KubeInit | Result #1006: [changed] ansible.builtin.shell on localhost for "kubeinit.kubeinit.kubeinit

Playbook #1

/root/kubeinit/ci/builds/6mbKNrxD/0/kubeinit/kubeinit/kubeinit-aux/kubeinit/playbook.yml

Report

Status

CLI

Date

Duration

Controller

User

Versions

Hosts

Plays

Tasks

Results

Files

Records

...kubeinit/kubeinit-aux/kubeinit/playbook.yml @ 26 Oct 2023 19:36:23 +0000

Argument	Value
version	None
verbosity	1
private_key_file	None
remote_user	root
connection	smart
timeout	10
ssh_common_args	None
sftp_extra_args	None
scp_extra_args	None
ssh_extra_args	None
ask_pass	False
connection_password_file	None
force_handlers	False
flush_cache	False
become	False
become_method	sudo
become_user	None
become_ask_pass	False
become_password_file	None
tags	['all']
skip_tags	[]
check	False
diff	False
inventory	['/etc/ansible/hosts']
listhosts	False
subset	None
extra_vars	Not saved by ARA as configured by 'ignored_arguments'
vault_ids	[]
ask_vault_pass	False
vault_password_files	[]
forks	5
module_path	None
syntax	False
listtasks	False
listtags	False
step	False
start_at_task	None
args	['./kubeinit/playbook.yml']

26 Oct 2023 19:36:23 +0000

00:45:02.10

nyctea

root

Ansible 2.15.2

ara 1.6.1 (client), 1.6.1 (server)

Python 3.11.4

1048

remote_user:root check:False tags:all

Task result details

Play: Run the deployment on the target infrastructure (OpenStack/libvirt hypervisors)
Task: kubeinit.kubeinit.kubeinit_eks : Initialize Kubernetes cluster
Action: ansible.builtin.shell
Path: /root/.ansible/collections/ansible_collections/kubeinit/kubeinit/roles/kubeinit_eks/tasks/main.yml:128
Host: localhost ( task delegated to controller-01 )
Status: changed
Started: 26 Oct 2023 20:17:08 +0000
Ended: 26 Oct 2023 20:18:18 +0000
Duration: 00:01:09.09
Tags:
- task_deploy_cluster

Field	Value
changed	True
cmd	set -eo pipefail kubeadm init --upload-certs --config=config.yml
delta	0:01:08.735310
end	2023-10-26 20:18:18.019866
invocation	{ "module_args": { "_raw_params": "set -eo pipefail\nkubeadm init --upload-certs --config=config.yml\n", "_uses_shell": true, "argv": null, "chdir": null, "creates": null, "executable": "/bin/bash", "removes": null, "stdin": null, "stdin_add_newline": true, "strip_empty_ends": true } }
msg
rc	0
start	2023-10-26 20:17:09.284556
stderr	W1026 20:17:39.142303 62636 checks.go:835] detected that the sandbox image "registry.k8s.io/pause:3.6" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.k8s.io/pause:3.9" as the CRI sandbox image.
stderr_lines	[ "W1026 20:17:39.142303 62636 checks.go:835] detected that the sandbox image \"registry.k8s.io/pause:3.6\" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using \"registry.k8s.io/pause:3.9\" as the CRI sandbox image." ]
stdout	[init] Using Kubernetes version: v1.28.3 [preflight] Running pre-flight checks [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull' [certs] Using certificateDir folder "/etc/kubernetes/pki" [certs] Generating "ca" certificate and key [certs] Generating "apiserver" certificate and key [certs] apiserver serving cert is signed for DNS names [api.ekscluster.kubeinit.local controller-01.ekscluster.kubeinit.local kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.0.0.1] [certs] Generating "apiserver-kubelet-client" certificate and key [certs] Generating "front-proxy-ca" certificate and key [certs] Generating "front-proxy-client" certificate and key [certs] Generating "etcd/ca" certificate and key [certs] Generating "etcd/server" certificate and key [certs] etcd/server serving cert is signed for DNS names [controller-01.ekscluster.kubeinit.local localhost] and IPs [10.0.0.1 127.0.0.1 ::1] [certs] Generating "etcd/peer" certificate and key [certs] etcd/peer serving cert is signed for DNS names [controller-01.ekscluster.kubeinit.local localhost] and IPs [10.0.0.1 127.0.0.1 ::1] [certs] Generating "etcd/healthcheck-client" certificate and key [certs] Generating "apiserver-etcd-client" certificate and key [certs] Generating "sa" key and public key [kubeconfig] Using kubeconfig folder "/etc/kubernetes" [kubeconfig] Writing "admin.conf" kubeconfig file [kubeconfig] Writing "kubelet.conf" kubeconfig file [kubeconfig] Writing "controller-manager.conf" kubeconfig file [kubeconfig] Writing "scheduler.conf" kubeconfig file [etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests" [control-plane] Using manifest folder "/etc/kubernetes/manifests" [control-plane] Creating static Pod manifest for "kube-apiserver" [control-plane] Creating static Pod manifest for "kube-controller-manager" [control-plane] Creating static Pod manifest for "kube-scheduler" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Starting the kubelet [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s [apiclient] All control plane components are healthy after 19.527353 seconds [upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace [kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster [upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace [upload-certs] Using certificate key: f5d54c8514e228a6f95e40430e942692465c67217aa7a1a52ae08a8c0ecab7ff [mark-control-plane] Marking the node controller-01.ekscluster.kubeinit.local as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers] [mark-control-plane] Marking the node controller-01.ekscluster.kubeinit.local as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule] [bootstrap-token] Using token: jupbkm.3qqihqpouvtqoz1g [bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace [kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key [addons] Applied essential addon: CoreDNS [addons] Applied essential addon: kube-proxy Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ You can now join any number of the control-plane node running the following command on each as root: kubeadm join api.ekscluster.kubeinit.local:6443 --token jupbkm.3qqihqpouvtqoz1g \ --discovery-token-ca-cert-hash sha256:ea360cbd6dc7f622c2fdc8dcbf7f79137a87aaa566c58293cb37f666ab8dbee3 \ --control-plane --certificate-key f5d54c8514e228a6f95e40430e942692465c67217aa7a1a52ae08a8c0ecab7ff Please note that the certificate-key gives access to cluster sensitive data, keep it secret! As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use "kubeadm init phase upload-certs --upload-certs" to reload certs afterward. Then you can join any number of worker nodes by running the following on each as root: kubeadm join api.ekscluster.kubeinit.local:6443 --token jupbkm.3qqihqpouvtqoz1g \ --discovery-token-ca-cert-hash sha256:ea360cbd6dc7f622c2fdc8dcbf7f79137a87aaa566c58293cb37f666ab8dbee3
stdout_lines	[ "[init] Using Kubernetes version: v1.28.3", "[preflight] Running pre-flight checks", "[preflight] Pulling images required for setting up a Kubernetes cluster", "[preflight] This might take a minute or two, depending on the speed of your internet connection", "[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'", "[certs] Using certificateDir folder \"/etc/kubernetes/pki\"", "[certs] Generating \"ca\" certificate and key", "[certs] Generating \"apiserver\" certificate and key", "[certs] apiserver serving cert is signed for DNS names [api.ekscluster.kubeinit.local controller-01.ekscluster.kubeinit.local kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.0.0.1]", "[certs] Generating \"apiserver-kubelet-client\" certificate and key", "[certs] Generating \"front-proxy-ca\" certificate and key", "[certs] Generating \"front-proxy-client\" certificate and key", "[certs] Generating \"etcd/ca\" certificate and key", "[certs] Generating \"etcd/server\" certificate and key", "[certs] etcd/server serving cert is signed for DNS names [controller-01.ekscluster.kubeinit.local localhost] and IPs [10.0.0.1 127.0.0.1 ::1]", "[certs] Generating \"etcd/peer\" certificate and key", "[certs] etcd/peer serving cert is signed for DNS names [controller-01.ekscluster.kubeinit.local localhost] and IPs [10.0.0.1 127.0.0.1 ::1]", "[certs] Generating \"etcd/healthcheck-client\" certificate and key", "[certs] Generating \"apiserver-etcd-client\" certificate and key", "[certs] Generating \"sa\" key and public key", "[kubeconfig] Using kubeconfig folder \"/etc/kubernetes\"", "[kubeconfig] Writing \"admin.conf\" kubeconfig file", "[kubeconfig] Writing \"kubelet.conf\" kubeconfig file", "[kubeconfig] Writing \"controller-manager.conf\" kubeconfig file", "[kubeconfig] Writing \"scheduler.conf\" kubeconfig file", "[etcd] Creating static Pod manifest for local etcd in \"/etc/kubernetes/manifests\"", "[control-plane] Using manifest folder \"/etc/kubernetes/manifests\"", "[control-plane] Creating static Pod manifest for \"kube-apiserver\"", "[control-plane] Creating static Pod manifest for \"kube-controller-manager\"", "[control-plane] Creating static Pod manifest for \"kube-scheduler\"", "[kubelet-start] Writing kubelet environment file with flags to file \"/var/lib/kubelet/kubeadm-flags.env\"", "[kubelet-start] Writing kubelet configuration to file \"/var/lib/kubelet/config.yaml\"", "[kubelet-start] Starting the kubelet", "[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory \"/etc/kubernetes/manifests\". This can take up to 4m0s", "[apiclient] All control plane components are healthy after 19.527353 seconds", "[upload-config] Storing the configuration used in ConfigMap \"kubeadm-config\" in the \"kube-system\" Namespace", "[kubelet] Creating a ConfigMap \"kubelet-config\" in namespace kube-system with the configuration for the kubelets in the cluster", "[upload-certs] Storing the certificates in Secret \"kubeadm-certs\" in the \"kube-system\" Namespace", "[upload-certs] Using certificate key:", "f5d54c8514e228a6f95e40430e942692465c67217aa7a1a52ae08a8c0ecab7ff", "[mark-control-plane] Marking the node controller-01.ekscluster.kubeinit.local as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]", "[mark-control-plane] Marking the node controller-01.ekscluster.kubeinit.local as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]", "[bootstrap-token] Using token: jupbkm.3qqihqpouvtqoz1g", "[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles", "[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes", "[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials", "[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token", "[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster", "[bootstrap-token] Creating the \"cluster-info\" ConfigMap in the \"kube-public\" namespace", "[kubelet-finalize] Updating \"/etc/kubernetes/kubelet.conf\" to point to a rotatable kubelet client certificate and key", "[addons] Applied essential addon: CoreDNS", "[addons] Applied essential addon: kube-proxy", "", "Your Kubernetes control-plane has initialized successfully!", "", "To start using your cluster, you need to run the following as a regular user:", "", " mkdir -p $HOME/.kube", " sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config", " sudo chown $(id -u):$(id -g) $HOME/.kube/config", "", "Alternatively, if you are the root user, you can run:", "", " export KUBECONFIG=/etc/kubernetes/admin.conf", "", "You should now deploy a pod network to the cluster.", "Run \"kubectl apply -f [podnetwork].yaml\" with one of the options listed at:", " https://kubernetes.io/docs/concepts/cluster-administration/addons/", "", "You can now join any number of the control-plane node running the following command on each as root:", "", " kubeadm join api.ekscluster.kubeinit.local:6443 --token jupbkm.3qqihqpouvtqoz1g \\", "\t--discovery-token-ca-cert-hash sha256:ea360cbd6dc7f622c2fdc8dcbf7f79137a87aaa566c58293cb37f666ab8dbee3 \\", "\t--control-plane --certificate-key f5d54c8514e228a6f95e40430e942692465c67217aa7a1a52ae08a8c0ecab7ff", "", "Please note that the certificate-key gives access to cluster sensitive data, keep it secret!", "As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use", "\"kubeadm init phase upload-certs --upload-certs\" to reload certs afterward.", "", "Then you can join any number of worker nodes by running the following on each as root:", "", "kubeadm join api.ekscluster.kubeinit.local:6443 --token jupbkm.3qqihqpouvtqoz1g \\", "\t--discovery-token-ca-cert-hash sha256:ea360cbd6dc7f622c2fdc8dcbf7f79137a87aaa566c58293cb37f666ab8dbee3 " ]