125 lines
5.8 KiB
YAML
125 lines
5.8 KiB
YAML
---
|
|
#
|
|
# Copyright (c) 2019 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
# ROLE DESCRIPTION:
|
|
# This role is to bring up Kubernetes and essential flock services required
|
|
# initial controller unlock.
|
|
#
|
|
|
|
- block:
|
|
- name: Set facts for IP address provisioning against loopback interface
|
|
set_fact:
|
|
mgmt_virtual: "{{ derived_network_params.controller_0_address }}/{{ management_subnet_prefix }}"
|
|
cluster_virtual: "{{ controller_0_cluster_host }}/{{ cluster_subnet_prefix }}"
|
|
pxe_virtual: "{{ controller_pxeboot_floating_address }}/{{ pxe_subnet_prefix }}"
|
|
cluster_floating_virtual: "{{ cluster_floating_address }}/{{ cluster_subnet_prefix }}"
|
|
mgmt_floating_virtual: "{{ controller_floating_address }}/{{ management_subnet_prefix }}"
|
|
mgmt_nfs_1_virtual: "{{ derived_network_params.nfs_management_address_1 }}/{{ management_subnet_prefix }}"
|
|
mgmt_nfs_2_virtual: "{{ derived_network_params.nfs_management_address_2 }}/{{ management_subnet_prefix }}"
|
|
|
|
- name: Add loopback interface
|
|
# Had to resort to shell module as source is an internal shell command
|
|
shell: "{{ item }}"
|
|
with_items:
|
|
- source /etc/platform/openrc; system host-if-add controller-0 lo virtual none lo -c platform --networks mgmt -m 1500
|
|
- source /etc/platform/openrc; system host-if-modify controller-0 -c platform --networks cluster-host lo
|
|
- "ip addr add {{ cluster_virtual }} brd {{ cluster_broadcast }} dev lo scope host label lo:5"
|
|
- "ip addr add {{ mgmt_virtual }} brd {{ management_broadcast }} dev lo scope host label lo:1"
|
|
- "ip addr add {{ pxe_virtual }} dev lo scope host"
|
|
- "ip addr add {{ cluster_floating_virtual }} dev lo scope host"
|
|
- "ip addr add {{ mgmt_floating_virtual }} dev lo scope host"
|
|
- "ip addr add {{ mgmt_nfs_1_virtual }} dev lo scope host"
|
|
- "ip addr add {{ mgmt_nfs_2_virtual }} dev lo scope host"
|
|
|
|
- name: Refresh local DNS (i.e. /etc/hosts)
|
|
include: refresh_local_dns.yml
|
|
|
|
- name: Load images from archives if configured
|
|
include: load_images_from_archive.yml
|
|
when: images_archive_exists
|
|
|
|
- block:
|
|
- name: Bring up Kubernetes master
|
|
include: bringup_kubemaster.yml
|
|
|
|
- name: Bring up Helm
|
|
include: bringup_helm.yml
|
|
|
|
- name: Set up controller registry certificate and keys
|
|
include: setup_registry_certificate_and_keys.yml
|
|
|
|
- name: Bring up essential flock services
|
|
include: bringup_flock_services.yml
|
|
|
|
when: (not replayed) or (restart_services)
|
|
|
|
- name: Set dnsmasq.leases flag for unlock
|
|
file:
|
|
path: "{{ config_permdir }}/dnsmasq.leases"
|
|
state: touch
|
|
|
|
- name: Update resolv.conf file for unlock
|
|
lineinfile:
|
|
path: /etc/resolv.conf
|
|
line: "nameserver {{ controller_floating_address }}"
|
|
insertbefore: BOF
|
|
|
|
when: (not replayed) or (network_config_update) or (docker_config_update)
|
|
|
|
|
|
- block:
|
|
- name: Remove config file from previous play
|
|
file:
|
|
path: /tmp/last_bootstrap_config.yml
|
|
state: absent
|
|
|
|
- name: Save the current system and network config for reference in subsequent replays
|
|
lineinfile:
|
|
# This file should be cleared upon host reboot
|
|
path: /tmp/last_bootstrap_config.yml
|
|
line: "{{ item }}"
|
|
create: yes
|
|
with_items:
|
|
- "prev_system_mode: {{ system_mode }}"
|
|
- "prev_timezone: {{ timezone }}"
|
|
- "prev_dynamic_address_allocation: {{ dynamic_address_allocation }}"
|
|
- "prev_pxeboot_subnet: {{ pxeboot_subnet }}"
|
|
- "prev_management_subnet: {{ management_subnet }}"
|
|
- "prev_cluster_host_subnet: {{ cluster_host_subnet }}"
|
|
- "prev_cluster_pod_subnet: {{ cluster_pod_subnet }}"
|
|
- "prev_cluster_service_subnet: {{ cluster_service_subnet }}"
|
|
- "prev_external_oam_subnet: {{ external_oam_subnet }}"
|
|
- "prev_external_oam_gateway_address: {{ external_oam_gateway_address }}"
|
|
- "prev_external_oam_floating_address: {{ external_oam_floating_address }}"
|
|
- "prev_management_multicast_subnet: {{ management_multicast_subnet }}"
|
|
- "prev_dns_servers: {{ dns_servers | join(',') }}"
|
|
- "prev_docker_registries: {{ docker_registries | join(',') }}"
|
|
- "prev_docker_http_proxy: {{ docker_http_proxy }}"
|
|
- "prev_docker_https_proxy: {{ docker_https_proxy }}"
|
|
- "prev_docker_no_proxy: {{ docker_no_proxy | join(',') }}"
|
|
- "prev_admin_username: {{ username | hash('sha1') }}"
|
|
- "prev_admin_password: {{ password | hash('sha1') }}"
|
|
# Store the addresses as values determined in prepare-env stage not as merged values in
|
|
# validate-config stage as the latter requires subnet validation.
|
|
- "prev_pxeboot_start_address: {{ pxeboot_start_address }}"
|
|
- "prev_pxeboot_end_address: {{ pxeboot_end_address }}"
|
|
- "prev_management_start_address: {{ management_start_address }}"
|
|
- "prev_management_end_address: {{ management_end_address }}"
|
|
- "prev_cluster_host_start_address: {{ cluster_host_start_address }}"
|
|
- "prev_cluster_host_end_address: {{ cluster_host_end_address }}"
|
|
- "prev_cluster_pod_start_address: {{ cluster_pod_start_address }}"
|
|
- "prev_cluster_pod_end_address: {{ cluster_pod_end_address }}"
|
|
- "prev_cluster_service_start_address: {{ cluster_service_start_address }}"
|
|
- "prev_cluster_service_end_address: {{ cluster_service_end_address }}"
|
|
- "prev_external_oam_start_address: {{ external_oam_start_address }}"
|
|
- "prev_external_oam_end_address: {{ external_oam_end_address }}"
|
|
- "prev_management_multicast_start_address: {{ management_multicast_start_address }}"
|
|
- "prev_management_multicast_end_address: {{ management_multicast_end_address }}"
|
|
- "prev_external_oam_node_0_address: {{ external_oam_node_0_address }}"
|
|
- "prev_external_oam_node_1_address: {{ external_oam_node_1_address }}"
|
|
|
|
when: save_config
|