Changes to kubernetes deploy

2-setup-kubernetes.yml

@@ -5,11 +5,15 @@
   remote_user: hybris
   become: yes
 
-  vars:
-    # rename this to something with sense
-    network_default_gw: 2001:470:6d:22c::1
-
   roles:
-    - dns
+    # - dns
-    - proxy
+    # - proxy
-    - kubernetes
+    # - kubernetes
+
+  tasks:
+
+    # - name: open firewall ports
+    #   include: firewalld.yml
+
+    - name: update linux kernel
+      include: update_kernel.yml

3-kubeadm-init.yml

@@ -5,7 +5,7 @@
 
   tasks:
     - name: initialize kubernetes master
-      shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c::/64
+      shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c:42::/80
       delegate_to: k8s-master.e2m
       run_once: yes
 
@@ -31,7 +31,7 @@
     - debug:
         var: k8s_ca_cert_hash
 
-    - name: join nodes to cluster
+    # - name: join nodes to cluster
-      shell: kubeadm join [2001:470:6d:22c:42::1]:6443 --token {{ k8s_token }} --discovery-token-ca-cert-hash sha256:{{ k8s_ca_cert_hash }}
+    #   shell: kubeadm join [2001:470:6d:22c:42::1]:6443 --token {{ k8s_token }} --discovery-token-ca-cert-hash sha256:{{ k8s_ca_cert_hash }}
-      delegate_to: "{{ item }}"
+    #   delegate_to: "{{ item }}"
-      with_items: "{{ k8s-nodes }}"
+    #   with_items: "{{ k8s-nodes }}"

roles/dns/files/resolv.conf

@@ -1,2 +0,0 @@
-search local e2m
-nameserver 2001:470:6d:22c::1

roles/dns/files/resolv.conf.j2

@@ -0,0 +1,2 @@
+search local {{ network_domain }}
+nameserver {{ network_dns }}

roles/kubernetes/files/kube-router-cni.conf.j2

@@ -0,0 +1,9 @@
+{
+    "name":"e2m",
+    "type":"bridge",
+    "bridge":"kube-bridge",
+    "isDefaultGateway":true,
+    "ipam": {
+        "type":"host-local"
+     }
+}

roles/kubernetes/tasks/firewalld.yml

@@ -3,33 +3,33 @@
 #### FIREWALL TASKS ####
 ########################
 
-# ## kubernetes requirements
+## kubernetes requirements
 
-#   - name: enable port 6443/tcp
+  - name: enable port 6443/tcp
-#     firewalld:
+    firewalld:
-#       port: 6443/tcp
+      port: 6443/tcp
-#       permanent: yes
+      permanent: yes
-#       state: enabled
+      state: enabled
 
-#   - name: enable port 10250/tcp
+  - name: enable port 10250/tcp
-#     firewalld:
+    firewalld:
-#       port: 10250/tcp
+      port: 10250/tcp
-#       permanent: yes
+      permanent: yes
-#       state: enabled
+      state: enabled
 
-#   - name: enable port 6443/udp
+  - name: enable port 6443/udp
-#     firewalld:
+    firewalld:
-#       port: 6443/udp
+      port: 6443/udp
-#       permanent: yes
+      permanent: yes
-#       state: enabled
+      state: enabled
 
-#   - name: enable port 10250/udp
+  - name: enable port 10250/udp
-#     firewalld:
+    firewalld:
-#       port: 10250/udp
+      port: 10250/udp
-#       permanent: yes
+      permanent: yes
-#       state: enabled
+      state: enabled
 
-# ## reload firewalld after setting rules
+## reload firewalld after setting rules
 
-#   - name: reload firewalld
+  - name: reload firewalld
-#     shell: firewall-cmd --reload
+    shell: firewall-cmd --reload

roles/kubernetes/tasks/main.yml

@@ -61,14 +61,12 @@
     path: /etc/cni/net.d
     state: directory
 
-# TODO: this
+- name: copy cni config
-# - name: copy cni config
+  template:
-#   template: 
+    src: ../files/kube-router-cni.conf.j2
-#     src: "../files/####CNI CONFIG####"
+    dest: /etc/cni/net.d/10-kuberouter.conf
-#     dest: /etc/cni/net.d/####CNI CONFIG####
+    owner: root
-#     owner: root
+    group: root
-#     group: root
-#   with_items: "{{ kubernetes }}"
 
 - name: install packages
   yum:
@@ -101,6 +99,3 @@
     enabled: yes
     state: restarted
     daemon_reload: yes
-
-- name: reboot
-  reboot:

roles/kubernetes/tasks/update_kernel.yml

@@ -27,4 +27,7 @@
     line: "GRUB_DEFAULT=0"
 
 - name: write grub config
-  shell: grub2-mkconfig -o /boot/grub2/grub.cfg
+  shell: grub2-mkconfig -o /boot/grub2/grub.cfg
+
+- name: reboot
+  reboot: