shixiong
/
okd


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
							---
- name: Calico Node | Error if invalid cert arguments
  fail:
    msg: "Must provide all or none for the following etcd params: calico_etcd_cert_dir, calico_etcd_ca_cert_file, calico_etcd_cert_file, calico_etcd_key_file, calico_etcd_endpoints"
  when: (calico_etcd_cert_dir is defined or calico_etcd_ca_cert_file is defined or calico_etcd_cert_file is defined or calico_etcd_key_file is defined or calico_etcd_endpoints is defined) and not (calico_etcd_cert_dir is defined and calico_etcd_ca_cert_file is defined and calico_etcd_cert_file is defined and calico_etcd_key_file is defined and calico_etcd_endpoints is defined)

- name: Calico Node | Generate certs if not provided
  include: gen_certs.yml
  when: item is not defined
  with_items:
    - calico_etcd_ca_cert_file
    - calico_etcd_cert_file
    - calico_etcd_key_file
    - calico_etcd_endpoints
    - calico_etcd_cert_dir

- name: Calico Node | Error if no certs set.
  fail:
    msg: "Invalid etcd configuration for calico."
  when: item is not defined or item == ''
  with_items:
    - calico_etcd_ca_cert_file
    - calico_etcd_cert_file
    - calico_etcd_key_file
    - calico_etcd_endpoints

- name: Calico Node | Assure the calico certs are present
  stat:
    path: "{{ item }}"
  with_items:
    - "{{ calico_etcd_ca_cert_file }}"
    - "{{ calico_etcd_cert_file}}"
    - "{{ calico_etcd_key_file }}"

- name: Calico Node | Configure Calico service unit file
  template:
    dest: "/lib/systemd/system/calico.service"
    src: calico.service.j2

- name: Calico Node | Enable calico
  become: yes
  systemd:
    name: calico
    daemon_reload: yes
    state: started
    enabled: yes
  register: start_result

- name: Calico Node | Assure CNI conf dir exists
  become: yes
  file: path="{{ cni_conf_dir }}" state=directory

- name: Calico Node | Generate Calico CNI config
  become: yes
  template:
    src: "10-calico.conf.j2"
    dest: "{{ cni_conf_dir }}/10-calico.conf"

- name: Calico Node | Assures Kuberentes CNI bin dir exists
  become: yes
  file: path="{{ cni_bin_dir }}" state=directory

- name: Calico Node | Download Calico CNI Plugin
  become: yes
  get_url:
    url: "{{ calico_url_cni }}"
    dest: "{{ cni_bin_dir }}"
    mode: a+x

- name: Calico Node | Download Calico IPAM Plugin
  become: yes
  get_url:
    url: "{{ calico_url_ipam }}"
    dest: "{{ cni_bin_dir }}"
    mode: a+x

- name: Calico Node | Download and extract standard CNI plugins
  become: yes
  unarchive:
    remote_src: True
    src: "{{ cni_url }}"
    dest: "{{ cni_bin_dir }}"

- name: Calico Node | Assure Calico conf dir exists
  become: yes
  file: path=/etc/calico/ state=directory

- name: Calico Node | Set calicoctl.cfg
  template:
    src: calicoctl.cfg.j2
    dest: "/etc/calico/calicoctl.cfg"