mirror of
https://github.com/geerlingguy/ansible-role-kubernetes.git
synced 2025-04-16 01:19:16 +02:00
152 lines
5.0 KiB
YAML
152 lines
5.0 KiB
YAML
---
|
|
- name: Create the directory for the kubernetes_config_file
|
|
file:
|
|
path: "{{ kubernetes_kubeadm_kubelet_config_file_path | dirname }}"
|
|
state: directory
|
|
|
|
- name: Deploy the config-file for kubeadm and kubelet
|
|
template:
|
|
src: "kubeadm-kubelet-config.j2"
|
|
dest: "{{ kubernetes_kubeadm_kubelet_config_file_path }}"
|
|
|
|
- name: Initialize Kubernetes control plane with kubeadm init
|
|
command: >
|
|
kubeadm init
|
|
--config {{ kubernetes_kubeadm_kubelet_config_file_path }}
|
|
{{ kubernetes_kubeadm_init_extra_opts }}
|
|
register: kubeadmin_init
|
|
when: (not kubernetes_init_stat.stat.exists) and (kubernetes_ignore_preflight_errors is not defined)
|
|
|
|
- name: Initialize Kubernetes control plane with kubeadm init and ignore_preflight_errors
|
|
command: >
|
|
kubeadm init
|
|
--config {{ kubernetes_kubeadm_kubelet_config_file_path }}
|
|
--ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
|
|
{{ kubernetes_kubeadm_init_extra_opts }}
|
|
register: kubeadmin_init
|
|
when: (not kubernetes_init_stat.stat.exists) and (kubernetes_ignore_preflight_errors is defined)
|
|
|
|
- name: Print the init output to screen.
|
|
debug:
|
|
var: kubeadmin_init.stdout
|
|
verbosity: 2
|
|
when: not kubernetes_init_stat.stat.exists
|
|
|
|
- name: Ensure .kube directory exists.
|
|
file:
|
|
path: ~/.kube
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Symlink the kubectl admin.conf to ~/.kube/conf.
|
|
file:
|
|
src: /etc/kubernetes/admin.conf
|
|
dest: ~/.kube/config
|
|
state: link
|
|
mode: 0644
|
|
|
|
- name: Taint nodes with cilium agent-not-ready
|
|
command: kubectl taint nodes --all node.cilium.io/agent-not-ready=true:NoExecute
|
|
when:
|
|
- kubernetes_pod_network.cni == 'cilium'
|
|
- not kubernetes_init_stat.stat.exists
|
|
|
|
- name: Check if Cilium CLI has already been Installed.
|
|
stat:
|
|
path: /usr/local/bin/cilium
|
|
register: cilium_init_stat
|
|
|
|
- name: Install Cilium CLI
|
|
when:
|
|
- kubernetes_pod_network.cni == 'cilium'
|
|
- not cilium_init_stat.stat.exists
|
|
block:
|
|
- name: Get Cilium CLI version
|
|
shell: curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt
|
|
register: cilium_cli_version
|
|
changed_when: false
|
|
|
|
- name: Set CLI architecture
|
|
set_fact:
|
|
cli_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
|
|
|
- name: Download Cilium CLI
|
|
get_url:
|
|
url: "https://github.com/cilium/cilium-cli/releases/download/{{ cilium_cli_version.stdout }}/cilium-linux-{{ cli_arch }}.tar.gz"
|
|
dest: "/tmp/cilium-linux-{{ cli_arch }}.tar.gz"
|
|
mode: '0644'
|
|
|
|
- name: Download Cilium CLI checksum
|
|
get_url:
|
|
url: "https://github.com/cilium/cilium-cli/releases/download/{{ cilium_cli_version.stdout }}/cilium-linux-{{ cli_arch }}.tar.gz.sha256sum"
|
|
dest: "/tmp/cilium-linux-{{ cli_arch }}.tar.gz.sha256sum"
|
|
mode: '0644'
|
|
|
|
- name: Verify Cilium CLI checksum
|
|
shell: sha256sum --check /tmp/cilium-linux-{{ cli_arch }}.tar.gz.sha256sum
|
|
args:
|
|
chdir: /tmp
|
|
|
|
- name: Extract Cilium CLI
|
|
unarchive:
|
|
src: "/tmp/cilium-linux-{{ cli_arch }}.tar.gz"
|
|
dest: /usr/local/bin
|
|
remote_src: true
|
|
|
|
- name: Remove downloaded files
|
|
file:
|
|
path: "/tmp/cilium-linux-{{ cli_arch }}.tar.gz{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- ''
|
|
- '.sha256sum'
|
|
|
|
- name: Configure Cilium networking
|
|
command: /usr/local/bin/cilium install --version {{ kubernetes_cilium_version }}
|
|
when:
|
|
- kubernetes_pod_network.cni == 'cilium'
|
|
- not kubernetes_init_stat.stat.exists
|
|
|
|
- name: Configure Flannel networking.
|
|
command: "kubectl apply -f {{ kubernetes_flannel_manifest_file }}"
|
|
register: flannel_result
|
|
changed_when: "'created' in flannel_result.stdout"
|
|
when: kubernetes_pod_network.cni == 'flannel'
|
|
until: flannel_result is not failed
|
|
retries: 12
|
|
delay: 5
|
|
|
|
- name: Configure Calico networking.
|
|
command: "kubectl apply -f {{ kubernetes_calico_manifest_file }}"
|
|
register: calico_result
|
|
changed_when: "'created' in calico_result.stdout"
|
|
when: kubernetes_pod_network.cni == 'calico'
|
|
until: calico_result is not failed
|
|
retries: 12
|
|
delay: 5
|
|
|
|
- name: Get Kubernetes version for Weave installation.
|
|
shell: kubectl version | base64 | tr -d '\n'
|
|
changed_when: false
|
|
register: kubectl_version
|
|
when: kubernetes_pod_network.cni == 'weave'
|
|
until: kubectl_version is not failed
|
|
retries: 12
|
|
delay: 5
|
|
|
|
- name: Configure Weave networking.
|
|
command: "{{ item }}"
|
|
with_items:
|
|
- "kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version={{ kubectl_version.stdout_lines[0] }}"
|
|
register: weave_result
|
|
changed_when: "'created' in weave_result.stdout"
|
|
when: kubernetes_pod_network.cni == 'weave'
|
|
|
|
# TODO: Check if taint exists with something like `kubectl describe nodes`
|
|
# instead of using kubernetes_init_stat.stat.exists check.
|
|
- name: Allow pods on control plane (if configured).
|
|
command: "kubectl taint nodes --all node-role.kubernetes.io/control-plane-"
|
|
when:
|
|
- kubernetes_allow_pods_on_control_plane | bool
|
|
- not kubernetes_init_stat.stat.exists
|