############################################################################## # Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- - name: clean local repo conf file: path: /etc/yum.repos.d state: absent run_once: "True" when: ansible_os_family == 'RedHat' - name: create local repo conf dir file: path: /etc/yum.repos.d state: directory run_once: "True" when: ansible_os_family == 'RedHat' - name: configure local mirror repo copy: src: "{{ item }}" dest: /etc/yum.repos.d/mirrors.repo with_first_found: - mirrors_{{ ansible_architecture }}.repo - mirrors.repo run_once: "True" when: ansible_os_family == 'RedHat' - name: clean local pip conf to use official pip repo file: path: /root/.pip/pip.conf state: absent run_once: "True" - name: install dependency for ansible update yum: name: "{{ item }}" state: latest with_items: - git - libffi-devel - openssl-devel - python-devel run_once: "True" when: ansible_os_family == 'RedHat' - name: update python packages pip: name: "{{ item }}" state: latest with_items: - netaddr - jinja2 - name: copy inventories generate script copy: src: generate_inventories.py dest: /tmp/generate_inventories.py tags: - ansible - name: copy inventoriy.json file copy: src: "{{ run_dir }}/inventories/inventory.json" dest: /tmp/inventory.json tags: - ansible - name: generate kargo inventories shell: > python /tmp/generate_inventories.py \ "/opt/kargo_k8s/inventory/inventory.cfg" \ "/tmp/inventory.json" tags: - ansible - name: configure target hosts shell: | cd /opt/kargo_k8s ansible -i inventory/inventory.cfg -m ping all ansible -i inventory/inventory.cfg all -m shell -a "rm /etc/yum.repos.d/*" ansible -i inventory/inventory.cfg all -m copy -a \ "src=/etc/yum.repos.d/mirrors.repo dest=/etc/yum.repos.d" tags: - ansible - name: enable helm lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml regexp: '^helm_enabled:' line: 'helm_enabled: {{ helm_flag }}' - name: enable external lb | set lb domain_nam lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^## apiserver_loadbalancer_domain_name:' line: 'apiserver_loadbalancer_domain_name: {{ apiserver_loadbalancer_domain_name }}' - name: enable external lb | lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#loadbalancer_apiserver:' line: 'loadbalancer_apiserver:' - name: enable external lb | set vip address lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^# address: 1.2.3.4' line: ' address: {{ vipaddress }}' - name: enable external lb | set vip port lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^# port: 1234' line: ' port: {{ exlb_port }}' - name: enable internal lb lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/all.yml regexp: '^#loadbalancer_apiserver_localhost: true' line: 'loadbalancer_apiserver_localhost: true' - name: use the user name and password login the dashboard lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml regexp: '^#kube_basic_auth: false' line: 'kube_basic_auth: true' - name: add vip to ssl keys lineinfile: dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml line: 'supplementary_addresses_in_ssl_keys: [{{ vipaddress }}]' - name: rm openssl file file: path: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2 state: absent - name: copy openssl.conf.j2 copy: src: openssl.conf.j2 dest: /opt/kargo_k8s/roles/kubernetes/secrets/templates/openssl.conf.j2 - name: copy overrided variables copy: src: "{{ item }}" dest: /opt/kargo_k8s/extra-vars.yml with_first_found: - extra-vars-{{ ansible_architecture }}.yml - extra-vars.yml - name: copy 2flannel playbook to kargo copy: src: "{{ run_dir }}/roles/2flannel" dest: /opt/kargo_k8s/roles/network_plugin - name: copy 2flannel-apps playbook to kargo copy: src: "{{ run_dir }}/roles/2flannel-apps/" dest: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/2flannel - name: append 2flannel to network plugin blockinfile: path: /opt/kargo_k8s/roles/network_plugin/meta/main.yml block: " - role: network_plugin/2flannel\n \ when: kube_network_plugin == '2flannel'\n tags: 2flannel\n" - name: append 2flannel apps to network plugin blockinfile: path: /opt/kargo_k8s/roles/kubernetes-apps/network_plugin/meta/main.yml block: " - role: kubernetes-apps/network_plugin/2flannel\n \ when: kube_network_plugin == '2flannel'\n tags: 2flannel\n" - name: append 2flannel to valid kube_network_plugin list replace: path: "/opt/kargo_k8s/roles/kubernetes/{{ item.path }}" regexp: "{{ item.regexp }}" replace: "{{ item.replace }}" with_items: - {path: 'master/templates/manifests/kube-controller-manager.manifest.j2', regexp: '"cloud", "flannel"', replace: '"cloud", "flannel", "2flannel"'} - {path: 'node/templates/kubelet.kubeadm.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "2flannel"'} - {path: 'node/templates/kubelet.standard.env.j2', regexp: '"calico", "canal", "flannel", "weave"', replace: '"calico", "canal", "flannel", "weave", "2flannel"'} - {path: 'node/templates/kubelet.rkt.service.j2', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "2flannel"'} - {path: 'preinstall/tasks/main.yml', regexp: '"calico", "weave", "canal", "flannel"', replace: '"calico", "weave", "canal", "flannel", "2flannel"'} - name: run kargo playbook shell: | cd /opt/kargo_k8s ansible-playbook -i inventory/inventory.cfg cluster.yml \ -e "@extra-vars.yml" -b -v 2>&1 | tee kargo.log tags: - ansible