2023-12-31 11:59:36 +08:00
|
|
|
# https://docs.cilium.io/en/stable/installation/k8s-install-helm/#k8s-install-helm
|
2019-03-06 22:58:10 +08:00
|
|
|
- name: 转换内核版本为浮点数
|
|
|
|
set_fact:
|
|
|
|
KERNEL_VER: "{{ ansible_kernel.split('-')[0].split('.')[0]|int + ansible_kernel.split('-')[0].split('.')[1]|int/100 }}"
|
|
|
|
|
2019-03-03 10:01:22 +08:00
|
|
|
- name: 检查内核版本>4.9
|
|
|
|
fail: msg="kernel {{ ansible_kernel }} is too old for cilium installing"
|
2019-04-04 09:08:27 +08:00
|
|
|
when: "KERNEL_VER|float <= 4.09"
|
2019-05-31 00:00:01 +08:00
|
|
|
|
2022-06-13 19:29:30 +08:00
|
|
|
- block:
|
|
|
|
- name: 创建 cilium chart 个性化设置
|
|
|
|
template: src=values.yaml.j2 dest={{ cluster_dir }}/yml/cilium-values.yaml
|
2018-08-05 16:12:32 +08:00
|
|
|
|
2022-11-27 20:42:58 +08:00
|
|
|
- name: helm 删除 cilium {{ cilium_ver }}
|
|
|
|
shell: "{{ base_dir }}/bin/helm delete cilium -n kube-system || echo true; sleep 3"
|
|
|
|
tags: force_change_certs
|
|
|
|
when: 'CHANGE_CA|bool'
|
|
|
|
|
2022-06-13 19:29:30 +08:00
|
|
|
- name: helm 创建 cilium {{ cilium_ver }}
|
|
|
|
shell: "{{ base_dir }}/bin/helm upgrade cilium --install \
|
|
|
|
-n kube-system -f {{ cluster_dir }}/yml/cilium-values.yaml \
|
|
|
|
{{ base_dir }}/roles/cilium/files/cilium-{{ cilium_ver }}.tgz"
|
2022-11-27 20:42:58 +08:00
|
|
|
tags: force_change_certs
|
2021-04-15 23:19:40 +08:00
|
|
|
run_once: true
|
2022-06-13 19:29:30 +08:00
|
|
|
connection: local
|
2018-08-05 16:12:32 +08:00
|
|
|
|
2022-07-02 21:52:48 +08:00
|
|
|
- name: 下载client工具
|
|
|
|
copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
|
|
|
|
with_items:
|
|
|
|
- cilium
|
|
|
|
- hubble
|
|
|
|
|
2018-08-05 16:12:32 +08:00
|
|
|
# 删除原有cni配置
|
|
|
|
- name: 删除默认cni配置
|
|
|
|
file: path=/etc/cni/net.d/10-default.conf state=absent
|
|
|
|
|
|
|
|
# 等待网络插件部署成功,视下载镜像速度而定
|
2022-10-09 19:24:44 +08:00
|
|
|
- name: 轮询等待cilium-node 运行
|
2023-01-15 21:41:45 +08:00
|
|
|
shell: "{{ base_dir }}/bin/kubectl get pod -n kube-system -owide -lk8s-app=cilium|grep ' {{ K8S_NODENAME }} '|awk '{print $3}'"
|
2018-08-05 16:12:32 +08:00
|
|
|
register: pod_status
|
|
|
|
until: pod_status.stdout == "Running"
|
2018-08-30 20:17:05 +08:00
|
|
|
retries: 15
|
2018-08-05 16:12:32 +08:00
|
|
|
delay: 8
|
2019-02-25 23:11:08 +08:00
|
|
|
ignore_errors: true
|
2022-10-09 19:24:44 +08:00
|
|
|
connection: local
|
2022-11-27 20:42:58 +08:00
|
|
|
tags: force_change_certs
|
2022-07-02 22:51:49 +08:00
|
|
|
|
|
|
|
# hubble-relay 可能需要重启一下
|
|
|
|
- name: 重启hubble-relay pod
|
|
|
|
shell: "{{ base_dir }}/bin/kubectl -n kube-system scale deploy hubble-relay --replicas=0 && sleep 5 && \
|
|
|
|
{{ base_dir }}/bin/kubectl -n kube-system scale deploy hubble-relay --replicas=1"
|
|
|
|
run_once: true
|
|
|
|
connection: local
|
|
|
|
when: "cilium_hubble_enabled|bool"
|
2022-11-27 20:42:58 +08:00
|
|
|
tags: force_change_certs
|