richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2466 Commits
29 Branches
81 Tags
149 MiB
Tree: bd1f0bcfd7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bd1f0bcfd7'
${ noResults }
kubespray/roles/kubernetes/kubeadm/tasks/main.yml

63 lines
2.0 KiB
Raw Normal View History

kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Normalize tags in all places to prepare for tag fixing in future (#1739)
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Enable HA deploy of kubeadm (#1658) * Enable HA deploy of kubeadm * raise delay to 60s for starting gce hosts
7 years ago
Update Kubernetes to v1.9.0 (#2100) Update checksum for kubeadm Use v1.9.0 kubeadm params Include hash of ca.crt for kubeadm join Update tag for testing upgrades Add workaround for testing upgrades Remove scale CI scenarios because of slow inventory parsing in ansible 2.4.x. Change region for tests to us-central1 to improve ansible performance
6 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Update Kubernetes to v1.9.0 (#2100) Update checksum for kubeadm Use v1.9.0 kubeadm params Include hash of ca.crt for kubeadm join Update tag for testing upgrades Add workaround for testing upgrades Remove scale CI scenarios because of slow inventory parsing in ansible 2.4.x. Change region for tests to us-central1 to improve ansible performance
6 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Enable HA deploy of kubeadm (#1658) * Enable HA deploy of kubeadm * raise delay to 60s for starting gce hosts
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Fix scale.yml to supoort kubeadm (#1863) Signed-off-by: Haiwei Liu <carllhw@gmail.com>
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Fix scale.yml to supoort kubeadm (#1863) Signed-off-by: Haiwei Liu <carllhw@gmail.com>
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
  1. ---
  2. - name: Set kubeadm_discovery_address
  3. set_fact:
  4. kubeadm_discovery_address: >-
  5. {%- if "127.0.0.1" or "localhost" in kube_apiserver_endpoint -%}
  6. {{ first_kube_master }}:{{ kube_apiserver_port }}
  7. {%- else -%}
  8. {{ kube_apiserver_endpoint }}
  9. {%- endif %}
  10. when: not is_kube_master
  11. tags:
  12. - facts
  14. - name: Check if kubelet.conf exists
  15. stat:
  16. path: "{{ kube_config_dir }}/kubelet.conf"
  17. register: kubelet_conf
  19. - name: Calculate kubeadm CA cert hash
  20. shell: openssl x509 -pubkey -in {{ kube_config_dir }}/ssl/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
  21. register: kubeadm_ca_hash
  22. delegate_to: "{{ groups['kube-master'][0] }}"
  23. run_once: true
  25. - name: Create kubeadm client config
  26. template:
  27. src: kubeadm-client.conf.j2
  28. dest: "{{ kube_config_dir }}/kubeadm-client.conf"
  29. backup: yes
  30. when: not is_kube_master
  31. register: kubeadm_client_conf
  33. - name: Join to cluster if needed
  34. command: >-
  35. {{ bin_dir }}/kubeadm join
  36. --config {{ kube_config_dir}}/kubeadm-client.conf
  37. --ignore-preflight-errors=all
  38. register: kubeadm_join
  39. when: not is_kube_master and (kubeadm_client_conf.changed or not kubelet_conf.stat.exists)
  41. - name: Wait for kubelet bootstrap to create config
  42. wait_for:
  43. path: "{{ kube_config_dir }}/kubelet.conf"
  44. delay: 1
  45. timeout: 60
  47. - name: Update server field in kubelet kubeconfig
  48. replace:
  49. path: "{{ kube_config_dir }}/kubelet.conf"
  50. regexp: '(\s+)https://{{ first_kube_master }}:{{ kube_apiserver_port }}(\s+.*)?$'
  51. replace: '\1{{ kube_apiserver_endpoint }}\2'
  52. backup: yes
  53. when: not is_kube_master and kubeadm_discovery_address != kube_apiserver_endpoint
  54. notify: restart kubelet
  56. # FIXME(mattymo): Reconcile kubelet kubeconfig filename for both deploy modes
  57. - name: Symlink kubelet kubeconfig for calico/canal
  58. file:
  59. src: "{{ kube_config_dir }}//kubelet.conf"
  60. dest: "{{ kube_config_dir }}/node-kubeconfig.yaml"
  61. state: link
  62. force: yes
  63. when: kube_network_plugin in ['calico','canal']