commit
7913d62749
|
@ -0,0 +1,41 @@
|
|||
sudo: required
|
||||
dist: trusty
|
||||
language: python
|
||||
python: "2.7"
|
||||
|
||||
addons:
|
||||
hosts:
|
||||
- node1
|
||||
|
||||
env:
|
||||
- SITE=cluster.yml
|
||||
|
||||
before_install:
|
||||
- sudo apt-get update -qq
|
||||
|
||||
install:
|
||||
# Install Ansible.
|
||||
- sudo -H pip install ansible
|
||||
- sudo -H pip install netaddr
|
||||
|
||||
cache:
|
||||
directories:
|
||||
- $HOME/releases
|
||||
- $HOME/.cache/pip
|
||||
|
||||
before_script:
|
||||
- export PATH=$PATH:/usr/local/bin
|
||||
|
||||
script:
|
||||
# Check the role/playbook's syntax.
|
||||
- "sudo -H ansible-playbook -i inventory/local-tests.cfg $SITE --syntax-check"
|
||||
|
||||
# Run the role/playbook with ansible-playbook.
|
||||
- "sudo -H ansible-playbook -i inventory/local-tests.cfg $SITE --connection=local"
|
||||
|
||||
# Run the role/playbook again, checking to make sure it's idempotent.
|
||||
- >
|
||||
sudo -H ansible-playbook -i inventory/local-tests.cfg $SITE --connection=local
|
||||
| tee /dev/stderr | grep -q 'changed=0.*failed=0'
|
||||
&& (echo 'Idempotence test: pass' && exit 0)
|
||||
|| (echo 'Idempotence test: fail' && exit 1)
|
|
@ -0,0 +1,17 @@
|
|||
node1 ansible_connection=local local_release_dir={{ansible_env.HOME}}/releases
|
||||
|
||||
[downloader]
|
||||
node1
|
||||
|
||||
[kube-master]
|
||||
node1
|
||||
|
||||
[etcd]
|
||||
node1
|
||||
|
||||
[kube-node]
|
||||
node1
|
||||
|
||||
[k8s-cluster:children]
|
||||
kube-node
|
||||
kube-master
|
|
@ -53,11 +53,37 @@
|
|||
timeout: 100
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- name: update resolv.conf with new DNS setup
|
||||
template:
|
||||
src: resolv.conf.j2
|
||||
dest: /etc/resolv.conf
|
||||
mode: 644
|
||||
- name: check resolvconf
|
||||
stat: path=/etc/resolvconf/resolv.conf.d/head
|
||||
register: resolvconf
|
||||
|
||||
- name: target resolv.conf file
|
||||
set_fact:
|
||||
resolvconffile: >
|
||||
{%- if resolvconf.stat.exists == True -%}
|
||||
/etc/resolvconf/resolv.conf.d/head
|
||||
{%- else -%}
|
||||
/etc/resolv.conf
|
||||
{%- endif -%}
|
||||
|
||||
- name: Add search resolv.conf
|
||||
lineinfile:
|
||||
line: search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}
|
||||
dest: "{{resolvconffile}}"
|
||||
state: present
|
||||
insertafter: EOF
|
||||
backup: yes
|
||||
follow: yes
|
||||
|
||||
- name: Add all masters as nameserver
|
||||
lineinfile:
|
||||
line: nameserver {{ hostvars[item]['ansible_default_ipv4']['address'] }}
|
||||
dest: "{{resolvconffile}}"
|
||||
state: present
|
||||
insertafter: EOF
|
||||
backup: yes
|
||||
follow: yes
|
||||
with_items: groups['kube-master']
|
||||
|
||||
- name: disable resolv.conf modification by dhclient
|
||||
copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate mode=u+x backup=yes
|
||||
|
@ -67,4 +93,9 @@
|
|||
copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient.d/nodnsupdate mode=u+x backup=yes
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: update resolvconf
|
||||
command: resolvconf -u
|
||||
changed_when: False
|
||||
when: resolvconf.stat.exists == True
|
||||
|
||||
- meta: flush_handlers
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
; generated by ansible
|
||||
search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}
|
||||
{% if inventory_hostname in groups['kube-master'] %}
|
||||
nameserver {{ ansible_default_ipv4.address }}
|
||||
{% else %}
|
||||
{% for host in groups['kube-master'] %}
|
||||
nameserver {{ hostvars[host]['ansible_default_ipv4']['address'] }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
|
@ -5,11 +5,17 @@
|
|||
dest: /etc/bash_completion.d/kubectl.sh
|
||||
|
||||
- name: Install kubectl binary
|
||||
copy:
|
||||
src={{ local_release_dir }}/kubernetes/bin/kubectl
|
||||
dest={{ bin_dir }}
|
||||
owner=kube
|
||||
mode=0755
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/kubernetes/bin/kubectl"
|
||||
dest: "{{ bin_dir }}/kubectl"
|
||||
mode: pull
|
||||
archive: no
|
||||
checksum: yes
|
||||
times: yes
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
|
||||
- name: Perms kubectl binary
|
||||
file: path={{ bin_dir }}/kubelet owner=kube mode=0755 state=file
|
||||
|
||||
- name: populate users for basic auth in API
|
||||
lineinfile:
|
||||
|
|
|
@ -1,36 +1,50 @@
|
|||
---
|
||||
- name: Write kubelet systemd init file
|
||||
- debug: msg="{{init_system == "systemd"}}"
|
||||
- debug: msg="{{init_system}}"
|
||||
|
||||
- name: install | Write kubelet systemd init file
|
||||
template: src=kubelet.service.j2 dest=/etc/systemd/system/kubelet.service backup=yes
|
||||
when: init_system == "systemd"
|
||||
notify: restart systemd-kubelet
|
||||
|
||||
- name: Write kubelet initd script
|
||||
- name: install | Write kubelet initd script
|
||||
template: src=deb-kubelet.initd.j2 dest=/etc/init.d/kubelet owner=root mode=755 backup=yes
|
||||
when: init_system == "sysvinit" and ansible_os_family == "Debian"
|
||||
notify: restart kubelet
|
||||
|
||||
- name: Write kubelet initd script
|
||||
- name: install | Write kubelet initd script
|
||||
template: src=rh-kubelet.initd.j2 dest=/etc/init.d/kubelet owner=root mode=755 backup=yes
|
||||
when: init_system == "sysvinit" and ansible_os_family == "RedHat"
|
||||
notify: restart kubelet
|
||||
|
||||
- name: Install kubelet binary
|
||||
copy:
|
||||
src={{ local_release_dir }}/kubernetes/bin/kubelet
|
||||
dest={{ bin_dir }}
|
||||
owner=kube
|
||||
mode=0755
|
||||
- name: install | Install kubelet binary
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/kubernetes/bin/kubelet"
|
||||
dest: "{{ bin_dir }}/kubelet"
|
||||
mode: pull
|
||||
times: yes
|
||||
archive: no
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
notify:
|
||||
- restart kubelet
|
||||
|
||||
- name: Calico-plugin | Directory
|
||||
- name: install | Perms kubelet binary
|
||||
file: path={{ bin_dir }}/kubelet owner=kube mode=0755 state=file
|
||||
|
||||
- name: install | Calico-plugin | Directory
|
||||
file: path=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/ state=directory
|
||||
when: kube_network_plugin == "calico"
|
||||
|
||||
- name: Calico-plugin | Binary
|
||||
copy:
|
||||
src={{ local_release_dir }}/calico/bin/calico
|
||||
dest=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico
|
||||
mode=0755
|
||||
- name: install | Calico-plugin | Binary
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/calico/bin/calico"
|
||||
dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
|
||||
mode: "pull"
|
||||
times: yes
|
||||
archive: no
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
when: kube_network_plugin == "calico"
|
||||
notify: restart kubelet
|
||||
|
||||
- name: install | Perms calico plugin binary
|
||||
file: path=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico owner=kube mode=0755 state=file
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
---
|
||||
- name: "Identify init system"
|
||||
shell: >
|
||||
if $(pgrep systemd > /dev/null); then
|
||||
$(pgrep systemd > /dev/null && systemctl status > /dev/null);
|
||||
if [ $? -eq 0 ] ; then
|
||||
echo systemd;
|
||||
else
|
||||
echo sysvinit;
|
||||
|
|
|
@ -1,11 +1,18 @@
|
|||
---
|
||||
|
||||
- name: Calico | Install calicoctl bin
|
||||
copy:
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/calico/bin/calicoctl"
|
||||
dest: "{{ bin_dir }}"
|
||||
mode: 0755
|
||||
dest: "{{ bin_dir }}/calicoctl"
|
||||
mode: pull
|
||||
archive: no
|
||||
times: yes
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
notify: restart calico-node
|
||||
|
||||
- name: Calico | install calicoctl
|
||||
file: path={{ bin_dir }}/calicoctl mode=0755 state=file
|
||||
|
||||
- name: Calico | Create calicoctl symlink (needed by kubelet)
|
||||
file:
|
||||
src: /usr/local/bin/calicoctl
|
||||
|
@ -39,7 +46,7 @@
|
|||
fail:
|
||||
msg: 'Only one network pool must be configured and it must be the subnet {{ kube_pods_subnet }}.
|
||||
Please erase calico configuration and run the playbook again ("etcdctl rm --recursive /calico/v1/ipam/v4/pool")'
|
||||
when: ( calico_pools.json['node']['nodes'] | length > 1 ) or
|
||||
when: ( calico_pools.json['node']['nodes'] | length > 1 ) or
|
||||
( not calico_pools.json['node']['nodes'][0]['key'] | search(".*{{ kube_pods_subnet | ipaddr('network') }}.*") )
|
||||
run_once: true
|
||||
delegate_to: "{{ groups['etcd'][0] }}"
|
||||
|
|
|
@ -3,14 +3,19 @@
|
|||
user: name=flannel shell=/bin/nologin
|
||||
|
||||
- name: Install flannel binaries
|
||||
copy:
|
||||
src={{ local_release_dir }}/flannel/bin/flanneld
|
||||
dest={{ bin_dir }}
|
||||
owner=flannel
|
||||
mode=u+x
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/flannel/bin/flanneld"
|
||||
dest: "{{ bin_dir }}/flanneld"
|
||||
mode: pull
|
||||
archive: no
|
||||
times: yes
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
notify:
|
||||
- restart flannel
|
||||
|
||||
- name: Perms flannel binary
|
||||
file: path={{ bin_dir }}/flanneld owner=flannel mode=0755 state=file
|
||||
|
||||
- name: Write flannel.service systemd file
|
||||
template:
|
||||
src: flannel/systemd-flannel.service.j2
|
||||
|
|
Loading…
Reference in New Issue