Address standalone kubelet config case

Also place in global vars and do not repeat the kube_*_config_dir
and kube_namespace vars for better code maintainability and UX.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>

contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/tasks/main.yaml

 ---
 - name: Kubernetes Apps | Lay Down k8s GlusterFS Endpoint and PV
-  template: src={{item.file}} dest=/etc/kubernetes/{{item.dest}}
+  template: src={{item.file}} dest={{kube_config_dir}}/{{item.dest}}
   with_items:
           - { file: glusterfs-kubernetes-endpoint.json.j2, type: ep, dest: glusterfs-kubernetes-endpoint.json}
           - { file: glusterfs-kubernetes-pv.yml.j2, type: pv, dest: glusterfs-kubernetes-pv.yml}
@@ -13,7 +13,7 @@
     namespace: default
     kubectl: "{{bin_dir}}/kubectl"
     resource: "{{item.item.type}}"
-    filename: "/etc/kubernetes/{{item.item.dest}}"
+    filename: "{{kube_config_dir}}/{{item.item.dest}}"
     state: "{{item.changed | ternary('latest','present') }}"
   with_items: "{{ gluster_pv.results }}"
   when: inventory_hostname == groups['kube-master'][0] and groups['gfs-cluster'] is defined

inventory/group_vars/all.yml

@@ -4,6 +4,28 @@ bootstrap_os: none
 # Directory where the binaries will be installed
 bin_dir: /usr/local/bin
 
+# Kubernetes configuration dirs and system namespace.
+# Those are where all the additional config stuff goes
+# the kubernetes normally puts in /srv/kubernets.
+# This puts them in a sane location and namespace.
+# Editting those values will almost surely break something.
+kube_config_dir: /etc/kubernetes
+kube_script_dir: "{{ bin_dir }}/kubernetes-scripts"
+kube_manifest_dir: "{{ kube_config_dir }}/manifests"
+system_namespace: kube-system
+
+# Logging directory (sysvinit systems)
+kube_log_dir: "/var/log/kubernetes"
+
+# This is where all the cert scripts and certs will be located
+kube_cert_dir: "{{ kube_config_dir }}/ssl"
+
+# This is where all of the bearer tokens will be stored
+kube_token_dir: "{{ kube_config_dir }}/tokens"
+
+# This is where to save basic auth file
+kube_users_dir: "{{ kube_config_dir }}/users"
+
 # Where the binaries will be downloaded.
 # Note: ensure that you've enough disk space (about 1G)
 local_release_dir: "/tmp/releases"

roles/dnsmasq/tasks/main.yml

@@ -34,7 +34,7 @@
     state: link
 
 - name: Create dnsmasq manifests
-  template: src={{item.file}} dest=/etc/kubernetes/{{item.file}}
+  template: src={{item.file}} dest={{kube_config_dir}}/{{item.file}}
   with_items:
     - {file: dnsmasq-ds.yml, type: ds}
     - {file: dnsmasq-svc.yml, type: svc}
@@ -44,10 +44,10 @@
 - name: Start Resources
   kube:
     name: dnsmasq
-    namespace: kube-system
+    namespace: "{{system_namespace}}"
     kubectl: "{{bin_dir}}/kubectl"
     resource: "{{item.item.type}}"
-    filename: /etc/kubernetes/{{item.item.file}}
+    filename: "{{kube_config_dir}}/{{item.item.file}}"
     state: "{{item.changed | ternary('latest','present') }}"
   with_items: "{{ manifests.results }}"
   when: inventory_hostname == groups['kube-master'][0]

roles/dnsmasq/templates/dnsmasq-ds.yml

@@ -3,7 +3,7 @@ apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
   name: dnsmasq
-  namespace: kube-system
+  namespace: "{{system_namespace}}"
   labels:
     k8s-app: dnsmasq
 spec:

roles/dnsmasq/templates/dnsmasq-svc.yml

@@ -6,7 +6,7 @@ metadata:
     kubernetes.io/cluster-service: 'true'
     k8s-app: dnsmasq
   name: dnsmasq
-  namespace: kube-system
+  namespace: {{system_namespace}}
 spec:
   ports:
     - port: 53

roles/kubernetes-apps/ansible/defaults/main.yml

-kube_config_dir: /etc/kubernetes
-kube_namespace: kube-system
-
 # Versions
 kubedns_version: 1.9
 kubednsmasq_version: 1.3

roles/kubernetes-apps/ansible/tasks/calico-policy-controller.yml

@@ -8,6 +8,6 @@
     name: "calico-policy-controller"
     kubectl: "{{bin_dir}}/kubectl"
     filename: "{{kube_config_dir}}/calico-policy-controller.yml"
-    namespace: "{{kube_namespace}}"
+    namespace: "{{system_namespace}}"
     resource: "rs"
   when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/ansible/tasks/main.yaml

@@ -11,7 +11,7 @@
 - name: Kubernetes Apps | Start Resources
   kube:
     name: kubedns
-    namespace: "{{ kube_namespace }}"
+    namespace: "{{ system_namespace }}"
     kubectl: "{{bin_dir}}/kubectl"
     resource: "{{item.item.type}}"
     filename: "{{kube_config_dir}}/{{item.item.file}}"

roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2

@@ -2,7 +2,7 @@ apiVersion: extensions/v1beta1
 kind: ReplicaSet
 metadata:
   name: calico-policy-controller
-  namespace: {{ kube_namespace }}
+  namespace: {{ system_namespace }}
   labels:
     k8s-app: calico-policy
     kubernetes.io/cluster-service: "true"
@@ -15,7 +15,7 @@ spec:
   template:
     metadata:
       name: calico-policy-controller
-      namespace: kube-system
+      namespace: {{system_namespace}}
       labels:
         kubernetes.io/cluster-service: "true"
         k8s-app: calico-policy

roles/kubernetes-apps/ansible/templates/kubedns-rc.yml

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ReplicationController
 metadata:
   name: kubedns
-  namespace: {{ kube_namespace }}
+  namespace: {{ system_namespace }}
   labels:
     k8s-app: kubedns
     version: v19

roles/kubernetes-apps/ansible/templates/kubedns-svc.yml

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: kubedns
-  namespace: {{ kube_namespace }}
+  namespace: {{ system_namespace }}
   labels:
     k8s-app: kubedns
     kubernetes.io/cluster-service: "true"

roles/kubernetes-apps/network_plugin/canal/tasks/main.yaml

@@ -3,15 +3,15 @@
   kube:
     name: "canal-config"
     kubectl: "{{bin_dir}}/kubectl"
-    filename: "/etc/kubernetes/canal-config.yaml"
+    filename: "{{kube_config_dir}}/canal-config.yaml"
     resource: "configmap"
-    namespace: "kube-system"
+    namespace: "{{system_namespace}}"
 
 - name: Start flannel and calico-node
   run_once: true
   kube:
     name: "canal-node"
     kubectl: "{{bin_dir}}/kubectl"
-    filename: "/etc/kubernetes/canal-node.yaml"
+    filename: "{{kube_config_dir}}/canal-node.yaml"
     resource: "ds"
-    namespace: "kube-system"
+    namespace: "{{system_namespace}}"

roles/kubernetes/master/defaults/main.yml

-# This is where all the cert scripts and certs will be located
-kube_cert_dir: "{{ kube_config_dir }}/ssl"
-
-# This is where all of the bearer tokens will be stored
-kube_token_dir: "{{ kube_config_dir }}/tokens"
-
-# This is where to save basic auth file
-kube_users_dir: "{{ kube_config_dir }}/users"
-
 # An experimental dev/test only dynamic volumes provisioner,
 # for PetSets. Works for kube>=v1.3 only.
 kube_hostpath_dynamic_provisioner: "false"
 
-# This is where you can drop yaml/json files and the kubelet will run those
-# pods on startup
-kube_manifest_dir: "{{ kube_config_dir }}/manifests"
-
-# This directory is where all the additional config stuff goes
-# the kubernetes normally puts in /srv/kubernets.
-# This puts them in a sane location.
-# Editting this value will almost surely break something. Don't
-# change it. Things like the systemd scripts are hard coded to
-# look in here. Don't do it.
-kube_config_dir: /etc/kubernetes
-
 # change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
 kube_apiserver_insecure_bind_address: 127.0.0.1
 
@@ -30,9 +9,6 @@ kube_apiserver_insecure_bind_address: 127.0.0.1
 # Inclusive at both ends of the range.
 kube_apiserver_node_port_range: "30000-32767"
 
-# Logging directory (sysvinit systems)
-kube_log_dir: "/var/log/kubernetes"
-
 # ETCD cert dir for connecting apiserver to etcd
 etcd_config_dir: /etc/ssl/etcd
 etcd_cert_dir: "{{ etcd_config_dir }}/ssl"

roles/kubernetes/master/files/namespace.yml

 apiVersion: v1
 kind: Namespace
 metadata:
-  name: kube-system
+  name: "{{system_namespace}}"

roles/kubernetes/master/tasks/main.yml

@@ -36,28 +36,27 @@
   tags: kube-apiserver
 
 - meta: flush_handlers
-# Create kube-system namespace
-- name: copy 'kube-system' namespace manifest
-  copy: src=namespace.yml dest=/etc/kubernetes/kube-system-ns.yml
+
+- name: copy kube system namespace manifest
+  copy: src=namespace.yml dest={{kube_config_dir}}/{{system_namespace}}-ns.yml
   run_once: yes
   when: inventory_hostname == groups['kube-master'][0]
   tags: apps
 
-- name: Check if kube-system exists
-  command: "{{ bin_dir }}/kubectl get ns kube-system"
+- name: Check if kube system namespace exists
+  command: "{{ bin_dir }}/kubectl get ns {{system_namespace}}"
   register: 'kubesystem'
   changed_when: False
   failed_when: False
   run_once: yes
   tags: apps
 
-- name: Create 'kube-system' namespace
-  command: "{{ bin_dir }}/kubectl create -f /etc/kubernetes/kube-system-ns.yml"
+- name: Create kube system namespace
+  command: "{{ bin_dir }}/kubectl create -f {{kube_config_dir}}/{{system_namespace}}-ns.yml"
   changed_when: False
   when: kubesystem|failed and inventory_hostname == groups['kube-master'][0]
   tags: apps
 
-# Write other manifests
 - name: Write kube-controller-manager manifest
   template:
     src: manifests/kube-controller-manager.manifest.j2

roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: kube-apiserver
-  namespace: kube-system
+  namespace: {{system_namespace}}
   labels:
     k8s-app: kube-apiserver
 spec:

roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: kube-controller-manager
-  namespace: kube-system
+  namespace: {{system_namespace}}
   labels:
     k8s-app: kube-controller
 spec:

roles/kubernetes/master/vars/main.yml

@@ -3,4 +3,4 @@ namespace_kubesystem:
   apiVersion: v1
   kind: Namespace
   metadata:
-    name: kube-system
\ No newline at end of file
+    name: "{{system_namespace}}"

roles/kubernetes/node/defaults/main.yml

-# This is where all the cert scripts and certs will be located
-kube_cert_dir: "{{ kube_config_dir }}/ssl"
-
 # change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
 kube_apiserver_insecure_bind_address: 127.0.0.1
 
-# This is where you can drop yaml/json files and the kubelet will run those
-# pods on startup
-kube_manifest_dir: "{{ kube_config_dir }}/manifests"
-
-dns_domain: "{{ cluster_name }}"
-
 # resolv.conf to base dns config
 kube_resolv_conf: "/etc/resolv.conf"
 
@@ -22,16 +13,5 @@ kube_proxy_masquerade_all: true
 #   - extensions/v1beta1/daemonsets=true
 #   - extensions/v1beta1/deployments=true
 
-# Logging directory (sysvinit systems)
-kube_log_dir: "/var/log/kubernetes"
-
-# This directory is where all the additional config stuff goes
-# the kubernetes normally puts in /srv/kubernets.
-# This puts them in a sane location.
-# Editting this value will almost surely break something. Don't
-# change it. Things like the systemd scripts are hard coded to
-# look in here. Don't do it.
-kube_config_dir: /etc/kubernetes
-
 nginx_image_repo: nginx
 nginx_image_tag: 1.11.4-alpine

roles/kubernetes/node/tasks/main.yml

 ---
+- set_fact:
+    standalone_kubelet: >-
+      {%- if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] -%}true{%- else -%}false{%- endif -%}
+  tags: facts
+
 - include: install.yml
   tags: kubelet