From a5b46bfc8c910b71f5ee86d6053ead000d795a6c Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Mon, 29 Apr 2019 15:12:22 +0300
Subject: [PATCH] Run dns_late preinstall tasks on all k8s nodes (#4672)
* Run dns_late preinstall tasks on all k8s nodes
Related issue: #4656
Change-Id: I63f8559ef1a497b7580ab084561e6603fe647834
* Fix ansible-lint
Change-Id: Ia5b33fa63dbc36d8c3e9557ef3f2ea02af2325a5
* Fix recover_control_plane lint issues
Change-Id: I16643a3193c11b6ba704e9698812cac7e4fd19a8
---
.gitlab-ci/lint.yml | 2 +-
cluster.yml | 7 ++++++-
roles/recover_control_plane/etcd/tasks/prepare.yml | 1 +
.../etcd/tasks/recover_lost_quorum.yml | 4 +++-
upgrade-cluster.yml | 7 +++++++
5 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/.gitlab-ci/lint.yml b/.gitlab-ci/lint.yml
index 7d02149e8..170aa02ed 100644
--- a/.gitlab-ci/lint.yml
+++ b/.gitlab-ci/lint.yml
@@ -11,7 +11,7 @@ ansible-lint:
stage: unit-tests
# lint every yml/yaml file that looks like it contains Ansible plays
script: |-
- grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v
+ grep -Rl '^- hosts: \|^ hosts: ' --include \*.yml --include \*.yaml . | xargs -P 4 -n 25 ansible-lint -v
except: ['triggers', 'master']
syntax-check:
diff --git a/cluster.yml b/cluster.yml
index d1ccb317c..cc48fe459 100644
--- a/cluster.yml
+++ b/cluster.yml
@@ -109,5 +109,10 @@
roles:
- { role: kubespray-defaults}
- { role: kubernetes-apps, tags: apps }
- - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true }
environment: "{{proxy_env}}"
+
+- hosts: k8s-cluster
+ any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
+ roles:
+ - { role: kubespray-defaults}
+ - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf, dns_late: true }
diff --git a/roles/recover_control_plane/etcd/tasks/prepare.yml b/roles/recover_control_plane/etcd/tasks/prepare.yml
index 964ba35dd..0f00f0338 100644
--- a/roles/recover_control_plane/etcd/tasks/prepare.yml
+++ b/roles/recover_control_plane/etcd/tasks/prepare.yml
@@ -1,5 +1,6 @@
---
- name: Delete old certificates
+ # noqa 302 - rm is ok here for now
shell: "rm /etc/ssl/etcd/ssl/*{{ item }}* /etc/kubernetes/ssl/etcd/*{{ item }}*"
with_items: "{{ old_etcds.split(',') }}"
register: delete_old_cerificates
diff --git a/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml b/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml
index 07d407895..beb8b0daf 100644
--- a/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml
+++ b/roles/recover_control_plane/etcd/tasks/recover_lost_quorum.yml
@@ -20,7 +20,9 @@
state: stopped
- name: Remove etcd data-dir
- shell: "rm -rf {{ etcd_data_dir }}"
+ file:
+ path: "{{ etcd_data_dir }}"
+ state: absent
- name: Restore etcd snapshot
shell: "{{ bin_dir }}/etcdctl snapshot restore /tmp/snapshot.db --name {{ etcd_member_name }} --initial-cluster {{ etcd_member_name }}={{ etcd_peer_url }} --initial-cluster-token k8s_etcd --initial-advertise-peer-urls {{ etcd_peer_url }} --data-dir {{ etcd_data_dir }}"
diff --git a/upgrade-cluster.yml b/upgrade-cluster.yml
index 395ca049b..4cdbaeb72 100644
--- a/upgrade-cluster.yml
+++ b/upgrade-cluster.yml
@@ -112,10 +112,17 @@
roles:
- { role: kubespray-defaults}
- { role: network_plugin/calico/rr, tags: network }
+ environment: "{{proxy_env}}"
- hosts: kube-master
any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
roles:
- { role: kubespray-defaults}
- { role: kubernetes-apps, tags: apps }
+ environment: "{{proxy_env}}"
+
+- hosts: k8s-cluster
+ any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
+ roles:
+ - { role: kubespray-defaults}
- { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf }
--
GitLab