Playbook #1

/root/kubeinit/ci/builds/bsU8uCNn/0/kubeinit/kubeinit/kubeinit-aux/kubeinit/playbook.yml

Report Status CLI Date Duration Controller User Versions Hosts Plays Tasks Results Files Records
29 Mar 2024 08:51:18 +0000 00:11:11.97 nyctea root Ansible 2.15.2 ara 1.6.1 (client), 1.6.1 (server) Python 3.11.4 6 9 738 805 43 1

File: /root/.ansible/collections/ansible_collections/kubeinit/kubeinit/roles/kubeinit_rke/tasks/prepare_cluster.yml

---
# Copyright kubeinit contributors
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

- name: Setup the cluster provision container
  ansible.builtin.include_role:
    name: kubeinit.kubeinit.kubeinit_services
    tasks_from: create_provision_container.yml
  vars:
    kubeinit_deployment_node_name: "{{ kubeinit_provision_service_node }}"
    kubeinit_deployment_pod_name: "{{ hostvars[kubeinit_provision_service_node].guest_name }}-pod"
    kubeinit_deployment_delegate: "{{ hostvars[kubeinit_provision_service_node].target }}"
    kubeinit_deployment_os: "{{ hostvars[kubeinit_provision_service_node].os }}"

- name: Configure the provision service node
  block:

    - name: Add kubernetes repo for latest kubectl (Ubuntu)
      ansible.builtin.shell: |
        set -eo pipefail
        apt-get install -y apt-transport-https ca-certificates curl
        curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
        echo "deb [trusted=yes signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list
        apt-get update --allow-insecure-repositories
      args:
        executable: /bin/bash
      register: _result
      changed_when: "_result.rc == 0"

    - name: Install services requirements
      ansible.builtin.package:
        name: "kubectl,skopeo"
        state: present

    - name: "Render net info"
      ansible.builtin.shell: |
        set -o pipefail
        echo "{{ kubeinit_rke_pod_cidr }}" > ~/pod_cidr
        echo "{{ kubeinit_rke_service_cidr }}" > ~/service_cidr
      args:
        executable: /bin/bash
      register: _result
      changed_when: "_result.rc == 0"

    - name: Render the cluster template
      ansible.builtin.template:
        src: "cluster.yml.j2"
        dest: "~/cluster.yml"
        mode: '0644'

    - name: Download rancher
      ansible.builtin.get_url:
        url: "https://github.com/rancher/rke/releases/download/{{ kubeinit_rke_registry_release_tag }}/rke_linux-amd64"
        dest: ~/
        mode: '0755'

    - name: "Adjust installer"
      ansible.builtin.copy:
        src: ~/rke_linux-amd64
        dest: ~/rke
        remote_src: yes
        group: "{{ kubeinit_service_user }}"
        owner: "{{ kubeinit_service_user }}"
        mode: '0755'
        force: yes

    - name: "Render the required container images"
      ansible.builtin.shell: |
        set -o pipefail
        ~/rke config --system-images | grep -v 'INFO' | grep -v 'level=info' > ~/kubeinit_deployment_images.txt
      args:
        executable: /bin/bash
      register: _result
      changed_when: "_result.rc == 0"

    - name: Mirror RKE remote registry to local
      ansible.builtin.shell: |
        set -o pipefail
        set -e
        mkdir -p /etc/containers/
        cat << EOF > /etc/containers/policy.json
        {
            "default": [
                {
                    "type": "insecureAcceptAnything"
                }
            ],
            "transports":
                {
                    "docker-daemon":
                        {
                            "": [{"type":"insecureAcceptAnything"}]
                        }
                }
        }
        EOF
        echo "function skopeo_sync {" > skopeo_sync.bash
        echo "  skopeo sync --src docker --dest docker docker.io/\$1 --dest-creds {{ kubeinit_registry_user }}:{{ kubeinit_registry_password }} {{ kubeinit_registry_uri }}/\$2" >> ~/skopeo_sync.bash
        echo "}" >> ~/skopeo_sync.bash
        sed -e 's;^\(.*\)/\(.*\);skopeo_sync "\1/\2" "\1";' ~/kubeinit_deployment_images.txt >> ~/skopeo_sync.bash
        bash ~/skopeo_sync.bash
      args:
        executable: /bin/bash
      register: _result
      changed_when: "_result.rc == 0"
      when: "'registry' in kubeinit_cluster_hostvars.services"

  delegate_to: "{{ kubeinit_provision_service_node }}"