| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- ---
- - name: Calico Master | Assure the calico certs have been generated
- stat:
- path: "{{ item }}"
- with_items:
- - "{{ calico_etcd_ca_cert_file }}"
- - "{{ calico_etcd_cert_file }}"
- - "{{ calico_etcd_key_file }}"
- - name: Calico Master | Create temp directory for policy controller definition
- command: mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: mktemp
- changed_when: False
- - name: Calico Master | Write Calico Policy Controller definition
- template:
- dest: "{{ mktemp.stdout }}/calico-policy-controller.yml"
- src: calico-policy-controller.yml.j2
- - name: Calico Master | Launch Calico Policy Controller
- command: >
- {{ openshift_client_binary }} create
- -f {{ mktemp.stdout }}/calico-policy-controller.yml
- --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- register: calico_create_output
- failed_when: ('already exists' not in calico_create_output.stderr) and ('created' not in calico_create_output.stdout)
- changed_when: ('created' in calico_create_output.stdout)
- - name: Calico Master | Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- changed_when: False
- - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico
- oc_adm_policy_user:
- user: system:serviceaccount:kube-system:calico
- resource_kind: scc
- resource_name: privileged
- state: present
- - name: Download Calicoctl
- become: yes
- get_url:
- url: "{{ calico_url_calicoctl }}"
- dest: "{{ calicoctl_bin_dir }}"
- mode: a+x
|
