richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5369 Commits
29 Branches
81 Tags
147 MiB
Tree: 081a9e7bd8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '081a9e7bd8'
${ noResults }
kubespray/roles/recover_control_plane/etcd/tasks/main.yml

91 lines
3.0 KiB
Raw Normal View History

Documentation and playbook for recovering control plane from node failure (#4146)
5 years ago
Fix ansible-lint E305 (#6459)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Explicitly set ETCDCTL_API and use ETCDCTL_ENDPOINTS (#6327)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Fixup recover_control_plane with Ansible 2.9 (#5806) Tests as filters support is removed as of Ansible 2.9 https://docs.ansible.com/ansible/latest/porting_guides/porting_guide_2.5.html#jinja-tests-used-as-filters Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Upgrade etcd to 3.4.3 (#5998)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Upgrade etcd to 3.4.3 (#5998)
4 years ago
Documentation and playbook for recovering control plane from node failure (#4146)
5 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Fix ansible-lint E305 (#6459)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Explicitly set ETCDCTL_API and use ETCDCTL_ENDPOINTS (#6327)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Fix ansible-lint E305 (#6459)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
Explicitly set ETCDCTL_API and use ETCDCTL_ENDPOINTS (#6327)
4 years ago
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500) * Fix recover-control-plane to work with etcd 3.3.x and add CI * Set default values for testcase * Add actual test jobs * Attempt to satisty gitlab ci linter * Fix ansible targets * Set etcd_member_name as stated in the docs... * Recovering from 0 masters is not supported yet * Add other master to broken_kube-master group as well * Increase number of retries to see if etcd needs more time to heal * Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
4 years ago
  1. ---
  2. - name: Get etcd endpoint health
  3. command: "{{ bin_dir }}/etcdctl endpoint health"
  4. register: etcd_endpoint_health
  5. ignore_errors: true
  6. changed_when: false
  7. check_mode: no
  8. environment:
  9. ETCDCTL_API: 3
  10. ETCDCTL_ENDPOINTS: "{{ etcd_access_addresses }}"
  11. ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
  12. ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
  13. ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
  14. when:
  15. - groups['broken_etcd']
  17. - name: Set healthy fact
  18. set_fact:
  19. healthy: "{{ etcd_endpoint_health.stderr is match('Error: unhealthy cluster') }}"
  20. when:
  21. - groups['broken_etcd']
  23. # When there is an error, everything is printed in stderr_lines, even "is healthy" messages.
  24. - name: Set has_quorum fact
  25. set_fact:
  26. has_quorum: "{{ etcd_endpoint_health.stderr_lines | select('match', '.*is healthy.*') | list | length >= etcd_endpoint_health.stderr_lines | select('match', '.*is unhealthy.*') | list | length }}"
  28. - include_tasks: recover_lost_quorum.yml
  29. when:
  30. - groups['broken_etcd']
  31. - not has_quorum
  33. - name: Remove etcd data dir
  34. file:
  35. path: "{{ etcd_data_dir }}"
  36. state: absent
  37. delegate_to: "{{ item }}"
  38. with_items: "{{ groups['broken_etcd'] }}"
  39. when:
  40. - groups['broken_etcd']
  41. - has_quorum
  43. - name: Delete old certificates
  44. # noqa 302 - rm is ok here for now
  45. shell: "rm {{ etcd_cert_dir }}/*{{ item }}*"
  46. with_items: "{{ groups['broken_etcd'] }}"
  47. register: delete_old_cerificates
  48. ignore_errors: true
  49. when: groups['broken_etcd']
  51. - name: Fail if unable to delete old certificates
  52. fail:
  53. msg: "Unable to delete old certificates for: {{ item.item }}"
  54. loop: "{{ delete_old_cerificates.results }}"
  55. changed_when: false
  56. when:
  57. - groups['broken_etcd']
  58. - "item.rc != 0 and not 'No such file or directory' in item.stderr"
  60. - name: Get etcd cluster members
  61. command: "{{ bin_dir }}/etcdctl member list"
  62. register: member_list
  63. changed_when: false
  64. check_mode: no
  65. environment:
  66. ETCDCTL_API: 3
  67. ETCDCTL_ENDPOINTS: "{{ etcd_access_addresses }}"
  68. ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
  69. ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
  70. ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
  71. when:
  72. - groups['broken_etcd']
  73. - not healthy
  74. - has_quorum
  76. - name: Remove broken cluster members
  77. command: "{{ bin_dir }}/etcdctl member remove {{ item[1].replace(' ','').split(',')[0] }}"
  78. environment:
  79. ETCDCTL_API: 3
  80. ETCDCTL_ENDPOINTS: "{{ etcd_access_addresses }}"
  81. ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
  82. ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
  83. ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
  84. with_nested:
  85. - "{{ groups['broken_etcd'] }}"
  86. - "{{ member_list.stdout_lines }}"
  87. when:
  88. - groups['broken_etcd']
  89. - not healthy
  90. - has_quorum
  91. - hostvars[item[0]]['etcd_member_name'] == item[1].replace(' ','').split(',')[2]