From a4ae89ab47ba580c82137366b7a8d8c3bf2c927f Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 9 Dec 2018 00:57:49 +0100 Subject: got rid playbooks and host_playbooks folder --- spreadspace/k8s-emc.yml | 96 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 spreadspace/k8s-emc.yml (limited to 'spreadspace/k8s-emc.yml') diff --git a/spreadspace/k8s-emc.yml b/spreadspace/k8s-emc.yml new file mode 100644 index 00000000..b6f09808 --- /dev/null +++ b/spreadspace/k8s-emc.yml @@ -0,0 +1,96 @@ +--- +- name: prepare variables and do some sanity checks + hosts: k8s-emc + gather_facts: no + run_once: yes + tasks: + - name: setup variables + set_fact: + kubernetes_nodes: "{{ groups['k8s-emc'] }}" + kubernetes_nodes_master: "{{ groups['k8s-emc-master'] | first }}" + + - name: check whether every node has a net_index assigned + fail: + msg: "There are nodes without an assigned net-index: {{ kubernetes_nodes | difference(kubernetes.net_index.keys()) | join(', ') }}" + failed_when: kubernetes_nodes | difference(kubernetes.net_index.keys()) | length > 0 + + - name: check whether net indizes are unique + fail: + msg: "There are duplicate entries in the net_index table, every net-index is only allowed once" + failed_when: (kubernetes.net_index.keys() | length) != (kubernetes.net_index.values() | unique | length) + + - name: check whether net indizes are all > 0 + fail: + msg: "At least one net-index is < 1 (indizes start at 1)" + failed_when: (kubernetes.net_index.values() | min) < 1 + +######## +- name: install kubernetes and overlay network + hosts: k8s-emc + roles: + ## Since `base` has a dependency for docker it would install and start the daemon + ## without the docker daemon config file generated by `net`. + ## This means that the docker daemon will create a bridge and install iptables rules + ## upon first startup (the first time this playbook runs on a specific host). + ## Since it is a tedious task to remove the interface and the firewall rules it is much + ## easier to just run `net` before `base` as `net` does not need anything from `base`. + - role: kubernetes/net + - role: kubernetes/base + +- name: configure kubernetes master + hosts: k8s-emc-master + roles: + - role: kubernetes/master + +- name: configure kubernetes nodes + hosts: k8s-emc:!k8s-emc-master + roles: + - role: kubernetes/node + +######## +- name: check for nodes to be removed + hosts: k8s-emc-master + tasks: + - name: fetch list of current nodes + command: kubectl get nodes -o name + changed_when: False + check_mode: no + register: kubectl_node_list + + - name: generate list of nodes to be removed + with_items: "{{ kubectl_node_list.stdout_lines | map('replace', 'nodes/', '') | list | difference(kubernetes_nodes) }}" + add_host: + name: "{{ item }}" + inventory_dir: "{{inventory_dir}}" + group: _k8s-emc-remove_ + changed_when: False + + - name: drain superflous nodes + with_items: "{{ groups['_k8s-emc-remove_'] | default([]) }}" + command: "kubectl drain {{ item }} --delete-local-data --force --ignore-daemonsets" + +- name: try to clean superflous nodes + hosts: _k8s-emc-remove_ + vars: + k8s_remove_node: yes + roles: + - role: kubernetes/node + - role: kubernetes/net + +- name: remove node from api server + hosts: k8s-emc-master + tasks: + - name: remove superflous nodes + with_items: "{{ groups['_k8s-emc-remove_'] | default([]) }}" + command: "kubectl delete node {{ item }}" + + - name: wait a litte before removing bootstrap-token so new nodes have time to generate certificates for themselves + when: kube_bootstrap_token != "" + pause: + seconds: 42 + + - name: remove bootstrap-token + when: kube_bootstrap_token != "" + command: "kubectl --namespace kube-system delete secret bootstrap-token-{{ kube_bootstrap_token.split('.') | first }}" + +### TODO: add node labels (ie. for ingress daeomnset) -- cgit v1.2.3