From bbe5f87d3fa8894abcd788928dca2ec30d4ac4e3 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 7 Jan 2018 00:55:38 +0100
Subject: basic interface config for kubenet works now

---
 roles/kubernetes-net/tasks/main.yaml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

(limited to 'roles/kubernetes-net/tasks/main.yaml')

diff --git a/roles/kubernetes-net/tasks/main.yaml b/roles/kubernetes-net/tasks/main.yaml
index 907115c4..5c9aba91 100644
--- a/roles/kubernetes-net/tasks/main.yaml
+++ b/roles/kubernetes-net/tasks/main.yaml
@@ -3,3 +3,39 @@
   copy:
     src: daemon.json
     dest: /etc/docker/daemon.json
+
+- name: create network config directory
+  file:
+    name: /var/lib/kubenet/
+    state: directory
+
+- name: install ifupdown script
+  template:
+    src: ifupdown.sh.j2
+    dest: /var/lib/kubenet/ifupdown.sh
+    mode: 0755
+  # TODO: notify reload... this is unfortunately already to late because
+  #                        it must probably be brought down by the old version of the script
+
+- name: generate wireguard private key
+  shell: "umask 077; wg genkey > /var/lib/kubenet/kube-wg0.privatekey"
+  args:
+    creates: /var/lib/kubenet/kube-wg0.privatekey
+
+- name: fetch wireguard public key
+  shell: "wg pubkey < /var/lib/kubenet/kube-wg0.privatekey"
+  register: wireguard_pubkey
+  changed_when: false
+
+- name: install systemd service unit for network interfaces
+  copy:
+    src: kubenet-interfaces.service
+    dest: /etc/systemd/system/kubenet-interfaces.service
+  # TODO: notify: reload...
+
+- name: make sure kubenet interfaces service is started and enabled
+  systemd:
+    daemon_reload: yes
+    name: kubenet-interfaces.service
+    state: started
+    enabled: yes
-- 
cgit v1.2.3