diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-05-16 19:23:20 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-05-16 19:23:20 +0200 |
| commit | a7e29b93eefbc82c7740d45da0cc1e61a286a241 (patch) | |
| tree | 5f411d5374fb72c2e6c8b9bbbac6042b465694d2 /common/kubernetes-cluster.yml | |
| parent | add apt-repo/base and backports (diff) | |
kubernetes: set cgroup driver to systemd, enable metrics-server and node-local-dns
Diffstat (limited to 'common/kubernetes-cluster.yml')
| -rw-r--r-- | common/kubernetes-cluster.yml | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/common/kubernetes-cluster.yml b/common/kubernetes-cluster.yml new file mode 100644 index 00000000..31b7bbf4 --- /dev/null +++ b/common/kubernetes-cluster.yml @@ -0,0 +1,60 @@ +--- +- name: prepare variables and do some sanity checks + hosts: _kubernetes_nodes_ + gather_facts: no + tasks: + - name: sanity checks for kubeguard + when: kubernetes_network_plugin == 'kubeguard' + block: + - name: check whether every node has a node_index assigned + assert: + msg: "There are nodes without an assigned node_index: {{ groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | join(', ') }}" + that: groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | length == 0 + + - name: check whether node indizes are unique + assert: + msg: "There are duplicate entries in the node_index table, every node_index is only allowed once" + that: (kubeguard.node_index.keys() | length) == (kubeguard.node_index.values() | unique | length) + + - name: check whether node indizes are all > 0 + assert: + msg: "At least one node_index is < 1 (indizes start at 1)" + that: (kubeguard.node_index.values() | min) > 0 + + - name: check whether overlay node ip is configured + assert: + msg: "For kubeguard to work you need to configure kubernetes_overlay_node_ip" + that: kubernetes_overlay_node_ip is defined + + - name: make sure all nodes do belong to the kubernetes-cluster group + assert: + msg: "The host '{{ inventory_hostname }}' does not belong to the group 'kubernetes-cluster'" + that: "'kubernetes-cluster' in group_names" + +######## +- name: kubernetes base installation + hosts: _kubernetes_nodes_ + roles: + - role: apt-repo/spreadspace + when: kubernetes_network_plugin == 'kubeguard' + - role: kubernetes/net/kubeguard/node + when: kubernetes_network_plugin == 'kubeguard' + - role: kubernetes/base + - role: kubernetes/kubeadm/base + +- name: configure primary kubernetes master + hosts: _kubernetes_primary_master_ + roles: + - role: kubernetes/kubeadm/masterg + +- name: configure secondary kubernetes masters + hosts: _kubernetes_masters_:!_kubernetes_primary_master_ + roles: + - role: kubernetes/kubeadm/master + +- name: configure kubernetes non-master nodes + hosts: _kubernetes_nodes_:!_kubernetes_masters_ + roles: + - role: kubernetes/kubeadm/node + +### TODO: add node labels (ie. for ingress daeomnset) |