mirror of https://github.com/easzlab/kubeasz.git
48 lines
2.1 KiB
YAML
48 lines
2.1 KiB
YAML
- block:
|
|
- name: 获取是否已创建命名空间{{ prom_namespace }}
|
|
shell: "{{ base_dir }}/bin/kubectl get ns"
|
|
register: ns_info
|
|
|
|
- name: 创建命名空间{{ prom_namespace }}
|
|
shell: "{{ base_dir }}/bin/kubectl create ns {{ prom_namespace }}"
|
|
when: "prom_namespace not in ns_info.stdout"
|
|
|
|
- name: get etcd-client-cert info
|
|
shell: "{{ base_dir }}/bin/kubectl get secrets -n {{ prom_namespace }}"
|
|
register: secrets_info
|
|
|
|
- name: 创建etcd-client 证书请求
|
|
template: src=prometheus/etcd-client-csr.json.j2 dest={{ cluster_dir }}/ssl/etcd-client-csr.json
|
|
when: '"etcd-client-cert" not in secrets_info.stdout'
|
|
|
|
- name: 创建 etcd-client证书和私钥
|
|
shell: "cd {{ cluster_dir }}/ssl && {{ base_dir }}/bin/cfssl gencert \
|
|
-ca=ca.pem \
|
|
-ca-key=ca-key.pem \
|
|
-config=ca-config.json \
|
|
-profile=kubernetes etcd-client-csr.json|{{ base_dir }}/bin/cfssljson -bare etcd-client"
|
|
when: '"etcd-client-cert" not in secrets_info.stdout'
|
|
|
|
- name: 创建 etcd-client-cert
|
|
shell: "cd {{ cluster_dir }}/ssl && \
|
|
{{ base_dir }}/bin/kubectl create secret generic -n {{ prom_namespace }} etcd-client-cert \
|
|
--from-file=etcd-ca=ca.pem \
|
|
--from-file=etcd-client=etcd-client.pem \
|
|
--from-file=etcd-client-key=etcd-client-key.pem"
|
|
when: '"etcd-client-cert" not in secrets_info.stdout'
|
|
|
|
# 判断 kubernetes 版本
|
|
- name: 注册变量 K8S_VER
|
|
shell: "{{ base_dir }}/bin/kube-apiserver --version|cut -d' ' -f2|cut -d'v' -f2"
|
|
register: K8S_VER
|
|
|
|
- name: 创建 prom chart 个性化设置
|
|
template: src=prometheus/values.yaml.j2 dest={{ cluster_dir }}/yml/prom-values.yaml
|
|
|
|
- name: helm 创建 kube-prometheus-stack {{ prom_chart_ver }}
|
|
shell: "{{ base_dir }}/bin/helm install -n {{ prom_namespace }} prometheus \
|
|
-f {{ cluster_dir }}/yml/prom-values.yaml \
|
|
{{ base_dir }}/roles/cluster-addon/files/kube-prometheus-stack-{{ prom_chart_ver }}.tgz"
|
|
run_once: true
|
|
connection: local
|