8 files changed, 58 insertions, 22 deletions
diff --git a/common/kubernetes.yml b/common/kubernetes.yml
index 77a5c1ed..eb9a0db3 100644
--- a/common/kubernetes.yml
+++ b/common/kubernetes.yml
@@ -62,7 +62,7 @@
     register: kubectl_node_list
 
   - name: generate list of nodes to be removed
-    with_items: "{{ kubectl_node_list.stdout_lines | map('replace', 'nodes/', '') | list | difference(kubernetes_nodes) }}"
+    with_items: "{{ kubectl_node_list.stdout_lines | map('replace', 'node/', '') | list | difference(kubernetes_nodes) }}"
     add_host:
       name: "{{ item }}"
       inventory_dir: "{{ inventory_dir }}"
diff --git a/inventory/group_vars/k8s-emc/main.yml b/inventory/group_vars/k8s-emc/main.yml
index eaafe19f..0ca77912 100644
--- a/inventory/group_vars/k8s-emc/main.yml
+++ b/inventory/group_vars/k8s-emc/main.yml
@@ -1,10 +1,15 @@
 ---
 docker_pkg_provider: docker-com
 docker_pkg_name: docker-ce
-docker_pkg_version: 17.03.2~ce-0~debian-stretch
+docker_pkg_version: 18.06.1~ce~3-0~debian
+
+kubernetes_version: 1.13.2
 
 kubernetes:
-  pkg_version: 1.9.6-00
+  cluster_name: emc
+
+  version: "{{ kubernetes_version }}"
+  pkg_version: "{{ kubernetes_version }}-00"
 
   dedicated_master: True
   api_advertise_ip: 144.76.160.141
diff --git a/roles/kubernetes/base/handlers/main.yml b/roles/kubernetes/base/handlers/main.yml
deleted file mode 100644
index b61c1417..00000000
--- a/roles/kubernetes/base/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: reload systemd
-  command: systemctl daemon-reload
-  args:
-    warn: no
diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml
index e6aee41f..5d26d161 100644
--- a/roles/kubernetes/base/tasks/main.yml
+++ b/roles/kubernetes/base/tasks/main.yml
@@ -56,14 +56,11 @@
     name: "{{ item }}"
     selection: hold
 
-- name: install kubelet config snippets
-  with_items:
-  - 20-dns.conf
-  - 50-extra.conf
-  template:
-    src: "{{ item }}.j2"
-    dest: "/etc/systemd/system/kubelet.service.d/{{ item }}"
-  notify: reload systemd
+- name: set kubelet node-ip
+  lineinfile:
+    name: "/etc/default/kubelet"
+    regexp: '^KUBELET_EXTRA_ARGS='
+    line: 'KUBELET_EXTRA_ARGS=--node-ip={{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubernetes.net_index[inventory_hostname]) | ipaddr(1) | ipaddr("address") }}'
 
 - name: add dummy group with gid 998
   group:
diff --git a/roles/kubernetes/base/templates/20-dns.conf.j2 b/roles/kubernetes/base/templates/20-dns.conf.j2
deleted file mode 100644
index 9b7ab32c..00000000
--- a/roles/kubernetes/base/templates/20-dns.conf.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-[Service]
-Environment="KUBELET_DNS_ARGS=--cluster-dns={{ kubernetes.service_ip_range | ipaddr(10) | ipaddr('address') }} --cluster-domain=cluster.local"
diff --git a/roles/kubernetes/base/templates/50-extra.conf.j2 b/roles/kubernetes/base/templates/50-extra.conf.j2
deleted file mode 100644
index c722ade6..00000000
--- a/roles/kubernetes/base/templates/50-extra.conf.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-{% set br_net = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubernetes.net_index[inventory_hostname]) -%}
-[Service]
-Environment="KUBELET_EXTRA_ARGS=--node-ip={{ br_net | ipaddr(1) | ipaddr('address') }}"
diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml
index c9092bf3..acd264e2 100644
--- a/roles/kubernetes/master/tasks/main.yml
+++ b/roles/kubernetes/master/tasks/main.yml
@@ -16,8 +16,19 @@
     check_mode: no
     register: kubeadm_token_generate
 
+  - name: create kubernetes config directory
+    file:
+      path: /etc/kubernetes
+      state: directory
+
+    ## TODO test whether the generated cluster configs really works - since it has never been used...
+  - name: install cluster config for kubeadm
+    template:
+      src: kubeadm-cluster.config.j2
+      dest: /etc/kubernetes/kubeadm-cluster.config
+
   - name: set up kubernetes master
-    command: "kubeadm init --pod-network-cidr {{ kubernetes.pod_ip_range }}  --service-cidr {{ kubernetes.service_ip_range }} --apiserver-advertise-address {{ kubernetes.api_advertise_ip | default('0.0.0.0') }} {% if kubernetes.api_extra_sans | length > 0 %}--apiserver-cert-extra-sans {{ kubernetes.api_extra_sans | join(',') }}{% endif %} --token '{{ kubeadm_token_generate.stdout }}' --token-ttl 42m --skip-token-print"
+    command: "kubeadm init --config '/etc/kubernetes/kubeadm-cluster.config' --token '{{ kubeadm_token_generate.stdout }}' --token-ttl 42m --skip-token-print"
     args:
       creates: /etc/kubernetes/pki/ca.crt
     register: kubeadm_init
diff --git a/roles/kubernetes/master/templates/kubeadm-cluster.config.j2 b/roles/kubernetes/master/templates/kubeadm-cluster.config.j2
new file mode 100644
index 00000000..eac0cacd
--- /dev/null
+++ b/roles/kubernetes/master/templates/kubeadm-cluster.config.j2
@@ -0,0 +1,33 @@
+apiVersion: kubeadm.k8s.io/v1beta1
+kind: ClusterConfiguration
+kubernetesVersion: v{{ kubernetes.version }}
+clusterName: {{ kubernetes.cluster_name }}
+certificatesDir: /etc/kubernetes/pki
+{% if kubernetes.api_advertise_ip %}
+controlPlaneEndpoint: "{{ kubernetes.api_advertise_ip }}:6443"
+{% endif %}
+imageRepository: k8s.gcr.io
+networking:
+  dnsDomain: cluster.local
+  podSubnet: {{ kubernetes.pod_ip_range }}
+  serviceSubnet: {{ kubernetes.service_ip_range }}
+etcd:
+  local:
+    dataDir: /var/lib/etcd
+apiServer:
+{% if kubernetes.api_extra_sans | length > 0 %}
+  certSANs:
+{%   for san in kubernetes.api_extra_sans %}
+  - {{ san }}
+{%   endfor %}
+{% endif %}
+  extraArgs:
+{% if kubernetes.api_advertise_ip %}
+    advertise-address: {{ kubernetes.api_advertise_ip }}
+{% endif %}
+    authorization-mode: Node,RBAC
+  timeoutForControlPlane: 4m0s
+controllerManager: {}
+scheduler: {}
+dns:
+  type: CoreDNS