112 lines
2.9 KiB
YAML
112 lines
2.9 KiB
YAML
---
|
|
# tasks file for k8s_join
|
|
|
|
- name: create kubernetes pki directory
|
|
become: yes
|
|
ansible.builtin.file:
|
|
path: /etc/kubernetes/pki/etcd
|
|
state: directory
|
|
|
|
- name: fetch pki certs/keys from first control plane server
|
|
become: yes
|
|
delegate_to: "{{groups['Master'][0]}}"
|
|
ansible.builtin.fetch:
|
|
src: /etc/kubernetes/pki/{{ item }}
|
|
dest: /tmp/pki/
|
|
flat: yes
|
|
with_items:
|
|
- ca.crt
|
|
- ca.key
|
|
- sa.pub
|
|
- sa.key
|
|
- front-proxy-ca.crt
|
|
- front-proxy-ca.key
|
|
notify: remove local copy of pki certs
|
|
|
|
- name: fetch etcd pki certs/keys from first control plane server
|
|
become: yes
|
|
delegate_to: "{{groups['Master'][0]}}"
|
|
ansible.builtin.fetch:
|
|
src: /etc/kubernetes/pki/etcd/{{ item }}
|
|
dest: /tmp/pki/etcd/
|
|
flat: yes
|
|
with_items:
|
|
- ca.crt
|
|
- ca.key
|
|
notify: remove local copy of pki certs
|
|
|
|
- name: copy pki certs/keys to additional control plane server
|
|
become: yes
|
|
ansible.builtin.copy:
|
|
src: /tmp/pki/{{ item }}
|
|
dest: /etc/kubernetes/pki/{{item}}
|
|
with_items:
|
|
- ca.crt
|
|
- ca.key
|
|
- sa.pub
|
|
- sa.key
|
|
- front-proxy-ca.crt
|
|
- front-proxy-ca.key
|
|
|
|
- name: copy etcd pki certs/keys to additional control plane server
|
|
become: yes
|
|
ansible.builtin.copy:
|
|
src: /tmp/pki/etcd/{{ item }}
|
|
dest: /etc/kubernetes/pki/etcd/{{ item }}
|
|
with_items:
|
|
- ca.crt
|
|
- ca.key
|
|
|
|
- name: obtain join string from initial control plane server
|
|
become: yes
|
|
delegate_to: "{{groups['Master'][0]}}"
|
|
ansible.builtin.shell:
|
|
cmd: kubeadm token create --print-join-command --ttl=1h
|
|
register: kubeadm_join_string
|
|
|
|
- name: join kubernetes cluster [kubeadm join]
|
|
become: yes
|
|
ansible.builtin.shell:
|
|
cmd: "{{ kubeadm_join_string.stdout }} --control-plane --ignore-preflight-errors=all"
|
|
register: kubeadm_join_result
|
|
|
|
- name: record kubeadm join stdout
|
|
become: yes
|
|
ansible.builtin.copy:
|
|
content: "{{ kubeadm_join_result.stdout }}"
|
|
dest: "/etc/kubernetes/kubeadm-join.stdout"
|
|
|
|
- name: record kubeadm join stderr
|
|
become: yes
|
|
ansible.builtin.copy:
|
|
content: "{{ kubeadm_join_result.stderr }}"
|
|
dest: "/etc/kubernetes/kubeadm-join.stderr"
|
|
|
|
- name: create .kube config folder for the ansible user
|
|
ansible.builtin.file:
|
|
path: "/home/{{ ansible_user }}/.kube"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ ansible_user }}"
|
|
mode: 0755
|
|
|
|
- name: copy admin.conf to .kube folder for the ansible user
|
|
ansible.builtin.copy:
|
|
src: /etc/kubernetes/admin.conf
|
|
dest: "/home/{{ ansible_user }}/.kube/config"
|
|
owner: "{{ ansible_user }}"
|
|
remote_src: yes
|
|
mode: 0644
|
|
|
|
- name: Set the KUBECONFIG environment variable for the ansible user
|
|
ansible.builtin.shell: "export KUBECONFIG=/home/{{ ansible_user }}/.kube/config"
|
|
environment:
|
|
KUBECONFIG: "/home/{{ ansible_user }}/.kube/config"
|
|
|
|
|
|
- name: install Pod network
|
|
become_user: ubuntu
|
|
ansible.builtin.shell:
|
|
cmd: kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
|
|
|