# [optional] to synchronize time of nodes with 'chrony' - hosts: - kube_master - kube_node - etcd - ex_lb - chrony roles: - { role: os-harden, when: "OS_HARDEN|bool" } - { role: chrony, when: "groups['chrony']|length > 0" } # to create CA, kubeconfig, kube-proxy.kubeconfig etc. - hosts: localhost roles: - deploy # prepare tasks for all nodes - hosts: - kube_master - kube_node - etcd roles: - prepare # to install etcd cluster - hosts: etcd roles: - etcd # to install container runtime - hosts: - kube_master - kube_node roles: - { role: docker, when: "CONTAINER_RUNTIME == 'docker'" } - { role: containerd, when: "CONTAINER_RUNTIME == 'containerd'" } # to set up 'kube_master' nodes - hosts: kube_master roles: - kube-lb - kube-master - kube-node tasks: - name: Making master nodes SchedulingDisabled shell: "{{ base_dir }}/bin/kubectl cordon {{ inventory_hostname }} " when: "inventory_hostname not in groups['kube_node']" ignore_errors: true connection: local - name: Setting master role name shell: "{{ base_dir }}/bin/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite" ignore_errors: true connection: local # to set up 'kube_node' nodes - hosts: kube_node roles: - { role: kube-lb, when: "inventory_hostname not in groups['kube_master']" } - { role: kube-node, when: "inventory_hostname not in groups['kube_master']" } # to install network plugin, only one can be choosen - hosts: - kube_master - kube_node roles: - { role: calico, when: "CLUSTER_NETWORK == 'calico'" } - { role: cilium, when: "CLUSTER_NETWORK == 'cilium'" } - { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" } - { role: kube-router, when: "CLUSTER_NETWORK == 'kube-router'" } - { role: kube-ovn, when: "CLUSTER_NETWORK == 'kube-ovn'" } # to install cluster-addons - hosts: localhost roles: - cluster-addon