Use include/import tasks (#2192)

import_tasks will consume far less memory, so it should be
used whenever it is compatible.

roles/bootstrap-os/tasks/main.yml

 ---
-- include: bootstrap-ubuntu.yml
+- import_tasks: bootstrap-ubuntu.yml
   when: bootstrap_os == "ubuntu"
 
-- include: bootstrap-debian.yml
+- import_tasks: bootstrap-debian.yml
   when: bootstrap_os == "debian"
 
-- include: bootstrap-coreos.yml
+- import_tasks: bootstrap-coreos.yml
   when: bootstrap_os == "coreos"
 
-- include: bootstrap-centos.yml
+- import_tasks: bootstrap-centos.yml
   when: bootstrap_os == "centos"
 
-- include: setup-pipelining.yml
+- import_tasks: setup-pipelining.yml
 
 - name: check if atomic host
   stat:

roles/docker/tasks/main.yml

@@ -15,7 +15,7 @@
   tags:
     - facts
 
-- include: set_facts_dns.yml
+- include_tasks: set_facts_dns.yml
   when: dns_mode != 'none' and resolvconf_mode == 'docker_dns'
   tags:
     - facts
@@ -88,7 +88,7 @@
         installed_docker_version.stdout|version_compare('1.12', '<')
 
 - name: Set docker systemd config
-  include: systemd.yml
+  import_tasks: systemd.yml
 
 - name: ensure docker service is started and enabled
   service:

roles/download/tasks/download_container.yml

 ---
 - name: container_download | Make download decision if pull is required by tag or sha256
-  include: set_docker_image_facts.yml
+  include_tasks: set_docker_image_facts.yml
   delegate_to: "{{ download_delegate if download_run_once or omit }}"
   delegate_facts: no
   run_once: "{{ download_run_once }}"

roles/download/tasks/main.yml

 ---
-- include: download_prep.yml
+- include_tasks: download_prep.yml
   when:
     - not skip_downloads|default(false)
 
 - name: "Download items"
-  include: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
+  include_tasks: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
   vars:
     download: "{{ download_defaults | combine(item.value) }}"
   with_dict: "{{ downloads }}"
@@ -13,7 +13,7 @@
     - item.value.enabled
 
 - name: "Sync container"
-  include: sync_container.yml
+  include_tasks: sync_container.yml
   vars:
     download: "{{ download_defaults | combine(item.value) }}"
   with_dict: "{{ downloads }}"

roles/etcd/handlers/main.yml

@@ -7,7 +7,7 @@
     - reload etcd
     - wait for etcd up
 
-- include: backup.yml
+- import_tasks: backup.yml
 
 - name: etcd | reload systemd
   command: systemctl daemon-reload

roles/etcd/tasks/configure.yml

@@ -30,7 +30,7 @@
   notify: restart etcd
 
 - name: Configure | Join member(s) to cluster one at a time
-  include: join_member.yml
+  include_tasks: join_member.yml
   vars:
     target_node: "{{ item }}"
   loop_control:

roles/etcd/tasks/gen_certs_vault.yml

 ---
-- include: sync_etcd_master_certs.yml
+- include_tasks: sync_etcd_master_certs.yml
   when: inventory_hostname in groups.etcd
   tags:
     - etcd-secrets
 
-- include: sync_etcd_node_certs.yml
+- include_tasks: sync_etcd_node_certs.yml
   when: inventory_hostname in etcd_node_cert_hosts
   tags:
     - etcd-secrets
 
 # Issue master certs to Etcd nodes
-- include: ../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../vault/tasks/shared/issue_cert.yml
   vars:
     issue_cert_common_name: "etcd:master:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
     issue_cert_alt_names: "{{ groups['etcd'] + ['localhost'] + (etcd_cert_alt_names)|default() }}"
@@ -37,7 +37,7 @@
   notify: set etcd_secret_changed
 
 # Issue node certs to everyone else
-- include: ../../vault/tasks/shared/issue_cert.yml
+- include_tasks: ../../vault/tasks/shared/issue_cert.yml
   vars:
     issue_cert_common_name: "etcd:node:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
     issue_cert_alt_names: "{{ etcd_node_cert_hosts }}"

roles/etcd/tasks/join_member.yml

@@ -10,7 +10,7 @@
     ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem"
     ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem"
 
-- include: refresh_config.yml
+- include_tasks: refresh_config.yml
   vars:
     etcd_peer_addresses: >-
       {% for host in groups['etcd'] -%}

roles/etcd/tasks/main.yml

 ---
-- include: check_certs.yml
+- include_tasks: check_certs.yml
   when: cert_management == "script"
   tags:
     - etcd-secrets
     - facts
 
-- include: "gen_certs_{{ cert_management }}.yml"
+- include_tasks: "gen_certs_{{ cert_management }}.yml"
   tags:
     - etcd-secrets
 
-- include: upd_ca_trust.yml
+- include_tasks: upd_ca_trust.yml
   tags:
     - etcd-secrets
 
@@ -24,18 +24,18 @@
     etcd_client_cert_serial: "{{ etcd_client_cert_serial_result.stdout }}"
   when: inventory_hostname in groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort
 
-- include: "install_{{ etcd_deployment_type }}.yml"
+- include_tasks: "install_{{ etcd_deployment_type }}.yml"
   when: is_etcd_master
   tags:
     - upgrade
 
-- include: set_cluster_health.yml
+- import_tasks: set_cluster_health.yml
   when: is_etcd_master and etcd_cluster_setup
 
-- include: configure.yml
+- import_tasks: configure.yml
   when: is_etcd_master and etcd_cluster_setup
 
-- include: refresh_config.yml
+- import_tasks: refresh_config.yml
   when: is_etcd_master and etcd_cluster_setup
 
 - name: Restart etcd if certs changed
@@ -56,8 +56,8 @@
 # After etcd cluster is assembled, make sure that
 # initial state of the cluster is in `existing`
 # state insted of `new`.
-- include: set_cluster_health.yml
+- import_tasks: set_cluster_health.yml
   when: is_etcd_master and etcd_cluster_setup
 
-- include: refresh_config.yml
+- import_tasks: refresh_config.yml
   when: is_etcd_master and etcd_cluster_setup

roles/etcd/tasks/sync_etcd_master_certs.yml

@@ -8,7 +8,7 @@
         "member-" + inventory_hostname + ".pem"
         ] }}
 
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
   vars:
     sync_file: "{{ item }}"
     sync_file_dir: "{{ etcd_cert_dir }}"
@@ -26,7 +26,7 @@
   set_fact:
     sync_file_results: []
 
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
   vars:
     sync_file: ca.pem
     sync_file_dir: "{{ etcd_cert_dir }}"

roles/etcd/tasks/sync_etcd_node_certs.yml

@@ -4,7 +4,7 @@
   set_fact:
     etcd_node_cert_list: "{{ etcd_node_cert_list|default([]) +  ['node-' + inventory_hostname + '.pem'] }}"
 
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
   vars:
     sync_file: "{{ item }}"
     sync_file_dir: "{{ etcd_cert_dir }}"
@@ -22,7 +22,7 @@
   set_fact:
     sync_file_results: []
 
-- include: ../../vault/tasks/shared/sync_file.yml
+- include_tasks: ../../vault/tasks/shared/sync_file.yml
   vars:
     sync_file: ca.pem
     sync_file_dir: "{{ etcd_cert_dir }}"

roles/kubernetes-apps/ansible/tasks/main.yml

@@ -91,13 +91,13 @@
     - dnsmasq
 
 - name: Kubernetes Apps | Netchecker
-  include: tasks/netchecker.yml
+  import_tasks: tasks/netchecker.yml
   when: deploy_netchecker
   tags:
     - netchecker
 
 - name: Kubernetes Apps | Dashboard
-  include: tasks/dashboard.yml
+  import_tasks: tasks/dashboard.yml
   when: dashboard_enabled
   tags:
     - dashboard

roles/kubernetes-apps/helm/tasks/main.yml

@@ -3,7 +3,7 @@
   file: path={{ helm_home_dir }} state=directory
 
 - name: Helm | Set up helm launcher
-  include: "install_{{ helm_deployment_type }}.yml"
+  include_tasks: "install_{{ helm_deployment_type }}.yml"
 
 - name: Helm | Lay Down Helm Manifests (RBAC)
   template:

roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml

@@ -12,4 +12,4 @@
   delegate_to: "{{ groups['kube-master'][0] }}"
   run_once: true
 
-- include: configure.yml
+- import_tasks: configure.yml

roles/kubernetes/master/tasks/kubeadm-setup.yml

@@ -168,5 +168,5 @@
   when: sa_key_before.stat.checksum|default("") != sa_key_after.stat.checksum
 
 - name: kubeadm | cleanup old certs if necessary
-  include: kubeadm-cleanup-old-certs.yml
+  import_tasks: kubeadm-cleanup-old-certs.yml
   when: old_apiserver_cert.stat.exists

roles/kubernetes/master/tasks/main.yml

 ---
-- include: pre-upgrade.yml
+- import_tasks: pre-upgrade.yml
   tags:
     - k8s-pre-upgrade
 
@@ -9,7 +9,7 @@
     kube_basic_auth: false
   when: kubeadm_enabled|bool|default(false)
 
-- include: users-file.yml
+- import_tasks: users-file.yml
   when: kube_basic_auth|default(true)
 
 - name: Compare host kubectl with hyperkube container
@@ -56,9 +56,9 @@
     - upgrade
 
 - name: Include kubeadm setup if enabled
-  include: kubeadm-setup.yml
+  import_tasks: kubeadm-setup.yml
   when: kubeadm_enabled|bool|default(false)
 
 - name: Include static pod setup if not using kubeadm
-  include: static-pod-setup.yml
+  import_tasks: static-pod-setup.yml
   when: not kubeadm_enabled|bool|default(false)

roles/kubernetes/node/tasks/install.yml

@@ -37,7 +37,7 @@
   tags:
     - kubeadm
 
-- include: "install_{{ kubelet_deployment_type }}.yml"
+- include_tasks: "install_{{ kubelet_deployment_type }}.yml"
 
 - name: install | Write kubelet systemd init file
   template:

roles/kubernetes/node/tasks/main.yml

 ---
-- include: facts.yml
+- import_tasks: facts.yml
   tags:
     - facts
 
-- include: pre_upgrade.yml
+- import_tasks: pre_upgrade.yml
   tags:
     - kubelet
 
@@ -13,11 +13,11 @@
     state: directory
     mode: 0755
 
-- include: install.yml
+- import_tasks: install.yml
   tags:
     - kubelet
 
-- include: nginx-proxy.yml
+- import_tasks: nginx-proxy.yml
   when: is_kube_master == false and loadbalancer_apiserver_localhost
   tags:
     - nginx

roles/kubernetes/preinstall/tasks/main.yml

 ---
-- include: verify-settings.yml
+- import_tasks: verify-settings.yml
   tags:
     - asserts
 
@@ -19,7 +19,7 @@
   tags:
     - bootstrap-os
 
-- include: set_facts.yml
+- import_tasks: set_facts.yml
   tags:
     - facts
 
@@ -72,7 +72,7 @@
     - cloud-provider
     - facts
 
-- include: "{{ cloud_provider }}-credential-check.yml"
+- include_tasks: "{{ cloud_provider }}-credential-check.yml"
   when:
     - cloud_provider is defined
     - cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
@@ -99,7 +99,7 @@
     - contiv
     - bootstrap-os
 
-- include: resolvconf.yml
+- import_tasks: resolvconf.yml
   when:
     - dns_mode != 'none'
     - resolvconf_mode == 'host_resolvconf'
@@ -276,12 +276,12 @@
   tags:
     - cloud-provider
 
-- include: etchosts.yml
+- import_tasks: etchosts.yml
   tags:
     - bootstrap-os
     - etchosts
 
-- include: dhclient-hooks.yml
+- import_tasks: dhclient-hooks.yml
   when:
     - dns_mode != 'none'
     - resolvconf_mode == 'host_resolvconf'
@@ -290,7 +290,7 @@
     - bootstrap-os
     - resolvconf
 
-- include: dhclient-hooks-undo.yml
+- import_tasks: dhclient-hooks-undo.yml
   when:
     - dns_mode != 'none'
     - resolvconf_mode != 'host_resolvconf'
@@ -306,7 +306,7 @@
   tags:
     - bootstrap-os
 
-- include: growpart-azure-centos-7.yml
+- import_tasks: growpart-azure-centos-7.yml
   when:
     - azure_check.stat.exists
     - ansible_distribution in ["CentOS","RedHat"]

roles/kubernetes/preinstall/tasks/set_facts.yml

@@ -11,7 +11,7 @@
     kube_cert_group: "kube"
   when: is_atomic
 
-- include: set_resolv_facts.yml
+- import_tasks: set_resolv_facts.yml
   tags:
     - bootstrap-os
     - resolvconf