richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4354 Commits
29 Branches
80 Tags
156 MiB
Tree: 4d57ed314d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4d57ed314d'
${ noResults }
kubespray/roles/kubernetes/master/tasks/kubeadm-secondary-experimen...

63 lines
2.0 KiB
Raw Normal View History

Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Fix control plane setup without a hardcoded key (#4610)
5 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
  1. ---
  2. - name: Set kubeadm_discovery_address
  3. set_fact:
  4. kubeadm_discovery_address: >-
  5. {%- if "127.0.0.1" in kube_apiserver_endpoint or "localhost" in kube_apiserver_endpoint -%}
  6. {{ first_kube_master }}:{{ kube_apiserver_port }}
  7. {%- else -%}
  8. {{ kube_apiserver_endpoint }}
  9. {%- endif %}
  10. tags:
  11. - facts
  13. - name: Create kubeadm ControlPlane config
  14. template:
  15. src: "kubeadm-controlplane.{{ kubeadmConfig_api_version }}.yaml.j2"
  16. dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml"
  17. backup: yes
  18. when:
  19. - inventory_hostname != groups['kube-master']|first
  20. - not kubeadm_already_run.stat.exists
  22. - name: Wait for k8s apiserver
  23. wait_for:
  24. host: "{{kubeadm_discovery_address.split(':')[0]}}"
  25. port: "{{kubeadm_discovery_address.split(':')[1]}}"
  26. timeout: 180
  29. - name: Upload certificates so they are fresh and not expired
  30. command: >-
  31. {{ bin_dir }}/kubeadm init phase
  32. --config {{ kube_config_dir}}/kubeadm-config.yaml
  33. upload-certs --experimental-upload-certs
  34. {% if kubeadm_certificate_key is defined %}
  35. --certificate-key={{ kubeadm_certificate_key }}
  36. {% endif %}
  37. run_once: yes
  38. register: kubeadm_upload_cert
  39. delegate_to: "{{ groups['kube-master'][0] }}"
  41. - name: Parse certificate key if not set
  42. set_fact:
  43. kubeadm_certificate_key: "{{ hostvars[groups['kube-master'][0]]['kubeadm_upload_cert'].stdout_lines[-1] | trim }}"
  44. when: kubeadm_certificate_key is undefined
  46. - name: Joining control plane node to the cluster.
  47. command: >-
  48. {{ bin_dir }}/kubeadm join
  49. --config {{ kube_config_dir}}/kubeadm-controlplane.yaml
  50. --ignore-preflight-errors=all
  51. {% if kubeadm_certificate_key is defined %}
  52. --certificate-key={{ kubeadm_certificate_key }}
  53. {% endif %}
  54. register: kubeadm_join_control_plane
  55. when:
  56. - inventory_hostname != groups['kube-master']|first
  57. - not kubeadm_already_run.stat.exists
  58. environment:
  59. PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
  61. - name: Set secret_changed to false to avoid extra token rotation
  62. set_fact:
  63. secret_changed: false