mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-03-07 02:27:43 +03:00
contiv 1.2.1
This commit is contained in:
Erwan Miran
@@ -16,8 +16,25 @@
|
||||
with_items:
|
||||
- "{{ contiv_etcd_conf_dir }}"
|
||||
- "{{ contiv_etcd_data_dir }}"
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- set_fact:
|
||||
- name: Contiv | Workaround https://github.com/contiv/netplugin/issues/1152
|
||||
set_fact:
|
||||
kube_apiserver_endpoint_for_contiv: |-
|
||||
{% if not is_kube_master and loadbalancer_apiserver_localhost -%}
|
||||
https://localhost:{{ nginx_kube_apiserver_port|default(kube_apiserver_port) }}
|
||||
{%- elif loadbalancer_apiserver is defined and loadbalancer_apiserver.port is defined -%}
|
||||
https://{{ apiserver_loadbalancer_domain_name|default('lb-apiserver.kubernetes.local') }}
|
||||
{%- if loadbalancer_apiserver.port|string != "443" -%}
|
||||
:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
|
||||
{%- endif -%}
|
||||
{%- else -%}
|
||||
https://{{ first_kube_master }}:{{ kube_apiserver_port }}
|
||||
{%- endif %}
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- name: Contiv | Set necessary facts
|
||||
set_fact:
|
||||
contiv_config_dir: "{{ contiv_config_dir }}"
|
||||
contiv_enable_api_proxy: "{{ contiv_enable_api_proxy }}"
|
||||
contiv_fabric_mode: "{{ contiv_fabric_mode }}"
|
||||
@@ -26,22 +43,26 @@
|
||||
contiv_networks: "{{ contiv_networks }}"
|
||||
contiv_manifests:
|
||||
- {name: contiv-config, file: contiv-config.yml, type: configmap}
|
||||
- {name: contiv-etcd, file: contiv-etcd.yml, type: daemonset}
|
||||
- {name: contiv-etcd-proxy, file: contiv-etcd-proxy.yml, type: daemonset}
|
||||
- {name: contiv-ovs, file: contiv-ovs.yml, type: daemonset}
|
||||
- {name: contiv-netmaster, file: contiv-netmaster-clusterrolebinding.yml, type: clusterrolebinding}
|
||||
- {name: contiv-netmaster, file: contiv-netmaster-clusterrole.yml, type: clusterrole}
|
||||
- {name: contiv-netmaster, file: contiv-netmaster-serviceaccount.yml, type: serviceaccount}
|
||||
- {name: contiv-netmaster, file: contiv-netmaster.yml, type: daemonset}
|
||||
- {name: contiv-netplugin, file: contiv-netplugin-clusterrolebinding.yml, type: clusterrolebinding}
|
||||
- {name: contiv-netplugin, file: contiv-netplugin-clusterrole.yml, type: clusterrole}
|
||||
- {name: contiv-netplugin, file: contiv-netplugin-serviceaccount.yml, type: serviceaccount}
|
||||
- {name: contiv-etcd, file: contiv-etcd.yml, type: daemonset}
|
||||
- {name: contiv-etcd-proxy, file: contiv-etcd-proxy.yml, type: daemonset}
|
||||
- {name: contiv-netplugin, file: contiv-netplugin.yml, type: daemonset}
|
||||
- {name: contiv-netmaster, file: contiv-netmaster.yml, type: daemonset}
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- set_fact:
|
||||
contiv_manifests: |-
|
||||
{% set _ = contiv_manifests.append({"name": "contiv-api-proxy", "file": "contiv-api-proxy.yml", "type": "daemonset"}) %}
|
||||
{{ contiv_manifests }}
|
||||
when: contiv_enable_api_proxy
|
||||
when:
|
||||
- contiv_enable_api_proxy
|
||||
- inventory_hostname in groups['kube-master']
|
||||
|
||||
- name: Contiv | Create /var/contiv
|
||||
file:
|
||||
@@ -55,21 +76,23 @@
|
||||
mode: 0755
|
||||
owner: root
|
||||
group: root
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- name: Contiv | Install all Kubernetes resources
|
||||
template:
|
||||
src: "{{ item.file }}.j2"
|
||||
dest: "{{ contiv_config_dir }}/{{ item.file }}"
|
||||
with_items: "{{ contiv_manifests }}"
|
||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||
run_once: true
|
||||
register: contiv_manifests_results
|
||||
when: inventory_hostname in groups['kube-master']
|
||||
|
||||
- name: Contiv | Generate contiv-api-proxy certificates
|
||||
script: generate-certificate.sh
|
||||
args:
|
||||
creates: /var/contiv/auth_proxy_key.pem
|
||||
when: "contiv_enable_api_proxy and contiv_generate_certificate"
|
||||
when:
|
||||
- contiv_enable_api_proxy
|
||||
- contiv_generate_certificate
|
||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||
run_once: true
|
||||
|
||||
@@ -81,7 +104,9 @@
|
||||
with_items:
|
||||
- auth_proxy_key.pem
|
||||
- auth_proxy_cert.pem
|
||||
when: "contiv_enable_api_proxy and contiv_generate_certificate"
|
||||
when:
|
||||
- contiv_enable_api_proxy
|
||||
- contiv_generate_certificate
|
||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||
run_once: true
|
||||
|
||||
@@ -92,9 +117,11 @@
|
||||
with_items:
|
||||
- auth_proxy_key.pem
|
||||
- auth_proxy_cert.pem
|
||||
when: "inventory_hostname != groups['kube-master'][0]
|
||||
and inventory_hostname in groups['kube-master']
|
||||
and contiv_enable_api_proxy and contiv_generate_certificate"
|
||||
when:
|
||||
- inventory_hostname != groups['kube-master'][0]
|
||||
- inventory_hostname in groups['kube-master']
|
||||
- contiv_enable_api_proxy
|
||||
- contiv_generate_certificate
|
||||
|
||||
- name: Contiv | Copy cni plugins from hyperkube
|
||||
command: "{{ docker_bin_dir }}/docker run --rm -v /opt/cni/bin:/cnibindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/bash -c '/bin/cp -fa /opt/cni/bin/* /cnibindir/'"
|
||||
|
||||
Reference in New Issue
Block a user