Smaine Kahlouch
commit
c05c60a5d2
|
|
@ -36,9 +36,6 @@ These defaults are good for tests purposes.
|
|||
|
||||
Edit the inventory according to the number of servers
|
||||
```
|
||||
[downloader]
|
||||
localhost ansible_connection=local ansible_python_interpreter=python2
|
||||
|
||||
[kube-master]
|
||||
10.115.99.31
|
||||
|
||||
|
|
@ -77,9 +74,6 @@ In node-mesh mode the nodes peers with all the nodes in order to exchange routes
|
|||
|
||||
```
|
||||
|
||||
[downloader]
|
||||
localhost ansible_connection=local ansible_python_interpreter=python2
|
||||
|
||||
[kube-master]
|
||||
node1 ansible_ssh_host=10.99.0.26
|
||||
node2 ansible_ssh_host=10.99.0.27
|
||||
|
|
|
|||
|
|
@ -1,10 +1,7 @@
|
|||
---
|
||||
- hosts: downloader
|
||||
roles:
|
||||
- { role: download, tags: download }
|
||||
|
||||
- hosts: k8s-cluster
|
||||
roles:
|
||||
- { role: download, tags: download }
|
||||
- { role: kubernetes/preinstall, tags: preinstall }
|
||||
- { role: docker, tags: docker }
|
||||
- { role: kubernetes/node, tags: node }
|
||||
|
|
|
|||
|
|
@ -1,6 +1,3 @@
|
|||
[downloader]
|
||||
localhost ansible_connection=local ansible_python_interpreter=python2
|
||||
|
||||
[kube-master]
|
||||
node1 ansible_ssh_host=10.99.0.26
|
||||
node2 ansible_ssh_host=10.99.0.27
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
node1 ansible_connection=local local_release_dir={{ansible_env.HOME}}/releases
|
||||
|
||||
[downloader]
|
||||
node1
|
||||
|
||||
[kube-master]
|
||||
node1
|
||||
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit d6df09a89721d98e2969a8abf29b4eb5e787fca6
|
||||
Subproject commit b5015aed8ff5eed9c325911205cfbb23ad0e57be
|
||||
|
|
@ -1,6 +1,10 @@
|
|||
---
|
||||
local_release_dir: /tmp
|
||||
|
||||
# This is the group that the cert creation scripts chgrp the
|
||||
# cert files to. Not really changable...
|
||||
kube_cert_group: kube-cert
|
||||
|
||||
# Versions
|
||||
kube_version: v1.1.4
|
||||
etcd_version: v2.2.4
|
||||
|
|
@ -25,24 +29,34 @@ downloads:
|
|||
dest: calico/bin/calicoctl
|
||||
sha256: "{{ calico_checksum }}"
|
||||
url: "{{ calico_download_url }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: calico-plugin
|
||||
dest: calico/bin/calico
|
||||
sha256: "{{ calico_plugin_checksum }}"
|
||||
url: "{{ calico_plugin_download_url }}"
|
||||
owner: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: etcd
|
||||
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
|
||||
sha256: "{{ etcd_checksum }}"
|
||||
url: "{{ etcd_download_url }}"
|
||||
unarchive: true
|
||||
owner: "etcd"
|
||||
mode: "0755"
|
||||
|
||||
- name: kubernetes-kubelet
|
||||
dest: kubernetes/bin/kubelet
|
||||
sha256: "{{kubelet_checksum}}"
|
||||
url: "{{ kube_download_url }}/kubelet"
|
||||
owner: "kube"
|
||||
mode: "0755"
|
||||
|
||||
- name: kubernetes-kubectl
|
||||
dest: kubernetes/bin/kubectl
|
||||
sha256: "{{kubectl_checksum}}"
|
||||
url: "{{ kube_download_url }}/kubectl"
|
||||
owner: "kube"
|
||||
mode: "0755"
|
||||
|
|
|
|||
|
|
@ -1,4 +1,22 @@
|
|||
---
|
||||
- name: certs | create system kube-cert groups
|
||||
group: name={{ kube_cert_group }} state=present system=yes
|
||||
|
||||
- name: Create system kube user
|
||||
user:
|
||||
name=kube
|
||||
comment="Kubernetes user"
|
||||
shell=/sbin/nologin
|
||||
state=present
|
||||
system=yes
|
||||
groups={{ kube_cert_group }}
|
||||
|
||||
- name: Create etcd user
|
||||
user:
|
||||
name: etcd
|
||||
shell: /bin/nologin
|
||||
home: /var/lib/etcd
|
||||
|
||||
- name: Create dest directories
|
||||
file: path={{local_release_dir}}/{{item.dest|dirname}} state=directory recurse=yes
|
||||
with_items: downloads
|
||||
|
|
@ -8,6 +26,8 @@
|
|||
url: "{{item.url}}"
|
||||
dest: "{{local_release_dir}}/{{item.dest}}"
|
||||
sha256sum: "{{item.sha256 | default(omit)}}"
|
||||
owner: "{{ item.owner|default(omit) }}"
|
||||
mode: "{{ item.mode|default(omit) }}"
|
||||
with_items: downloads
|
||||
|
||||
- name: Extract archives
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- name: Copy etcd.service systemd file
|
||||
- name: Configure | Copy etcd.service systemd file
|
||||
template:
|
||||
src: etcd.service.j2
|
||||
dest: /lib/systemd/system/etcd.service
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
notify:
|
||||
- restart systemd-etcd
|
||||
|
||||
- name: Write calico-node initd script
|
||||
- name: Configure | Write calico-node initd script
|
||||
template:
|
||||
src: deb-etcd.initd.j2
|
||||
dest: /etc/init.d/etcd
|
||||
|
|
@ -17,11 +17,11 @@
|
|||
when: init_system == "sysvinit" and ansible_os_family == "Debian"
|
||||
notify: restart etcd
|
||||
|
||||
- name: Create etcd environment vars file
|
||||
- name: Configure | Create etcd environment vars file
|
||||
template:
|
||||
src: etcd.j2
|
||||
dest: /etc/etcd.env
|
||||
notify: restart etcd
|
||||
|
||||
- name: Ensure etcd is running
|
||||
- name: Configure | Ensure etcd is running
|
||||
service: name=etcd state=started enabled=yes
|
||||
|
|
|
|||
|
|
@ -1,17 +1,8 @@
|
|||
---
|
||||
- name: Create etcd user
|
||||
user: name=etcd shell=/bin/nologin home=/var/lib/etcd
|
||||
|
||||
- name: Install etcd binaries
|
||||
synchronize:
|
||||
src: "{{ etcd_bin_dir }}/{{ item }}"
|
||||
dest: "{{ bin_dir }}"
|
||||
times: yes
|
||||
archive: no
|
||||
set_remote_user: false
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
- name: INSTALL | Copy etcd binaries
|
||||
command: cp -pf "{{ etcd_bin_dir }}/{{ item }}" "{{ bin_dir }}"
|
||||
with_items:
|
||||
- etcdctl
|
||||
- etcd
|
||||
changed_when: false
|
||||
notify: restart etcd
|
||||
|
||||
|
|
|
|||
|
|
@ -5,17 +5,9 @@
|
|||
dest: /etc/bash_completion.d/kubectl.sh
|
||||
|
||||
- name: Install kubectl binary
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/kubernetes/bin/kubectl"
|
||||
dest: "{{ bin_dir }}/kubectl"
|
||||
archive: no
|
||||
checksum: yes
|
||||
times: yes
|
||||
set_remote_user: false
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
|
||||
- name: Perms kubectl binary
|
||||
file: path={{ bin_dir }}/kubectl owner=kube mode=0755 state=file
|
||||
command: cp -pf "{{ local_release_dir }}/kubernetes/bin/kubectl" "{{ bin_dir }}/kubectl"
|
||||
changed_when: false
|
||||
notify: restart kubelet
|
||||
|
||||
- name: populate users for basic auth in API
|
||||
lineinfile:
|
||||
|
|
@ -46,8 +38,7 @@
|
|||
template:
|
||||
src: manifests/kube-apiserver.manifest.j2
|
||||
dest: "{{ kube_manifest_dir }}/kube-apisever.manifest"
|
||||
notify:
|
||||
- restart kubelet
|
||||
notify: restart kubelet
|
||||
|
||||
- meta: flush_handlers
|
||||
|
||||
|
|
|
|||
|
|
@ -18,34 +18,16 @@
|
|||
notify: restart kubelet
|
||||
|
||||
- name: install | Install kubelet binary
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/kubernetes/bin/kubelet"
|
||||
dest: "{{ bin_dir }}/kubelet"
|
||||
times: yes
|
||||
archive: no
|
||||
set_remote_user: false
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
notify:
|
||||
- restart kubelet
|
||||
|
||||
- name: install | Perms kubelet binary
|
||||
file: path={{ bin_dir }}/kubelet owner=kube mode=0755 state=file
|
||||
command: cp -pf "{{ local_release_dir }}/kubernetes/bin/kubelet" "{{ bin_dir }}/kubelet"
|
||||
changed_when: false
|
||||
notify: restart kubelet
|
||||
|
||||
- name: install | Calico-plugin | Directory
|
||||
file: path=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/ state=directory
|
||||
when: kube_network_plugin == "calico"
|
||||
|
||||
- name: install | Calico-plugin | Binary
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/calico/bin/calico"
|
||||
dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
|
||||
times: yes
|
||||
archive: no
|
||||
set_remote_user: false
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
command: cp -pf "{{ local_release_dir }}/calico/bin/calico" "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
|
||||
when: kube_network_plugin == "calico"
|
||||
changed_when: false
|
||||
notify: restart kubelet
|
||||
|
||||
- name: install | Perms calico plugin binary
|
||||
file: path=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico owner=kube mode=0755 state=file
|
||||
when: kube_network_plugin == "calico"
|
||||
|
|
|
|||
|
|
@ -12,15 +12,6 @@
|
|||
- name: certs | create system kube-cert groups
|
||||
group: name={{ kube_cert_group }} state=present system=yes
|
||||
|
||||
- name: create system kube user
|
||||
user:
|
||||
name=kube
|
||||
comment="Kubernetes user"
|
||||
shell=/sbin/nologin
|
||||
state=present
|
||||
system=yes
|
||||
groups={{ kube_cert_group }}
|
||||
|
||||
- include: secrets.yml
|
||||
tags:
|
||||
- secrets
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
- name: "Identify init system"
|
||||
shell: >
|
||||
$(pgrep systemd > /dev/null && systemctl status network > /dev/null);
|
||||
$(pgrep systemd > /dev/null && systemctl status network.target > /dev/null);
|
||||
if [ $? -eq 0 ] ; then
|
||||
echo systemd;
|
||||
else
|
||||
|
|
|
|||
|
|
@ -1,12 +1,7 @@
|
|||
---
|
||||
- name: Calico | Install calicoctl bin
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/calico/bin/calicoctl"
|
||||
dest: "{{ bin_dir }}/calicoctl"
|
||||
archive: no
|
||||
times: yes
|
||||
set_remote_user: false
|
||||
delegate_to: "{{ groups['downloader'][0] }}"
|
||||
command: cp -pf "{{ local_release_dir }}/calico/bin/calicoctl" "{{ bin_dir }}/calicoctl"
|
||||
changed_when: false
|
||||
notify: restart calico-node
|
||||
|
||||
- name: Calico | install calicoctl
|
||||
|
|
|
|||
Loading…
Reference in New Issue