From 1d659c487ab5c67a4105aaadc5e0f83c60a28709 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 2 Feb 2018 22:55:39 +0100 Subject: removing node from kubernetes works now --- roles/kubernetes-net/tasks/main.yaml | 116 ++--------------------------------- 1 file changed, 6 insertions(+), 110 deletions(-) (limited to 'roles/kubernetes-net/tasks/main.yaml') diff --git a/roles/kubernetes-net/tasks/main.yaml b/roles/kubernetes-net/tasks/main.yaml index ba8b2089..c8d06380 100644 --- a/roles/kubernetes-net/tasks/main.yaml +++ b/roles/kubernetes-net/tasks/main.yaml @@ -1,112 +1,8 @@ --- -- name: create docker config directory - file: - name: /etc/docker - state: directory - mode: 0700 +- name: add node to overlay network + include_tasks: add.yaml + when: k8s_remove_node is not defined -- name: disable docker iptales and bridge - copy: - src: daemon.json - dest: /etc/docker/daemon.json - -- name: create network config directory - file: - name: /var/lib/kubenet/ - state: directory - -- name: configure wireguard port - set_fact: - kubenet_wireguard_port: "{{ kubernetes.wireguard_port | default(51820) }}" - -- name: install ifupdown script - template: - src: ifupdown.sh.j2 - dest: /var/lib/kubenet/ifupdown.sh - mode: 0755 - # TODO: notify reload... this is unfortunately already to late because - # it must probably be brought down by the old version of the script - -- name: generate wireguard private key - shell: "umask 077; wg genkey > /var/lib/kubenet/kube-wg0.privatekey" - args: - creates: /var/lib/kubenet/kube-wg0.privatekey - -- name: fetch wireguard public key - shell: "wg pubkey < /var/lib/kubenet/kube-wg0.privatekey" - register: kubenet_wireguard_pubkey - changed_when: false - check_mode: no - -- name: install systemd service unit for network interfaces - copy: - src: kubenet-interfaces.service - dest: /etc/systemd/system/kubenet-interfaces.service - # TODO: notify: reload??? - -- name: make sure kubenet interfaces service is started and enabled - systemd: - daemon_reload: yes - name: kubenet-interfaces.service - state: started - enabled: yes - -- name: get list of currently installed kubenet peers installed - find: - path: /etc/systemd/system/ - pattern: "kubenet-peer-*.service" - register: kubenet_peers_installed - -- name: compute list of peers to be added - set_fact: - kubenet_peers_to_add: "{{ kubernetes_nodes | difference(inventory_hostname) }}" - -- name: compute list of peers to be removed - set_fact: - kubenet_peers_to_remove: "{{ kubenet_peers_installed.files | map(attribute='path') | map('replace', '/etc/systemd/system/kubenet-peer-', '') | map('replace', '.service', '') | difference(kubenet_peers_to_add) }}" - -- name: stop/disable systemd units for stale kubenet peers - with_items: "{{ kubenet_peers_to_remove }}" - systemd: - name: "kubenet-peer-{{ item }}.service" - state: stopped - enabled: no - -- name: remove systemd units for stale kubenet peers - with_items: "{{ kubenet_peers_to_remove }}" - file: - name: "/etc/systemd/system/kubenet-peer-{{ item }}.service" - state: absent - -- name: install systemd units for every kubenet peer - with_items: "{{ kubenet_peers_to_add }}" - template: - src: kubenet-peer.service.j2 - dest: "/etc/systemd/system/kubenet-peer-{{ item }}.service" - # TODO: notify restart for peers that change... - -- name: make sure kubenet peer services are started and enabled - with_items: "{{ kubenet_peers_to_add }}" - systemd: - daemon_reload: yes - name: "kubenet-peer-{{ item }}.service" - state: started - enabled: yes - -- name: enable IPv4 forwarding - sysctl: - name: net.ipv4.ip_forward - value: 1 - sysctl_set: yes - state: present - reload: yes - -- name: create cni config directory - file: - name: /etc/cni/net.d - state: directory - -- name: install cni config - template: - src: k8s.json.j2 - dest: /etc/cni/net.d/k8s.json +- name: remove node from overlay network + include_tasks: remove.yaml + when: k8s_remove_node is defined -- cgit v1.2.3