2019-04-19 21:01:54 +08:00
|
|
|
---
|
|
|
|
- name: Set kubeadm_discovery_address
|
|
|
|
set_fact:
|
2023-07-05 11:36:54 +08:00
|
|
|
# noqa: jinja[spacing]
|
2019-04-19 21:01:54 +08:00
|
|
|
kubeadm_discovery_address: >-
|
|
|
|
{%- if "127.0.0.1" in kube_apiserver_endpoint or "localhost" in kube_apiserver_endpoint -%}
|
2022-01-10 17:35:19 +08:00
|
|
|
{{ first_kube_control_plane_address }}:{{ kube_apiserver_port }}
|
2019-04-19 21:01:54 +08:00
|
|
|
{%- else -%}
|
2019-05-03 05:24:21 +08:00
|
|
|
{{ kube_apiserver_endpoint | regex_replace('https://', '') }}
|
2019-04-19 21:01:54 +08:00
|
|
|
{%- endif %}
|
|
|
|
tags:
|
|
|
|
- facts
|
|
|
|
|
2019-04-24 05:37:59 +08:00
|
|
|
- name: Upload certificates so they are fresh and not expired
|
|
|
|
command: >-
|
|
|
|
{{ bin_dir }}/kubeadm init phase
|
2019-05-03 05:24:21 +08:00
|
|
|
--config {{ kube_config_dir }}/kubeadm-config.yaml
|
2019-07-02 16:51:08 +08:00
|
|
|
upload-certs
|
|
|
|
--upload-certs
|
2019-04-24 05:37:59 +08:00
|
|
|
register: kubeadm_upload_cert
|
2019-04-27 16:14:20 +08:00
|
|
|
when:
|
2021-12-06 16:16:32 +08:00
|
|
|
- inventory_hostname == first_kube_control_plane
|
2022-04-12 20:47:23 +08:00
|
|
|
- not kube_external_ca_mode
|
2019-04-24 05:37:59 +08:00
|
|
|
|
|
|
|
- name: Parse certificate key if not set
|
|
|
|
set_fact:
|
2021-03-24 08:26:05 +08:00
|
|
|
kubeadm_certificate_key: "{{ hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'].stdout_lines[-1] | trim }}"
|
2019-07-15 15:45:06 +08:00
|
|
|
run_once: yes
|
|
|
|
when:
|
2021-03-24 08:26:05 +08:00
|
|
|
- hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'] is defined
|
|
|
|
- hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'] is not skipped
|
2019-07-11 20:30:54 +08:00
|
|
|
|
|
|
|
- name: Create kubeadm ControlPlane config
|
|
|
|
template:
|
|
|
|
src: "kubeadm-controlplane.{{ kubeadmConfig_api_version }}.yaml.j2"
|
|
|
|
dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml"
|
2024-07-26 09:42:20 +08:00
|
|
|
mode: "0640"
|
2019-07-11 20:30:54 +08:00
|
|
|
backup: yes
|
|
|
|
when:
|
2021-12-06 16:16:32 +08:00
|
|
|
- inventory_hostname != first_kube_control_plane
|
2019-07-11 20:30:54 +08:00
|
|
|
- not kubeadm_already_run.stat.exists
|
|
|
|
|
|
|
|
- name: Wait for k8s apiserver
|
|
|
|
wait_for:
|
|
|
|
host: "{{ kubeadm_discovery_address.split(':')[0] }}"
|
|
|
|
port: "{{ kubeadm_discovery_address.split(':')[1] }}"
|
|
|
|
timeout: 180
|
|
|
|
|
|
|
|
|
2023-07-26 22:36:22 +08:00
|
|
|
- name: Check already run
|
2019-06-21 02:12:51 +08:00
|
|
|
debug:
|
|
|
|
msg: "{{ kubeadm_already_run.stat.exists }}"
|
|
|
|
|
2022-04-12 20:47:23 +08:00
|
|
|
- name: Reset cert directory
|
2019-10-08 15:15:12 +08:00
|
|
|
shell: >-
|
|
|
|
if [ -f /etc/kubernetes/manifests/kube-apiserver.yaml ]; then
|
|
|
|
{{ bin_dir }}/kubeadm reset -f --cert-dir {{ kube_cert_dir }};
|
2022-04-12 20:47:23 +08:00
|
|
|
fi
|
|
|
|
environment:
|
|
|
|
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
|
|
|
|
when:
|
|
|
|
- inventory_hostname != first_kube_control_plane
|
|
|
|
- kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists
|
|
|
|
- not kube_external_ca_mode
|
|
|
|
|
2024-04-03 14:54:12 +08:00
|
|
|
- name: Get kubeconfig for join discovery process
|
|
|
|
command: "{{ kubectl }} -n kube-public get cm cluster-info -o jsonpath='{.data.kubeconfig}'"
|
|
|
|
register: kubeconfig_file_discovery
|
|
|
|
run_once: true
|
|
|
|
delegate_to: "{{ groups['kube_control_plane'] | first }}"
|
|
|
|
when:
|
|
|
|
- kubeadm_use_file_discovery
|
|
|
|
- kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists
|
|
|
|
|
|
|
|
- name: Copy discovery kubeconfig
|
|
|
|
copy:
|
|
|
|
dest: "{{ kube_config_dir }}/cluster-info-discovery-kubeconfig.yaml"
|
|
|
|
content: "{{ kubeconfig_file_discovery.stdout }}"
|
|
|
|
owner: "root"
|
2024-07-26 09:42:20 +08:00
|
|
|
mode: "0644"
|
2024-04-03 14:54:12 +08:00
|
|
|
when:
|
|
|
|
- inventory_hostname != first_kube_control_plane
|
|
|
|
- kubeadm_use_file_discovery
|
|
|
|
- kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists
|
|
|
|
|
2022-04-12 20:47:23 +08:00
|
|
|
- name: Joining control plane node to the cluster.
|
|
|
|
command: >-
|
2019-04-19 21:01:54 +08:00
|
|
|
{{ bin_dir }}/kubeadm join
|
2019-05-03 05:24:21 +08:00
|
|
|
--config {{ kube_config_dir }}/kubeadm-controlplane.yaml
|
2019-04-19 21:01:54 +08:00
|
|
|
--ignore-preflight-errors=all
|
2021-10-12 00:36:41 +08:00
|
|
|
--skip-phases={{ kubeadm_join_phases_skip | join(',') }}
|
2021-02-24 01:44:02 +08:00
|
|
|
environment:
|
|
|
|
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
|
2019-04-19 21:01:54 +08:00
|
|
|
register: kubeadm_join_control_plane
|
2019-06-21 02:12:51 +08:00
|
|
|
retries: 3
|
2021-01-16 09:19:43 +08:00
|
|
|
throttle: 1
|
2019-06-21 02:12:51 +08:00
|
|
|
until: kubeadm_join_control_plane is succeeded
|
2019-04-19 21:01:54 +08:00
|
|
|
when:
|
2021-12-06 16:16:32 +08:00
|
|
|
- inventory_hostname != first_kube_control_plane
|
2019-06-21 02:12:51 +08:00
|
|
|
- kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists
|