summaryrefslogtreecommitdiff
path: root/roles/kubernetes/net/tasks/add.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/kubernetes/net/tasks/add.yml')
-rw-r--r--roles/kubernetes/net/tasks/add.yml103
1 files changed, 0 insertions, 103 deletions
diff --git a/roles/kubernetes/net/tasks/add.yml b/roles/kubernetes/net/tasks/add.yml
deleted file mode 100644
index 4fe7c5e2..00000000
--- a/roles/kubernetes/net/tasks/add.yml
+++ /dev/null
@@ -1,103 +0,0 @@
----
-- name: create network config directory
- file:
- name: /var/lib/kubenet/
- state: directory
-
-- name: configure wireguard port
- set_fact:
- kubenet_wireguard_port: "{{ kubernetes.wireguard_port | default(51820) }}"
-
-- name: install ifupdown script
- template:
- src: ifupdown.sh.j2
- dest: /var/lib/kubenet/ifupdown.sh
- mode: 0755
- # TODO: notify reload... this is unfortunately already to late because
- # it must probably be brought down by the old version of the script
-
-- name: generate wireguard private key
- shell: "umask 077; wg genkey > /var/lib/kubenet/kube-wg0.privatekey"
- args:
- creates: /var/lib/kubenet/kube-wg0.privatekey
-
-- name: fetch wireguard public key
- shell: "wg pubkey < /var/lib/kubenet/kube-wg0.privatekey"
- register: kubenet_wireguard_pubkey
- changed_when: false
- check_mode: no
-
-- name: install systemd service unit for network interfaces
- copy:
- src: kubenet-interfaces.service
- dest: /etc/systemd/system/kubenet-interfaces.service
- # TODO: notify: reload???
-
-- name: make sure kubenet interfaces service is started and enabled
- systemd:
- daemon_reload: yes
- name: kubenet-interfaces.service
- state: started
- enabled: yes
-
-- name: get list of currently installed kubenet peers
- find:
- path: /etc/systemd/system/
- pattern: "kubenet-peer-*.service"
- register: kubenet_peers_installed
-
-- name: compute list of peers to be added
- set_fact:
- kubenet_peers_to_add: "{{ kubernetes_nodes | difference(inventory_hostname) }}"
-
-- name: compute list of peers to be removed
- set_fact:
- kubenet_peers_to_remove: "{{ kubenet_peers_installed.files | map(attribute='path') | map('replace', '/etc/systemd/system/kubenet-peer-', '') | map('replace', '.service', '') | difference(kubenet_peers_to_add) }}"
-
-- name: stop/disable systemd units for stale kubenet peers
- loop: "{{ kubenet_peers_to_remove }}"
- systemd:
- name: "kubenet-peer-{{ item }}.service"
- state: stopped
- enabled: no
-
-- name: remove systemd units for stale kubenet peers
- loop: "{{ kubenet_peers_to_remove }}"
- file:
- name: "/etc/systemd/system/kubenet-peer-{{ item }}.service"
- state: absent
-
-- name: install systemd units for every kubenet peer
- loop: "{{ kubenet_peers_to_add }}"
- loop_control:
- loop_var: peer
- template:
- src: kubenet-peer.service.j2
- dest: "/etc/systemd/system/kubenet-peer-{{ peer }}.service"
- # TODO: notify restart for peers that change...
-
-- name: make sure kubenet peer services are started and enabled
- loop: "{{ kubenet_peers_to_add }}"
- systemd:
- daemon_reload: yes
- name: "kubenet-peer-{{ item }}.service"
- state: started
- enabled: yes
-
-- name: enable IPv4 forwarding
- sysctl:
- name: net.ipv4.ip_forward
- value: 1
- sysctl_set: yes
- state: present
- reload: yes
-
-- name: create cni config directory
- file:
- name: /etc/cni/net.d
- state: directory
-
-- name: install cni config
- template:
- src: k8s.json.j2
- dest: /etc/cni/net.d/k8s.json
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-03 03:32:51 +0000