summaryrefslogtreecommitdiff
path: root/common/kubernetes-cluster.yml
blob: 459fd66410ded7e2cae428cc6a033f19cd21db8a (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---
- name: prepare variables and do some sanity checks
  hosts: _kubernetes_nodes_
  gather_facts: no
  tasks:
  - name: sanity checks for kubeguard
    when: kubernetes_network_plugin == 'kubeguard'
    run_once: yes
    block:
    - name: check whether every node has a node_index assigned
      assert:
        msg: "There are nodes without an assigned node_index: {{ groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | join(', ') }}"
        that: groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | length == 0

    - name: check whether node indizes are unique
      assert:
        msg: "There are duplicate entries in the node_index table, every node_index is only allowed once"
        that: (kubeguard.node_index.keys() | length) == (kubeguard.node_index.values() | unique | length)

    - name: check whether node indizes are all > 0
      assert:
        msg: "At least one node_index is < 1 (indizes start at 1)"
        that: (kubeguard.node_index.values() | min) > 0

    - name: check whether overlay node ip is configured
      assert:
        msg: "For kubeguard to work you need to configure kubernetes_overlay_node_ip"
        that: kubernetes_overlay_node_ip is defined

  - name: make sure all nodes do belong to the kubernetes-cluster group
    assert:
      msg: "The host '{{ inventory_hostname }}' does not belong to the group 'kubernetes-cluster'"
      that: "'kubernetes-cluster' in group_names"

########
- name: kubernetes base installation
  hosts: _kubernetes_nodes_
  roles:
  - role: kubernetes/net/kubeguard/node
    when: kubernetes_network_plugin == 'kubeguard'
  - role: kubernetes/base
  - role: kubernetes/kubeadm/base

- name: configure primary kubernetes master
  hosts: _kubernetes_primary_master_
  roles:
  - role: kubernetes/kubeadm/master

- name: configure secondary kubernetes masters
  hosts: _kubernetes_masters_:!_kubernetes_primary_master_
  roles:
  - role: kubernetes/kubeadm/master

- name: configure kubernetes non-master nodes
  hosts: _kubernetes_nodes_:!_kubernetes_masters_
  roles:
  - role: kubernetes/kubeadm/node

### TODO: add node labels (ie. for ingress daeomnset)