52 lines
1.9 KiB
YAML
52 lines
1.9 KiB
YAML
- name: Add Kubeadm config file
|
|
template:
|
|
src: kubeadm.conf.j2
|
|
dest: /etc/kubeadm.conf
|
|
when: k8s_node_role == 'master'
|
|
|
|
- name: Init cluster
|
|
command: kubeadm init --config /etc/kubeadm.conf --upload-certs --ignore-preflight-errors serviceSubnet
|
|
when: ansible_hostname == k8s_first_master_node
|
|
|
|
- name: Create kube config directory for root
|
|
file: path=/root/.kube state=directory
|
|
when: k8s_node_role == 'master'
|
|
|
|
- name: Copy Kubernetes admin config to home directory
|
|
copy:
|
|
src: "/etc/kubernetes/admin.conf"
|
|
dest: "/root/.kube/config"
|
|
# remote_src: yes
|
|
# when: and ansible_hostname == k8s_first_master_node
|
|
|
|
- name: Install Calico CNI
|
|
command: KUBECONFIG=/root/.kube/config kubectl apply -f "https://docs.projectcalico.org/v3.13/manifests/calico.yaml"
|
|
when: ansible_hostname == k8s_first_master_node
|
|
|
|
|
|
- name: Generate join token
|
|
command: kubeadm token create --print-join-command
|
|
register: join_cmd
|
|
delegate_to: '{{ k8s_first_master_node }}'
|
|
|
|
# Эта часть не работает
|
|
# Правильная команда выглядит так:
|
|
# kubeadm join 10.129.64.60:6443 --token <token> --discovery-token-ca-cert-hash <ca-cert-hash> --control-plane --certificate-key <key>
|
|
# Предыдущий блок генерит сертификат и токен без указания ключа
|
|
# Надо пофиксить как будет время
|
|
- name: Join rest of master nodes
|
|
command: "{{ join_cmd.stdout }} --control-plane"
|
|
when: k8s_node_role == 'master' and ha_enabled and ansible_hostname != k8s_first_master_node
|
|
ignore_errors: yes
|
|
|
|
#- name: Copy Kubernetes admin config to home directory
|
|
# copy:
|
|
# src: "/etc/kubernetes/admin.conf"
|
|
# dest: "/root/.kube/config"
|
|
# remote_src: yes
|
|
# when: k8s_node_role == 'master'
|
|
|
|
- name: Join worker nodes
|
|
command: "{{ join_cmd.stdout }}"
|
|
when: k8s_node_role == 'worker'
|
|
|