85 lines
2.8 KiB
YAML
85 lines
2.8 KiB
YAML
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
---
|
|
- name: Mount tmpfs to /var/lib/etcd
|
|
mount:
|
|
path: /var/lib/etcd
|
|
src: tmpfs
|
|
fstype: tmpfs
|
|
opts: size=1g
|
|
state: mounted
|
|
|
|
- name: Prepare kubeadm config
|
|
template:
|
|
src: files/kubeadm_config.yaml
|
|
dest: /tmp/kubeadm_config.yaml
|
|
|
|
- name: Initialize the Kubernetes cluster using kubeadm
|
|
command: kubeadm init --config /tmp/kubeadm_config.yaml
|
|
|
|
- name: "Setup kubeconfig for {{ kubectl.user }} user"
|
|
shell: |
|
|
mkdir -p /home/{{ kubectl.user }}/.kube
|
|
cp -i /etc/kubernetes/admin.conf /home/{{ kubectl.user }}/.kube/config
|
|
chown -R {{ kubectl.user }}:{{ kubectl.group }} /home/{{ kubectl.user }}/.kube
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Deploy Calico
|
|
become: false
|
|
command: kubectl apply -f /tmp/calico.yaml
|
|
|
|
- name: Sleep before trying to check Calico pods
|
|
pause:
|
|
seconds: 20
|
|
|
|
- name: Wait for Calico pods ready
|
|
become: false
|
|
command: kubectl -n kube-system wait --timeout=240s --for=condition=Ready pods -l k8s-app=calico-node
|
|
|
|
- name: Prepare Calico patch
|
|
copy:
|
|
src: files/calico_patch.yaml
|
|
dest: /tmp/calico_patch.yaml
|
|
|
|
- name: Patch Calico
|
|
become: false
|
|
command: kubectl -n kube-system patch daemonset calico-node --patch-file /tmp/calico_patch.yaml
|
|
|
|
- name: Wait for Calico pods ready
|
|
become: false
|
|
command: kubectl -n kube-system wait --timeout=240s --for=condition=Ready pods -l k8s-app=calico-node
|
|
|
|
- name: Generate join command
|
|
command: kubeadm token create --print-join-command
|
|
register: join_command
|
|
|
|
- name: Untaint Kubernetes control plane node
|
|
become: false
|
|
command: kubectl taint nodes -l 'node-role.kubernetes.io/control-plane' node-role.kubernetes.io/control-plane-
|
|
|
|
- name: Enable recursive queries for coredns
|
|
become: false
|
|
shell: |
|
|
PATCH=$(mktemp)
|
|
kubectl get configmap coredns -n kube-system -o json | jq -r "{data: .data}" | sed 's/ready\\n/header \{\\n response set ra\\n \}\\n ready\\n/g' > "${PATCH}"
|
|
kubectl patch configmap coredns -n kube-system --patch-file "${PATCH}"
|
|
kubectl set image deployment coredns -n kube-system "coredns=registry.k8s.io/coredns/coredns:v1.9.4"
|
|
kubectl rollout restart -n kube-system deployment/coredns
|
|
sleep 10
|
|
kubectl -n kube-system wait --timeout=240s --for=condition=Ready pods -l k8s-app=kube-dns
|
|
rm -f "${PATCH}"
|
|
args:
|
|
executable: /bin/bash
|
|
...
|