Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 9947fd7a01
Branches Tags
okd
/
roles
/
calico_master
/
tasks
/
main.yml

main.yml 2.4 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. ---
    2. 

  2. - include_tasks: certs.yml
    3. 

  3. 

  4. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node
    5. 

  5.   oc_adm_policy_user:
    6. 

  6.     user: system:serviceaccount:kube-system:calico-node
    7. 

  7.     resource_kind: scc
    8. 

  8.     resource_name: privileged
    9. 

  9.     state: present
    10. 

  10. 

  11. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers
    12. 

  12.   oc_adm_policy_user:
    13. 

  13.     user: system:serviceaccount:kube-system:calico-kube-controllers
    14. 

  14.     resource_kind: scc
    15. 

  15.     resource_name: privileged
    16. 

  16.     state: present
    17. 

  17. 

  18. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-upgrade-job
    19. 

  19.   oc_adm_policy_user:
    20. 

  20.     user: system:serviceaccount:kube-system:calico-upgrade-job
    21. 

  21.     resource_kind: scc
    22. 

  22.     resource_name: privileged
    23. 

  23.     state: present
    24. 

  24. 

  25. - name: Set default selector for kube-system
    26. 

  26.   command: >
    27. 

  27.     {{ openshift_client_binary }}
    28. 

  28.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    29. 

  29.     annotate  ns kube-system openshift.io/node-selector="" --overwrite
    30. 

  30. 

  31. - name: Calico Master | Create temp directory
    32. 

  32.   command: mktemp -d /tmp/openshift-ansible-XXXXXXX
    33. 

  33.   register: mktemp
    34. 

  34.   changed_when: False
    35. 

  35. 

  36. - name: Calico Master | Parse node version
    37. 

  37.   set_fact:
    38. 

  38.     node_version: "{{ calico_node_image | regex_replace('^.*node:v?(.*)$', '\\1') }}"
    39. 

  39.     cnx: "{{ calico_node_image | regex_replace('[^-]*', '\\0') }}"
    40. 

  40. 

  41. - name: Calico Master | Write Calico v2
    42. 

  42.   template:
    43. 

  43.     dest: "{{ mktemp.stdout }}/calico.yml"
    44. 

  44.     src: calico.yml.j2
    45. 

  45.   when:
    46. 

  46.     - node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version < '3.0.0'
    47. 

  47.     - cnx != "cnx"
    48. 

  48. 

  49. - name: Calico Master | Write Calico v3
    50. 

  50.   template:
    51. 

  51.     dest: "{{ mktemp.stdout }}/calico.yml"
    52. 

  52.     src: calicov3.yml.j2
    53. 

  53.   when: (node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version >= '3.0.0') or (node_version == 'master') or (cnx == "cnx" and node_version >= '2.0.0')
    54. 

  54. 

  55. - name: Calico Master | Launch Calico
    56. 

  56.   command: >
    57. 

  57.     {{ openshift_client_binary }} apply
    58. 

  58.     -f {{ mktemp.stdout }}/calico.yml
    59. 

  59.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    60. 

  60.   register: calico_create_output
    61. 

  61.   failed_when: "calico_create_output.rc != 0"
    62. 

  62.   changed_when: "('created' in calico_create_output.stdout) or ('configured' in calico_create_output.stdout)"
    63. 

  63. 

  64. - name: Calico Master | Delete temp directory
    65. 

  65.   file:
    66. 

  66.     name: "{{ mktemp.stdout }}"
    67. 

  67.     state: absent
    68. 

  68.   changed_when: False
    69.