diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml
index bb693790233e3ca7218dbbc80021d541805da087..6f45fb0734fd133337e66cf90c2bd1b521439868 100644
--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -1,17 +1,17 @@
---
-- include: bootstrap-ubuntu.yml
+- import_tasks: bootstrap-ubuntu.yml
when: bootstrap_os == "ubuntu"
-- include: bootstrap-debian.yml
+- import_tasks: bootstrap-debian.yml
when: bootstrap_os == "debian"
-- include: bootstrap-coreos.yml
+- import_tasks: bootstrap-coreos.yml
when: bootstrap_os == "coreos"
-- include: bootstrap-centos.yml
+- import_tasks: bootstrap-centos.yml
when: bootstrap_os == "centos"
-- include: setup-pipelining.yml
+- import_tasks: setup-pipelining.yml
- name: check if atomic host
stat:
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index e5ca6d1655920db64ad159887091eeae58531024..1c95f819f31f3afe7a5f80b218776226871fb304 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -15,7 +15,7 @@
tags:
- facts
-- include: set_facts_dns.yml
+- include_tasks: set_facts_dns.yml
when: dns_mode != 'none' and resolvconf_mode == 'docker_dns'
tags:
- facts
@@ -88,7 +88,7 @@
installed_docker_version.stdout|version_compare('1.12', '<')
- name: Set docker systemd config
- include: systemd.yml
+ import_tasks: systemd.yml
- name: ensure docker service is started and enabled
service:
diff --git a/roles/download/tasks/download_container.yml b/roles/download/tasks/download_container.yml
index 5766ab577c67685b44e801b344d4b58f5d82cfb0..bbf7cec85f307ea3c9634ea643ab07d8fc9068d3 100644
--- a/roles/download/tasks/download_container.yml
+++ b/roles/download/tasks/download_container.yml
@@ -1,6 +1,6 @@
---
- name: container_download | Make download decision if pull is required by tag or sha256
- include: set_docker_image_facts.yml
+ include_tasks: set_docker_image_facts.yml
delegate_to: "{{ download_delegate if download_run_once or omit }}"
delegate_facts: no
run_once: "{{ download_run_once }}"
diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml
index cc891c0dd0b6f5c46cc0f247594763ce80ba0d2d..c6e910e5df52a46fa520c30da0e910fbf7130381 100644
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@@ -1,10 +1,10 @@
---
-- include: download_prep.yml
+- include_tasks: download_prep.yml
when:
- not skip_downloads|default(false)
- name: "Download items"
- include: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
+ include_tasks: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
vars:
download: "{{ download_defaults | combine(item.value) }}"
with_dict: "{{ downloads }}"
@@ -13,7 +13,7 @@
- item.value.enabled
- name: "Sync container"
- include: sync_container.yml
+ include_tasks: sync_container.yml
vars:
download: "{{ download_defaults | combine(item.value) }}"
with_dict: "{{ downloads }}"
diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml
index aca8522f52d1a67ac15af6a60de282d29dcf53fd..f6666ee944249d5f0b66de4823ebb3eb84bb61f8 100644
--- a/roles/etcd/handlers/main.yml
+++ b/roles/etcd/handlers/main.yml
@@ -7,7 +7,7 @@
- reload etcd
- wait for etcd up
-- include: backup.yml
+- import_tasks: backup.yml
- name: etcd | reload systemd
command: systemctl daemon-reload
diff --git a/roles/etcd/tasks/configure.yml b/roles/etcd/tasks/configure.yml
index 02bc231722fde5dfa50d65460d2227ce6916be37..7b5c90718ec3b53911fddad18c3f41d2f849c6ab 100644
--- a/roles/etcd/tasks/configure.yml
+++ b/roles/etcd/tasks/configure.yml
@@ -30,7 +30,7 @@
notify: restart etcd
- name: Configure | Join member(s) to cluster one at a time
- include: join_member.yml
+ include_tasks: join_member.yml
vars:
target_node: "{{ item }}"
loop_control:
diff --git a/roles/etcd/tasks/gen_certs_vault.yml b/roles/etcd/tasks/gen_certs_vault.yml
index fae397356e78482a7f0fb99868dffe6cdb3acf79..aa3274bd742ac7675a8c83acf39fa9c6e4ce8c2f 100644
--- a/roles/etcd/tasks/gen_certs_vault.yml
+++ b/roles/etcd/tasks/gen_certs_vault.yml
@@ -1,16 +1,16 @@
---
-- include: sync_etcd_master_certs.yml
+- include_tasks: sync_etcd_master_certs.yml
when: inventory_hostname in groups.etcd
tags:
- etcd-secrets
-- include: sync_etcd_node_certs.yml
+- include_tasks: sync_etcd_node_certs.yml
when: inventory_hostname in etcd_node_cert_hosts
tags:
- etcd-secrets
# Issue master certs to Etcd nodes
-- include: ../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../vault/tasks/shared/issue_cert.yml
vars:
issue_cert_common_name: "etcd:master:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
issue_cert_alt_names: "{{ groups['etcd'] + ['localhost'] + (etcd_cert_alt_names)|default() }}"
@@ -37,7 +37,7 @@
notify: set etcd_secret_changed
# Issue node certs to everyone else
-- include: ../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../vault/tasks/shared/issue_cert.yml
vars:
issue_cert_common_name: "etcd:node:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
issue_cert_alt_names: "{{ etcd_node_cert_hosts }}"
diff --git a/roles/etcd/tasks/join_member.yml b/roles/etcd/tasks/join_member.yml
index 60315203b3220da8f9d3f80c1b59be3f14bc07ab..b7801f0c916c792a6a061ebaccfabbe91d744c31 100644
--- a/roles/etcd/tasks/join_member.yml
+++ b/roles/etcd/tasks/join_member.yml
@@ -10,7 +10,7 @@
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem"
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem"
-- include: refresh_config.yml
+- include_tasks: refresh_config.yml
vars:
etcd_peer_addresses: >-
{% for host in groups['etcd'] -%}
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 570947203b8c5cd5f7f38eea8fe0636177dc19dd..a8a9f23ad433aa17866beb64cbbb7c81f60f0a61 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -1,15 +1,15 @@
---
-- include: check_certs.yml
+- include_tasks: check_certs.yml
when: cert_management == "script"
tags:
- etcd-secrets
- facts
-- include: "gen_certs_{{ cert_management }}.yml"
+- include_tasks: "gen_certs_{{ cert_management }}.yml"
tags:
- etcd-secrets
-- include: upd_ca_trust.yml
+- include_tasks: upd_ca_trust.yml
tags:
- etcd-secrets
@@ -24,18 +24,18 @@
etcd_client_cert_serial: "{{ etcd_client_cert_serial_result.stdout }}"
when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort
-- include: "install_{{ etcd_deployment_type }}.yml"
+- include_tasks: "install_{{ etcd_deployment_type }}.yml"
when: is_etcd_master
tags:
- upgrade
-- include: set_cluster_health.yml
+- import_tasks: set_cluster_health.yml
when: is_etcd_master and etcd_cluster_setup
-- include: configure.yml
+- import_tasks: configure.yml
when: is_etcd_master and etcd_cluster_setup
-- include: refresh_config.yml
+- import_tasks: refresh_config.yml
when: is_etcd_master and etcd_cluster_setup
- name: Restart etcd if certs changed
@@ -56,8 +56,8 @@
# After etcd cluster is assembled, make sure that
# initial state of the cluster is in `existing`
# state insted of `new`.
-- include: set_cluster_health.yml
+- import_tasks: set_cluster_health.yml
when: is_etcd_master and etcd_cluster_setup
-- include: refresh_config.yml
+- import_tasks: refresh_config.yml
when: is_etcd_master and etcd_cluster_setup
diff --git a/roles/etcd/tasks/sync_etcd_master_certs.yml b/roles/etcd/tasks/sync_etcd_master_certs.yml
index 2eaf1686dd190302de0d0808e931a51037fa386b..b810ff775ab76f5e5be44daf5551503d235ab544 100644
--- a/roles/etcd/tasks/sync_etcd_master_certs.yml
+++ b/roles/etcd/tasks/sync_etcd_master_certs.yml
@@ -8,7 +8,7 @@
"member-" + inventory_hostname + ".pem"
] }}
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ etcd_cert_dir }}"
@@ -26,7 +26,7 @@
set_fact:
sync_file_results: []
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
vars:
sync_file: ca.pem
sync_file_dir: "{{ etcd_cert_dir }}"
diff --git a/roles/etcd/tasks/sync_etcd_node_certs.yml b/roles/etcd/tasks/sync_etcd_node_certs.yml
index 74fa9cd4af72d5ba20c81bf9ae3c75cf02c26e1d..3e075364f2bf487569f06d8e4c9cdde3764edd34 100644
--- a/roles/etcd/tasks/sync_etcd_node_certs.yml
+++ b/roles/etcd/tasks/sync_etcd_node_certs.yml
@@ -4,7 +4,7 @@
set_fact:
etcd_node_cert_list: "{{ etcd_node_cert_list|default([]) + ['node-' + inventory_hostname + '.pem'] }}"
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ etcd_cert_dir }}"
@@ -22,7 +22,7 @@
set_fact:
sync_file_results: []
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
vars:
sync_file: ca.pem
sync_file_dir: "{{ etcd_cert_dir }}"
diff --git a/roles/kubernetes-apps/ansible/tasks/main.yml b/roles/kubernetes-apps/ansible/tasks/main.yml
index 1b1853b178910e7a4d7aad57965a7971c41bb06f..a15d5d59346ff94120561e6b018159d7227b1a90 100644
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@@ -91,13 +91,13 @@
- dnsmasq
- name: Kubernetes Apps | Netchecker
- include: tasks/netchecker.yml
+ import_tasks: tasks/netchecker.yml
when: deploy_netchecker
tags:
- netchecker
- name: Kubernetes Apps | Dashboard
- include: tasks/dashboard.yml
+ import_tasks: tasks/dashboard.yml
when: dashboard_enabled
tags:
- dashboard
diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index ac8c9ebf0d23f28be89785ab99510b98e5e66b61..06e97aff24210f82078ab5cca7982929e70a39a9 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -3,7 +3,7 @@
file: path={{ helm_home_dir }} state=directory
- name: Helm | Set up helm launcher
- include: "install_{{ helm_deployment_type }}.yml"
+ include_tasks: "install_{{ helm_deployment_type }}.yml"
- name: Helm | Lay Down Helm Manifests (RBAC)
template:
diff --git a/roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml b/roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml
index d9453e66f134d10a23c65e3863eeeea022422a9d..330acc1cd0464d698819c7bedf2ea8de29a59bb4 100644
--- a/roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml
+++ b/roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml
@@ -12,4 +12,4 @@
delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true
-- include: configure.yml
+- import_tasks: configure.yml
diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml
index 1405a9dd06a9e83994238b34981d8c1d0890dcb6..3fcd04715e297c45e54c93bc67b13e4d62147cdc 100644
--- a/roles/kubernetes/master/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml
@@ -168,5 +168,5 @@
when: sa_key_before.stat.checksum|default("") != sa_key_after.stat.checksum
- name: kubeadm | cleanup old certs if necessary
- include: kubeadm-cleanup-old-certs.yml
+ import_tasks: kubeadm-cleanup-old-certs.yml
when: old_apiserver_cert.stat.exists
diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml
index d81c2fce9d5e7adb561f08e8df91a8209592b9b9..04ad307fd536260bf0064c2c171fbb98cc6f2b67 100644
--- a/roles/kubernetes/master/tasks/main.yml
+++ b/roles/kubernetes/master/tasks/main.yml
@@ -1,5 +1,5 @@
---
-- include: pre-upgrade.yml
+- import_tasks: pre-upgrade.yml
tags:
- k8s-pre-upgrade
@@ -9,7 +9,7 @@
kube_basic_auth: false
when: kubeadm_enabled|bool|default(false)
-- include: users-file.yml
+- import_tasks: users-file.yml
when: kube_basic_auth|default(true)
- name: Compare host kubectl with hyperkube container
@@ -56,9 +56,9 @@
- upgrade
- name: Include kubeadm setup if enabled
- include: kubeadm-setup.yml
+ import_tasks: kubeadm-setup.yml
when: kubeadm_enabled|bool|default(false)
- name: Include static pod setup if not using kubeadm
- include: static-pod-setup.yml
+ import_tasks: static-pod-setup.yml
when: not kubeadm_enabled|bool|default(false)
diff --git a/roles/kubernetes/node/tasks/install.yml b/roles/kubernetes/node/tasks/install.yml
index 7f40e0d76cf4f7c83c7f064a626374de297529ac..63a529aceba7147eb3601f708bae9350c6f97028 100644
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@@ -37,7 +37,7 @@
tags:
- kubeadm
-- include: "install_{{ kubelet_deployment_type }}.yml"
+- include_tasks: "install_{{ kubelet_deployment_type }}.yml"
- name: install | Write kubelet systemd init file
template:
diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml
index 100c38c468c7d7e7df451b5e82ef87a5a9fa24d6..10271de741bf3fe698e9396d3a785286ece0bbd8 100644
--- a/roles/kubernetes/node/tasks/main.yml
+++ b/roles/kubernetes/node/tasks/main.yml
@@ -1,9 +1,9 @@
---
-- include: facts.yml
+- import_tasks: facts.yml
tags:
- facts
-- include: pre_upgrade.yml
+- import_tasks: pre_upgrade.yml
tags:
- kubelet
@@ -13,11 +13,11 @@
state: directory
mode: 0755
-- include: install.yml
+- import_tasks: install.yml
tags:
- kubelet
-- include: nginx-proxy.yml
+- import_tasks: nginx-proxy.yml
when: is_kube_master == false and loadbalancer_apiserver_localhost
tags:
- nginx
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 7b60851ccfb32597c40850803b732e32e5edfa16..0a01466ea14a28bcfbc3e6f9a78443658650226c 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -1,5 +1,5 @@
---
-- include: verify-settings.yml
+- import_tasks: verify-settings.yml
tags:
- asserts
@@ -19,7 +19,7 @@
tags:
- bootstrap-os
-- include: set_facts.yml
+- import_tasks: set_facts.yml
tags:
- facts
@@ -72,7 +72,7 @@
- cloud-provider
- facts
-- include: "{{ cloud_provider }}-credential-check.yml"
+- include_tasks: "{{ cloud_provider }}-credential-check.yml"
when:
- cloud_provider is defined
- cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
@@ -99,7 +99,7 @@
- contiv
- bootstrap-os
-- include: resolvconf.yml
+- import_tasks: resolvconf.yml
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
@@ -276,12 +276,12 @@
tags:
- cloud-provider
-- include: etchosts.yml
+- import_tasks: etchosts.yml
tags:
- bootstrap-os
- etchosts
-- include: dhclient-hooks.yml
+- import_tasks: dhclient-hooks.yml
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
@@ -290,7 +290,7 @@
- bootstrap-os
- resolvconf
-- include: dhclient-hooks-undo.yml
+- import_tasks: dhclient-hooks-undo.yml
when:
- dns_mode != 'none'
- resolvconf_mode != 'host_resolvconf'
@@ -306,7 +306,7 @@
tags:
- bootstrap-os
-- include: growpart-azure-centos-7.yml
+- import_tasks: growpart-azure-centos-7.yml
when:
- azure_check.stat.exists
- ansible_distribution in ["CentOS","RedHat"]
diff --git a/roles/kubernetes/preinstall/tasks/set_facts.yml b/roles/kubernetes/preinstall/tasks/set_facts.yml
index b5311bac862bffd979f9bfeb15243c70237c3d73..a945e715e0d4547b558f91c329a2ab03237c72fe 100644
--- a/roles/kubernetes/preinstall/tasks/set_facts.yml
+++ b/roles/kubernetes/preinstall/tasks/set_facts.yml
@@ -11,7 +11,7 @@
kube_cert_group: "kube"
when: is_atomic
-- include: set_resolv_facts.yml
+- import_tasks: set_resolv_facts.yml
tags:
- bootstrap-os
- resolvconf
diff --git a/roles/kubernetes/secrets/tasks/gen_certs_vault.yml b/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
index f1719c55cf05e4f352cbb374c6b6a9e53849a4d6..ca28b537f6fe1f9a370db494e1fc17805d470636 100644
--- a/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
+++ b/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
@@ -1,12 +1,12 @@
---
-- include: sync_kube_master_certs.yml
+- import_tasks: sync_kube_master_certs.yml
when: inventory_hostname in groups['kube-master']
-- include: sync_kube_node_certs.yml
+- import_tasks: sync_kube_node_certs.yml
when: inventory_hostname in groups['k8s-cluster']
# Issue admin certs to kube-master hosts
-- include: ../../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../../vault/tasks/shared/issue_cert.yml
vars:
issue_cert_common_name: "admin"
issue_cert_copy_ca: "{{ item == kube_admin_certs_needed|first }}"
@@ -37,7 +37,7 @@
run_once: true
# Issue master components certs to kube-master hosts
-- include: ../../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../../vault/tasks/shared/issue_cert.yml
vars:
issue_cert_common_name: "kubernetes"
issue_cert_alt_names: "{{ kube_cert_alt_names }}"
@@ -63,7 +63,7 @@
notify: set secret_changed
# Issue node certs to k8s-cluster nodes
-- include: ../../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../../vault/tasks/shared/issue_cert.yml
vars:
# Need to strip out the 'node-' prefix from the cert name so it can be used
# with the node authorization plugin ( CN matches kubelet node name )
@@ -80,7 +80,7 @@
when: inventory_hostname in groups['k8s-cluster']
# Issue proxy certs to k8s-cluster nodes
-- include: ../../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../../vault/tasks/shared/issue_cert.yml
vars:
issue_cert_common_name: "system:kube-proxy"
issue_cert_copy_ca: "{{ item == kube_proxy_certs_needed|first }}"
diff --git a/roles/kubernetes/secrets/tasks/main.yml b/roles/kubernetes/secrets/tasks/main.yml
index 79bea81f225ad3a5b6b9dad430e9339afcb8d98a..5d20a755a0b2ec4e596bec2685346e2b30e2081a 100644
--- a/roles/kubernetes/secrets/tasks/main.yml
+++ b/roles/kubernetes/secrets/tasks/main.yml
@@ -1,10 +1,10 @@
---
-- include: check-certs.yml
+- import_tasks: check-certs.yml
tags:
- k8s-secrets
- facts
-- include: check-tokens.yml
+- import_tasks: check-tokens.yml
tags:
- k8s-secrets
- facts
@@ -69,11 +69,11 @@
delegate_to: "{{groups['kube-master'][0]}}"
when: gen_tokens|default(false)
-- include: "gen_certs_{{ cert_management }}.yml"
+- include_tasks: "gen_certs_{{ cert_management }}.yml"
tags:
- k8s-secrets
-- include: upd_ca_trust.yml
+- import_tasks: upd_ca_trust.yml
tags:
- k8s-secrets
@@ -111,6 +111,6 @@
kube_proxy_cert_serial: "{{ node_certificate_serials.results[1].stdout|default() }}"
when: inventory_hostname in groups['k8s-cluster']
-- include: gen_tokens.yml
+- import_tasks: gen_tokens.yml
tags:
- k8s-secrets
diff --git a/roles/kubernetes/secrets/tasks/sync_kube_master_certs.yml b/roles/kubernetes/secrets/tasks/sync_kube_master_certs.yml
index 70edb0a80ff97f9ce148735c251d189fa135d929..d54bf2b671b22bb8113f4a7fd7c94db2dfe711a8 100644
--- a/roles/kubernetes/secrets/tasks/sync_kube_master_certs.yml
+++ b/roles/kubernetes/secrets/tasks/sync_kube_master_certs.yml
@@ -4,7 +4,7 @@
set_fact:
kube_admin_cert_list: "{{ kube_admin_cert_list|d([]) + ['admin-' + inventory_hostname + '.pem'] }}"
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ kube_cert_dir }}"
@@ -24,7 +24,7 @@
set_fact:
sync_file_results: []
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ kube_cert_dir }}"
@@ -44,7 +44,7 @@
set_fact:
sync_file_results: []
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: ca.pem
sync_file_dir: "{{ kube_cert_dir }}"
diff --git a/roles/kubernetes/secrets/tasks/sync_kube_node_certs.yml b/roles/kubernetes/secrets/tasks/sync_kube_node_certs.yml
index f89d1c61236a6c1b21925d72eb64a65ab618759b..eecb4cfdf784e2c61669fd4ff2803d83aa44205e 100644
--- a/roles/kubernetes/secrets/tasks/sync_kube_node_certs.yml
+++ b/roles/kubernetes/secrets/tasks/sync_kube_node_certs.yml
@@ -4,7 +4,7 @@
set_fact:
kube_node_cert_list: "{{ kube_node_cert_list|default([]) + ['node-' + inventory_hostname + '.pem'] }}"
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ kube_cert_dir }}"
@@ -24,7 +24,7 @@
set_fact:
sync_file_results: []
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: ca.pem
sync_file_dir: "{{ kube_cert_dir }}"
@@ -40,7 +40,7 @@
set_fact:
kube_proxy_cert_list: "{{ kube_proxy_cert_list|default([]) + ['kube-proxy-' + inventory_hostname + '.pem'] }}"
-- include: ../../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../../vault/tasks/shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ kube_cert_dir }}"
diff --git a/roles/network_plugin/flannel/tasks/main.yml b/roles/network_plugin/flannel/tasks/main.yml
index 77f3b22261dcc4b454eeff647dde8c6f4472257a..29b79b11d12cf2541c6644d5177f6ee189bdab24 100644
--- a/roles/network_plugin/flannel/tasks/main.yml
+++ b/roles/network_plugin/flannel/tasks/main.yml
@@ -1,5 +1,5 @@
---
-- include: pre-upgrade.yml
+- import_tasks: pre-upgrade.yml
- name: Flannel | Create Flannel manifests
template:
@@ -11,4 +11,4 @@
register: flannel_node_manifests
when:
- inventory_hostname in groups['kube-master']
- - rbac_enabled or item.type not in rbac_resources
\ No newline at end of file
+ - rbac_enabled or item.type not in rbac_resources
diff --git a/roles/network_plugin/weave/tasks/main.yml b/roles/network_plugin/weave/tasks/main.yml
index 30c209f8b02af80148fcf674007fbbac98dda433..738dddd15c0035942684183e2b7314d5c64dd442 100644
--- a/roles/network_plugin/weave/tasks/main.yml
+++ b/roles/network_plugin/weave/tasks/main.yml
@@ -1,5 +1,5 @@
---
-- include: seed.yml
+- import_tasks: seed.yml
when: weave_mode_seed
- name: Weave | Copy cni plugins from hyperkube
diff --git a/roles/rkt/tasks/main.yml b/roles/rkt/tasks/main.yml
index 9d87123bb443a0da4746a13ad844a5fe3933e4b4..ab9571b130924d1f41d83f2e4b4b4d6dd94f3998 100644
--- a/roles/rkt/tasks/main.yml
+++ b/roles/rkt/tasks/main.yml
@@ -1,4 +1,4 @@
---
- name: Install rkt
- include: install.yml
+ import_tasks: install.yml
diff --git a/roles/vault/tasks/bootstrap/create_mounts.yml b/roles/vault/tasks/bootstrap/create_mounts.yml
index 0010c35c54b840f0fa36adad2f4fabb5ea4b6b88..0c82990e6903fbc226025a05d1e3c1fa3e986517 100644
--- a/roles/vault/tasks/bootstrap/create_mounts.yml
+++ b/roles/vault/tasks/bootstrap/create_mounts.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/create_mount.yml
+- include_tasks: ../shared/create_mount.yml
vars:
create_mount_path: "{{ item.name }}"
create_mount_default_lease_ttl: "{{ item.default_lease_ttl }}"
diff --git a/roles/vault/tasks/bootstrap/create_roles.yml b/roles/vault/tasks/bootstrap/create_roles.yml
index 11411d23682e06ebe4fd1449747ed7a913b9dc33..8b252aaf527d1083efc82a36630d57a6caba46ea 100644
--- a/roles/vault/tasks/bootstrap/create_roles.yml
+++ b/roles/vault/tasks/bootstrap/create_roles.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/create_role.yml
+- include_tasks: ../shared/create_role.yml
vars:
create_role_name: "{{ item.name }}"
create_role_group: "{{ item.group }}"
diff --git a/roles/vault/tasks/bootstrap/gen_vault_certs.yml b/roles/vault/tasks/bootstrap/gen_vault_certs.yml
index b1369285505a4cb2bb5b8a51bc1a56b3feed326a..f982986cb1bca95ea6686e85ecaf91c77ee401f1 100644
--- a/roles/vault/tasks/bootstrap/gen_vault_certs.yml
+++ b/roles/vault/tasks/bootstrap/gen_vault_certs.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/issue_cert.yml
+- import_tasks: ../shared/issue_cert.yml
vars:
issue_cert_common_name: "{{ vault_pki_mounts.vault.roles[0].name }}"
issue_cert_alt_names: "{{ groups['vault'] + ['localhost'] + (vault_ca_options['vault']['alt_names'].split(','))|default() }}"
diff --git a/roles/vault/tasks/bootstrap/main.yml b/roles/vault/tasks/bootstrap/main.yml
index b87954ca7554fe33fc2cce5a7ced0d0257c59a49..fdecbdd2afcfcc9b3e41f0f387136312897c101b 100644
--- a/roles/vault/tasks/bootstrap/main.yml
+++ b/roles/vault/tasks/bootstrap/main.yml
@@ -1,20 +1,20 @@
---
-- include: ../shared/check_vault.yml
+- import_tasks: ../shared/check_vault.yml
when: inventory_hostname in groups.vault
-- include: sync_secrets.yml
+- import_tasks: sync_secrets.yml
when: inventory_hostname in groups.vault
-- include: ../shared/find_leader.yml
+- import_tasks: ../shared/find_leader.yml
when: inventory_hostname in groups.vault and vault_cluster_is_initialized
-- include: sync_vault_certs.yml
+- import_tasks: sync_vault_certs.yml
when: inventory_hostname in groups.vault
-- include: sync_etcd_certs.yml
+- import_tasks: sync_etcd_certs.yml
when: inventory_hostname in groups.etcd
-- include: start_vault_temp.yml
+- import_tasks: start_vault_temp.yml
when: inventory_hostname == groups.vault|first and not vault_cluster_is_initialized
- name: vault | Set fact about vault leader url
@@ -22,17 +22,17 @@
vault_leader_url: "{{ hostvars[groups.vault|first]['vault_leader_url'] }}"
when: not vault_cluster_is_initialized
-- include: create_mounts.yml
+- import_tasks: create_mounts.yml
when: inventory_hostname == groups.vault|first
-- include: ../shared/auth_backend.yml
+- include_tasks: ../shared/auth_backend.yml
vars:
auth_backend_description: A Username/Password Auth Backend primarily used for services needing to issue certificates
auth_backend_path: userpass
auth_backend_type: userpass
when: inventory_hostname == groups.vault|first
-- include: create_roles.yml
+- include_tasks: create_roles.yml
with_items:
- "{{ vault_pki_mounts.vault }}"
- "{{ vault_pki_mounts.etcd }}"
@@ -40,7 +40,7 @@
loop_var: mount
when: inventory_hostname in groups.vault
-- include: ../shared/gen_ca.yml
+- include_tasks: ../shared/gen_ca.yml
vars:
gen_ca_cert_dir: "{{ vault_pki_mounts.vault.cert_dir }}"
gen_ca_mount_path: "{{ vault_pki_mounts.vault.name }}"
@@ -51,7 +51,7 @@
and not vault_cluster_is_initialized
and vault_ca_cert_needed
-- include: ../shared/gen_ca.yml
+- include_tasks: ../shared/gen_ca.yml
vars:
gen_ca_cert_dir: "{{ vault_pki_mounts.etcd.cert_dir }}"
gen_ca_mount_path: "{{ vault_pki_mounts.etcd.name }}"
@@ -59,7 +59,7 @@
gen_ca_vault_options: "{{ vault_ca_options.etcd }}"
when: inventory_hostname in groups.etcd and vault_etcd_ca_cert_needed
-- include: gen_vault_certs.yml
+- import_tasks: gen_vault_certs.yml
when: inventory_hostname in groups.vault and vault_api_cert_needed
-- include: ca_trust.yml
+- import_tasks: ca_trust.yml
diff --git a/roles/vault/tasks/bootstrap/sync_etcd_certs.yml b/roles/vault/tasks/bootstrap/sync_etcd_certs.yml
index 599b3cd470876554d18be52a4680dd48fa8ea911..f29b650225a6a04a27cf0280416437a791ba6e6d 100644
--- a/roles/vault/tasks/bootstrap/sync_etcd_certs.yml
+++ b/roles/vault/tasks/bootstrap/sync_etcd_certs.yml
@@ -1,6 +1,6 @@
---
-- include: ../shared/sync_file.yml
+- include_tasks: ../shared/sync_file.yml
vars:
sync_file: "ca.pem"
sync_file_dir: "{{ vault_etcd_cert_dir }}"
diff --git a/roles/vault/tasks/bootstrap/sync_secrets.yml b/roles/vault/tasks/bootstrap/sync_secrets.yml
index 3b5af775ad86c5d4cd79ab70b240a00a2490ab64..cbbb581a7ef015c5f91f4f51e3cb8f156c890fb5 100644
--- a/roles/vault/tasks/bootstrap/sync_secrets.yml
+++ b/roles/vault/tasks/bootstrap/sync_secrets.yml
@@ -1,6 +1,6 @@
---
-- include: ../shared/sync_file.yml
+- include_tasks: ../shared/sync_file.yml
vars:
sync_file: "{{ item }}"
sync_file_dir: "{{ vault_secrets_dir }}"
diff --git a/roles/vault/tasks/bootstrap/sync_vault_certs.yml b/roles/vault/tasks/bootstrap/sync_vault_certs.yml
index 9e6eff05c318953183bb20cd3b5487c1947de6ce..cb35ff66c84a8e3f276c831c486ee9a3271ca82d 100644
--- a/roles/vault/tasks/bootstrap/sync_vault_certs.yml
+++ b/roles/vault/tasks/bootstrap/sync_vault_certs.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/sync_file.yml
+- include_tasks: ../shared/sync_file.yml
vars:
sync_file: "ca.pem"
sync_file_dir: "{{ vault_cert_dir }}"
@@ -14,7 +14,7 @@
set_fact:
sync_file_results: []
-- include: ../shared/sync_file.yml
+- include_tasks: ../shared/sync_file.yml
vars:
sync_file: "api.pem"
sync_file_dir: "{{ vault_cert_dir }}"
diff --git a/roles/vault/tasks/cluster/create_mounts.yml b/roles/vault/tasks/cluster/create_mounts.yml
index d64fa0bae909eed9f327af3ac252c2a4a1e8aac0..c6e075698db24908da2f091d25ddd02ce04af0fa 100644
--- a/roles/vault/tasks/cluster/create_mounts.yml
+++ b/roles/vault/tasks/cluster/create_mounts.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/create_mount.yml
+- include_tasks: ../shared/create_mount.yml
vars:
create_mount_path: "{{ item.name }}"
create_mount_default_lease_ttl: "{{ item.default_lease_ttl }}"
diff --git a/roles/vault/tasks/cluster/create_roles.yml b/roles/vault/tasks/cluster/create_roles.yml
index 468229fd4893d2a9cedf451e093276ace60a2e96..7b9d0b4f79de0e0a9055170d102e9a51f129b77f 100644
--- a/roles/vault/tasks/cluster/create_roles.yml
+++ b/roles/vault/tasks/cluster/create_roles.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/create_role.yml
+- include_tasks: ../shared/create_role.yml
vars:
create_role_name: "{{ item.name }}"
create_role_group: "{{ item.group }}"
diff --git a/roles/vault/tasks/cluster/main.yml b/roles/vault/tasks/cluster/main.yml
index 94af5e5dcf764cab16b1aa51207669e1a65f5b65..d904c2398b42dabe5a0eb3b854e96f473a26c30d 100644
--- a/roles/vault/tasks/cluster/main.yml
+++ b/roles/vault/tasks/cluster/main.yml
@@ -1,32 +1,32 @@
---
-- include: ../shared/check_vault.yml
+- import_tasks: ../shared/check_vault.yml
when: inventory_hostname in groups.vault
-- include: ../shared/check_etcd.yml
+- import_tasks: ../shared/check_etcd.yml
when: inventory_hostname in groups.vault
-- include: configure.yml
+- import_tasks: configure.yml
when: inventory_hostname in groups.vault
-- include: binary.yml
+- import_tasks: binary.yml
when: inventory_hostname in groups.vault and vault_deployment_type == "host"
-- include: systemd.yml
+- import_tasks: systemd.yml
when: inventory_hostname in groups.vault
-- include: init.yml
+- import_tasks: init.yml
when: inventory_hostname in groups.vault
-- include: unseal.yml
+- import_tasks: unseal.yml
when: inventory_hostname in groups.vault
-- include: ../shared/find_leader.yml
+- import_tasks: ../shared/find_leader.yml
when: inventory_hostname in groups.vault
-- include: create_mounts.yml
+- import_tasks: create_mounts.yml
when: inventory_hostname == groups.vault|first
-- include: ../shared/gen_ca.yml
+- include_tasks: ../shared/gen_ca.yml
vars:
gen_ca_cert_dir: "{{ vault_pki_mounts.kube.cert_dir }}"
gen_ca_mount_path: "{{ vault_pki_mounts.kube.name }}"
@@ -34,14 +34,14 @@
gen_ca_vault_options: "{{ vault_ca_options.kube }}"
when: inventory_hostname in groups.vault
-- include: ../shared/auth_backend.yml
+- include_tasks: ../shared/auth_backend.yml
vars:
auth_backend_description: A Username/Password Auth Backend primarily used for services needing to issue certificates
auth_backend_path: userpass
auth_backend_type: userpass
when: inventory_hostname == groups.vault|first
-- include: create_roles.yml
+- include_tasks: create_roles.yml
with_items:
- "{{ vault_pki_mounts.vault }}"
- "{{ vault_pki_mounts.etcd }}"
diff --git a/roles/vault/tasks/main.yml b/roles/vault/tasks/main.yml
index 4aef875ceadd754c3bb07e0a70047ef4bd1910cc..7a10def8afbacc5ec6f8bb8b9ce6d1fc5a3f2252 100644
--- a/roles/vault/tasks/main.yml
+++ b/roles/vault/tasks/main.yml
@@ -11,9 +11,9 @@
# used during step 1, allowing all certs to have the same chain of trust.
## Bootstrap
-- include: bootstrap/main.yml
+- include_tasks: bootstrap/main.yml
when: cert_management == 'vault' and vault_bootstrap | d()
## Cluster
-- include: cluster/main.yml
+- include_tasks: cluster/main.yml
when: cert_management == 'vault' and not vault_bootstrap | d()
diff --git a/roles/vault/tasks/shared/cert_auth_mount.yml b/roles/vault/tasks/shared/cert_auth_mount.yml
index 6ba303d3b8ecccb9aeaad1dcac63788bd1e5a595..d9af9c310f47a70c9367474cd4a7747c3bb31b9c 100644
--- a/roles/vault/tasks/shared/cert_auth_mount.yml
+++ b/roles/vault/tasks/shared/cert_auth_mount.yml
@@ -1,6 +1,6 @@
---
-- include: ../shared/pki_mount.yml
+- include_tasks: ../shared/pki_mount.yml
vars:
pki_mount_path: auth-pki
pki_mount_options:
diff --git a/roles/vault/tasks/shared/create_mount.yml b/roles/vault/tasks/shared/create_mount.yml
index 0b12dce240548efc67cfea384f368219ca00f950..43e772ac03bc0591a49cfd8dea55785ebf2c5be2 100644
--- a/roles/vault/tasks/shared/create_mount.yml
+++ b/roles/vault/tasks/shared/create_mount.yml
@@ -1,5 +1,5 @@
---
-- include: ../shared/pki_mount.yml
+- include_tasks: ../shared/pki_mount.yml
vars:
pki_mount_path: "{{ create_mount_path }}"
pki_mount_options:
@@ -8,7 +8,7 @@
max_lease_ttl: "{{ create_mount_max_lease_ttl }}"
description: "{{ create_mount_description }}"
-- include: ../shared/config_ca.yml
+- include_tasks: ../shared/config_ca.yml
vars:
config_ca_ca_pem: "{{ create_mount_cert_dir }}/ca.pem"
config_ca_ca_key: "{{ create_mount_cert_dir }}/ca-key.pem"
diff --git a/roles/vault/tasks/shared/create_role.yml b/roles/vault/tasks/shared/create_role.yml
index d76e73f13aa6512b3c91244db1db5a6fc73d3f7c..4d1915a545c3179effb6b5d328c28bf460c8424a 100644
--- a/roles/vault/tasks/shared/create_role.yml
+++ b/roles/vault/tasks/shared/create_role.yml
@@ -40,7 +40,7 @@
## Userpass based auth method
-- include: gen_userpass.yml
+- include_tasks: gen_userpass.yml
vars:
gen_userpass_password: "{{ create_role_password }}"
gen_userpass_policies: "{{ create_role_name }}"
diff --git a/roles/vault/tasks/shared/sync_auth_certs.yml b/roles/vault/tasks/shared/sync_auth_certs.yml
index 7bd9c4b490d21c5362deb127ba4cc5c7498bc5d4..8cae81588d01768074832bd022e026416b284e98 100644
--- a/roles/vault/tasks/shared/sync_auth_certs.yml
+++ b/roles/vault/tasks/shared/sync_auth_certs.yml
@@ -1,6 +1,6 @@
---
-- include: sync_file.yml
+- include_tasks: sync_file.yml
vars:
sync_file: "auth-ca.pem"
sync_file_dir: "{{ vault_cert_dir }}"
diff --git a/roles/vault/tasks/shared/sync_file.yml b/roles/vault/tasks/shared/sync_file.yml
index 8a112a84aa62a6b1c58fd10de38bbd7ec3534721..2abef1c5ad1dd6a123c65e04b6de14842d4c8b37 100644
--- a/roles/vault/tasks/shared/sync_file.yml
+++ b/roles/vault/tasks/shared/sync_file.yml
@@ -80,7 +80,7 @@
set_fact:
sync_file_results: "{{ sync_file_results|default([]) + [sync_file_result] }}"
-- include: sync.yml
+- include_tasks: sync.yml
when: not (sync_file_no_srcs or sync_file_unneeded)
- name: "Unset local vars to avoid variable bleed into next iteration"