Allow pods on the control plane immediately if possible

2025-11-01 01:19:25 +01:00 · 2024-02-08 06:14:50 -07:00 · 2024-02-08 06:14:50 -07:00 · 756747a678
commit 756747a678
parent 0b2aae72b9
3 changed files with 39 additions and 15 deletions
--- a/tasks/control-plane-aux-setup.yml
+++ b/tasks/control-plane-aux-setup.yml
@ -5,3 +5,29 @@
  args:
    creates: /etc/kubernetes/kubelet.conf
  tags: ["skip_ansible_lint"]
+
+- name: Ensure .kube directory exists.
+  file:
+    path: ~/.kube
+    state: directory
+    mode: 0755
+
+- name: Symlink the kubectl admin.conf to ~/.kube/conf.
+  file:
+    src: /etc/kubernetes/admin.conf
+    dest: ~/.kube/config
+    state: link
+    mode: 0644
+
+- name: Allow pods on control plane (if configured).
+  command: "kubectl taint nodes {{ inventory_hostname }} node-role.kubernetes.io/control-plane-"
+  register: taint_removed
+  until: >
+    ("untainted" in taint_removed.stdout) or
+    ("not found" in taint_removed.stderr)
+  changed_when: "'untainted' in taint_removed.stdout"
+  failed_when: false
+  retries: 100
+  delay: 5
+  when:
+    - kubernetes_allow_pods_on_control_plane | bool
--- a/tasks/control-plane-setup.yml
+++ b/tasks/control-plane-setup.yml
@ -87,6 +87,19 @@
    state: link
    mode: 0644

+- name: Allow pods on control plane (if configured).
+  command: "kubectl taint nodes {{ inventory_hostname }} node-role.kubernetes.io/control-plane-"
+  register: taint_removed
+  until: >
+    ("untainted" in taint_removed.stdout) or
+    ("not found" in taint_removed.stderr)
+  changed_when: "'untainted' in taint_removed.stdout"
+  failed_when: false
+  retries: 100
+  delay: 5
+  when:
+    - kubernetes_allow_pods_on_control_plane | bool
+
 - name: Write Cilium Helm values to file
  copy:
    dest: "/tmp/cilium_helm.yaml"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -101,18 +101,3 @@
    - inventory_hostname != groups['k8s_control_plane'][0]
    - inventory_hostname == item
  loop: "{{ groups['k8s_control_plane'] }}"
-
- name: Allow pods on control plane (if configured).
-  command: "kubectl taint nodes {{ item }} node-role.kubernetes.io/control-plane-"
-  register: taint_removed
-  until: >
-    ("untainted" in taint_removed.stdout) or
-    ("not found" in taint_removed.stderr)
-  changed_when: "'untainted' in taint_removed.stdout"
-  failed_when: false
-  retries: 100
-  delay: 5
-  loop: "{{ groups['k8s_control_plane'] }}"
-  when:
-    - kubernetes_allow_pods_on_control_plane | bool
-    - inventory_hostname == groups['k8s_control_plane'][0]