summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/kubernetes/roles/ha/tasks
diff options
context:
space:
mode:
authorhu xinhui <xinhui_hu@foxmail.com>2018-01-10 16:03:25 +0800
committerhu xinhui <xinhui_hu@foxmail.com>2018-01-24 11:12:13 +0800
commitc6b9a863cf92f824e8b8e3004f6e1f649170e4f1 (patch)
tree910014e8ef5a7eae5cd345e41c1bd9793086b5d6 /deploy/adapters/ansible/kubernetes/roles/ha/tasks
parent24e25de8fc981e3b33ffaa71e76f27dedcf6b89e (diff)
spport k8s apiserver HA
compass installer deploy k8s using kubespray for default, but k8s apiserver HA is not implemented by kubespray, This patch aim is to achieve the k8s apiserver HA Change-Id: I805b5eb2f4efa7ca82fcef7bfd3f4cad35ed65b5 JIRA: - Signed-off-by: hu xinhui <xinhui_hu@foxmail.com>
Diffstat (limited to 'deploy/adapters/ansible/kubernetes/roles/ha/tasks')
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/ha/tasks/main.yml83
1 files changed, 83 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/kubernetes/roles/ha/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/ha/tasks/main.yml
new file mode 100644
index 00000000..c7e58376
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/ha/tasks/main.yml
@@ -0,0 +1,83 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: install keepalived haproxy
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items: "{{ packages | union(packages_noarch) }}"
+
+- name: generate ha service list
+ lineinfile: dest=/opt/service create=yes line= '{{ item }}'
+ with_items: "{{ services | union(services_noarch) }}"
+
+- name: install pexpect
+ pip: name=pexpect state=present extra_args='--pre'
+
+- name: activate ip_nonlocal_bind
+ sysctl: name=net.ipv4.ip_nonlocal_bind value=1
+ state=present reload=yes
+
+- name: set net.ipv4.tcp_keepalive_intvl
+ sysctl: name=net.ipv4.tcp_keepalive_intvl value=1
+ state=present reload=yes
+
+- name: set net.ipv4.tcp_keepalive_probes
+ sysctl: name=net.ipv4.tcp_keepalive_probes value=5
+ state=present reload=yes
+
+- name: set net.ipv4.tcp_keepalive_time
+ sysctl: name=net.ipv4.tcp_keepalive_time value=5
+ state=present reload=yes
+
+- name: update haproxy cfg
+ template: src=haproxy.cfg dest=/etc/haproxy/haproxy.cfg
+ notify: restart haproxy
+
+- name: set haproxy enable flag
+ lineinfile: dest=/etc/default/haproxy state=present
+ regexp="ENABLED=*"
+ line="ENABLED=1"
+ notify: restart haproxy
+ when: ansible_os_family == "Debian"
+
+- name: set haproxy log
+ lineinfile: dest=/etc/rsyslog.conf state=present
+ regexp="local0.* /var/log/haproxy.log"
+ line="local0.* /var/log/haproxy.log"
+
+- name: set rsyslog udp module
+ lineinfile: dest=/etc/rsyslog.conf state=present
+ regexp="^#$ModLoad imudp"
+ line="$ModLoad imudp"
+
+- name: set rsyslog udp port
+ lineinfile: dest=/etc/rsyslog.conf state=present
+ regexp="^#$UDPServerRun 514"
+ line="$UDPServerRun 514"
+
+- name: set keepalived start param
+ lineinfile: dest=/etc/default/keepalived state=present
+ regexp="^DAEMON_ARGS=*"
+ line="DAEMON_ARGS=\"-D -d -S 1\""
+ when: ansible_os_family == "Debian"
+
+- name: set keepalived log
+ lineinfile: dest=/etc/rsyslog.conf state=present
+ regexp="local1.* /var/log/keepalived.log"
+ line="local1.* /var/log/keepalived.log"
+
+- name: update keepalived info
+ template: src=keepalived.conf dest=/etc/keepalived/keepalived.conf
+ notify: restart keepalived
+
+- name: restart rsyslog
+ shell: service rsyslog restart
+
+- meta: flush_handlers