Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f8630d4063
Branches Tags
okd
/
roles
/
calico_master
/
tasks
/
main.yml

main.yml 2.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. ---
    2. 

  2. - name: Calico | Run kube proxy
    3. 

  3.   run_once: true
    4. 

  4.   import_role:
    5. 

  5.     name: kube_proxy_and_dns
    6. 

  6. 

  7. - include_tasks: certs.yml
    8. 

  8. 

  9. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node
    10. 

  10.   oc_adm_policy_user:
    11. 

  11.     user: system:serviceaccount:kube-system:calico-node
    12. 

  12.     resource_kind: scc
    13. 

  13.     resource_name: privileged
    14. 

  14.     state: present
    15. 

  15. 

  16. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers
    17. 

  17.   oc_adm_policy_user:
    18. 

  18.     user: system:serviceaccount:kube-system:calico-kube-controllers
    19. 

  19.     resource_kind: scc
    20. 

  20.     resource_name: privileged
    21. 

  21.     state: present
    22. 

  22. 

  23. - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-upgrade-job
    24. 

  24.   oc_adm_policy_user:
    25. 

  25.     user: system:serviceaccount:kube-system:calico-upgrade-job
    26. 

  26.     resource_kind: scc
    27. 

  27.     resource_name: privileged
    28. 

  28.     state: present
    29. 

  29. 

  30. - name: Set default selector for kube-system
    31. 

  31.   command: >
    32. 

  32.     {{ openshift_client_binary }}
    33. 

  33.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    34. 

  34.     annotate  ns kube-system openshift.io/node-selector="" --overwrite
    35. 

  35. 

  36. - name: Calico Master | Create temp directory
    37. 

  37.   command: mktemp -d /tmp/openshift-ansible-XXXXXXX
    38. 

  38.   register: mktemp
    39. 

  39.   changed_when: False
    40. 

  40. 

  41. - name: Calico Master | Parse node version
    42. 

  42.   set_fact:
    43. 

  43.     node_version: "{{ calico_node_image | regex_replace('^.*node:v?(.*)$', '\\1') }}"
    44. 

  44.     cnx: "{{ calico_node_image | regex_replace('^.*/(.*)-node:.*$', '\\1') }}"
    45. 

  45. 

  46. - name: Calico Master | Write Calico v2
    47. 

  47.   template:
    48. 

  48.     dest: "{{ mktemp.stdout }}/calico.yml"
    49. 

  49.     src: calico.yml.j2
    50. 

  50.   when:
    51. 

  51.     - node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version < '3.0.0'
    52. 

  52.     - cnx != "cnx"
    53. 

  53. 

  54. - name: Calico Master | Write Calico v3
    55. 

  55.   template:
    56. 

  56.     dest: "{{ mktemp.stdout }}/calico.yml"
    57. 

  57.     src: calicov3.yml.j2
    58. 

  58.   when: (node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version >= '3.0.0') or (node_version == 'master') or (cnx == "cnx" and node_version >= '2.0.0')
    59. 

  59. 

  60. - name: Calico Master | Launch Calico
    61. 

  61.   command: >
    62. 

  62.     {{ openshift_client_binary }} apply
    63. 

  63.     -f {{ mktemp.stdout }}/calico.yml
    64. 

  64.     --config={{ openshift.common.config_base }}/master/admin.kubeconfig
    65. 

  65.   register: calico_create_output
    66. 

  66.   failed_when: "calico_create_output.rc != 0"
    67. 

  67.   changed_when: "('created' in calico_create_output.stdout) or ('configured' in calico_create_output.stdout)"
    68. 

  68. 

  69. - name: Calico Master | Delete temp directory
    70. 

  70.   file:
    71. 

  71.     name: "{{ mktemp.stdout }}"
    72. 

  72.     state: absent
    73. 

  73.   changed_when: False
    74.