kubernetes: node cleanup works now

author: Christian Pointner <equinox@spreadspace.org> 2020-01-17 19:53:12 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2020-01-31 22:31:22 +0100
commit: bb9a03e136bd8d1029bfb2c1cf0be22d28df1576 (patch)
tree: a78801ff7ecc784e06c2ab9c70620ebaa7ea82b0 /roles
parent: single master kubernetes cluster works now (diff)
5 files changed, 18 insertions, 8 deletions
diff --git a/roles/kubernetes/kubeadm/master/tasks/main.yml b/roles/kubernetes/kubeadm/master/tasks/main.yml
index 7f96ff6a..9af041b2 100644
--- a/roles/kubernetes/kubeadm/master/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/main.yml
@@ -22,7 +22,7 @@
 
 
 - name: check if master is tainted (1/2)
-  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf get node {{ host_name }} -o json"
+  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf get node {{ inventory_hostname }} -o json"
   check_mode: no
   register: kubectl_get_node
   changed_when: False
@@ -33,11 +33,11 @@
 
 - name: remove taint from master node
   when: not kubernetes.dedicated_master and 'node-role.kubernetes.io/master' in kube_node_taints
-  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf taint nodes {{ host_name }} node-role.kubernetes.io/master-"
+  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf taint nodes {{ inventory_hostname }} node-role.kubernetes.io/master-"
 
 - name: add taint for master node
   when: kubernetes.dedicated_master and 'node-role.kubernetes.io/master' not in kube_node_taints
-  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf taint nodes {{ host_name }} node-role.kubernetes.io/master='':NoSchedule"
+  command: "kubectl --kubeconfig /etc/kubernetes/admin.conf taint nodes {{ inventory_hostname }} node-role.kubernetes.io/master='':NoSchedule"
 
 
 - name: prepare kubectl (1/2)
diff --git a/roles/kubernetes/kubeadm/master/tasks/primary-master.yml b/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
index 5efc91b5..e814e847 100644
--- a/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
@@ -25,7 +25,7 @@
   #   register: kubeadm_token_generate
 
   - name: initialize kubernetes master
-    command: "kubeadm init --config /etc/kubernetes/kubeadm.config{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %}{% if kubernetes_network_plugin == 'kube-router' %} --skip-phases addon/kube-proxy{% endif %} --skip-token-print"
+    command: "kubeadm init --config /etc/kubernetes/kubeadm.config --node-name {{ inventory_hostname }}{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %}{% if kubernetes_network_plugin == 'kube-router' %} --skip-phases addon/kube-proxy{% endif %} --skip-token-print"
 #    command: "kubeadm init --config /etc/kubernetes/kubeadm.config{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %}{% if kubernetes_network_plugin == 'kube-router' %} --skip-phases addon/kube-proxy{% endif %} --token '{{ kubeadm_token_generate.stdout }}' --token-ttl 42m --skip-token-print"
     args:
       creates: /etc/kubernetes/pki/ca.crt
@@ -70,7 +70,7 @@
       kubernetes_current_nodes: "{{ kubectl_node_list.stdout_lines | map('replace', 'node/', '') | list }}"
 
   - name: create bootstrap token for existing cluster
-    when: "groups['_kubernetes_nodes_'] | map('extract', hostvars) | map(attribute='host_name') | difference(kubernetes_current_nodes) | length > 0"
+    when: "groups['_kubernetes_nodes_'] | difference(kubernetes_current_nodes) | length > 0"
     command: kubeadm token create --ttl 42m
     check_mode: no
     register: kubeadm_token_create
diff --git a/roles/kubernetes/kubeadm/master/tasks/secondary-masters.yml b/roles/kubernetes/kubeadm/master/tasks/secondary-masters.yml
index fc85a37d..7025ace0 100644
--- a/roles/kubernetes/kubeadm/master/tasks/secondary-masters.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/secondary-masters.yml
@@ -15,7 +15,7 @@
       kubernetes_current_nodes: "{{ kubectl_node_list.stdout_lines | map('replace', 'node/', '') | list }}"
 
   - name: upload certs
-    when: "groups['_kubernetes_masters_'] | map('extract', hostvars) | map(attribute='host_name') | difference(kubernetes_current_nodes) | length > 0"
+    when: "groups['_kubernetes_masters_'] | difference(kubernetes_current_nodes) | length > 0"
     command: kubeadm init phase upload-certs --upload-certs
     check_mode: no
     register: kubeadm_upload_certs
@@ -26,7 +26,7 @@
     kubeadm_upload_certs_key: "{% if kubeadm_upload_certs.stdout is defined %}{{ kubeadm_upload_certs.stdout_lines | last }}{% endif %}"
 
 - name: join kubernetes secondary master node
-  command: "kubeadm join {{ host_vars[groups['_kubernetes_primary_master_']].kubernetes_kubelet_node_ip }}:6443{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %} --token '{{ kube_bootstrap_token }}' --discovery-token-ca-cert-hash '{{ kube_bootstrap_ca_cert_hash }}' --control-plane --certificate-key {{ kubeadm_upload_certs_key }}"
+  command: "kubeadm join {{ host_vars[groups['_kubernetes_primary_master_']].kubernetes_kubelet_node_ip }}:6443 --node-name {{ inventory_hostname }}{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %} --token '{{ kube_bootstrap_token }}' --discovery-token-ca-cert-hash '{{ kube_bootstrap_ca_cert_hash }}' --control-plane --certificate-key {{ kubeadm_upload_certs_key }}"
   args:
     creates: /etc/kubernetes/kubelet.conf
   register: kubeadm_join
diff --git a/roles/kubernetes/kubeadm/node/tasks/main.yml b/roles/kubernetes/kubeadm/node/tasks/main.yml
index dba2ce30..f7efdd81 100644
--- a/roles/kubernetes/kubeadm/node/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/node/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: join kubernetes node
-  command: "kubeadm join {{ hostvars[groups['_kubernetes_primary_master_'][0]].kubernetes_kubelet_node_ip }}:6443{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %} --token '{{ kube_bootstrap_token }}' --discovery-token-ca-cert-hash '{{ kube_bootstrap_ca_cert_hash }}'"
+  command: "kubeadm join {{ hostvars[groups['_kubernetes_primary_master_'][0]].kubernetes_kubelet_node_ip }}:6443 --node-name {{ inventory_hostname }}{% if kubernetes_cri_socket is defined %} --cri-socket {{ kubernetes_cri_socket }}{% endif %} --token '{{ kube_bootstrap_token }}' --discovery-token-ca-cert-hash '{{ kube_bootstrap_ca_cert_hash }}'"
   args:
     creates: /etc/kubernetes/kubelet.conf
   register: kubeadm_join
diff --git a/roles/kubernetes/kubeadm/reset/tasks/main.yml b/roles/kubernetes/kubeadm/reset/tasks/main.yml
index a6d64c7d..f0e88e53 100644
--- a/roles/kubernetes/kubeadm/reset/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/reset/tasks/main.yml
@@ -1,3 +1,13 @@
 ---
 - name: clean up settings and files created by kubeadm
   command: kubeadm reset -f
+
+- name: clean up extra configs and logs
+  loop:
+    - /etc/kubernetes/kubeadm.config
+    - /etc/kubernetes/kubeadm-init.log
+    - /etc/kubernetes/kubeadm-join.log
+    - /etc/kubernetes/pki
+  file:
+    path: "{{ item }}"
+    state: absent
author	Christian Pointner <equinox@spreadspace.org>	2020-01-17 19:53:12 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2020-01-31 22:31:22 +0100
commit	bb9a03e136bd8d1029bfb2c1cf0be22d28df1576 (patch)
tree	a78801ff7ecc784e06c2ab9c70620ebaa7ea82b0 /roles
parent	single master kubernetes cluster works now (diff)