Commit 75c799e6 authored by eric pellegrini's avatar eric pellegrini Committed by root

updated playbooks and roles with inventories variables

parent 87ed6b8a
ansible_python_interpreter: /usr/bin/python3
master_ips: "{{ groups['master'] | map('extract',hostvars,['ansible_default_ipv4','address']) | join(',') }}"
node_ips: "{{ groups['nodes'] | map('extract', hostvars, ['ansible_default_ipv4','address']) | join(',') }}"
kubernetes_admin_home: /kubernetes-admin
pod_network_cidr: 10.244.0.0/16
cni_provider: flannel
[master]
akubmaster.ill.fr
[nodes]
akubnode1.ill.fr
akubnode2.ill.fr
- hosts: nodes
- hosts: k8s_nodes
remote_user: root
environment:
no_proxy: "{{ configured_no_proxy }}"
NO_PROXY: "{{ configured_no_proxy }}"
environment: "{{ proxy_env }}"
roles:
......
- hosts: master
- hosts: k8s_masters
remote_user: root
environment:
no_proxy: "{{ configured_no_proxy }}"
NO_PROXY: "{{ configured_no_proxy }}"
environment: "{{ proxy_env }}"
roles:
- role: roles/initialize-control-plane
- role: roles/initialize-cluster
become_user: kubernetes-admin
become_user: "{{ kubernetes_admin }}"
become: yes
---
- hosts: all
- hosts: "{{ hostvars['novaclient']['os_groups'] }}"
remote_user: root
environment: "{{ proxy_env }}"
roles:
- role: roles/install-docker
- role: roles/configure-docker
- hosts: master
- hosts: k8s_masters
remote_user: root
become_user: kubernetes-admin
become_user: "{{ kubernetes_admin }}"
become: yes
environment:
no_proxy: "{{ configured_no_proxy }}"
NO_PROXY: "{{ configured_no_proxy }}"
environment: "{{ proxy_env }}"
roles:
- role: roles/install-helm
......
---
- name: setup environment variables (noproxy ...)
import_playbook: setup_environment.yml
- name: setup docker
import_playbook: setup_docker.yml
......
---
- hosts: all
- hosts: "{{ hostvars['novaclient']['os_groups'] }}"
remote_user: root
environment: "{{ proxy_env }}"
roles:
- role: roles/install-kubernetes
- role: roles/configure-kubernetes
---
- hosts:
- master
- nodes
- hosts: "{{ hostvars['novaclient']['os_groups'] }}"
remote_user: root
......
......@@ -42,3 +42,6 @@
name: docker
shell: /bin/bash
state: present
groups:
- sudo
......@@ -26,25 +26,34 @@
daemon_reload: yes
state: restarted
- name: create localhome directory
file:
path: /localhome
state: directory
- name: create kubernetes group
group:
name: kubernetes
name: "{{ kubernetes_admin_group }}"
state: present
- name: create user kubernetes-admin
- name: create user kubernetes
user:
create_home: yes
home: "{{ kubernetes_admin_home }}"
group: kubernetes
name: kubernetes-admin
password: "$6$d15p6Y7n2ml0Nv51$miZzKs.9f0BKeHgFj1a2qRVaR2RvRahgNiIvENylKGvTPsIYKcjRVaSthUh0JC8sAvc4PKrm4pGg.qVaxOiyo1"
group: "{{ kubernetes_admin_group }}"
name: "{{ kubernetes_admin }}"
password: "{{ vault_kubernetes_admin_password | password_hash('sha512') }}"
shell: /bin/bash
state: present
groups:
- sudo
- name: add no_proxy to .bashrc
- name: add proxy settings to /etc/environment
blockinfile:
path: "{{ kubernetes_admin_home }}/.bashrc"
path: "/etc/environment"
block: |
export no_proxy="{{ configured_no_proxy }}"
export NO_PROXY=$no_proxy
{{ item.key }}={{ item.value }}
marker: "# {mark} ANSIBLE MANAGED BLOCK"
loop: "{{ lookup('dict',proxy_env) }}"
---
# tasks file for create-admin
- name: create ansible tmp directory
file:
path: "{{ kubernetes_admin_home }}/.ansible/tmp"
state: directory
- name: remove previous kubernetes configuration file
file:
path: "{{ kubernetes_admin_home }}/.kube"
......@@ -21,8 +26,8 @@
- name: change ownership of ~/.kube/config
file:
path: "{{ kubernetes_admin_home }}/.kube/config"
owner: kubernetes-admin
group: kubernetes
owner: "{{ kubernetes_admin }}"
group: "{{ kubernetes_admin_group }}"
become_user: root
become: yes
......
......@@ -9,5 +9,5 @@
state: absent
- name: (re)initialize the kubernetes cluster
command: kubeadm init --node-name={{ inventory_hostname }} --pod-network-cidr={{ pod_network_cidr }}
command: kubeadm init --pod-network-cidr={{ pod_network_cidr }}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment