vexxhost/kue
Code Issues Proposed changes
eddb78f48a
kue/ansible/site.yaml
Mohammed Naser 0e75d72e3e k8s: check for nodes to be ready in playbooks 
We don't need to check if the cluster is ready in CI, it should
happen inside the library.

Change-Id: I6d600d49bde919852a8161b5409ad8ea9efa0147
2019-08-23 11:38:29 -04:00

179 lines
5.0 KiB
YAML
Raw Blame History

---
# Copyright 2019 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Bootstrap nodes
hosts: all
strategy: free
tasks:
- name: Disable swap
become: true
shell: swapoff -a
- name: Enable forwarding
become: true
shell: iptables -P FORWARD ACCEPT
- name: Add repository keys
become: true
apt_key:
url: "{{ item }}"
state: present
loop:
- https://download.docker.com/linux/ubuntu/gpg
- https://packages.cloud.google.com/apt/doc/apt-key.gpg
- name: Add repository
become: true
apt_repository:
repo: "{{ item }}"
state: present
loop:
- "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
- "deb https://apt.kubernetes.io/ kubernetes-xenial main"
- name: Install packages
become: true
apt:
name:
- docker-ce=18.06.2~ce~3-0~ubuntu
- kubelet=1.15.2-00
- kubeadm=1.15.2-00
- kubectl=1.15.2-00
- name: Enable services
become: true
service:
name: "{{ item }}"
state: started
enabled: true
loop:
- docker
- kubelet
- name: Setup resolvers
become: true
copy:
dest: /etc/kubernetes/resolv.conf
content: |
nameserver 1.1.1.1
- name: Bootstrap cluster
hosts: masters[0]
gather_facts: false
tasks:
- name: Wait for bootstrap node to go up
wait_for_connection:
timeout: 300
- name: Drop configuration file
become: true
template:
src: kubeadm.conf.j2
dest: /etc/kubernetes/kubeadm.conf
- name: Initialize cluster
become: true
shell: |
kubeadm init --config /etc/kubernetes/kubeadm.conf
args:
creates: /etc/kubernetes/manifests/kube-apiserver.yaml
- name: Join nodes to cluster
hosts: all:!masters[0]
strategy: free
gather_facts: false
tasks:
- name: Wait for nodes to go up
wait_for_connection:
timeout: 300
- name: Check if we're already part of the cluster
become: true
register: apiserver_stat
stat:
path: /etc/kubernetes/kubelet.conf
- name: Generate token for cluster join
become: true
delegate_to: "{{ groups['masters'][0] }}"
register: kubeadm_token_create
shell: kubeadm token create --ttl 5m --print-join-command
when:
- not apiserver_stat.stat.exists
# NOTE(mnaser): There is no clean way to get the CA hash from kubeadm :(
# https://github.com/kubernetes/kubeadm/issues/659
- name: Parse token and hash facts
set_fact:
kubeadm_apiserver: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\1') | first }}"
kubeadm_token: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\2') | first }}"
kubeadm_hash: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\3') | first }}"
vars:
regex: 'kubeadm\s+join\s+([^\s]+)\s+--token\s+([^\s]+)\s+--discovery-token-ca-cert-hash\s+([^\s]+)'
when:
- not apiserver_stat.stat.exists
- name: Drop configuration file
become: true
template:
src: kubeadm.conf.j2
dest: /etc/kubernetes/kubeadm.conf
when:
- not apiserver_stat.stat.exists
- name: Join cluster
become: true
shell: kubeadm join --config /etc/kubernetes/kubeadm.conf
when:
- not apiserver_stat.stat.exists
- name: Configure administration access
hosts: masters
gather_facts: false
tasks:
- name: Create configuration folders
file:
path: "/home/{{ ansible_user }}/{{ item }}"
state: directory
loop:
- .kube
- manifests
- name: Copy configuration file
become: true
copy:
src: /etc/kubernetes/admin.conf
dest: "/home/{{ ansible_user }}/.kube/config"
remote_src: true
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: Install manifests
hosts: masters
gather_facts: false
tasks:
- name: Apply flannel configuration
run_once: true
changed_when: false
shell: |
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
- name: Wait for all nodes to get ready
run_once: true
shell: kubectl get nodes
register: _kubectl_get_nodes
retries: 30
delay: 3
until: '"NotReady" not in _kubectl_get_nodes.stdout'
View Git Blame Copy Permalink