mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-02-28 09:39:12 +03:00
Test group membership with group_names
Testing for group membership with group names makes Kubespray more tolerant towards the structure of the inventory. Where 'inventory_hostname in groups["some_group"] would fail if "some_group" is not defined, '"some_group" in group_names' would not.
This commit is contained in:
Max Gautier
@@ -21,7 +21,7 @@
|
||||
get_checksum: true
|
||||
get_mime: false
|
||||
register: etcd_member_certs
|
||||
when: inventory_hostname in groups['etcd']
|
||||
when: ('etcd' in group_names)
|
||||
with_items:
|
||||
- ca.pem
|
||||
- member-{{ inventory_hostname }}.pem
|
||||
@@ -33,7 +33,7 @@
|
||||
stat:
|
||||
path: "{{ etcd_cert_dir }}/{{ item }}"
|
||||
register: etcd_node_certs
|
||||
when: inventory_hostname in groups['k8s_cluster']
|
||||
when: ('k8s_cluster' in group_names)
|
||||
with_items:
|
||||
- ca.pem
|
||||
- node-{{ inventory_hostname }}.pem
|
||||
@@ -99,7 +99,7 @@
|
||||
set_fact:
|
||||
etcd_member_requires_sync: true
|
||||
when:
|
||||
- inventory_hostname in groups['etcd']
|
||||
- ('etcd' in group_names)
|
||||
- (not etcd_member_certs.results[0].stat.exists | default(false)) or
|
||||
(not etcd_member_certs.results[1].stat.exists | default(false)) or
|
||||
(not etcd_member_certs.results[2].stat.exists | default(false)) or
|
||||
@@ -115,7 +115,7 @@
|
||||
set_fact:
|
||||
kubernetes_host_requires_sync: true
|
||||
when:
|
||||
- inventory_hostname in groups['k8s_cluster'] and
|
||||
- ('k8s_cluster' in group_names) and
|
||||
inventory_hostname not in groups['etcd']
|
||||
- (not etcd_node_certs.results[0].stat.exists | default(false)) or
|
||||
(not etcd_node_certs.results[1].stat.exists | default(false)) or
|
||||
|
||||
@@ -79,7 +79,7 @@
|
||||
{% endfor %}]"
|
||||
delegate_to: "{{ groups['etcd'][0] }}"
|
||||
when:
|
||||
- inventory_hostname in groups['etcd']
|
||||
- ('etcd' in group_names)
|
||||
- sync_certs | default(false)
|
||||
- inventory_hostname != groups['etcd'][0]
|
||||
notify: Set etcd_secret_changed
|
||||
@@ -93,7 +93,7 @@
|
||||
mode: "0640"
|
||||
with_items: "{{ etcd_master_certs.results }}"
|
||||
when:
|
||||
- inventory_hostname in groups['etcd']
|
||||
- ('etcd' in group_names)
|
||||
- sync_certs | default(false)
|
||||
- inventory_hostname != groups['etcd'][0]
|
||||
loop_control:
|
||||
@@ -110,7 +110,7 @@
|
||||
{% endfor %}]"
|
||||
delegate_to: "{{ groups['etcd'][0] }}"
|
||||
when:
|
||||
- inventory_hostname in groups['etcd']
|
||||
- ('etcd' in group_names)
|
||||
- inventory_hostname != groups['etcd'][0]
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
@@ -125,7 +125,7 @@
|
||||
mode: "0640"
|
||||
with_items: "{{ etcd_master_node_certs.results }}"
|
||||
when:
|
||||
- inventory_hostname in groups['etcd']
|
||||
- ('etcd' in group_names)
|
||||
- inventory_hostname != groups['etcd'][0]
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
@@ -135,7 +135,7 @@
|
||||
- name: Gen_certs | Generate etcd certs
|
||||
include_tasks: gen_nodes_certs_script.yml
|
||||
when:
|
||||
- inventory_hostname in groups['kube_control_plane'] and
|
||||
- ('kube_control_plane' in group_names) and
|
||||
sync_certs | default(false) and inventory_hostname not in groups['etcd']
|
||||
|
||||
- name: Gen_certs | Generate etcd certs on nodes if needed
|
||||
@@ -143,7 +143,7 @@
|
||||
when:
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
- inventory_hostname in groups['k8s_cluster'] and
|
||||
- ('k8s_cluster' in group_names) and
|
||||
sync_certs | default(false) and inventory_hostname not in groups['etcd']
|
||||
|
||||
- name: Gen_certs | check certificate permissions
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
when:
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
- inventory_hostname in groups['k8s_cluster']
|
||||
- ('k8s_cluster' in group_names)
|
||||
tags:
|
||||
- etcd-secrets
|
||||
|
||||
@@ -37,7 +37,7 @@
|
||||
when:
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
- inventory_hostname in groups['k8s_cluster']
|
||||
- ('k8s_cluster' in group_names)
|
||||
tags:
|
||||
- master # master tag is deprecated and replaced by control-plane
|
||||
- control-plane
|
||||
@@ -49,7 +49,7 @@
|
||||
when:
|
||||
- kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
|
||||
- kube_network_plugin != "calico" or calico_datastore == "etcd"
|
||||
- inventory_hostname in groups['k8s_cluster']
|
||||
- ('k8s_cluster' in group_names)
|
||||
tags:
|
||||
- master # master tag is deprecated and replaced by control-plane
|
||||
- control-plane
|
||||
|
||||
Reference in New Issue
Block a user