Changes to kubernetes deploy
This commit is contained in:
parent
d27d00503c
commit
d554120e31
@ -5,11 +5,15 @@
|
||||
remote_user: hybris
|
||||
become: yes
|
||||
|
||||
vars:
|
||||
# rename this to something with sense
|
||||
network_default_gw: 2001:470:6d:22c::1
|
||||
|
||||
roles:
|
||||
- dns
|
||||
- proxy
|
||||
- kubernetes
|
||||
# - dns
|
||||
# - proxy
|
||||
# - kubernetes
|
||||
|
||||
tasks:
|
||||
|
||||
# - name: open firewall ports
|
||||
# include: firewalld.yml
|
||||
|
||||
- name: update linux kernel
|
||||
include: update_kernel.yml
|
@ -5,7 +5,7 @@
|
||||
|
||||
tasks:
|
||||
- name: initialize kubernetes master
|
||||
shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c::/64
|
||||
shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c:42::/80
|
||||
delegate_to: k8s-master.e2m
|
||||
run_once: yes
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
- debug:
|
||||
var: k8s_ca_cert_hash
|
||||
|
||||
- name: join nodes to cluster
|
||||
shell: kubeadm join [2001:470:6d:22c:42::1]:6443 --token {{ k8s_token }} --discovery-token-ca-cert-hash sha256:{{ k8s_ca_cert_hash }}
|
||||
delegate_to: "{{ item }}"
|
||||
with_items: "{{ k8s-nodes }}"
|
||||
# - name: join nodes to cluster
|
||||
# shell: kubeadm join [2001:470:6d:22c:42::1]:6443 --token {{ k8s_token }} --discovery-token-ca-cert-hash sha256:{{ k8s_ca_cert_hash }}
|
||||
# delegate_to: "{{ item }}"
|
||||
# with_items: "{{ k8s-nodes }}"
|
@ -1,2 +0,0 @@
|
||||
search local e2m
|
||||
nameserver 2001:470:6d:22c::1
|
2
roles/dns/files/resolv.conf.j2
Normal file
2
roles/dns/files/resolv.conf.j2
Normal file
@ -0,0 +1,2 @@
|
||||
search local {{ network_domain }}
|
||||
nameserver {{ network_dns }}
|
9
roles/kubernetes/files/kube-router-cni.conf.j2
Normal file
9
roles/kubernetes/files/kube-router-cni.conf.j2
Normal file
@ -0,0 +1,9 @@
|
||||
{
|
||||
"name":"e2m",
|
||||
"type":"bridge",
|
||||
"bridge":"kube-bridge",
|
||||
"isDefaultGateway":true,
|
||||
"ipam": {
|
||||
"type":"host-local"
|
||||
}
|
||||
}
|
@ -3,33 +3,33 @@
|
||||
#### FIREWALL TASKS ####
|
||||
########################
|
||||
|
||||
# ## kubernetes requirements
|
||||
## kubernetes requirements
|
||||
|
||||
# - name: enable port 6443/tcp
|
||||
# firewalld:
|
||||
# port: 6443/tcp
|
||||
# permanent: yes
|
||||
# state: enabled
|
||||
- name: enable port 6443/tcp
|
||||
firewalld:
|
||||
port: 6443/tcp
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
||||
# - name: enable port 10250/tcp
|
||||
# firewalld:
|
||||
# port: 10250/tcp
|
||||
# permanent: yes
|
||||
# state: enabled
|
||||
- name: enable port 10250/tcp
|
||||
firewalld:
|
||||
port: 10250/tcp
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
||||
# - name: enable port 6443/udp
|
||||
# firewalld:
|
||||
# port: 6443/udp
|
||||
# permanent: yes
|
||||
# state: enabled
|
||||
- name: enable port 6443/udp
|
||||
firewalld:
|
||||
port: 6443/udp
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
||||
# - name: enable port 10250/udp
|
||||
# firewalld:
|
||||
# port: 10250/udp
|
||||
# permanent: yes
|
||||
# state: enabled
|
||||
- name: enable port 10250/udp
|
||||
firewalld:
|
||||
port: 10250/udp
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
||||
# ## reload firewalld after setting rules
|
||||
## reload firewalld after setting rules
|
||||
|
||||
# - name: reload firewalld
|
||||
# shell: firewall-cmd --reload
|
||||
- name: reload firewalld
|
||||
shell: firewall-cmd --reload
|
||||
|
@ -61,14 +61,12 @@
|
||||
path: /etc/cni/net.d
|
||||
state: directory
|
||||
|
||||
# TODO: this
|
||||
# - name: copy cni config
|
||||
# template:
|
||||
# src: "../files/####CNI CONFIG####"
|
||||
# dest: /etc/cni/net.d/####CNI CONFIG####
|
||||
# owner: root
|
||||
# group: root
|
||||
# with_items: "{{ kubernetes }}"
|
||||
- name: copy cni config
|
||||
template:
|
||||
src: ../files/kube-router-cni.conf.j2
|
||||
dest: /etc/cni/net.d/10-kuberouter.conf
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: install packages
|
||||
yum:
|
||||
@ -101,6 +99,3 @@
|
||||
enabled: yes
|
||||
state: restarted
|
||||
daemon_reload: yes
|
||||
|
||||
- name: reboot
|
||||
reboot:
|
@ -27,4 +27,7 @@
|
||||
line: "GRUB_DEFAULT=0"
|
||||
|
||||
- name: write grub config
|
||||
shell: grub2-mkconfig -o /boot/grub2/grub.cfg
|
||||
shell: grub2-mkconfig -o /boot/grub2/grub.cfg
|
||||
|
||||
- name: reboot
|
||||
reboot:
|
Loading…
Reference in New Issue
Block a user