# 集群内时间同步
- hosts: all
  roles:
  - { role: chrony, when: "hostvars[groups.deploy[0]]['NTP_ENABLED'] == 'yes'" }

# 在deploy节点生成CA相关证书，以供整个集群使用
- hosts: deploy
  roles:
  - deploy

# 集群节点的公共配置任务
- hosts:
  - kube-master
  - kube-node
  - deploy
  - etcd
  - lb
  roles:
  - prepare

# [可选]多master部署时的负载均衡配置
- hosts: lb
  roles:
  - lb

# 创建etcd集群
- hosts: etcd
  roles:
  - etcd

# docker服务安装
- hosts:
  - kube-master
  - kube-node
  roles:
  - docker

- hosts: kube-master
  roles:
  - kube-master
  - kube-node
  # 禁止业务 pod调度到 master节点
  tasks:
  - name: 禁止业务 pod调度到 master节点
    shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
    when: DEPLOY_MODE != "allinone"
    ignore_errors: true

  - name: 设置master节点role
    shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
    ignore_errors: true

# node 节点部署
- hosts: kube-node
  roles:
  - { role: kube-node, when: "DEPLOY_MODE != 'allinone'" }

# 集群网络插件部署，只能选择一种安装
- hosts:
  - kube-master
  - kube-node
  roles:
  - { role: calico, when: "CLUSTER_NETWORK == 'calico'" }
  - { role: cilium, when: "CLUSTER_NETWORK == 'cilium'" }
  - { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" }
  - { role: kube-router, when: "CLUSTER_NETWORK == 'kube-router'" }

# 集群插件安装
- hosts:
  - kube-node
  roles:
  - cluster-addon