2016-11-03 23:57:11 +08:00
|
|
|
---
|
2016-11-14 20:03:54 +08:00
|
|
|
- name: Canal | Write Canal cni config
|
|
|
|
template:
|
|
|
|
src: "cni-canal.conf.j2"
|
|
|
|
dest: "/etc/cni/net.d/10-canal.conf"
|
2017-02-06 20:58:54 +08:00
|
|
|
owner: kube
|
2016-11-14 20:03:54 +08:00
|
|
|
|
|
|
|
- name: Canal | Create canal certs directory
|
|
|
|
file:
|
|
|
|
dest: "{{ canal_cert_dir }}"
|
|
|
|
state: directory
|
|
|
|
mode: 0750
|
2017-02-06 20:58:54 +08:00
|
|
|
owner: root
|
|
|
|
group: root
|
2016-11-14 20:03:54 +08:00
|
|
|
|
|
|
|
- name: Canal | Link etcd certificates for canal-node
|
|
|
|
file:
|
|
|
|
src: "{{ etcd_cert_dir }}/{{ item.s }}"
|
|
|
|
dest: "{{ canal_cert_dir }}/{{ item.d }}"
|
|
|
|
state: hard
|
2016-12-08 00:03:04 +08:00
|
|
|
force: yes
|
2016-11-14 20:03:54 +08:00
|
|
|
with_items:
|
|
|
|
- {s: "ca.pem", d: "ca_cert.crt"}
|
2016-12-13 17:03:35 +08:00
|
|
|
- {s: "node-{{ inventory_hostname }}.pem", d: "cert.crt"}
|
|
|
|
- {s: "node-{{ inventory_hostname }}-key.pem", d: "key.pem"}
|
2016-11-14 20:03:54 +08:00
|
|
|
|
2016-11-10 17:49:47 +08:00
|
|
|
- name: Canal | Set Flannel etcd configuration
|
|
|
|
command: |-
|
|
|
|
{{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} \
|
|
|
|
set /{{ cluster_name }}/network/config \
|
|
|
|
'{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }'
|
|
|
|
delegate_to: "{{groups['etcd'][0]}}"
|
|
|
|
run_once: true
|
2016-11-03 23:57:11 +08:00
|
|
|
|
2016-11-08 19:13:20 +08:00
|
|
|
- name: Canal | Write canal configmap
|
|
|
|
template:
|
|
|
|
src: canal-config.yml.j2
|
2016-12-13 18:43:06 +08:00
|
|
|
dest: "{{kube_config_dir}}/canal-config.yaml"
|
2016-11-08 19:13:20 +08:00
|
|
|
|
|
|
|
- name: Canal | Write canal node configuration
|
2016-11-03 23:57:11 +08:00
|
|
|
template:
|
|
|
|
src: canal-node.yml.j2
|
2016-12-13 18:43:06 +08:00
|
|
|
dest: "{{kube_config_dir}}/canal-node.yaml"
|
2017-02-08 22:13:17 +08:00
|
|
|
register: canal_node_manifest
|
2016-11-03 23:57:11 +08:00
|
|
|
|
|
|
|
- name: Canal | Copy cni plugins from hyperkube
|
2017-03-15 19:00:42 +08:00
|
|
|
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /usr/bin/rsync -ac /opt/cni/bin/ /cnibindir/"
|
2016-11-03 23:57:11 +08:00
|
|
|
register: cni_task_result
|
|
|
|
until: cni_task_result.rc == 0
|
|
|
|
retries: 4
|
|
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
|
|
changed_when: false
|
2016-12-08 21:36:00 +08:00
|
|
|
tags: [hyperkube, upgrade]
|
2016-11-03 23:57:11 +08:00
|
|
|
|
|
|
|
- name: Canal | Copy cni plugins from calico/cni
|
2016-12-23 22:44:44 +08:00
|
|
|
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }} sh -c 'cp -a /opt/cni/bin/* /cnibindir/'"
|
2016-11-03 23:57:11 +08:00
|
|
|
register: cni_task_result
|
|
|
|
until: cni_task_result.rc == 0
|
|
|
|
retries: 4
|
|
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
|
|
changed_when: false
|
2016-12-08 21:36:00 +08:00
|
|
|
tags: [hyperkube, upgrade]
|
2017-01-05 06:46:00 +08:00
|
|
|
|
2017-03-15 19:00:42 +08:00
|
|
|
- name: Canal | Set cni directory permissions
|
|
|
|
file:
|
|
|
|
path: /opt/cni/bin
|
|
|
|
state: directory
|
|
|
|
owner: kube
|
|
|
|
recurse: true
|
|
|
|
mode: 0755
|
|
|
|
|
2017-01-05 06:46:00 +08:00
|
|
|
- name: Canal | Install calicoctl container script
|
|
|
|
template:
|
|
|
|
src: calicoctl-container.j2
|
|
|
|
dest: "{{ bin_dir }}/calicoctl"
|
|
|
|
mode: 0755
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
changed_when: false
|
2017-01-05 06:51:11 +08:00
|
|
|
|
|
|
|
- name: Canal | Create network policy directory
|
|
|
|
file:
|
|
|
|
path: "{{ canal_policy_dir }}"
|
|
|
|
state: directory
|