93 lines
3.0 KiB
YAML
Executable File
93 lines
3.0 KiB
YAML
Executable File
---
|
|
- name: Ensure we have a working directory to save runtime files
|
|
file: "path={{ playbook_dir }}/run state=directory"
|
|
|
|
- name: Setup host couple variables
|
|
set_fact:
|
|
target_interpreter: "/home/core/bin/python"
|
|
wgroups: "cworkers"
|
|
mgroups: "cmasters"
|
|
when: app_env.target_os == "coreos"
|
|
|
|
- name: Setup couple variables
|
|
set_fact:
|
|
target_interpreter: "python"
|
|
wgroups: "uworkers"
|
|
mgroups: "umasters"
|
|
when: app_env.target_os == "ubuntu"
|
|
|
|
- name: Retrieve specified flavor
|
|
os_flavor_facts:
|
|
auth: "{{ auth }}"
|
|
region_name: "{{ app_env.region_name }}"
|
|
availability_zone: "{{ app_env.availability_zone }}"
|
|
validate_certs: "{{ app_env.validate_certs }}"
|
|
name: "{{ app_env.flavor_name }}"
|
|
|
|
- name: Create a key-pair
|
|
os_keypair:
|
|
state: "present"
|
|
auth: "{{ auth }}"
|
|
region_name: "{{ app_env.region_name }}"
|
|
availability_zone: "{{ app_env.availability_zone }}"
|
|
validate_certs: "{{ app_env.validate_certs }}"
|
|
name: "k8s"
|
|
public_key_file: "{{ app_env.public_key_file }}"
|
|
|
|
- name: Create security group
|
|
os_security_group:
|
|
state: present
|
|
auth: "{{ auth }}"
|
|
region_name: "{{ app_env.region_name }}"
|
|
availability_zone: "{{ app_env.availability_zone }}"
|
|
validate_certs: "{{ app_env.validate_certs }}"
|
|
name: k8s_sg
|
|
description: security group for kubernetes cluster
|
|
|
|
- name: Add security rules
|
|
os_security_group_rule:
|
|
state: present
|
|
auth: "{{ auth }}"
|
|
region_name: "{{ app_env.region_name }}"
|
|
availability_zone: "{{ app_env.availability_zone }}"
|
|
validate_certs: "{{ app_env.validate_certs }}"
|
|
security_group: k8s_sg
|
|
protocol: "{{ item.protocol }}"
|
|
direction: "{{ item.dir }}"
|
|
port_range_min: "{{ item.p_min }}"
|
|
port_range_max: "{{ item.p_max }}"
|
|
remote_ip_prefix: 0.0.0.0/0
|
|
with_items:
|
|
- { p_min: 22, p_max: 22, dir: ingress, protocol: tcp }
|
|
- { p_min: 80, p_max: 80, dir: ingress, protocol: tcp }
|
|
- { p_min: 53, p_max: 53, dir: ingress, protocol: udp }
|
|
- { p_min: 53, p_max: 53, dir: egress, protocol: udp }
|
|
- { p_min: 8080, p_max: 8080, dir: ingress, protocol: tcp }
|
|
- { p_min: 8285, p_max: 8285, dir: ingress, protocol: udp }
|
|
- { p_min: 2379, p_max: 2380, dir: ingress, protocol: tcp }
|
|
- { p_min: 2379, p_max: 2380, dir: egress, protocol: tcp }
|
|
- { p_min: 10250, p_max: 10250, dir: ingress, protocol: tcp }
|
|
- { p_min: 30000, p_max: 32767, dir: ingress, protocol: tcp }
|
|
- { p_min: -1, p_max: -1, dir: ingress, protocol: icmp }
|
|
- { p_min: -1, p_max: -1, dir: egress, protocol: icmp }
|
|
|
|
- name: Add provisioning host group
|
|
add_host:
|
|
name: "worker-{{ item }}"
|
|
targetgroup: "{{ wgroups }}"
|
|
ansible_host: "127.0.0.1"
|
|
ansible_python_interpreter: "python"
|
|
groups: "prohosts"
|
|
with_sequence: count={{ app_env.stack_size - 1 }}
|
|
no_log: True
|
|
|
|
- name: Add provisioning host group
|
|
add_host:
|
|
name: "master"
|
|
targetgroup: "{{ mgroups }}"
|
|
ansible_host: "127.0.0.1"
|
|
ansible_python_interpreter: "python"
|
|
groups: "prohosts"
|
|
no_log: True
|
|
|