2016-09-08 02:02:06 +08:00
---
2017-04-21 10:51:27 +08:00
- name : Helm | Make sure HELM_HOME directory exists
file : path={{ helm_home_dir }} state=directory
2017-03-17 19:56:25 +08:00
- name : Helm | Set up helm launcher
2018-01-29 19:37:48 +08:00
include_tasks : "install_{{ helm_deployment_type }}.yml"
2017-03-17 19:56:25 +08:00
2017-06-27 12:27:25 +08:00
- name : Helm | Lay Down Helm Manifests (RBAC)
template :
2018-08-29 17:20:41 +08:00
src : "{{item.file}}.j2"
2017-06-27 12:27:25 +08:00
dest : "{{kube_config_dir}}/{{item.file}}"
with_items :
2018-08-29 17:20:41 +08:00
- {name: tiller, file: tiller-namespace.yml, type : namespace}
2017-06-27 12:27:25 +08:00
- {name: tiller, file: tiller-sa.yml, type : sa}
- {name: tiller, file: tiller-clusterrolebinding.yml, type : clusterrolebinding}
register : manifests
2018-08-22 11:41:29 +08:00
when : dns_mode != 'none' and inventory_hostname == groups['kube-master'][0]
2017-06-27 12:27:25 +08:00
- name : Helm | Apply Helm Manifests (RBAC)
kube :
name : "{{item.item.name}}"
2018-08-29 17:20:41 +08:00
namespace : "{{ tiller_namespace }}"
2017-06-27 12:27:25 +08:00
kubectl : "{{bin_dir}}/kubectl"
resource : "{{item.item.type}}"
filename : "{{kube_config_dir}}/{{item.item.file}}"
2017-09-05 13:23:12 +08:00
state : "latest"
2017-06-27 12:27:25 +08:00
with_items : "{{ manifests.results }}"
2018-08-22 11:41:29 +08:00
when : dns_mode != 'none' and inventory_hostname == groups['kube-master'][0]
2017-06-27 12:27:25 +08:00
2018-09-06 23:14:18 +08:00
# Generate necessary certs for securing Helm and Tiller connection with TLS
- name : Helm | Set up TLS
include_tasks : "gen_helm_tiller_certs.yml"
when : tiller_enable_tls
2017-03-17 19:56:25 +08:00
- name : Helm | Install/upgrade helm
2017-11-29 02:33:57 +08:00
command : >
2018-08-29 17:20:41 +08:00
{{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }} --tiller-namespace={{ tiller_namespace }}
2017-11-29 02:33:57 +08:00
{% if helm_skip_refresh %} --skip-refresh{% endif %}
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
{% if tiller_override is defined %} --override {{ tiller_override }}{% endif %}
2018-06-15 18:50:18 +08:00
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
2018-09-06 23:14:18 +08:00
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
{% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
2018-09-03 15:51:55 +08:00
register : install_helm
changed_when : false
2018-09-06 23:14:18 +08:00
environment : "{{proxy_env}}"
2018-09-03 15:51:55 +08:00
2018-09-06 22:26:57 +08:00
# FIXME: https://github.com/helm/helm/issues/4063
2018-09-03 15:51:55 +08:00
- name : Helm | Force apply tiller overrides if necessary
shell : >
{{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }} --tiller-namespace={{ tiller_namespace }}
{% if helm_skip_refresh %} --skip-refresh{% endif %}
{% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
{% if rbac_enabled %} --service-account=tiller{% endif %}
{% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
{% if tiller_override is defined %} --override {{ tiller_override }}{% endif %}
{% if tiller_max_history is defined %} --history-max={{ tiller_max_history }}{% endif %}
2018-09-06 23:14:18 +08:00
{% if tiller_enable_tls %} --tiller-tls --tiller-tls-verify --tiller-tls-cert={{ tiller_tls_cert }} --tiller-tls-key={{ tiller_tls_key }} --tls-ca-cert={{ tiller_tls_ca_cert }} {% endif %}
{% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
2018-09-03 15:51:55 +08:00
| kubectl apply -f -
changed_when : false
when : tiller_override is defined
2018-09-06 23:14:18 +08:00
environment : "{{proxy_env}}"
2017-03-17 19:56:25 +08:00
- name : Helm | Set up bash completion
2017-06-19 14:33:50 +08:00
shell : "umask 022 && {{ bin_dir }}/helm completion bash >/etc/bash_completion.d/helm.sh"
2017-11-13 18:15:53 +08:00
when : ((helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed)) and not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]