.conf.j2 @@ -2,9 +2,5 @@ ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh -{% if ansible_os_family == "RedHat" and ansible_distribution_major_version == '8' %} -nf_conntrack -{% elif ansible_os_family == "RedHat" and ansible_distribution_major_version == '7' %} nf_conntrack_ipv4 nf_conntrack_ipv6 -{% endif %} \ No newline at end of file diff --git a/templates/etc/sysconfig/kubelet.j2 b/templates/etc/sysconfig/kubelet.j2 index b02129d..f7d16d3 100644 --- a/templates/etc/sysconfig/kubelet.j2 +++ b/templates/etc/sysconfig/kubelet.j2 @@ -1,2 +1,2 @@ #https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/#feature-gates -KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_default_ipv4.address }}" +KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_eth0.ipv4.address }}" diff --git a/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2 b/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2 index e6f3596..7c704b9 100644 --- a/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2 +++ b/templates/etc/systemd/system/kubelet.service.d/0-kubelet-extra-args.conf.j2 @@ -1,2 +1,2 @@ [Service] -Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_default_ipv4.address }}" +Environment=KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint={% if kubernetes_cri == "containerd" %}unix:///run/containerd/containerd.sock{% elif kubernetes_cri == "cri-o" %}unix:///var/run/crio/crio.sock{% endif %} --node-ip={{ ansible_eth0.ipv4.address }}" diff --git a/templates/kubeadm-config.yaml.j2 b/templates/kubeadm-config.yaml.j2 index 9a95c08..2d90758 100644 --- a/templates/kubeadm-config.yaml.j2 +++ b/templates/kubeadm-config.yaml.j2 @@ -72,7 +72,7 @@ nodeRegistration: ignorePreflightErrors: - SystemVerification --- -apiVersion: kubeadm.k8s.io/v1beta2 +apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration kubernetesVersion: stable {% if lbip_kubeapiserver is defined %}