From a5b46bfc8c910b71f5ee86d6053ead000d795a6c Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Mon, 29 Apr 2019 15:12:22 +0300 Subject: [PATCH] Run dns_late preinstall tasks on all k8s nodes (#4672) * Run dns_late preinstall tasks on all k8s nodes Related issue: #4656 Change-Id: I63f8559ef1a497b7580ab084561e6603fe647834 * Fix ansible-lint Change-Id: Ia5b33fa63dbc36d8c3e9557ef3f2ea02af2325a5 * Fix recover_control_plane lint issues Change-Id: I16643a3193c11b6ba704e9698812cac7e4fd19a8 --- .gitlab-ci/lint.yml | 2 +- cluster.yml | 7 ++++++- roles/recover_control_plane/etcd/tasks/prepare.yml | 1 + .../etcd/tasks/recover_lost_quorum.yml | 4 +++- upgrade-cluster.yml | 7 +++++++ 5 files changed, 18 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci/lint.yml b/.gitlab-ci/lint.yml index 7d02149e8..170aa02ed 100644 --- a/.gitlab-ci/lint.yml +++ b/.gitlab-ci/lint.yml @@ -11,7 +11,7 @@ ansible-lint: stage: unit-tests # lint every yml/yaml file that looks like it contains Ansible plays script: |- - grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v + grep -Rl '^- hosts: \|^ hosts: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v except: ['triggers', 'master'] syntax-check: diff --git a/cluster.yml b/cluster.yml index d1ccb317c..cc48fe459 100644 --- a/cluster.yml +++ b/cluster.yml @@ -109,5 +109,10 @@ roles: - { role: kubespray-defaults} - { role: kubernetes-apps, tags: apps } - - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true } environment: "{{proxy_env}}" + +- hosts: k8s-cluster + any_errors_fatal: "{{ any_errors_fatal | default(true) }}" + roles: + - { role: kubespray-defaults} + - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true } diff --git a/roles/recover_control_plane/etcd/tasks/prepare.yml b/roles/recover_control_plane/etcd/tasks/prepare.yml index 964ba35dd..0f00f0338 100644 --- a/roles/recover_control_plane/etcd/tasks/prepare.yml +++ b/roles/recover_control_plane/etcd/tasks/prepare.yml @@ -1,5 +1,6 @@ --- - name: Delete old certificates + # noqa 302 - rm is ok here for now shell: "rm /etc/ssl/etcd/ssl/*{{ item }}* /etc/kubernetes/ssl/etcd/*{{ item }}*" with_items: "{{ old_etcds.split(',') }}" register: delete_old_cerificates diff --git a/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml b/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml index 07d407895..beb8b0daf 100644 --- a/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml +++ b/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml @@ -20,7 +20,9 @@ state: stopped - name: Remove etcd data-dir - shell: "rm -rf {{ etcd_data_dir }}" + file: + path: "{{ etcd_data_dir }}" + state: absent - name: Restore etcd snapshot shell: "{{ bin_dir }}/etcdctl snapshot restore /tmp/snapshot.db --name {{ etcd_member_name }} --initial-cluster {{ etcd_member_name }}={{ etcd_peer_url }} --initial-cluster-token k8s_etcd --initial-advertise-peer-urls {{ etcd_peer_url }} --data-dir {{ etcd_data_dir }}" diff --git a/upgrade-cluster.yml b/upgrade-cluster.yml index 395ca049b..4cdbaeb72 100644 --- a/upgrade-cluster.yml +++ b/upgrade-cluster.yml @@ -112,10 +112,17 @@ roles: - { role: kubespray-defaults} - { role: network_plugin/calico/rr, tags: network } + environment: "{{proxy_env}}" - hosts: kube-master any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - { role: kubespray-defaults} - { role: kubernetes-apps, tags: apps } + environment: "{{proxy_env}}" + +- hosts: k8s-cluster + any_errors_fatal: "{{ any_errors_fatal | default(true) }}" + roles: + - { role: kubespray-defaults} - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf }