--- - name: prepare variables and do some sanity checks hosts: _kubernetes_nodes_ gather_facts: no tasks: - name: sanity checks for kubeguard when: kubernetes_network_plugin == 'kubeguard' run_once: yes block: - name: check whether every node has a node_index assigned assert: msg: "There are nodes without an assigned node_index: {{ groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | join(', ') }}" that: groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | length == 0 - name: check whether node indizes are unique assert: msg: "There are duplicate entries in the node_index table, every node_index is only allowed once" that: (kubeguard.node_index.keys() | length) == (kubeguard.node_index.values() | unique | length) - name: check whether node indizes are all > 0 assert: msg: "At least one node_index is < 1 (indizes start at 1)" that: (kubeguard.node_index.values() | min) > 0 - name: check whether overlay node ip is configured assert: msg: "For kubeguard to work you need to configure kubernetes_overlay_node_ip" that: kubernetes_overlay_node_ip is defined - name: make sure all nodes do belong to the kubernetes-cluster group assert: msg: "The host '{{ inventory_hostname }}' does not belong to the group 'kubernetes-cluster'" that: "'kubernetes-cluster' in group_names" ######## - name: kubernetes base installation hosts: _kubernetes_nodes_ roles: - role: kubernetes/base - role: kubernetes/kubeadm/base - name: configure primary kubernetes master hosts: _kubernetes_primary_master_ roles: - role: kubernetes/kubeadm/master - name: configure secondary kubernetes masters hosts: _kubernetes_masters_:!_kubernetes_primary_master_ roles: - role: kubernetes/kubeadm/master - name: configure kubernetes non-master nodes hosts: _kubernetes_nodes_:!_kubernetes_masters_ roles: - role: kubernetes/kubeadm/node ### TODO: add node labels (ie. for ingress daeomnset)