Run dns_late preinstall tasks on all k8s nodes (#4672)

* Run dns_late preinstall tasks on all k8s nodes Related issue: #4656 Change-Id: I63f8559ef1a497b7580ab084561e6603fe647834 * Fix ansible-lint Change-Id: Ia5b33fa63dbc36d8c3e9557ef3f2ea02af2325a5 * Fix recover_control_plane lint issues Change-Id: I16643a3193c11b6ba704e9698812cac7e4fd19a8
5 years ago · a5b46bfc8c
5 changed files with 18 additions and 3 deletions
--- a/.gitlab-ci/lint.yml
+++ b/.gitlab-ci/lint.yml
@ -11,7 +11,7 @@ ansible-lint:
  stage: unit-tests
  # lint every yml/yaml file that looks like it contains Ansible plays
  script: |-
-    grep -Rl '^- hosts: \|^  hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v
+    grep -Rl '^- hosts: \|^  hosts: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v
  except: ['triggers', 'master']

 syntax-check:
--- a/cluster.yml
+++ b/cluster.yml
@ -109,5 +109,10 @@
  roles:
    - { role: kubespray-defaults}
    - { role: kubernetes-apps, tags: apps }
-    - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true }
  environment: "{{proxy_env}}"
+
+- hosts: k8s-cluster
+  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
+  roles:
+    - { role: kubespray-defaults}
+    - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true }
--- a/roles/recover_control_plane/etcd/tasks/prepare.yml
+++ b/roles/recover_control_plane/etcd/tasks/prepare.yml
@ -1,5 +1,6 @@
 ---
 - name: Delete old certificates
+  # noqa 302 - rm is ok here for now
  shell: "rm /etc/ssl/etcd/ssl/*{{ item }}* /etc/kubernetes/ssl/etcd/*{{ item }}*"
  with_items: "{{ old_etcds.split(',') }}"
  register: delete_old_cerificates
--- a/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml
+++ b/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml
@ -20,7 +20,9 @@
    state: stopped

 - name: Remove etcd data-dir
-  shell: "rm -rf {{ etcd_data_dir }}"
+  file:
+    path: "{{ etcd_data_dir }}"
+    state: absent

 - name: Restore etcd snapshot
  shell: "{{ bin_dir }}/etcdctl snapshot restore /tmp/snapshot.db --name {{ etcd_member_name }} --initial-cluster {{ etcd_member_name }}={{ etcd_peer_url }} --initial-cluster-token k8s_etcd --initial-advertise-peer-urls {{ etcd_peer_url }} --data-dir {{ etcd_data_dir }}"
--- a/upgrade-cluster.yml
+++ b/upgrade-cluster.yml
@ -112,10 +112,17 @@
  roles:
    - { role: kubespray-defaults}
    - { role: network_plugin/calico/rr, tags: network }
+  environment: "{{proxy_env}}"

 - hosts: kube-master
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
    - { role: kubespray-defaults}
    - { role: kubernetes-apps, tags: apps }
+  environment: "{{proxy_env}}"
+
+- hosts: k8s-cluster
+  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
+  roles:
+    - { role: kubespray-defaults}
    - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf }