kubeasz/roles/kube-router/tasks/main.yml

100 lines
3.4 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

- block:
- name: 在deploy 节点创建相关目录
file: name=/opt/kube/kube-system/kube-router state=directory
- name: 准备配置 kube-router DaemonSet (without IPVS)
template: src=kuberouter.yaml.j2 dest=/opt/kube/kube-system/kube-router/kuberouter.yaml
when: 'SERVICE_PROXY != "true"'
- name: 准备配置 kube-router DaemonSet (with IPVS)
template: src=kuberouter-all.yaml.j2 dest=/opt/kube/kube-system/kube-router/kuberouter.yaml
when: 'SERVICE_PROXY == "true"'
delegate_to: "{{ groups.deploy[0] }}"
run_once: true
- name: 创建cni 和kube-router 相关目录
file: name={{ item }} state=directory
with_items:
- /etc/cni/net.d
- /opt/kube/images
- name: 下载cni plugins
copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
with_items:
- bridge
- host-local
- loopback
- portmap
# kube-router 带service proxy (IPVS/LVS)
- name: 停止 kube-proxy 服务
service: name=kube-proxy state=stopped enabled=no
when: 'SERVICE_PROXY == "true"'
ignore_errors: true
- name: 清理 kube-proxy产生的iptables或ipvs规则
shell: "{{ bin_dir }}/kube-proxy --cleanup; ipvsadm -C"
when: 'SERVICE_PROXY == "true"'
ignore_errors: true
# 【可选】推送离线docker 镜像,可以忽略执行错误
- block:
- name: 检查是否已下载离线kube-router镜像
command: "ls {{ base_dir }}/down"
register: download_info
connection: local
run_once: true
- name: 尝试推送离线docker 镜像(若执行失败,可忽略)
copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
when: 'item in download_info.stdout'
with_items:
- "pause_3.1.tar"
- "{{ kuberouter_offline }}"
- "{{ busybox_offline }}"
ignore_errors: true
- name: 获取kube-router离线镜像推送情况
command: "ls /opt/kube/images"
register: image_info
# 如果目录下有离线镜像就把它导入到node节点上
- name: 导入 kube-router的离线镜像若执行失败可忽略
shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ item }}"
with_items:
- "pause_3.1.tar"
- "{{ kuberouter_offline }}"
- "{{ busybox_offline }}"
ignore_errors: true
when: "item in image_info.stdout and CONTAINER_RUNTIME == 'docker'"
- name: 导入 kube-router的离线镜像若执行失败可忽略
shell: "{{ bin_dir }}/ctr -n=k8s.io images import /opt/kube/images/{{ item }}"
with_items:
- "pause_3.1.tar"
- "{{ kuberouter_offline }}"
- "{{ busybox_offline }}"
ignore_errors: true
when: "item in image_info.stdout and CONTAINER_RUNTIME == 'containerd'"
# 只需单节点执行一次
- name: 运行 kube-router DaemonSet
shell: "{{ bin_dir }}/kubectl apply -f /opt/kube/kube-system/kube-router/ && sleep 5"
delegate_to: "{{ groups.deploy[0] }}"
run_once: true
# 删除原有cni配置
- name: 删除默认cni配置
file: path=/etc/cni/net.d/10-default.conf state=absent
# 等待网络插件部署成功,视下载镜像速度而定
- name: 轮询等待kube-router 运行,视下载镜像速度而定
shell: "{{ bin_dir }}/kubectl get pod -n kube-system -o wide|grep 'kube-router'|grep ' {{ inventory_hostname }} '|awk '{print $3}'"
register: pod_status
until: pod_status.stdout == "Running"
delegate_to: "{{ groups.deploy[0] }}"
retries: 15
delay: 8
ignore_errors: true