From baaa6efc2badf2925f502c8989d0aba3c206d06b Mon Sep 17 00:00:00 2001
From: Smaine Kahlouch <smaine.kahlouch@arkena.com>
Date: Sun, 24 Jan 2016 22:27:55 +0100
Subject: [PATCH] workaround_ha_apiserver
---
roles/etcd/tasks/configure.yml | 2 +-
roles/kubernetes/master/tasks/main.yml | 33 ++++++++++++++-----------
roles/kubernetes/node/handlers/main.yml | 2 +-
roles/kubernetes/node/tasks/install.yml | 2 +-
4 files changed, 22 insertions(+), 17 deletions(-)
diff --git a/roles/etcd/tasks/configure.yml b/roles/etcd/tasks/configure.yml
index 34a80ed47..91f743d2e 100644
--- a/roles/etcd/tasks/configure.yml
+++ b/roles/etcd/tasks/configure.yml
@@ -5,7 +5,7 @@
dest: /lib/systemd/system/etcd.service
backup: yes
when: init_system == "systemd"
- notify: restart systemd-etcd
+ notify: restart etcd
- name: Configure | Write etcd initd script
template:
diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml
index 48cfd5bc0..7deff6861 100644
--- a/roles/kubernetes/master/tasks/main.yml
+++ b/roles/kubernetes/master/tasks/main.yml
@@ -58,15 +58,6 @@
backup: yes
when: init_system == "sysvinit" and ansible_os_family == "Debian"
-- name: Restart apiserver
- command: /bin/true
- notify: restart kube-apiserver
- changed_when: is_gentoken_calico|default(false) or kube_apiserver_copy.stdout_lines
-
-- name: Allow apiserver to bind on both secure and insecure ports
- shell: setcap cap_net_bind_service+ep {{ bin_dir }}/kube-apiserver
- changed_when: false
-
- name: Write kube-apiserver config file
template:
src: "kube-apiserver.j2"
@@ -74,11 +65,14 @@
backup: yes
notify: restart kube-apiserver
-# restart apiserver if calico tokens list has changed
-- name: Reload tokens (restart apiserver)
- command: /bin/true
+- name: Allow apiserver to bind on both secure and insecure ports
+ shell: setcap cap_net_bind_service+ep {{ bin_dir }}/kube-apiserver
+ changed_when: false
+
+- name: Restart apiserver
+ command: "/bin/true"
notify: restart kube-apiserver
- changed_when: is_gentoken_calico|default(false)
+ when: is_gentoken_calico|default(false) or kube_apiserver_copy.stdout_lines
# reload-systemd
- meta: flush_handlers
@@ -105,7 +99,6 @@
- name: wait for the apiserver to be running
wait_for:
port: "{{kube_apiserver_insecure_port}}"
- delay: 10
timeout: 60
- name: Create 'kube-system' namespace
@@ -128,3 +121,15 @@
template:
src: manifests/kube-podmaster.manifest.j2
dest: "{{ kube_manifest_dir }}/kube-podmaster.manifest"
+
+- name: restart kubelet
+ service:
+ name: kubelet
+ state: restarted
+ changed_when: false
+
+- name: Enable apiserver
+ service:
+ name: kube-apiserver
+ enabled: yes
+ state: started
diff --git a/roles/kubernetes/node/handlers/main.yml b/roles/kubernetes/node/handlers/main.yml
index 81d7ca2c7..e0294b3d2 100644
--- a/roles/kubernetes/node/handlers/main.yml
+++ b/roles/kubernetes/node/handlers/main.yml
@@ -7,7 +7,7 @@
command: /bin/true
notify:
- reload systemd
- - reload kubelet
+ - restart kubelet
- name: set is_gentoken_calico fact
set_fact:
diff --git a/roles/kubernetes/node/tasks/install.yml b/roles/kubernetes/node/tasks/install.yml
index 3d90fd033..c8146ec5e 100644
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@@ -2,7 +2,7 @@
- name: install | Write kubelet systemd init file
template: src=kubelet.service.j2 dest=/etc/systemd/system/kubelet.service backup=yes
when: init_system == "systemd"
- notify: restart systemd-kubelet
+ notify: restart kubelet
- name: install | Write kubelet initd script
template: src=deb-kubelet.initd.j2 dest=/etc/init.d/kubelet owner=root mode=755 backup=yes
--
GitLab