Skip to content
Snippets Groups Projects
Select Git revision
  • 6d6c4e6a6c1abc109205eb2d997a57b4207bdb84
  • main default
  • dependabot/github_actions/bbeesley/gha-auto-dependabot-rebase-1.5.166
  • v0.1.18
  • v0.1.17
  • v0.1.16
  • v0.1.15
  • v0.1.14
  • v0.1.13
  • v0.1.12
  • v0.1.11
  • v0.1.10
  • v0.1.9
  • v0.1.8
  • v0.1.7
  • v0.1.6
  • v0.1.5
  • v0.1.4
  • v0.1.3
  • v0.1.2
  • v0.1.1
  • v0.1.0
  • v0.0.59
23 results

.cliff.release.toml

Blame
  • upgrade-cluster.yml 4.21 KiB
    ---
    - hosts: localhost
      gather_facts: False
      roles:
        - { role: kubespray-defaults}
        - { role: bastion-ssh-config, tags: ["localhost", "bastion"]}
    
    - hosts: k8s-cluster:etcd:calico-rr
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      gather_facts: false
      vars:
        # Need to disable pipelining for bootstrap-os as some systems have requiretty in sudoers set, which makes pipelining
        # fail. bootstrap-os fixes this on these systems, so in later plays it can be enabled.
        ansible_ssh_pipelining: false
      roles:
        - { role: kubespray-defaults}
        - { role: bootstrap-os, tags: bootstrap-os}
    
    - hosts: k8s-cluster:etcd:calico-rr
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      vars:
        ansible_ssh_pipelining: true
      gather_facts: true
    
    - hosts: k8s-cluster:etcd:calico-rr
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      serial: "{{ serial | default('20%') }}"
      roles:
        - { role: kubespray-defaults}
        - { role: kubernetes/preinstall, tags: preinstall }
        - { role: docker, tags: docker }
        - role: rkt
          tags: rkt
          when: "'rkt' in [etcd_deployment_type, kubelet_deployment_type, vault_deployment_type]"
        - { role: download, tags: download, skip_downloads: false }
    
    - hosts: etcd:k8s-cluster:vault
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      roles:
        - { role: kubespray-defaults, when: "cert_management == 'vault'" }
        - { role: vault, tags: vault, vault_bootstrap: true, when: "cert_management == 'vault'" }
    
    - hosts: etcd
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      roles:
        - { role: kubespray-defaults}
        - { role: etcd, tags: etcd, etcd_cluster_setup: true }
    
    - hosts: k8s-cluster
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      roles:
        - { role: kubespray-defaults}
        - { role: etcd, tags: etcd, etcd_cluster_setup: false }
    
    - hosts: etcd:k8s-cluster:vault
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      roles:
        - { role: kubespray-defaults, when: "cert_management == 'vault'"}
        - { role: vault, tags: vault, when: "cert_management == 'vault'"}
    
    #Handle upgrades to master components first to maintain backwards compat.
    - hosts: kube-master
      any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
      serial: 1
      roles:
        - { role: kubespray-defaults}
        - { role: upgrade/pre-upgrade, tags: pre-upgrade }
        - { role: kubernetes/node, tags: node }
        - { role: kubernetes/master, tags: master }
        - { role: kubernetes/client, tags: client }