playbooks/roles/configure-installer/tasks/main.yml - infra/installer/kubespray - Gitiles

 ---
 # ============LICENSE_START=======================================================
 #  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
 # ============LICENSE_END=========================================================

 - name: Remove existing files and directories
   file:
     path: "{{ engine_cache }}/repos/kubespray"
     state: absent
   when: not offline_deployment|bool

 - name: Clone kubespray repository and checkout '{{ kubespray_version }}'
   git:
     repo: "{{ kubespray_git_url }}"
     dest: "{{ engine_cache }}/repos/kubespray"
     version: "{{ kubespray_version }}"
     force: true
   environment: "{{ idf.proxy_settings | default({}) }}"
   when: not offline_deployment|bool

 # TODO: some stuff below could and perhaps should be pushed into the scenario
 # it is put here to make basic installation work without complexities
 - name: Put initial structure in place
   synchronize:
     src: "{{ engine_cache }}/repos/kubespray/inventory/sample/"
     dest: "{{ engine_cache }}/repos/kubespray/inventory/engine"
     recursive: true
     delete: true

 # place generated kubespray inventory to kubespray/inventory/engine
 - name: Place inventory
   copy:
     src: "{{ inventory_path }}/inventory.ini"
     dest: "{{ engine_cache }}/repos/kubespray/inventory/engine/inventory.ini"
     mode: 0644

 # update proxy if settings are provided
 - name: Update proxy settings in all.yml
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/all/all.yml"
     regexp: "^[#\\s]*{{ item.name }}"
     line: "{{ item.name }}: {{ item.value }}"
   with_items:
     - {name: 'http_proxy', value: '{{ idf.proxy_settings.http_proxy }}'}
     - {name: 'https_proxy', value: '{{ idf.proxy_settings.https_proxy }}'}
     - {name: 'no_proxy', value: '{{ idf.proxy_settings.no_proxy }}'}
   when:
     idf.proxy_settings is defined

 # update ControlPersist to 60m to inline with max time
 - name: Update ControlPersist in ansible config
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/ansible.cfg"
     regexp: "^ssh_args.*"
     line: "ssh_args = -o ControlMaster=auto -o ControlPersist=60m -o ConnectionAttempts=100 -o UserKnownHostsFile=/dev/null"

 # enable helm for all the scenarios using kubespray
 - name: Enable helm
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
     regexp: "^helm_enabled:.*"
     line: "helm_enabled: true"

 # enable metrics server for all the scenarios using kubespray
 - name: Enable metrics server
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
     regexp: "^metrics_server_enabled:.*"
     line: "metrics_server_enabled: true"

 # enable metrics server metric resolution
 - name: Enable metrics server resolution
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
     regexp: "^#metrics_server_metric_resolution:.*"
     line: "metrics_server_metric_resolution: 60s"

 # enable metrics server metric resolution
 - name: Enable metrics_server_kubelet_preferred_address_types
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
     regexp: "^#metrics_server_kubelet_preferred_address_types:.*"
     line: "metrics_server_kubelet_preferred_address_types: 'InternalIP'"

 # disable kubernetes dashboard installation. It does not work with versions >=v1.16.0
 # https://github.com/kubernetes-sigs/kubespray/issues/5347
 - name: Disable kubernetes dashboard installation
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
     regexp: "^dashboard_enabled:.*"
     line: "dashboard_enabled: false"

 # enable creation of kubeconfig on localhost for all the scenarios using kubespray
 - name: Enable creation of kubeconfig on localhost
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/k8s-cluster.yml"
     regexp: "^# kubeconfig_localhost:.*"
     line: "kubeconfig_localhost: true"

 # set k8s version to install
 - name: Set k8s version to '{{ kubernetes_version }}'
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/k8s-cluster.yml"
     regexp: "^kube_version:.*"
     line: "kube_version: {{ kubernetes_version }}"

 # set helm version to install
 - name: Set helm version to '{{ helm_version }}'
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/roles/download/defaults/main.yml"
     regexp: "^helm_version:.*"
     line: "helm_version: {{ helm_version }}"

 # configure docker with iptables
 - name: Ensure docker daemon iptables option is set to true
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/all/docker.yml"
     regexp: "^docker_iptables_enabled:.*"
     line: "docker_iptables_enabled: true"

 - name: Check if KUBE_FEATURE_GATES is set
   set_fact:
     kube_feature_gates: []
     feature_gate_list: "{{ lookup('env', 'KUBE_FEATURE_GATES') }}"

 - name: Setup feature gates list
   set_fact:
     kube_feature_gates: "{{ kube_feature_gates + [feature] }}"
   with_items: "{{ feature_gate_list.split(',') }}"
   loop_control:
     loop_var: feature
   when: feature_gate_list | length > 0

 - name: Populate extra variables
   template:
     src: kubespray-extra-vars.yml.j2
     dest: "{{ config_path }}/kubespray-extra-vars.yml"

 # Ensure proper configuration for offline deployment
 - include_tasks: prepare-offline.yml
   when: offline_deployment|bool

 # Enable file download for offline "Fetch dependency mode"
 - name: Enable one time file download in master node
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/roles/download/defaults/main.yml"
     regexp: "^download_run_once:.*"
     line: "download_run_once: true"
   when: offline_dependencies|bool

 # Use a fake docker repository to overcome apt-cacher-ng limitation with https
 - name: Configure docker repo to use jumphost apt proxy
   lineinfile:
     path: "{{ engine_cache }}/repos/kubespray/roles/container-engine/docker/defaults/main.yml"
     regexp: "^docker_ubuntu_repo_base_url:.*"
     line: 'docker_ubuntu_repo_base_url: "http://nordix.download.docker.com/linux/ubuntu"'
   when: offline_dependencies|bool or offline_deployment|bool

 # vim: set ts=2 sw=2 expandtab:
	---
	# ============LICENSE_START=======================================================
	# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
	# ================================================================================
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#
	# SPDX-License-Identifier: Apache-2.0
	# ============LICENSE_END=========================================================

	- name: Remove existing files and directories
	file:
	path: "{{ engine_cache }}/repos/kubespray"
	state: absent
	when: not offline_deployment\|bool

	- name: Clone kubespray repository and checkout '{{ kubespray_version }}'
	git:
	repo: "{{ kubespray_git_url }}"
	dest: "{{ engine_cache }}/repos/kubespray"
	version: "{{ kubespray_version }}"
	force: true
	environment: "{{ idf.proxy_settings \| default({}) }}"
	when: not offline_deployment\|bool

	# TODO: some stuff below could and perhaps should be pushed into the scenario
	# it is put here to make basic installation work without complexities
	- name: Put initial structure in place
	synchronize:
	src: "{{ engine_cache }}/repos/kubespray/inventory/sample/"
	dest: "{{ engine_cache }}/repos/kubespray/inventory/engine"
	recursive: true
	delete: true

	# place generated kubespray inventory to kubespray/inventory/engine
	- name: Place inventory
	copy:
	src: "{{ inventory_path }}/inventory.ini"
	dest: "{{ engine_cache }}/repos/kubespray/inventory/engine/inventory.ini"
	mode: 0644

	# update proxy if settings are provided
	- name: Update proxy settings in all.yml
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/all/all.yml"
	regexp: "^[#\\s]*{{ item.name }}"
	line: "{{ item.name }}: {{ item.value }}"
	with_items:
	- {name: 'http_proxy', value: '{{ idf.proxy_settings.http_proxy }}'}
	- {name: 'https_proxy', value: '{{ idf.proxy_settings.https_proxy }}'}
	- {name: 'no_proxy', value: '{{ idf.proxy_settings.no_proxy }}'}
	when:
	idf.proxy_settings is defined

	# update ControlPersist to 60m to inline with max time
	- name: Update ControlPersist in ansible config
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/ansible.cfg"
	regexp: "^ssh_args.*"
	line: "ssh_args = -o ControlMaster=auto -o ControlPersist=60m -o ConnectionAttempts=100 -o UserKnownHostsFile=/dev/null"

	# enable helm for all the scenarios using kubespray
	- name: Enable helm
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
	regexp: "^helm_enabled:.*"
	line: "helm_enabled: true"

	# enable metrics server for all the scenarios using kubespray
	- name: Enable metrics server
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
	regexp: "^metrics_server_enabled:.*"
	line: "metrics_server_enabled: true"

	# enable metrics server metric resolution
	- name: Enable metrics server resolution
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
	regexp: "^#metrics_server_metric_resolution:.*"
	line: "metrics_server_metric_resolution: 60s"

	# enable metrics server metric resolution
	- name: Enable metrics_server_kubelet_preferred_address_types
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
	regexp: "^#metrics_server_kubelet_preferred_address_types:.*"
	line: "metrics_server_kubelet_preferred_address_types: 'InternalIP'"

	# disable kubernetes dashboard installation. It does not work with versions >=v1.16.0
	# https://github.com/kubernetes-sigs/kubespray/issues/5347
	- name: Disable kubernetes dashboard installation
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
	regexp: "^dashboard_enabled:.*"
	line: "dashboard_enabled: false"

	# enable creation of kubeconfig on localhost for all the scenarios using kubespray
	- name: Enable creation of kubeconfig on localhost
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/k8s-cluster.yml"
	regexp: "^# kubeconfig_localhost:.*"
	line: "kubeconfig_localhost: true"

	# set k8s version to install
	- name: Set k8s version to '{{ kubernetes_version }}'
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/k8s-cluster.yml"
	regexp: "^kube_version:.*"
	line: "kube_version: {{ kubernetes_version }}"

	# set helm version to install
	- name: Set helm version to '{{ helm_version }}'
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/roles/download/defaults/main.yml"
	regexp: "^helm_version:.*"
	line: "helm_version: {{ helm_version }}"

	# configure docker with iptables
	- name: Ensure docker daemon iptables option is set to true
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/all/docker.yml"
	regexp: "^docker_iptables_enabled:.*"
	line: "docker_iptables_enabled: true"

	- name: Check if KUBE_FEATURE_GATES is set
	set_fact:
	kube_feature_gates: []
	feature_gate_list: "{{ lookup('env', 'KUBE_FEATURE_GATES') }}"

	- name: Setup feature gates list
	set_fact:
	kube_feature_gates: "{{ kube_feature_gates + [feature] }}"
	with_items: "{{ feature_gate_list.split(',') }}"
	loop_control:
	loop_var: feature
	when: feature_gate_list \| length > 0

	- name: Populate extra variables
	template:
	src: kubespray-extra-vars.yml.j2
	dest: "{{ config_path }}/kubespray-extra-vars.yml"

	# Ensure proper configuration for offline deployment
	- include_tasks: prepare-offline.yml
	when: offline_deployment\|bool

	# Enable file download for offline "Fetch dependency mode"
	- name: Enable one time file download in master node
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/roles/download/defaults/main.yml"
	regexp: "^download_run_once:.*"
	line: "download_run_once: true"
	when: offline_dependencies\|bool

	# Use a fake docker repository to overcome apt-cacher-ng limitation with https
	- name: Configure docker repo to use jumphost apt proxy
	lineinfile:
	path: "{{ engine_cache }}/repos/kubespray/roles/container-engine/docker/defaults/main.yml"
	regexp: "^docker_ubuntu_repo_base_url:.*"
	line: 'docker_ubuntu_repo_base_url: "http://nordix.download.docker.com/linux/ubuntu"'
	when: offline_dependencies\|bool or offline_deployment\|bool

	# vim: set ts=2 sw=2 expandtab: