diff --git a/tasks/main.yml b/tasks/main.yml index c076ad0..083071f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -50,7 +50,10 @@ - name: include etcd tasks include_tasks: etcd.yml - when: inventory_hostname in groups.etcd + when: + - inventory_hostname in groups.etcd + - inventory_hostname not in groups.k8s_masters + - name: include master with etcd prepare tasks include_tasks: prepare_master_with_etcd.yml @@ -68,7 +71,6 @@ - name: include join worker tasks include_tasks: join.yml - when: inventory_hostname not in groups.k8s_masters #- name: include update master tasks # include_tasks: update_master.yml diff --git a/tasks/master-ha.yml b/tasks/master-ha.yml index 82a53f3..89bd1ad 100644 --- a/tasks/master-ha.yml +++ b/tasks/master-ha.yml @@ -20,87 +20,19 @@ dest: "{{ item.source }}" with_items: "{{ master_certs_configs_register.results }}" -- name: check master certs exists - stat: - path: "{{ item }}" - register: master_certs_result - with_items: - - '{{ kubernetes_certs_dir }}/apiserver-kubelet-client.crt' - - '{{ kubernetes_certs_dir }}/apiserver-kubelet-client.key' - - '{{ kubernetes_certs_dir }}/apiserver.crt' - - '{{ kubernetes_certs_dir }}/apiserver.key' - - '{{ kubernetes_certs_dir }}/front-proxy-client.crt' - - '{{ kubernetes_certs_dir }}/front-proxy-client.key' - -- name: gen certs on master ha nodes - command: kubeadm init phase certs all --config {{ kubernetes_kubeadm_config_file }} - when: ( - master_certs_result.results[0].stat.exists == False or - master_certs_result.results[1].stat.exists == False or - master_certs_result.results[2].stat.exists == False or - master_certs_result.results[3].stat.exists == False or - master_certs_result.results[4].stat.exists == False or - master_certs_result.results[5].stat.exists == False ) - -- name: write kubelet config on master ha nodes - command: kubeadm init phase kubelet config write-to-disk --config {{ kubernetes_kubeadm_config_file }} - changed_when: false - -#- name: write kubelet env on master ha nodes -# command: kubeadm alpha phase kubelet write-env-file --config {{ kubernetes_kubeadm_config_file }} -# changed_when: false -- name: incluse bug work around - include: master-ha-bug-workaround.yml - -- name: write kubelet systemd file on master ha nodes - command: kubeadm init phase kubeconfig kubelet --config {{ kubernetes_kubeadm_config_file }} +- name: check node is already in cluster + delegate_to: "{{ groups.k8s_masters[0] }}" + command: "kubectl get nodes -n kube-system --kubeconfig {{ kubernetes_config_dir }}/admin.conf -o name" + register: get_node_register changed_when: false -- name: Ensure kubelet is started and enabled at boot. - service: - name: kubelet - state: started - enabled: true - daemon_reload: yes - -- name: check master admin conf exists - stat: - path: "{{ item }}" - register: master_conf_result - with_items: - - '{{ kubernetes_config_dir }}/admin.conf' - - '{{ kubernetes_config_dir }}/controller-manager.conf' - - '{{ kubernetes_config_dir }}/kubelet.conf' - - '{{ kubernetes_config_dir }}/scheduler.conf' - -- name: write kubeconfig files for control-plane on master ha nodes - command: kubeadm init phase kubeconfig all --config {{ kubernetes_kubeadm_config_file }} - when: ( - master_conf_result.results[0].stat.exists == False or - master_conf_result.results[1].stat.exists == False or - master_conf_result.results[2].stat.exists == False or - master_conf_result.results[3].stat.exists == False ) - -- name: check master manifests exists - stat: - path: "{{ item }}" - register: master_manifest_result - with_items: - - '{{ kubernetes_apiserver_manifest_file }}' - - '{{ kubernetes_controller_manager_manifest_file }}' - - '{{ kubernetes_scheduler_manifest_file }}' - -- name: write controle-plane manifests on master ha nodes - command: kubeadm init phase controlplane all --config {{ kubernetes_kubeadm_config_file }} - when: ( - master_manifest_result.results[0].stat.exists == False or - master_manifest_result.results[1].stat.exists == False or - master_manifest_result.results[2].stat.exists == False ) - -- name: annotate cri on master ha nodes - command: kubeadm init phase kubelet config annotate-cri --config {{ kubernetes_kubeadm_config_file }} +- name: get join command from master + delegate_to: "{{ groups.k8s_masters[0] }}" + command: "kubeadm token create --print-join-command" changed_when: false + when: ( 'node/' + ansible_nodename ) not in get_node_register.stdout_lines + register: join_command_register -- name: mark as master on master ha nodes - command: kubeadm init phase mark-master --config {{ kubernetes_kubeadm_config_file }} - changed_when: false +- name: join master node into cluster + command: "{{ join_command_register.stdout }} --experimental-control-plane" + when: ( 'node/' + ansible_nodename ) not in get_node_register.stdout_lines diff --git a/templates/clusterconfig.yaml.j2 b/templates/clusterconfig.yaml.j2 index d75d8d6..d74a25c 100644 --- a/templates/clusterconfig.yaml.j2 +++ b/templates/clusterconfig.yaml.j2 @@ -38,13 +38,12 @@ etcd: keyFile: {{ kubernetes_etcd_apiserver_client_key_file }} {% endif %} {% if inventory_hostname in groups.k8s_masters %} - {%- if kubernetes_apiserver_dns != "" %} +{% if kubernetes_apiserver_dns != "" %} - "{{ kubernetes_apiserver_dns }}" controlPlaneEndpoint: "{{ kubernetes_apiserver_dns }}:{{ kubernetes_apiserver_port}}" - {%- else %} +{% else %} controlPlaneEndpoint: "{{ kubernetes_apiserver_ip | default(hostvars[groups.k8s_masters[0]]['ansible_host'])| default(hostvars[groups.k8s_masters[0]]['ansible_default_ipv4.address']) }}:{{ kubernetes_apiserver_port}}" - {%- endif %} - +{% endif %} apiServer: certSANs: - "{{ kubernetes_apiserver_ip | default(hostvars[groups.k8s_masters[0]]['ansible_host']) | default(hostvars[groups.k8s_masters[0]]['ansible_default_ipv4.address']) }}" @@ -68,7 +67,7 @@ controllerManager: - name: cloud hostPath: "{{ kubernetes_cloud_config_file }}" mountPath: "{{ kubernetes_cloud_config_file }}" -{%- endif %} +{% endif %} networking: dnsDomain: {{ kubernetes_dns_domain }} podSubnet: {{ kubernetes_pod_subnet }}