From c2500036c7b67d1d94f32a2702a2f251b05ac457 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 9 Dec 2018 17:10:52 +0100
Subject: refactored kubernetes playbook

---
 spreadspace/k8s-emc.yml | 97 ++++++-------------------------------------------
 1 file changed, 12 insertions(+), 85 deletions(-)

(limited to 'spreadspace')

diff --git a/spreadspace/k8s-emc.yml b/spreadspace/k8s-emc.yml
index b6f09808..cd4e8e2e 100644
--- a/spreadspace/k8s-emc.yml
+++ b/spreadspace/k8s-emc.yml
@@ -1,96 +1,23 @@
 ---
-- name: prepare variables and do some sanity checks
+- name: setup cluster config
   hosts: k8s-emc
   gather_facts: no
   run_once: yes
   tasks:
-  - name: setup variables
-    set_fact:
-      kubernetes_nodes: "{{ groups['k8s-emc'] }}"
-      kubernetes_nodes_master: "{{ groups['k8s-emc-master'] | first }}"
-
-  - name: check whether every node has a net_index assigned
-    fail:
-      msg: "There are nodes without an assigned net-index: {{ kubernetes_nodes | difference(kubernetes.net_index.keys()) | join(', ') }}"
-    failed_when: kubernetes_nodes | difference(kubernetes.net_index.keys()) | length > 0
-
-  - name: check whether net indizes are unique
-    fail:
-      msg: "There are duplicate entries in the net_index table, every net-index is only allowed once"
-    failed_when: (kubernetes.net_index.keys() | length) != (kubernetes.net_index.values() | unique | length)
-
-  - name: check whether net indizes are all > 0
-    fail:
-      msg: "At least one net-index is < 1 (indizes start at 1)"
-    failed_when: (kubernetes.net_index.values() | min) < 1
-
-########
-- name: install kubernetes and overlay network
-  hosts: k8s-emc
-  roles:
-  ## Since `base` has a dependency for docker it would install and start the daemon
-  ## without the docker daemon config file generated by `net`.
-  ## This means that the docker daemon will create a bridge and install iptables rules
-  ## upon first startup (the first time this playbook runs on a specific host).
-  ## Since it is a tedious task to remove the interface and the firewall rules it is much
-  ## easier to just run `net` before `base` as `net` does not need anything from `base`.
-  - role: kubernetes/net
-  - role: kubernetes/base
-
-- name: configure kubernetes master
-  hosts: k8s-emc-master
-  roles:
-  - role: kubernetes/master
-
-- name: configure kubernetes nodes
-  hosts: k8s-emc:!k8s-emc-master
-  roles:
-  - role: kubernetes/node
-
-########
-- name: check for nodes to be removed
-  hosts: k8s-emc-master
-  tasks:
-  - name: fetch list of current nodes
-    command: kubectl get nodes -o name
+  - name: create group for all kubernetes nodes
+    with_items: "{{ groups['k8s-emc'] }}"
+    add_host:
+      name: "{{ item }}"
+      inventory_dir: "{{ inventory_dir }}"
+      group: _kubernetes_nodes_
     changed_when: False
-    check_mode: no
-    register: kubectl_node_list
 
-  - name: generate list of nodes to be removed
-    with_items: "{{ kubectl_node_list.stdout_lines | map('replace', 'nodes/', '') | list | difference(kubernetes_nodes) }}"
+  - name: create group for kubernetes master nodes
+    with_items: "{{ groups['k8s-emc-master'] }}"
     add_host:
       name: "{{ item }}"
-      inventory_dir: "{{inventory_dir}}"
-      group: _k8s-emc-remove_
+      inventory_dir: "{{ inventory_dir }}"
+      group: _kubernetes_masters_
     changed_when: False
 
-  - name: drain superflous nodes
-    with_items: "{{ groups['_k8s-emc-remove_'] | default([]) }}"
-    command: "kubectl drain {{ item }} --delete-local-data --force --ignore-daemonsets"
-
-- name: try to clean superflous nodes
-  hosts: _k8s-emc-remove_
-  vars:
-    k8s_remove_node: yes
-  roles:
-  - role: kubernetes/node
-  - role: kubernetes/net
-
-- name: remove node from api server
-  hosts: k8s-emc-master
-  tasks:
-  - name: remove superflous nodes
-    with_items: "{{ groups['_k8s-emc-remove_'] | default([]) }}"
-    command: "kubectl delete node {{ item }}"
-
-  - name: wait a litte before removing bootstrap-token so new nodes have time to generate certificates for themselves
-    when: kube_bootstrap_token != ""
-    pause:
-      seconds: 42
-
-  - name: remove bootstrap-token
-    when: kube_bootstrap_token != ""
-    command: "kubectl --namespace kube-system delete secret bootstrap-token-{{ kube_bootstrap_token.split('.') | first }}"
-
-### TODO: add node labels (ie. for ingress daeomnset)
+- import_playbook: ../common/kubernetes.yml
-- 
cgit v1.2.3