If you are using GitLab outside of the ILL, then you will need to use HTTPS and not SSH for clone/push/pull operations. SSH will work normally if you are using the VPN.

Commit af6d631b authored by eric pellegrini's avatar eric pellegrini

updated a few plays after changes in variable names or removal

parent 2dd2543e
---
- hosts: k8s
remote_user: "{{ vm_admin }}"
remote_user: "{{ cluster_users.0.name }}"
become: True
......@@ -12,5 +12,5 @@
- import_role:
name: roles/docker
vars:
http_proxy: "{{ proxy_settings['http_proxy'] }}"
http_proxy: "{{ proxy_settings.http_proxy }}"
---
- hosts: k8s
remote_user: "{{ vm_admin }}"
remote_user: "{{ cluster_users.0.name }}"
become: True
......@@ -12,9 +12,5 @@
- import_role:
name: roles/kubernetes
vars:
kubernetes_admin: "{{ kubernetes_parameters['admin'] }}"
kubernetes_admin_group: "{{ kubernetes_parameters['admin_group'] }}"
kubernetes_admin_password: "{{ kubernetes_parameters['admin_password'] }}"
kubernetes_proxy_settings: "{{ proxy_settings }}"
cluster_network_regex: "{{ os_vms_commons['cluster_regex'] }}"
identity_file: "{{ os_vms_commons['internal_identity_file'] }}"
proxys: "{{ proxy_settings }}"
---
- hosts: nfs_server
- hosts: nfs_clients
remote_user: "{{ vm_admin }}"
remote_user: "{{ cluster_users.0.name }}"
become: yes
become: True
environment: "{{ proxy_settings }}"
tasks:
- name: setup and configure nfs server
- name: setup and configure nfs clients
import_role:
name: roles/nfs-server
name: roles/nfs-clients
vars:
network_cidr: "{{ nfs_parameters['network_cidr'] }}"
shared_directories: "{{ nfs_parameters['mount_points'].keys() | list }}"
server_ip: "{{ (groups['nfs_server'] | map('extract',hostvars,['ansible_default_ipv4','address']) | list)[0] }}"
mount_points: "{{ nfs.mount_points }}"
---
# defaults file for roles/kubernetes
kubenertes_admin: "k8s-admin"
kubernetes_admin_group: "k8s-admin"
kubernetes_admin_home: "/var/localhome/{{ k8s_admin }}"
kubernetes_admin_shell: /bin/bash
kubernetes_proxy_settings: {}
kubernetes_pods_cidr: 10.244.0.0/16
kubernetes_pods_network_config: https://docs.projectcalico.org/v3.8/manifests/calico.yaml
---
- name: create kubernetes admin group
group:
name: "{{ kubernetes_admin_group }}"
state: present
- name: create kubernetes admin user
user:
name: "{{ kubernetes_admin }}"
group: "{{ kubernetes_admin_group }}"
password: "{{ kubernetes_admin_password | mandatory | password_hash('sha512') }}"
create_home: True
shell: /bin/bash
state: present
groups:
- docker
- sudo
register: user_cmd
- name: disable sudo password for kubernetes admin
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '{{ kubernetes_admin }} ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
- name: create the kubernetes admin .ssh directory if necessary
file:
path: "{{ user_cmd.home }}/.ssh/."
state: directory
mode: "700"
- name: copy the private key to the nodes
copy:
src: "{{ identity_file }}"
dest: "{{ user_cmd.home }}/.ssh/."
mode: "600"
when: identity_file is defined
- name: copy the ssh_config template
template:
src: "{{ playbook_dir | dirname }}/shared_files/templates/ssh_config.j2"
dest: "~/.ssh/config"
mode: "700"
when: (identity_file is defined) and (cluster_network_regex is defined)
- name: install public key
authorized_key:
user: "{{ user_cmd.name }}"
state: present
key: "{{ lookup('file', identity_file+'.pub') }}"
when: identity_file is defined
......@@ -4,6 +4,4 @@
- import_tasks: configure.yml
- import_tasks: admin.yml
- import_tasks: proxy.yml
- name: update no_proxy/NO_PROXY environment variable
set_fact:
kubernetes_proxy_settings: "{{ kubernetes_proxy_settings | combine({'no_proxy':updated_no_proxy, 'NO_PROXY':updated_no_proxy}) }}"
kubernetes_proxy_settings: "{{ proxys | combine({'no_proxy':updated_no_proxy, 'NO_PROXY':updated_no_proxy}) }}"
vars:
cluster_ips: "{{ ansible_play_batch | map('extract',hostvars,['ansible_default_ipv4','address']) | list | join(',')}}"
base_proxy: "{{ ('no_proxy' in kubernetes_proxy_settings) | ternary(kubernetes_proxy_settings.no_proxy,'') }}"
base_proxy: "{{ ('no_proxy' in proxys) | ternary(proxys.no_proxy,'') }}"
updated_no_proxy: "{{ cluster_ips }},0,1,2,3,4,5,6,7,8,9,{{ base_proxy }}"
- name: propagate the modified no_proxy/NO_PROXY environment variable to all k8s hosts
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment