diff --git a/cluster.yml b/cluster.yml index 34874ce22..6c6dd36c0 100644 --- a/cluster.yml +++ b/cluster.yml @@ -13,23 +13,37 @@ vars: ansible_connection: local +- hosts: all + gather_facts: false + tasks: + - name: "Set up proxy environment" + set_fact: + proxy_env: + http_proxy: "{{ http_proxy | default ('') }}" + HTTP_PROXY: "{{ http_proxy | default ('') }}" + https_proxy: "{{ https_proxy | default ('') }}" + HTTPS_PROXY: "{{ https_proxy | default ('') }}" + no_proxy: "{{ no_proxy | default ('') }}" + NO_PROXY: "{{ no_proxy | default ('') }}" + no_log: true + - hosts: bastion[0] gather_facts: False roles: - - { role: kubespray-defaults} - - { role: bastion-ssh-config, tags: ["localhost", "bastion"]} + - { role: kubespray-defaults } + - { role: bastion-ssh-config, tags: ["localhost", "bastion"] } - hosts: k8s-cluster:etcd any_errors_fatal: "{{ any_errors_fatal | default(true) }}" gather_facts: false roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: bootstrap-os, tags: bootstrap-os} - hosts: k8s-cluster:etcd any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/preinstall, tags: preinstall } - { role: "container-engine", tags: "container-engine", when: deploy_container_engine|default(true) } - { role: download, tags: download, when: "not skip_downloads" } @@ -38,7 +52,7 @@ - hosts: etcd any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - role: etcd tags: etcd vars: @@ -49,7 +63,7 @@ - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - role: etcd tags: etcd vars: @@ -60,14 +74,14 @@ - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/node, tags: node } environment: "{{ proxy_env }}" - hosts: kube-master any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/master, tags: master } - { role: kubernetes/client, tags: client } - { role: kubernetes-apps/cluster_roles, tags: cluster-roles } @@ -75,7 +89,7 @@ - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/kubeadm, tags: kubeadm} - { role: network_plugin, tags: network } - { role: kubernetes/node-label, tags: node-label } @@ -83,20 +97,20 @@ - hosts: calico-rr any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} - - { role: network_plugin/calico/rr, tags: ['network', 'calico_rr']} + - { role: kubespray-defaults } + - { role: network_plugin/calico/rr, tags: ['network', 'calico_rr'] } - hosts: kube-master[0] any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps/rotate_tokens, tags: rotate_tokens, when: "secret_changed|default(false)" } - - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"]} + - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"] } - hosts: kube-master any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller } - { role: kubernetes-apps/network_plugin, tags: network } - { role: kubernetes-apps/policy_controller, tags: policy-controller } @@ -106,12 +120,12 @@ - hosts: kube-master any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps, tags: apps } environment: "{{ proxy_env }}" - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true } diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index 6c05d7152..5b8b2f0f7 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -437,14 +437,6 @@ no_proxy: >- 127.0.0.1,localhost,{{kube_service_addresses}},{{kube_pods_subnet}} {%- endif %} -proxy_env: - http_proxy: "{{ http_proxy| default ('') }}" - HTTP_PROXY: "{{ http_proxy| default ('') }}" - https_proxy: "{{ https_proxy| default ('') }}" - HTTPS_PROXY: "{{ https_proxy| default ('') }}" - no_proxy: "{{ no_proxy| default ('') }}" - NO_PROXY: "{{ no_proxy| default ('') }}" - ssl_ca_dirs: >- [ {% if ansible_os_family in ['CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk'] -%} diff --git a/scale.yml b/scale.yml index 0d93e31af..08b9a0290 100644 --- a/scale.yml +++ b/scale.yml @@ -13,25 +13,39 @@ vars: ansible_connection: local +- hosts: all + gather_facts: false + tasks: + - name: "Set up proxy environment" + set_fact: + proxy_env: + http_proxy: "{{ http_proxy | default ('') }}" + HTTP_PROXY: "{{ http_proxy | default ('') }}" + https_proxy: "{{ https_proxy | default ('') }}" + HTTPS_PROXY: "{{ https_proxy | default ('') }}" + no_proxy: "{{ no_proxy | default ('') }}" + NO_PROXY: "{{ no_proxy | default ('') }}" + no_log: true + - hosts: bastion[0] gather_facts: False roles: - - { role: kubespray-defaults} - - { role: bastion-ssh-config, tags: ["localhost", "bastion"]} + - { role: kubespray-defaults } + - { role: bastion-ssh-config, tags: ["localhost", "bastion"] } - name: Bootstrap any new workers hosts: kube-node any_errors_fatal: "{{ any_errors_fatal | default(true) }}" gather_facts: false roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: bootstrap-os, tags: bootstrap-os} - name: Generate the etcd certificates beforehand hosts: etcd any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: etcd, tags: etcd, etcd_cluster_setup: false } - name: Download images to ansible host cache via first kube-master node @@ -46,7 +60,7 @@ hosts: kube-node any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/preinstall, tags: preinstall } - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) } - { role: download, tags: download, when: "not skip_downloads" } diff --git a/upgrade-cluster.yml b/upgrade-cluster.yml index 497e271fd..a61c3f452 100644 --- a/upgrade-cluster.yml +++ b/upgrade-cluster.yml @@ -13,11 +13,25 @@ vars: ansible_connection: local +- hosts: all + gather_facts: false + tasks: + - name: "Set up proxy environment" + set_fact: + proxy_env: + http_proxy: "{{ http_proxy | default ('') }}" + HTTP_PROXY: "{{ http_proxy | default ('') }}" + https_proxy: "{{ https_proxy | default ('') }}" + HTTPS_PROXY: "{{ https_proxy | default ('') }}" + no_proxy: "{{ no_proxy | default ('') }}" + NO_PROXY: "{{ no_proxy | default ('') }}" + no_log: true + - hosts: bastion[0] gather_facts: False roles: - - { role: kubespray-defaults} - - { role: bastion-ssh-config, tags: ["localhost", "bastion"]} + - { role: kubespray-defaults } + - { role: bastion-ssh-config, tags: ["localhost", "bastion"] } - hosts: k8s-cluster:etcd:calico-rr any_errors_fatal: "{{ any_errors_fatal | default(true) }}" @@ -27,7 +41,7 @@ # fail. bootstrap-os fixes this on these systems, so in later plays it can be enabled. ansible_ssh_pipelining: false roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: bootstrap-os, tags: bootstrap-os} - name: Download images to ansible host cache via first kube-master node @@ -43,7 +57,7 @@ hosts: k8s-cluster:etcd:calico-rr any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/preinstall, tags: preinstall } - { role: download, tags: download, when: "not skip_downloads" } environment: "{{ proxy_env }}" @@ -53,14 +67,14 @@ any_errors_fatal: "{{ any_errors_fatal | default(true) }}" serial: "{{ serial | default('20%') }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) } environment: "{{ proxy_env }}" - hosts: etcd any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - role: etcd tags: etcd vars: @@ -71,7 +85,7 @@ - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - role: etcd tags: etcd vars: @@ -84,7 +98,7 @@ any_errors_fatal: "{{ any_errors_fatal | default(true) }}" serial: 1 roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: upgrade/pre-upgrade, tags: pre-upgrade } - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) } - { role: kubernetes/node, tags: node } @@ -101,7 +115,7 @@ any_errors_fatal: "{{ any_errors_fatal | default(true) }}" serial: "{{ serial | default('20%') }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller } - { role: network_plugin, tags: network } - { role: kubernetes-apps/network_plugin, tags: network } @@ -112,7 +126,7 @@ any_errors_fatal: "{{ any_errors_fatal | default(true) }}" serial: "{{ serial | default('20%') }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: upgrade/pre-upgrade, tags: pre-upgrade } - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) } - { role: kubernetes/node, tags: node } @@ -124,26 +138,26 @@ - hosts: kube-master[0] any_errors_fatal: true roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps/rotate_tokens, tags: rotate_tokens, when: "secret_changed|default(false)" } - - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"]} + - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"] } - hosts: calico-rr any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: network_plugin/calico/rr, tags: network } environment: "{{ proxy_env }}" - hosts: kube-master any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes-apps, tags: apps } environment: "{{ proxy_env }}" - hosts: k8s-cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" roles: - - { role: kubespray-defaults} + - { role: kubespray-defaults } - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf }