You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

108 lines
4.0 KiB

  1. ---
  2. - name: Check ansible version
  3. import_playbook: ansible_version.yml
  4. - name: Add kube-master nodes to kube_control_plane
  5. # This is for old inventory which contains kube-master instead of kube_control_plane
  6. hosts: kube-master
  7. gather_facts: false
  8. tasks:
  9. - name: add nodes to kube_control_plane group
  10. group_by:
  11. key: 'kube_control_plane'
  12. - hosts: bastion[0]
  13. gather_facts: False
  14. environment: "{{ proxy_disable_env }}"
  15. roles:
  16. - { role: kubespray-defaults }
  17. - { role: bastion-ssh-config, tags: ["localhost", "bastion"] }
  18. - name: Bootstrap any new workers
  19. hosts: kube-node
  20. strategy: linear
  21. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  22. gather_facts: false
  23. environment: "{{ proxy_disable_env }}"
  24. roles:
  25. - { role: kubespray-defaults }
  26. - { role: bootstrap-os, tags: bootstrap-os }
  27. - name: Gather facts
  28. tags: always
  29. import_playbook: facts.yml
  30. - name: Generate the etcd certificates beforehand
  31. hosts: etcd
  32. gather_facts: False
  33. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  34. environment: "{{ proxy_disable_env }}"
  35. roles:
  36. - { role: kubespray-defaults }
  37. - { role: etcd, tags: etcd, etcd_cluster_setup: false }
  38. - name: Download images to ansible host cache via first kube_control_plane node
  39. hosts: kube_control_plane[0]
  40. gather_facts: False
  41. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  42. environment: "{{ proxy_disable_env }}"
  43. roles:
  44. - { role: kubespray-defaults, when: "not skip_downloads and download_run_once and not download_localhost" }
  45. - { role: kubernetes/preinstall, tags: preinstall, when: "not skip_downloads and download_run_once and not download_localhost" }
  46. - { role: download, tags: download, when: "not skip_downloads and download_run_once and not download_localhost" }
  47. - name: Target only workers to get kubelet installed and checking in on any new nodes(engine)
  48. hosts: kube-node
  49. gather_facts: False
  50. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  51. environment: "{{ proxy_disable_env }}"
  52. roles:
  53. - { role: kubespray-defaults }
  54. - { role: kubernetes/preinstall, tags: preinstall }
  55. - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) }
  56. - { role: download, tags: download, when: "not skip_downloads" }
  57. - { role: etcd, tags: etcd, etcd_cluster_setup: false, when: "not etcd_kubeadm_enabled|default(false)" }
  58. - name: Target only workers to get kubelet installed and checking in on any new nodes(node)
  59. hosts: kube-node
  60. gather_facts: False
  61. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  62. environment: "{{ proxy_disable_env }}"
  63. roles:
  64. - { role: kubespray-defaults }
  65. - { role: kubernetes/node, tags: node }
  66. - name: Upload control plane certs and retrieve encryption key
  67. hosts: kube_control_plane | first
  68. environment: "{{ proxy_disable_env }}"
  69. gather_facts: False
  70. tags: kubeadm
  71. roles:
  72. - { role: kubespray-defaults }
  73. tasks:
  74. - name: include needed vars
  75. include_vars: roles/kubespray-defaults/defaults/main.yaml
  76. - name: Upload control plane certificates
  77. command: >-
  78. {{ bin_dir }}/kubeadm init phase
  79. --config {{ kube_config_dir }}/kubeadm-config.yaml
  80. upload-certs
  81. --upload-certs
  82. environment: "{{ proxy_disable_env }}"
  83. register: kubeadm_upload_cert
  84. changed_when: false
  85. - name: set fact 'kubeadm_certificate_key' for later use
  86. set_fact:
  87. kubeadm_certificate_key: "{{ kubeadm_upload_cert.stdout_lines[-1] | trim }}"
  88. when: kubeadm_certificate_key is not defined
  89. - name: Target only workers to get kubelet installed and checking in on any new nodes(network)
  90. hosts: kube-node
  91. gather_facts: False
  92. any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  93. environment: "{{ proxy_disable_env }}"
  94. roles:
  95. - { role: kubespray-defaults }
  96. - { role: kubernetes/kubeadm, tags: kubeadm }
  97. - { role: network_plugin, tags: network }
  98. - { role: kubernetes/node-label, tags: node-label }