############################################################################## # Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- - name: clean local repo conf file: path: /etc/yum.repos.d state: absent run_once: "True" when: ansible_os_family == 'RedHat' - name: create local repo conf dir file: path: /etc/yum.repos.d state: directory run_once: "True" when: ansible_os_family == 'RedHat' - name: configure local mirror repo copy: src: "{{ item }}" dest: /etc/yum.repos.d/mirrors.repo with_first_found: - mirrors_{{ ansible_architecture }}.repo - mirrors.repo run_once: "True" when: ansible_os_family == 'RedHat' - name: clean local pip conf to use official pip repo file: path: /root/.pip/pip.conf state: absent run_once: "True" - name: install dependency for ansible update yum: name: "{{ item }}" state: latest with_items: - git - libffi-devel - openssl-devel - python-devel run_once: "True" when: ansible_os_family == 'RedHat' - name: update python packages pip: name: "{{ item }}" state: latest with_items: - netaddr - jinja2 - name: copy inventories generate script copy: src: generate_inventories.py dest: /tmp/generate_inventories.py tags: - ansible - name: copy inventoriy.json file copy: src: "{{ run_dir }}/inventories/inventory.json" dest: /tmp/inventory.json tags: - ansible - name: generate kargo inventories shell: > python /tmp/generate_inventories.py \ "/opt/kargo_k8s/inventory/inventory.cfg" \ "/tmp/inventory.json" tags: - ansible - name: configure target hosts shell: | cd /opt/kargo_k8s ansible -i inventory/inventory.cfg -m ping all ansible -i inventory/inventory.cfg all -m shell -a "rm /etc/yum.repos.d/*" ansible -i inventory/inventory.cfg all -m copy -a \ "src=/etc/yum.repos.d/mirrors.repo dest=/etc/yum.repos.d" tags: - ansible - name: enable helm lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml regexp: '^helm_enabled:' line: 'helm_enabled: {{ helm_flag }}' - name: enable external lb | set lb domain_nam lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^## apiserver_loadbalancer_domain_name:' line: 'apiserver_loadbalancer_domain_name: {{ apiserver_loadbalancer_domain_name }}' - name: enable external lb | lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#loadbalancer_apiserver:' line: 'loadbalancer_apiserver:' - name: enable external lb | set vip address lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^# address: 1.2.3.4' line: ' address: {{ vipaddress }}' - name: enable external lb | set vip port lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^# port: 1234' line: ' port: {{ exlb_port }}' - name: enable internal lb lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#loadbalancer_apiserver_localhost: true' line: 'loadbalancer_apiserver_localhost: true' - name: enable http proxy lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#http_proxy:' line: 'http_proxy: {{ http_proxy }}' when: http_proxy != '' - name: enable https proxy lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#https_proxy:' line: 'https_proxy: {{ https_proxy }}' when: https_proxy !='' - name: use the user name and password login the dashboard lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml regexp: '^#kube_basic_auth: false' line: 'kube_basic_auth: true' - name: add vip to ssl keys lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml line: 'supplementary_addresses_in_ssl_keys: [{{ vipaddress }}]' - name: rm openssl file file: path: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2 state: absent - name: copy openssl.conf.j2 copy: src: openssl.conf.j2 dest: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2 - name: copy overrided variables copy: src: "{{ item }}" dest: /opt/kargo_k8s/extra-vars.yml with_first_found: - extra-vars-{{ ansible_architecture }}.yml - extra-vars.yml - name: copy 2flannel playbook to kargo copy: src: "{{ run_dir }}/roles/2flannel" dest: /opt/kargo_k8s/roles/network_plugin - name: copy 2flannel-apps playbook to kargo copy: src: "{{ run_dir }}/roles/2flannel-apps/" dest: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/2flannel - name: append 2flannel to network plugin blockinfile: path: /opt/kargo_k8s/roles/network_plugin/meta/main.yml block: " - role: network_plugin/2flannel\n \ when: kube_network_plugin == '2flannel'\n tags: 2flannel\n" - name: append 2flannel apps to network plugin blockinfile: path: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/meta/main.yml block: " - role: kubernetes-apps/network_plugin/2flannel\n \ when: kube_network_plugin == '2flannel'\n tags: 2flannel\n" - name: append 2flannel to valid kube_network_plugin list replace: path: "/opt/kargo_k8s/roles/kubernetes/{{ item.path }}" regexp: "{{ item.regexp }}" replace: "{{ item.replace }}" with_items: - {path: 'master/templates/manifests/kube-controller-manager.manifest.j2', regexp: '"cloud", "flannel"', replace: '"cloud", "flannel", "2flannel"'} - {path: 'node/templates/kubelet.kubeadm.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "2flannel"'} - {path: 'node/templates/kubelet.standard.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "2flannel"'} - {path: 'node/templates/kubelet.rkt.service.j2', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "2flannel"'} - {path: 'preinstall/tasks/main.yml', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "2flannel"'} # yamllint disable rule:line-length - name: enable CSI plugin feature lineinfile: dest: "/opt/kargo_k8s/roles/kubespray-defaults/defaults/main.yaml" regexp: "^kube_feature_gates:" line: "{% raw %}kube_feature_gates: ['Initializers={{ istio_enabled|string }}', 'PersistentLocalVolumes={{ local_volumes_enabled|string }}', 'CSIPersistentVolume=True', 'MountPropagation=True']{% endraw %}" when: - stor4nfv is defined and stor4nfv == "Enable" # yamllint enable rule:line-length - name: enable CSI plugin runtime_config lineinfile: dest: /opt/kargo_k8s/roles/kubernetes/master/defaults/main.yml insertafter: '^ - admissionregistration.k8s.io/v1alpha1' line: ' - storage.k8s.io/v1alpha1' when: - stor4nfv is defined and stor4nfv == "Enable" - name: copy sriov playbook to kargo copy: src: "{{ run_dir }}/roles/sriov" dest: /opt/kargo_k8s/roles/network_plugin - name: copy sriov-apps playbook to kargo copy: src: "{{ run_dir }}/roles/sriov-apps/" dest: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/sriov - name: append sriov to network plugin blockinfile: path: /opt/kargo_k8s/roles/network_plugin/meta/main.yml block: " - role: network_plugin/sriov\n when: kube_network_plugin == 'sriov'\n \ tags: sriov\n" - name: append sriov apps to network plugin blockinfile: path: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/meta/main.yml block: " - role: kubernetes-apps/network_plugin/sriov\n \ when: kube_network_plugin == 'sriov'\n tags: sriov\n" - name: append sriov to valid kube_network_plugin list replace: path: "{{ item.path }}" regexp: "{{ item.regexp }}" replace: "{{ item.replace }}" with_items: - {path: "/opt/kargo_k8s/roles/kubernetes/master/templates/manifests/\ kube-controller-manager.manifest.j2", regexp: '"cloud", "flannel"', replace: '"cloud", "flannel", "sriov"'} - {path: '/opt/kargo_k8s/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "sriov"'} - {path: '/opt/kargo_k8s/roles/kubernetes/node/templates/kubelet.standard.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "sriov"'} - {path: '/opt/kargo_k8s/roles/kubernetes/node/templates/kubelet.rkt.service.j2', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "sriov"'} - {path: '/opt/kargo_k8s/roles/kubernetes/preinstall/tasks/main.yml', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "sriov"'} - name: run kargo playbook shell: | cd /opt/kargo_k8s ansible-playbook -i inventory/inventory.cfg cluster.yml \ -e "@extra-vars.yml" -b -v 2>&1 | tee kargo.log tags: - ansible