diff --git a/cluster.yml b/cluster.yml
index 832afbb84ae8eb74a2acf6ab299294a6e35e3448..66850a3e5888e3a794ca502659fbce1a2c23fc37 100644
--- a/cluster.yml
+++ b/cluster.yml
@@ -1,8 +1,6 @@
---
- hosts: k8s-cluster
roles:
- - { role: adduser, tags: adduser }
- - { role: download, tags: download }
- { role: kubernetes/preinstall, tags: preinstall }
- { role: etcd, tags: etcd }
- { role: docker, tags: docker, when: ansible_os_family != "CoreOS" }
diff --git a/roles/adduser/defaults/main.yml b/roles/adduser/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b3a69229c15aca990cd255d6c0f0ddf68a4f9daa
--- /dev/null
+++ b/roles/adduser/defaults/main.yml
@@ -0,0 +1,24 @@
+---
+addusers:
+ etcd:
+ name: etcd
+ comment: "Etcd user"
+ createhome: yes
+ home: "/var/lib/etcd"
+ system: yes
+ shell: /bin/nologin
+ kube:
+ name: kube
+ comment: "Kubernetes user"
+ shell: /sbin/nologin
+ system: yes
+ group: "{{ kube_cert_group }}"
+ createhome: no
+
+adduser:
+ name: "{{ user.name }}"
+ group: "{{ user.name|default(None) }}"
+ comment: "{{ user.comment|default(None) }}"
+ shell: "{{ user.shell|default(None) }}"
+ system: "{{ user.system|default(None) }}"
+ createhome: "{{ user.createhome|default(None) }}"
diff --git a/roles/adduser/tasks/main.yml b/roles/adduser/tasks/main.yml
index 58e5ce49e506607a56044337d6bef649c910e12b..394ff92945c99882977c63b4e668131b13189fb3 100644
--- a/roles/adduser/tasks/main.yml
+++ b/roles/adduser/tasks/main.yml
@@ -1,28 +1,13 @@
---
-- name: gather os specific variables
- include_vars: "{{ item }}"
- with_first_found:
- - files:
- - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
- - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
- - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
- - "{{ ansible_distribution|lower }}.yml"
- - "{{ ansible_os_family|lower }}.yml"
- - defaults.yml
- paths:
- - ../vars
- skip: true
-
- name: User | Create User Group
- group: name={{item.group|default(item.name)}} system={{item.system|default(omit)}}
- with_items: "{{ addusers }}"
+ group: name={{user.group|default(user.name)}} system={{user.system|default(omit)}}
- name: User | Create User
user:
- comment: "{{item.comment|default(omit)}}"
- createhome: "{{item.create_home|default(omit)}}"
- group: "{{item.group|default(item.name)}}"
- home: "{{item.home|default(omit)}}"
- name: "{{item.name}}"
- system: "{{item.system|default(omit)}}"
- with_items: "{{ addusers }}"
+ comment: "{{user.comment|default(omit)}}"
+ createhome: "{{user.create_home|default(omit)}}"
+ group: "{{user.group|default(user.name)}}"
+ home: "{{user.home|default(omit)}}"
+ shell: "{{user.shell|default(omit)}}"
+ name: "{{user.name}}"
+ system: "{{user.system|default(omit)}}"
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index 72ae6e2e345e6337f1d1a7eb739ec9906ed24dcc..55b437f531dce613ec5fd822cb033f3e16e54adf 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -33,7 +33,7 @@ kubelet_checksum: "4adaf40592248eef6fd4fa126464915ea41e624a70dc77178089760ed235e
kube_apiserver_checksum: "6ac99b36b02968459e026fcfc234207c66064b5e11816b69dd8fc234b2ffec1e"
downloads:
- - name: calico
+ calico:
dest: calico/bin/calicoctl
version: "{{calico_version}}"
sha256: "{{ calico_checksum }}"
@@ -41,8 +41,7 @@ downloads:
url: "{{ calico_download_url }}"
owner: "root"
mode: "0755"
-
- - name: calico-cni-plugin
+ calico_cni_plugin:
dest: calico/bin/calico
version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_checksum }}"
@@ -50,8 +49,7 @@ downloads:
url: "{{ calico_cni_download_url }}"
owner: "root"
mode: "0755"
-
- - name: calico-cni-plugin-ipam
+ calico_cni_plugin_ipam:
dest: calico/bin/calico-ipam
version: "{{calico_cni_version}}"
sha256: "{{ calico_cni_ipam_checksum }}"
@@ -59,8 +57,7 @@ downloads:
url: "{{ calico_cni_ipam_download_url }}"
owner: "root"
mode: "0755"
-
- - name: weave
+ weave:
dest: weave/bin/weave
version: "{{weave_version}}"
source_url: "{{weave_download_url}}"
@@ -68,8 +65,7 @@ downloads:
sha256: "{{ weave_checksum }}"
owner: "root"
mode: "0755"
-
- - name: etcd
+ etcd:
version: "{{etcd_version}}"
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
sha256: "{{ etcd_checksum }}"
@@ -78,8 +74,7 @@ downloads:
unarchive: true
owner: "etcd"
mode: "0755"
-
- - name: kubernetes-kubelet
+ kubernetes_kubelet:
version: "{{kube_version}}"
dest: kubernetes/bin/kubelet
sha256: "{{kubelet_checksum}}"
@@ -87,8 +82,7 @@ downloads:
url: "{{ kubelet_download_url }}"
owner: "kube"
mode: "0755"
-
- - name: kubernetes-kubectl
+ kubernetes_kubectl:
dest: kubernetes/bin/kubectl
version: "{{kube_version}}"
sha256: "{{kubectl_checksum}}"
@@ -96,8 +90,7 @@ downloads:
url: "{{ kubectl_download_url }}"
owner: "kube"
mode: "0755"
-
- - name: kubernetes-apiserver
+ kubernetes_apiserver:
dest: kubernetes/bin/kube-apiserver
version: "{{kube_version}}"
sha256: "{{kube_apiserver_checksum}}"
@@ -105,3 +98,14 @@ downloads:
url: "{{ apiserver_download_url }}"
owner: "kube"
mode: "0755"
+
+download:
+ enabled: "{{ file.enabled|default('true') }}"
+ dest: "{{ file.dest|default(None) }}"
+ version: "{{ file.version|default(None) }}"
+ sha256: "{{ file.sha256|default(None) }}"
+ source_url: "{{ file.source_url|default(None) }}"
+ url: "{{ file.url|default(None) }}"
+ unarchive: "{{ file.unarchive|default('false') }}"
+ owner: "{{ file.owner|default('kube') }}"
+ mode: "{{ file.mode|default(None) }}"
diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml
index df9b652b1498921d991a18651f05358e767ee3d9..40bd3c90209f0b29f1d280b411abb6cff2ed15d7 100644
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@@ -1,36 +1,39 @@
---
+- name: downloading...
+ debug:
+ msg: "{{ download.url }}"
+ when: "{{ download.enabled|bool }}"
+
- name: Create dest directories
- file: path={{local_release_dir}}/{{item.dest|dirname}} state=directory recurse=yes
- with_items: "{{ downloads }}"
+ file: path={{local_release_dir}}/{{download.dest|dirname}} state=directory recurse=yes
+ when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}"
- name: Download items
get_url:
- url: "{{item.url}}"
- dest: "{{local_release_dir}}/{{item.dest}}"
- sha256sum: "{{item.sha256 | default(omit)}}"
- owner: "{{ item.owner|default(omit) }}"
- mode: "{{ item.mode|default(omit) }}"
- with_items: "{{ downloads }}"
+ url: "{{download.url}}"
+ dest: "{{local_release_dir}}/{{download.dest}}"
+ sha256sum: "{{download.sha256 | default(omit)}}"
+ owner: "{{ download.owner|default(omit) }}"
+ mode: "{{ download.mode|default(omit) }}"
+ when: "{{ download.enabled|bool }}"
run_once: "{{ download_run_once|bool }}"
- name: Extract archives
unarchive:
- src: "{{ local_release_dir }}/{{item.dest}}"
- dest: "{{ local_release_dir }}/{{item.dest|dirname}}"
- owner: "{{ item.owner|default(omit) }}"
- mode: "{{ item.mode|default(omit) }}"
+ src: "{{ local_release_dir }}/{{download.dest}}"
+ dest: "{{ local_release_dir }}/{{download.dest|dirname}}"
+ owner: "{{ download.owner|default(omit) }}"
+ mode: "{{ download.mode|default(omit) }}"
copy: no
- when: "{{item.unarchive is defined and item.unarchive == True}}"
- with_items: "{{ downloads }}"
+ when: "{{ download.enabled|bool }} and ({{download.unarchive is defined and download.unarchive == True}})"
run_once: "{{ download_run_once|bool }}"
- name: Fix permissions
file:
state: file
- path: "{{local_release_dir}}/{{item.dest}}"
- owner: "{{ item.owner|default(omit) }}"
- mode: "{{ item.mode|default(omit) }}"
- when: "{{item.unarchive is not defined or item.unarchive == False}}"
- with_items: "{{ downloads }}"
+ path: "{{local_release_dir}}/{{download.dest}}"
+ owner: "{{ download.owner|default(omit) }}"
+ mode: "{{ download.mode|default(omit) }}"
+ when: "{{ download.enabled|bool }} and ({{download.unarchive is not defined or download.unarchive == False}})"
run_once: "{{ download_run_once|bool }}"
diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5ea32c371600fcb1e66e5828c7231224e15c8e14
--- /dev/null
+++ b/roles/etcd/meta/main.yml
@@ -0,0 +1,7 @@
+---
+dependencies:
+ - role: adduser
+ user: "{{ addusers.etcd }}"
+ when: ansible_os_family != 'CoreOS'
+ - role: download
+ file: "{{ downloads.etcd }}"
diff --git a/roles/kubernetes/master/meta/main.yml b/roles/kubernetes/master/meta/main.yml
index 53dd0401790ba04ab2aab531ac3023b9aa3749df..11f02f99d09b743a65575d1142d87bb727ca6d56 100644
--- a/roles/kubernetes/master/meta/main.yml
+++ b/roles/kubernetes/master/meta/main.yml
@@ -1,4 +1,8 @@
---
dependencies:
+ - role: download
+ file: "{{ downloads.kubernetes_kubectl }}"
+ - role: download
+ file: "{{ downloads.kubernetes_apiserver }}"
- { role: etcd }
- { role: kubernetes/node }
diff --git a/roles/kubernetes/node/meta/main.yml b/roles/kubernetes/node/meta/main.yml
index 811a29787abf374c8791a2088518eaafaf16f95a..a277c7d8a8000b3ffb6e28fc71033b7e23b925ed 100644
--- a/roles/kubernetes/node/meta/main.yml
+++ b/roles/kubernetes/node/meta/main.yml
@@ -1,3 +1,5 @@
---
dependencies:
- - role: kubernetes/secrets
+ - role: download
+ file: "{{ downloads.kubernetes_kubelet }}"
+ - role: kubernetes/secrets
diff --git a/roles/kubernetes/preinstall/meta/main.yml b/roles/kubernetes/preinstall/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..3d0d62446af48cdbac77561a76094f111560956c
--- /dev/null
+++ b/roles/kubernetes/preinstall/meta/main.yml
@@ -0,0 +1,5 @@
+---
+dependencies:
+ - role: adduser
+ user: "{{ addusers.kube }}"
+ when: ansible_os_family != 'CoreOS'
diff --git a/roles/network_plugin/calico/meta/main.yml b/roles/network_plugin/calico/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..dd9379a4441eb960dd7fdda71b3877c8a95b96cb
--- /dev/null
+++ b/roles/network_plugin/calico/meta/main.yml
@@ -0,0 +1,8 @@
+---
+dependencies:
+ - role: download
+ file: "{{ downloads.calico }}"
+ - role: download
+ file: "{{ downloads.calico_cni_plugin }}"
+ - role: download
+ file: "{{ downloads.calico_cni_plugin_ipam }}"
diff --git a/roles/network_plugin/weave/meta/main.yml b/roles/network_plugin/weave/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..88346d30494f2f7e5d4a2190d72895f4ae25eb87
--- /dev/null
+++ b/roles/network_plugin/weave/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+ - role: download
+ file: "{{ downloads.weave }}"