Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: df9f5ed59c
Branches Tags
okd
/
roles
/
calico_master
/
tasks
/
main.yml

main.yml 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. ---
    2. 

  2. - include_tasks: certs.yml
    3. 

  3. 

  4. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node
    5. 

  5.   oc_adm_policy_user:
    6. 

  6.     user: system:serviceaccount:kube-system:calico-node
    7. 

  7.     resource_kind: scc
    8. 

  8.     resource_name: privileged
    9. 

  9.     state: present
    10. 

  10. 

  11. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers
    12. 

  12.   oc_adm_policy_user:
    13. 

  13.     user: system:serviceaccount:kube-system:calico-kube-controllers
    14. 

  14.     resource_kind: scc
    15. 

  15.     resource_name: privileged
    16. 

  16.     state: present
    17. 

  17. 

  18. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-upgrade-job
    19. 

  19.   oc_adm_policy_user:
    20. 

  20.     user: system:serviceaccount:kube-system:calico-upgrade-job
    21. 

  21.     resource_kind: scc
    22. 

  22.     resource_name: privileged
    23. 

  23.     state: present
    24. 

  24. 

  25. - name: Set default selector for kube-system
    26. 

  26.   command: >
    27. 

  27.     {{ openshift_client_binary }}
    28. 

  28.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    29. 

  29.     annotate  ns kube-system openshift.io/node-selector="" --overwrite
    30. 

  30. 

  31. - name: Calico Master | Create temp directory
    32. 

  32.   command: mktemp -d /tmp/openshift-ansible-XXXXXXX
    33. 

  33.   register: mktemp
    34. 

  34.   changed_when: False
    35. 

  35. 

  36. - name: Calico Master | Parse node version
    37. 

  37.   set_fact:
    38. 

  38.     node_version: "{{ calico_node_image | regex_replace('^.*node:v?(.*)$', '\\1') }}"
    39. 

  39. 

  40. - name: Calico Master | Write Calico v2
    41. 

  41.   template:
    42. 

  42.     dest: "{{ mktemp.stdout }}/calico.yml"
    43. 

  43.     src: calico.yml.j2
    44. 

  44.   when: node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version < '3.0.0'
    45. 

  45. 

  46. - name: Calico Master | Write Calico v3
    47. 

  47.   template:
    48. 

  48.     dest: "{{ mktemp.stdout }}/calico.yml"
    49. 

  49.     src: calicov3.yml.j2
    50. 

  50.   when: (node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version >= '3.0.0') or node_version == 'master'
    51. 

  51. 

  52. - name: Calico Master | Launch Calico
    53. 

  53.   command: >
    54. 

  54.     {{ openshift_client_binary }} apply
    55. 

  55.     -f {{ mktemp.stdout }}/calico.yml
    56. 

  56.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    57. 

  57.   register: calico_create_output
    58. 

  58.   failed_when: "calico_create_output.rc != 0"
    59. 

  59.   changed_when: "('created' in calico_create_output.stdout) or ('configured' in calico_create_output.stdout)"
    60. 

  60. 

  61. - name: Calico Master | Delete temp directory
    62. 

  62.   file:
    63. 

  63.     name: "{{ mktemp.stdout }}"
    64. 

  64.     state: absent
    65. 

  65.   changed_when: False
    66.