From 3d6f96b5dd37112ebc28a881217fa5bdcba64735 Mon Sep 17 00:00:00 2001 From: sabrina-yee <75322195+sabrina-yee@users.noreply.github.com> Date: Tue, 7 Feb 2023 12:27:09 -0500 Subject: [PATCH] Feb 2023 cnx8cr1 release (#250) * Feb 2023 CNX 8 CR1 Release * simple server check playbook * update kudos-boards-minio --- README.md | 85 ++----------------- documentation/QUICKSTART.md | 4 +- documentation/VARIABLES.md | 30 ++++--- .../connections_upgrade_from_6.5CR1_to_7.0.md | 10 +-- ...o_8.0.md => connections_upgrade_to_8.x.md} | 82 +++++++++++++----- .../examples/cnx6/db2/group_vars/all.yml | 4 +- .../examples/cnx7/db2/group_vars/all.yml | 6 +- .../cnx7/flexnet_db2/group_vars/all.yml | 6 +- .../examples/cnx7/mssql/group_vars/all.yml | 4 +- .../examples/cnx7/oracle/group_vars/all.yml | 4 +- .../cnx7/quick_start/group_vars/all.yml | 4 +- .../examples/cnx8/db2/group_vars/all.yml | 10 ++- .../examples/cnx8/oracle/group_vars/all.yml | 10 ++- .../cnx8/quick_start/group_vars/all.yml | 10 ++- .../existing_database/db2/group_vars/all.yml | 14 ++- .../mssql/group_vars/all.yml | 10 +++ .../oracle/group_vars/all.yml | 12 ++- playbooks/servers_check.yml | 7 ++ playbooks/third_party/was-nd-start.yml | 31 +++++++ .../tasks/setup_elasticsearch_config.yml | 2 +- .../tasks/setup_huddoboards_extension.yml | 23 ++++- .../post-install-config/vars/main.yml | 1 + .../tasks/configure_credentials.yml | 5 ++ .../tasks/configure_psp.yml | 23 +++++ .../tasks/enable_es_metrics.yml | 6 +- .../hcl/component-pack-harbor/tasks/main.yml | 27 +++++- .../tasks/setup_community_ingress.yml | 14 +-- .../tasks/setup_customizer.yml | 44 +++++----- .../tasks/setup_kudosboards.yml | 4 +- .../tasks/setup_ms_teams_extensions.yml | 3 +- .../tasks/setup_opensearch.yml | 59 ++++++++++++- .../tasks/setup_orientme.yml | 2 + .../cnx-ingress-values.j2} | 6 +- .../templates/helmvars/infrastructure.yml.j2 | 1 + .../templates/helmvars/kudosboards.yml.j2 | 2 - .../helmvars/opensearch_client.yml.j2 | 14 ++- .../templates/helmvars/opensearch_data.yml.j2 | 14 ++- .../helmvars/opensearch_master.yml.j2 | 16 +++- .../templates/helmvars/orientme.yml.j2 | 4 +- .../templates/helmvars/outlook-addin.yml.j2 | 2 +- roles/hcl/component-pack-harbor/vars/main.yml | 5 +- .../templates/helmvars/outlook-addin.yml.j2 | 2 +- .../tasks/setup_connections_docs_oracle.yml | 4 +- .../tasks/setup_connections_wizards.yml | 8 ++ .../containerd-install/vars/main.yml | 2 +- .../third_party/haproxy-install/vars/main.yml | 4 +- roles/third_party/helm-install/vars/main.yml | 2 +- .../tasks/define_vars.yml | 7 ++ .../ibm-http-server-fix-install/vars/main.yml | 25 +++--- .../ibm/tdi-install/tasks/tdisol_install.yml | 5 ++ .../third_party/ibm/tdi-install/vars/main.yml | 2 +- .../tasks/main.yml | 2 +- .../ibm/wasnd/was-java-install/vars/main.yml | 3 +- .../was-nd-fix-install/tasks/define_vars.yml | 28 +++++- .../wasnd/was-nd-fix-install/tasks/main.yml | 13 +++ .../wasnd/was-nd-fix-install/vars/main.yml | 16 +++- .../wasnd/was-profile-create/tasks/main.yml | 16 +++- .../wasnd/was-profile-create/vars/main.yml | 3 +- .../tasks/install_addons.yml | 6 +- .../install-network-addons/vars/main.yml | 2 +- .../join-master-nodes/vars/main.yml | 2 +- .../templates/kubernetes.zypp.repo.j2 | 8 -- .../kubernetes-install/vars/main.yml | 2 +- .../tasks/upgrade_cluster.yml | 13 +++ .../templates/kubeadm.config.1.11.10.j2 | 39 --------- .../templates/kubeadm.config.1.11.9.j2 | 39 --------- .../templates/kubeadm.config.1.12.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.13.12.j2 | 81 ------------------ .../templates/kubeadm.config.1.14.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.15.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.16.8.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.17.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.5.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.7.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.9.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.1.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.12.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.16.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.17.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.8.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.16.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.9.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.1.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.15.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.7.j2 | 81 ------------------ .../templates/kubeadm.config.1.21.1.j2 | 81 ------------------ .../templates/kubeadm.config.1.21.7.j2 | 81 ------------------ .../templates/kubeadm.config.1.22.8.j2 | 81 ------------------ .../templates/kubeadm.config.1.25.1.j2} | 8 -- .../templates/kubeadm.config.default.j2} | 8 -- .../kubernetes-upgrade/vars/main.yml | 2 +- .../tasks/render_config_file.yml | 15 +++- .../templates/kubeadm.config.1.11.10.j2 | 39 --------- .../templates/kubeadm.config.1.11.9.j2 | 39 --------- .../templates/kubeadm.config.1.12.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.13.12.j2 | 81 ------------------ .../templates/kubeadm.config.1.14.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.15.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.16.8.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.5.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.7.j2 | 81 ------------------ .../templates/kubeadm.config.1.17.9.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.1.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.10.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.12.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.16.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.17.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.18.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.19.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.18.8.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.11.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.4.j2 | 81 ------------------ .../templates/kubeadm.config.1.19.9.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.0.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.1.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.13.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.2.j2 | 81 ------------------ .../templates/kubeadm.config.1.20.7.j2 | 81 ------------------ ...fig.1.21.7.j2 => kubeadm.config.1.25.1.j2} | 9 -- ...ig.1.22.8.j2 => kubeadm.config.default.j2} | 9 -- .../setup-master-node/vars/main.yml | 2 +- .../nfs-install/tasks/configure_master.yml | 53 ++++++++++-- .../nfs-install/templates/nfs.exports.j2 | 30 +++---- .../templates/nfsSetupScript/nfsSetup.sh | 6 +- set-disableGetTokenFromMBean.yml | 31 +++++++ 144 files changed, 664 insertions(+), 5725 deletions(-) mode change 100644 => 100755 README.md rename documentation/howtos/{connections_upgrade_from_7.0_to_8.0.md => connections_upgrade_to_8.x.md} (70%) mode change 100755 => 100644 mode change 100644 => 100755 environments/examples/cnx6/db2/group_vars/all.yml mode change 100644 => 100755 environments/examples/cnx8/db2/group_vars/all.yml mode change 100644 => 100755 environments/examples/cnx8/oracle/group_vars/all.yml mode change 100644 => 100755 environments/examples/cnx8/quick_start/group_vars/all.yml create mode 100644 playbooks/servers_check.yml create mode 100755 playbooks/third_party/was-nd-start.yml create mode 100755 roles/hcl/component-pack-harbor/tasks/configure_psp.yml rename roles/hcl/component-pack-harbor/{files/cnx-ingress-values.yml => templates/cnx-ingress-values.j2} (98%) mode change 100644 => 100755 roles/hcl/component-pack/templates/helmvars/outlook-addin.yml.j2 mode change 100644 => 100755 roles/hcl/connections-wizards/tasks/setup_connections_docs_oracle.yml mode change 100644 => 100755 roles/hcl/connections-wizards/tasks/setup_connections_wizards.yml mode change 100644 => 100755 roles/third_party/containerd-install/vars/main.yml mode change 100644 => 100755 roles/third_party/haproxy-install/vars/main.yml mode change 100644 => 100755 roles/third_party/helm-install/vars/main.yml mode change 100644 => 100755 roles/third_party/ibm/ihs/ibm-http-server-fix-install/tasks/define_vars.yml mode change 100644 => 100755 roles/third_party/ibm/ihs/ibm-http-server-fix-install/vars/main.yml mode change 100644 => 100755 roles/third_party/ibm/tdi-install/tasks/tdisol_install.yml mode change 100644 => 100755 roles/third_party/ibm/tdi-install/vars/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop/tasks/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-java-install/vars/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/define_vars.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-nd-fix-install/vars/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-profile-create/tasks/main.yml mode change 100644 => 100755 roles/third_party/ibm/wasnd/was-profile-create/vars/main.yml mode change 100644 => 100755 roles/third_party/kubernetes/install-network-addons/tasks/install_addons.yml mode change 100644 => 100755 roles/third_party/kubernetes/install-network-addons/vars/main.yml mode change 100644 => 100755 roles/third_party/kubernetes/join-master-nodes/vars/main.yml delete mode 100644 roles/third_party/kubernetes/kubernetes-install/templates/kubernetes.zypp.repo.j2 mode change 100644 => 100755 roles/third_party/kubernetes/kubernetes-install/vars/main.yml mode change 100644 => 100755 roles/third_party/kubernetes/kubernetes-upgrade/tasks/upgrade_cluster.yml delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.10.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.9.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.12.10.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.13.12.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.14.10.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.15.11.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.16.8.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.11.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.17.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.2.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.4.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.5.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.7.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.9.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.0.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.1.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.10.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.12.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.16.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.17.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.2.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.4.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.8.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.0.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.11.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.16.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.4.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.9.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.0.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.1.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.15.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.2.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.7.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.1.j2 delete mode 100644 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.7.j2 delete mode 100755 roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.22.8.j2 rename roles/third_party/kubernetes/{setup-master-node/templates/kubeadm.config.1.21.1.j2 => kubernetes-upgrade/templates/kubeadm.config.1.25.1.j2} (95%) mode change 100644 => 100755 rename roles/third_party/kubernetes/{setup-master-node/templates/kubeadm.config.1.21.2.j2 => kubernetes-upgrade/templates/kubeadm.config.default.j2} (95%) mode change 100644 => 100755 mode change 100644 => 100755 roles/third_party/kubernetes/kubernetes-upgrade/vars/main.yml mode change 100644 => 100755 roles/third_party/kubernetes/setup-master-node/tasks/render_config_file.yml delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.10.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.9.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.12.10.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.13.12.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.14.10.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.15.11.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.16.8.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.11.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.2.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.4.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.5.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.7.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.9.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.0.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.1.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.10.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.12.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.16.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.17.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.18.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.19.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.2.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.4.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.8.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.0.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.11.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.4.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.9.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.0.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.1.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.13.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.2.j2 delete mode 100644 roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.7.j2 rename roles/third_party/kubernetes/setup-master-node/templates/{kubeadm.config.1.21.7.j2 => kubeadm.config.1.25.1.j2} (95%) mode change 100644 => 100755 rename roles/third_party/kubernetes/setup-master-node/templates/{kubeadm.config.1.22.8.j2 => kubeadm.config.default.j2} (95%) mode change 100644 => 100755 mode change 100644 => 100755 roles/third_party/kubernetes/setup-master-node/vars/main.yml mode change 100644 => 100755 roles/third_party/nfs-install/tasks/configure_master.yml mode change 100644 => 100755 roles/third_party/nfs-install/templates/nfs.exports.j2 create mode 100644 set-disableGetTokenFromMBean.yml diff --git a/README.md b/README.md old mode 100644 new mode 100755 index ede6a309..9aeb2b32 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ For HCL Connections 8 dependencies this means that: * If needed for demo or even production purposes, OpenLDAP will be spun up and seeded with some demo users. OpenLDAP will be spun up with SSL enabled, as needed later for setting up IBM WebSphere Application Server properly. * IBM TDI will be installed, configured, and run to populate profiles database in IBM DB2 with users from OpenLDAP * IBM Installation Manager will be set up on the nodes where IBM WebSphere Application Server Network Deployment needs to be installed. -* IBM WebSphere Application Server Network Deployment will be set up where needed. Currently we tested it with Fixpack 21. By default, FP21 is going to be installed. Deployment manager and nodeagents profiles are going to be created, application security enabled, TLS certificated imported from LDAP, LDAP configured up to the point where it is ready to install HCL Connections 8. +* IBM WebSphere Application Server Network Deployment will be set up where needed. Currently we tested it with Fixpack 22. By default, FP22 is going to be installed. Deployment manager and nodeagents profiles are going to be created, application security enabled, TLS certificated imported from LDAP, LDAP configured up to the point where it is ready to install HCL Connections 8. * IBM HTTP Server is going to be installed, patched with the same fixpack as IBM WebSphere Application Server, and added to the deployment manager. * NFS server will be installed, including master and clients configurations and proper folders set. @@ -35,7 +35,7 @@ For Component Pack for HCL Connections 8 it means: * Haproxy will be set up configured to be the control plane for Kubernetes cluster and Component Pack. * NFS will be set up for Component Pack. * Containerd(container runtime) v1.4.12 will be installed with the optimisations required by the version of Kubernetes. -* Kubernetes 1.24.1 will be set up. +* Kubernetes 1.25.1 will be set up. * Component Pack will be set up by default using latest community Kubernetes Ingress, Grafana and Prometheus for monitoring out of the box. * Post installation tasks needed for configuring Component Pack and the WebSphere-side of Connections to work together are also going to be executed, including enabling searches and Metrics using OpenSearch. @@ -60,14 +60,12 @@ To be able to use this automation you will need to be able to download the packa The suggestion is to have them all downloaded in a single location, and for this you would need at least 50G of disk space. Run a small HTTP server just to be able to serve them, it can be as simple as a single Ruby one liner to open web server on specific port so that automation can connect and download it. +#### Note: There is a known issue in IBM WebSphere 8.5.5 Fixpack 22 where retrieve from port using TLS v1.3 or v1.2 ciphers may not work. See [PH49497: RETRIEVE FROM PORT NOT HONORING SSL PROTOCOL](https://www.ibm.com/support/pages/apar/PH49497) for details. Contact HCL Connections support or IBM WebSphere support for the iFix 8.5.5.22-WS-WAS-IFPH49497.zip and put it in the was855FP22 directory as the example below. This is the example data folder structure we are following at HCL ``` [root@c7lb1 packages]# ls -la * Connections6.5CR1: -total 3068576 -drwxr-xr-x. 2 root root 184 Mar 7 2022 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r-- 1 root root 82208 Nov 2 2021 65cr1-database-updates.zip -rw-r--r-- 1 sabrinayee sabrinayee 1345343235 Mar 2 2022 CFix.65CR1.XXXX-IC6.5.0.0_CR1-Common-Fix.jar -r-xr-xr-x. 1 root root 1720553596 Nov 2 2021 HC6.5_CR1.zip @@ -75,74 +73,46 @@ drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r-- 1 sabrinayee sabrinayee 37959680 Mar 2 2022 tdisol_65CR1_java8_linux_XXXX.tar Connections7: -total 11041040 -drwxr-xr-x. 2 dmenges orion 4096 May 9 14:53 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r-- 1 sabrinayee sabrinayee 1410458423 May 9 14:48 CFix.70.XXXX-IC7.0.0.0-Common-Fix.jar -r-xr-xr-x. 1 root root 2001305600 Jan 20 2021 HCL_Connections_7.0_lin.tar -r-xr-xr-x. 1 root root 817807360 Oct 29 2020 HCL_Connections_7.0_wizards_lin_aix.tar -rw-r--r--. 1 root root 125556954 Feb 4 2021 LO100079-IC7.0.0.0-Common-Fix.jar -rw-rw-r-- 1 pnott pnott 66176887 Aug 16 2021 TinyEditorsForConnections7.0_XXXXXX_vX.X.X.XX.zip --rw-r--r--. 1 dmenges orion 133 Jan 6 2021 current.version -rw-rw-r-- 1 pnott pnott 37928960 Feb 25 2022 tdisol_70_java8_linux_XXXX.tar -rw-rw-r-- 1 pnott pnott 31179723 Feb 25 2022 tdisol_70_java8_windows_XXXX.zip -rwxr--r--. 1 root root 185705657 May 6 2021 updateInstaller.zip Connections8: -total 2895968 -drwxr-xr-x 2 root root 138 Oct 6 06:41 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -r-xr-xr-x 1 root root 2117918720 Oct 6 06:40 HCL_Connections_8.0_lin.tar -r-xr-xr-x 1 root root 661811200 Oct 6 06:41 HCL_Connections_8.0_wizards_lin_aix.tar --rw-r--r-- 1 root root 133 Oct 6 06:41 current.version +-r-xr-xr-x 1 root root 1736629222 Jan 26 16:41 HC8.0_CR1.zip DB2: -total 2067052 -drwxr-xr-x. 2 dmenges orion 96 Nov 19 11:01 . -drwxr-xr-x. 13 root orion 192 Nov 18 08:33 .. -rw-r--r--. 1 dmenges dmenges 3993254 Oct 16 13:13 DB2_ESE_AUSI_Activation_11.5.zip -rw-r--r--. 1 dmenges orion 250880000 Jun 3 10:48 v11.5.6_jdbc_sqlj.tar.gz -rw-r--r--. 1 dmenges orion 1861783964 Apr 23 2020 v11.5.6_linuxx64_universal_fixpack.tar.gz Docs: -total 720468 -drwxr-xr-x. 2 root orion 42 Sep 28 2021 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -r-xr-xr-x. 1 root orion 737753769 Sep 7 2020 HCL_Docs_v202.zip MSSQL: -total 2956 -drwxr-xr-x. 2 root root 84 Mar 1 10:02 . -drwxr-xr-x. 17 root orion 263 Mar 1 10:01 .. -rw-r--r--. 1 dmenges dmenges 838550 Mar 1 10:01 sqljdbc_4.1.8112.200_enu.tar.gz -rw-r--r--. 1 dmenges dmenges 2186950 Mar 1 10:01 sqljdbc_6.0.8112.200_enu.tar.gz Oracle: -total 2998572 -drwxr-xr-x. 2 root root 96 Feb 22 13:41 . -drwxr-xr-x. 16 root orion 238 Jan 27 14:26 .. -rwxr--r--. 1 root root 3059705302 Jan 25 15:12 LINUX.X64_193000_db_home.zip -rw-r--r--. 1 sabrinayee sabrinayee 3397734 Feb 18 21:54 ojdbc7.jar -rw-r--r--. 1 sabrinayee sabrinayee 4036257 Feb 18 21:54 ojdbc8.jar TDI: -total 704248 -drwxr-xr-x. 2 root orion 70 May 6 2020 . -drwxr-xr-x. 13 root orion 192 Nov 18 08:33 .. -r-xr-xr-x. 1 root orion 76251327 May 6 2020 7.2.0-ISS-SDI-FP0006.zip -r-xr-xr-x. 1 root orion 644894720 Apr 30 2020 SDI_7.2_XLIN86_64_ML.tar -rw-r--r-- 1 sabrinayee sabrinayee 130165047 Sep 8 19:40 ibm-java-jre-8.0-6.25-linux-x86_64.tgz cp: -total 21720260 -drwxr-xr-x. 2 dmenges orion 4096 Mar 7 2022 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r-- 1 sabrinayee sabrinayee 5550666926 Mar 7 2022 ComponentPack_7.0.0.2.zip was855: -total 8491100 -drwxr-xr-x. 2 dmenges orion 4096 Jan 5 2022 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r--. 1 dmenges orion 1025869744 Apr 23 2020 8.0.5.17-WS-IBMWASJAVA-Linux.zip -rw-r--r--. 1 root root 1022054019 Oct 21 2020 8.0.6.15-WS-IBMWASJAVA-Linux.zip -rw-r--r--. 1 dmenges orion 135872014 Apr 23 2020 InstalMgr1.6.2_LNX_X86_64_WAS_8.5.5.zip @@ -156,56 +126,17 @@ drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. -rw-r--r--. 1 dmenges orion 171921530 Apr 23 2020 agent.installer.linux.gtk.x86_64_1.8.9006.20190918_1303.zip -rw-r--r--. 1 root root 215292676 Aug 12 2020 agent.installer.linux.gtk.x86_64_1.9.1003.20200730_2125.zip -was855FP21: -total 8396800 -drwxr-xr-x 2 root root 4096 Feb 25 2022 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WAS-FP021-part1.sha256 --rw-rw-r-- 1 pnott pnott 1032048285 Feb 22 2022 8.5.5-WS-WAS-FP021-part1.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WAS-FP021-part1.zip.sig --rw-rw-r-- 1 pnott pnott 198957251 Feb 22 2022 8.5.5-WS-WAS-FP021-part2.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WAS-FP021-part2.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WAS-FP021-part3.sha256 --rw-rw-r-- 1 pnott pnott 1954178904 Feb 22 2022 8.5.5-WS-WAS-FP021-part3.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WAS-FP021-part3.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part1.sha256 --rw-rw-r-- 1 pnott pnott 475341796 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part1.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part1.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part2(1).sha256 --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part2.sha256 --rw-rw-r-- 1 pnott pnott 776696122 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part2.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part2.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part3.sha256 --rw-rw-r-- 1 pnott pnott 1954178904 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part3.zip --rw-rw-r-- 1 pnott pnott 256 Feb 22 2022 8.5.5-WS-WASSupplements-FP021-part3.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 23 2022 8.5.5-WS-WCT-FP021-part1.sha256 --rw-rw-r-- 1 pnott pnott 249177805 Feb 23 2022 8.5.5-WS-WCT-FP021-part1.zip --rw-rw-r-- 1 pnott pnott 256 Feb 23 2022 8.5.5-WS-WCT-FP021-part1.zip.sig --rw-rw-r-- 1 pnott pnott 65 Feb 23 2022 8.5.5-WS-WCT-FP021-part2.sha256 --rw-rw-r-- 1 pnott pnott 1957651868 Feb 23 2022 8.5.5-WS-WCT-FP021-part2.zip --rw-rw-r-- 1 pnott pnott 256 Feb 23 2022 8.5.5-WS-WCT-FP021-part2.zip.sig was855FP22: -total 8421304 -drwxr-xr-x 2 pnott pnott 4096 Sep 28 13:25 . -drwxr-xr-x. 24 root orion 4096 Sep 28 14:30 .. --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:21 8.5.5-WS-WAS-FP022-part1.sha256 +-rw-r--r-- 1 root root 291085 Nov 17 19:35 8.5.5.22-WS-WAS-IFPH49497.zip -rw-rw-r-- 1 pnott pnott 1036290018 Aug 30 16:21 8.5.5-WS-WAS-FP022-part1.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:21 8.5.5-WS-WAS-FP022-part2.sha256 -rw-rw-r-- 1 pnott pnott 198986174 Aug 30 16:21 8.5.5-WS-WAS-FP022-part2.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:18 8.5.5-WS-WAS-FP022-part3.sha256 -rw-rw-r-- 1 pnott pnott 1960491965 Aug 30 16:22 8.5.5-WS-WAS-FP022-part3.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:28 8.5.5-WS-WASSupplements-FP022-part1.sha256 -rw-rw-r-- 1 pnott pnott 475703540 Aug 30 16:28 8.5.5-WS-WASSupplements-FP022-part1.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:28 8.5.5-WS-WASSupplements-FP022-part2.sha256 -rw-rw-r-- 1 pnott pnott 778170802 Aug 30 16:28 8.5.5-WS-WASSupplements-FP022-part2.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:28 8.5.5-WS-WASSupplements-FP022-part3.sha256 -rw-rw-r-- 1 pnott pnott 1960491965 Aug 30 16:29 8.5.5-WS-WASSupplements-FP022-part3.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:33 8.5.5-WS-WCT-FP022-part1.sha256 -rw-rw-r-- 1 pnott pnott 249260151 Aug 30 16:33 8.5.5-WS-WCT-FP022-part1.zip --rw-rw-r-- 1 pnott pnott 65 Aug 30 16:33 8.5.5-WS-WCT-FP022-part2.sha256 -rw-rw-r-- 1 pnott pnott 1963965494 Aug 30 16:34 8.5.5-WS-WCT-FP022-part2.zip - ``` Of course, you can drop it all to a single folder, or restructure it whatever way you prefer. @@ -450,7 +381,7 @@ cnx_shared_area: "/nfs/data/shared" cnx_message_store: "/nfs/data/messageStores" ``` -### Installing iFix for HCL Connections +### Installing cFix for HCL Connections To install iFix on already installed HCL Connections, edit your connections inventory file, and append these two lines: @@ -478,7 +409,7 @@ ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/hcl/c To set up Component Pack, you should have the WebSphere-side of Connections already up and running and be able to log in successfully. -Follow the steps in [Installing MongoDB 5 for Component Pack](https://opensource.hcltechsw.com/connections-doc/admin/install/installing_mongodb_5_for_component_pack_8.html) up till the point the image is imported into containerd. This is a manual step. +Follow the steps in [Installing MongoDB 5 for Component Pack](https://opensource.hcltechsw.com/connections-doc/admin/install/installing_mongodb_5_for_component_pack_8.html) till the point the image is imported into containerd. This is a manual step. Access to the HCL Harbor registry is needed to install the Component Pack. You can provide the Harbor credentials as environment variables. @@ -584,7 +515,7 @@ Desired kubernetes version can be set using kubernetes_version ``` -This set of automation will install by default 1.24.1 and should be always able to install the Kubernetes versions supported by Component Pack. +This set of automation will install by default 1.25.1 and should be always able to install the Kubernetes versions supported by Component Pack. To install Kubernetes, execute: diff --git a/documentation/QUICKSTART.md b/documentation/QUICKSTART.md index ea241c9d..bd11c1fc 100755 --- a/documentation/QUICKSTART.md +++ b/documentation/QUICKSTART.md @@ -135,13 +135,13 @@ Please note that you need to either disable password login for root user in your Ansible needs to be installed only on the controller machine, in our example it is ansible.internal.example.com ``` -[ansible@web ~]$ sudo yum install ansible +[ansible@ansible ~]$ sudo yum install ansible ``` We are supporting Ansible 2.9. Once you are done with installation, check the version (note that minor version can deffer depending at when you performed the installation): ``` -[ansible@web ~]$ ansible --version +[ansible@ansible ~]$ ansible --version ansible 2.9.15 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/lcuser/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] diff --git a/documentation/VARIABLES.md b/documentation/VARIABLES.md index 79604c6b..dbfcf56f 100755 --- a/documentation/VARIABLES.md +++ b/documentation/VARIABLES.md @@ -136,7 +136,7 @@ was_repository_url | *none* - required | WebSphere install kit download location was_fixes_repository_url | *none* - required | WebSphere Fix Pack kit location to download was_major_version | 8 | WebSphere major version was_version | 8.5.5000.20130514_1044 | WebSphere Base version -was_fp_version | 8.5.5021.20220202_1245 | WebSphere Fix Pack version +was_fp_version | 8.5.5022.20220703_1123 | WebSphere Fix Pack java_version | 8.0.6015.20200826_0935 | (only for Java upgrade during FP16/18 install) was_username | wasadmin | WAS admin user was_password | password | WAS admin user password @@ -150,8 +150,8 @@ Name | Default | Description ---- | --------| ------------- ihs_repository_url | *none* - required | IHS install kit download location ihs_fixes_repository_url | *none* - required | IHS Fix Pack kit location to download -ihs_version | 8.5.5021.20220202_1245 | IHS Fix Pack version -wct_version | 8.5.5021.20220202_1245 | WebSphere Toolbox Fix Pack version +ihs_version | 8.5.5022.20220703_1123 | IHS Fix Pack version +wct_version | 8.5.5022.20220703_1123 | WebSphere Toolbox Fix Pack version ihs_username | ihsadmin | IHS admin user ihs_password | *none* - required | IHS admin user password plg_install_location | /opt/IBM/WebSphere/Plugins | IBM WebSphere Plugin installation folder path @@ -196,13 +196,13 @@ Name | Default | Description ---- | --------| ------------- cnx_repository_url | *none* - required | Connections install kit download location connections_wizards_download_location | *none* - required | Connections Wizard install kit location to download -cnx_package | HCL_Connections_7.0_lin.tar | Connections install kit file -connections_wizards_package_name | HCL_Connections_7.0_wizards_lin_aix.tar | Connections Wizard kit file +cnx_package | HCL_Connections_8.0_lin.tar | Connections install kit file +connections_wizards_package_name | HCL_Connections_8.0_wizards_lin_aix.tar | Connections Wizard kit file setup_connections_wizards | true | true will run the Connections database wizard cnx_force_repopulation | false | true will drop the Connections databases and recreate them in `setup-connections-wizards.yml` playbook cnx_major_version | "8" | Connections major version to install -cnx_fixes_version | *none* - optional | If defined (eg. 6.5.0.0_CR1) will install the CR version -cnx_fixes_files | *none* - optional | If defined (eg. HC6.5_CR1.zip") and cnx_fixes_version is set, will download the CR install kit +cnx_fixes_version | *none* - optional | If defined (eg. 8.0.0.0_CR1) will install the CR version +cnx_fixes_files | *none* - optional | If defined (eg. HC8.0_CR1.zip") and cnx_fixes_version is set, will download the CR install kit cnx_application_ingress | *none* - required | Set as *dynamicHosts* in LotusConnections-config.xml connections_admin | jjones1 | User to be passed to the Connections installer as admin user connections_admin_password | password | password for Connections admin user @@ -293,26 +293,27 @@ uninstall_tinyeditors | true | true will uninstall Tiny Editors ### Component Pack Infra Variables Name | Default | Description ---- | --------| ------------- -containerd_version | 1.4.12-3.1.el7 | Containerd version to be installed +containerd_version | 1.6.9-3.1.el7 | Containerd version to be installed docker_version | 20.10.12 | Docker version to be installed docker_insecure_registries | {{ docker_registry_url }} | Docker insecure-registries setting registry_port | 5000 | The registry defaults to listening on port 5000 setup_docker_registry | true | true sets up docker registry docker_registry_url | {{ hostvars[groups['docker_registry'][0]]['inventory_hostname'] }}:5000 | Docker Registry url +component_pack_helm_repository | https://hclcr.io/chartrepo/cnx | Helm repo url, default to HCL Harbor registry_user | admin | Docker Registry user name registry_password | password | Docker Registry user password overlay2_enabled | true | true enables OverlayFS storage driver -kubernetes_version | 1.24.1 | Kubernetes version to be installed +kubernetes_version | 1.25.1 | Kubernetes version to be installed kube_binaries_install_dir | /usr/bin | kuberneters binary install directory kube_binaries_download_url | https://storage.googleapis.com/kubernetes-release/release | kuberneters binary download path ic_internal | localhost | Connections server internal frontend host (eg. IHS host) load_balancer_dns | localhost | Specify a DNS name for the control plane. pod_subnet | 192.168.0.0/16 | Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. kubectl_user | ansible_env['SUDO_USER'] | Kubectl is setup for all the users listed here -calico_version | 3.11 | Calico version to be installed +calico_version | 3.23 | Calico version to be installed calico_install_latest | true | true installs/Upgrades Calico to the latest version -helm_version | 3.7.2 | Helm version to be installed -haproxy_version | 2.5.1 | HAProxy version to be installed +helm_version | 3.10.2 | Helm version to be installed +haproxy_version | 2.6.6 | HAProxy version to be installed ### Component Pack Variables @@ -369,13 +370,14 @@ integrations_msteams_tenant_id | changeme | Tenant ID to configure Microsoft Tea integrations_msteams_client_id | changeme | Client ID to configure Microsoft Teams integration integrations_msteams_client_secret | changeme | Kubernetes secret name for Microsoft Teams integration integrations_msteams_auth_schema | 0 | Auth schema to configure Microsoft Teams integration -opensearch_version | 1.3.0 | Opensearch version opensearch_replicaset | 3 | Replica count to set in Helm charts for Opensearch opensearch_cluster_name | opensearch-cluster | Opensearch cluster name opensearch_default_port | 30099 | Opensearch port opensearch_ca_password | password | Opensearch CA password opensearch_key_password | password | Opensearch Key password - +opensearch_watermark_flood_stage | none | Controls the flood stage watermark for opensearch +opensearch_watermark_high | none | Controls the high watermark for disk usage for opensearch. Make sure that the opensearch_watermark_flood_stage is more than or equal to opensearch_watermark_high +opensearch_watermark_low | none | Controls the low watermark for disk usage for opensearch. Make sure that the opensearch_watermark_high is more than or equal to opensearch_watermark_low ### NFS Variables Name | Default | Description ---- | --------| ------------- diff --git a/documentation/howtos/connections_upgrade_from_6.5CR1_to_7.0.md b/documentation/howtos/connections_upgrade_from_6.5CR1_to_7.0.md index 363000eb..d8b5d257 100755 --- a/documentation/howtos/connections_upgrade_from_6.5CR1_to_7.0.md +++ b/documentation/howtos/connections_upgrade_from_6.5CR1_to_7.0.md @@ -29,12 +29,12 @@ Before you proceed, let's analyse very quickly what is important for which step. ### Setting up your inventory file -To set up 6.5CR1, let's assume that we want to also install IBM WebSphere ND 8.5.5 with FixPack 21 (for HCL Connections 7 recommended version is FixPack 21). +To set up 6.5CR1, let's assume that we want to also install IBM WebSphere ND 8.5.5 with latest supported FixPack. Please note that [files in this folder ](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/) are already set to overwrite defaults, which means it will install non default packages and we will explain here what it is doing differently: * We have our HCL Connections and HCL Connections Wizards installer living in a folder called Connections6.5, so we are setting the right paths [here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L44) -* We want, specifically, to install IBM WebSphere 8.5.5.21 which is default, and we [specify the location here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L40-L42) +* We want, specifically, to install IBM WebSphere 8.5.5 with Fixpack, and we [specify the location here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L40-L42) * We need to specify that we are not installing default version 7, and we do it [here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L74) * As connections kit names are different for different versions, so we need to specify [Connections install kit name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L72) and [Connections Wizard kit name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L73). Also specify [Connections 6.5CR1 version name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L75) and [Connections 6.5CR1 fixes install kit name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml#L76-L77). @@ -59,14 +59,14 @@ So to sum it up - what is actually going to happen when you run the playbook? * DB2 will be set up exactly the same way as it would be for Connections 7 * Connections Wizards would set up the databases needed for HCL Connections 6.5CR1 * OpenLDAP would be installed, IBM TDI after that, and NFS set up by default, since HCL Connections is requiring it by default. -* IBM WebSphere ND 8.5.5.21 would be installed using proper FixPack 21 packages (in background, base version would be always installed and then upgraded to FixPack 21) +* IBM WebSphere ND 8.5.5 with FixPack would be installed (in background, base version would be always installed and then upgraded to the FixPack per was_fp_version in [VARIABLES.md](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md) * HCL Connections 6.5CR1 would be installed. Specifying proper version above would tell it to use proper response file (the only delta between response file between version 6.* and 7 is one extra app, IC360) ## Upgrading HCL Connections from 6.5CR1 to 7.0 You already got the idea that all there is with the installation/upgrade is handled by manipulating variables in your inventory files. -For a sake of this HowTo, let's assume that we did all the steps mentioned until now: we installed HCL Connections end to end on WAS ND 8.5.5.21, and we have currently HCL Connections 6.5CR1 running as a result on WAS ND 8.5.5.21. +For a sake of this HowTo, let's assume that we did all the steps mentioned until now: we installed HCL Connections end to end on WAS ND 8.5.5 with Fixpack, and we have currently HCL Connections 6.5CR1 running as a result on WAS ND. To upgrade HCL Connections itself from 6.5CR1 to 7.0, we need to do again three things: @@ -80,7 +80,7 @@ For this example, we will reference [this example inventory folder](https://gith If you make a simple diff between [this file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx7/db2/group_vars/all.yml) and [this file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx6/db2/group_vars/all.yml) you will see that now: -* We are pointing to a folders with Connections 7 and WAS ND FP21. +* We are pointing to a folders with Connections 7 and WAS ND with Fixpack. * We are not overwriting any package and file name, as by default Ansible will assume that, in this moment, default version is 7, and package names for version 7 are being used. ### Running the upgrade diff --git a/documentation/howtos/connections_upgrade_from_7.0_to_8.0.md b/documentation/howtos/connections_upgrade_to_8.x.md old mode 100755 new mode 100644 similarity index 70% rename from documentation/howtos/connections_upgrade_from_7.0_to_8.0.md rename to documentation/howtos/connections_upgrade_to_8.x.md index 7edc7dff..4843b41d --- a/documentation/howtos/connections_upgrade_from_7.0_to_8.0.md +++ b/documentation/howtos/connections_upgrade_to_8.x.md @@ -1,10 +1,11 @@ # Upgrading HCL Connections using Ansible automation -This automation is used from HCL Connections 7.0 to test HCL Connections and Component Pack upgrades to v8.0. +This automation is used to upgrade HCL Connections and Component Pack upgrades to v8.0x. For this example, we will show: -* How to use the ansible automation to upgrade HCL Connections 7 to HCL Connection 8. This includes migrating data from mongodb v3 to mongodb v5 and elasticsearch7 to opensearch manually. +* How to use the ansible automation to upgrade to HCL Connection 8.0x. This includes migrating data from MongoDB v3 to MongoDB v5 and ElasticSearch7 to OpenSearch manually if upgrading from Component Pack v7. + * What is the logic behind it. NOTE: If this is the very first document you are landing on, please ensure that you read already our [README.md](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/README.md) and our [Quick Start Guide](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/QUICKSTART.md), specially if you never used Ansible and/or this automation before. @@ -16,20 +17,22 @@ Before you proceed, let's analyse very quickly few what is important points. Please note that if needed user can overwrite defaults using [files in this folder ](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/). We will explain here what it is doing: * We have our HCL Connections Wizards and HCL Connections installer living in a folder called Connections8, so we are setting the right paths here [#1](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml#L40) and [#2](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml#L47) -* Check default supported version of IBM WebSphere [here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md#was_fp_version:~:text=WebSphere%20Base%20version-,was_fp_version). If we want to install specific version of IBM WebSphere, [specify the location here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml#L43-L45). +* Check default supported version of IBM WebSphere [here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md#was_fp_version:~:text=WebSphere%20Base%20version-,was_fp_version). + +#### Note: There is a known issue in IBM WebSphere 8.5.5 Fixpack 22 where retrieve from port using TLS v1.3 or v1.2 ciphers may not work. See [PH49497: RETRIEVE FROM PORT NOT HONORING SSL PROTOCOL](https://www.ibm.com/support/pages/apar/PH49497) for details. Contact HCL Connections support or IBM WebSphere support for the iFix 8.5.5.22-WS-WAS-IFPH49497.zip. * As connections kit names are different for different versions, so we can explicitly specify [Connections install kit name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml#L50) and [Connections Wizard package name](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml#L51). Check out default values here [#1](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md#:~:text=location%20to%20download-,cnx_package) and [#2](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md#:~:text=connections_wizards_package_name) -* Desired version of docker, helm, kubernetes can be set using variables docker_version, kubernetes_version, helm_version respectively set in the [inventory file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml). [Click here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md) to see more details and supported default versions of these softwares. +* Desired version of docker, helm, kubernetes can be set using variables docker_version, kubernetes_version, helm_version respectively set in the [inventory file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml). [Click here](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/documentation/VARIABLES.md) to see more details and supported default versions of these software. ### Choosing operating system version Use CentOS 7 Or RHEL 8.6 (the later CentOS 7 Or RHEL 8.6 the better). For this scenario, let's say you are using CentOS 7.9. Be always sure, as whenever installing any of the components mentioned here, using automation or manually, to configure machine properly and just to be on the safe side run yum update before you start. -## Upgrading HCL Connections from 7.0 to 8.0 +## Upgrading HCL Connections to v8 ### Prerequisite -At this step we assume that we have a running connections 7 with CP installed. +At this step we assume that we have a running Connections 7 or above with the Component Pack installed. ### Setting up your inventory file @@ -49,28 +52,28 @@ Run below playbook. This will add/remove new IHS configurations if any: ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/setup-webspherend.yml ``` -And as a next step, let's upgrade HCL Connections to 8.0: +And as a next step, let's upgrade HCL Connections to v8: ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/hcl/setup-connections-only.yml ``` -Next step is to upgrade component pack 7.0 to 8.0 +## Upgrading HCL Component Pack to v8 -Run below playbooks to upgrade and configure nginx and haproxy for the HCL Connections 8.0 +Run below playbooks to upgrade and configure nginx and haproxy for the HCL Connections v8 ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/setup-nginx.yml ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/setup-haproxy.yml ``` -Run below playbook to configure NFS. This playbook will also create and configure OpenSearch and Mongo 5 folders. +Run below playbook to configure NFS. This playbook will also create and configure OpenSearch and MongoDB 5 folders and setup PV export folders permission for v8. ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/setup-nfs.yml ``` -Run below playbook to install containerd(container runtime). +Run below playbook to install containerd (container runtime). ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/setup-containerd.yml @@ -78,25 +81,56 @@ ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third To deploy Component Pack 8, we use HCL Software’s Harbor container registry. Also we strongly recommend that you [install container runtime](https://opensource.hcltechsw.com/connections-doc/admin/install/upgrade_considerations.html#section_sqh_ktx_bvb) (containerd installation playbook is already mentioned in the previous step), Follow the steps in [migrating from Docker to containerd](https://kubernetes.io/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd/), [upgrade helm to version 3.7.2](https://opensource.hcltechsw.com/connections-doc/admin/install/upgrade_considerations.html#section_bqv_2vx_bvb) and [upgrade kubernetes](https://opensource.hcltechsw.com/connections-doc/admin/install/upgrade_considerations.html#section_avm_v5x_bvb) before moving to Component pack 8. -Kubernetes can be upgraded using below playbook. Add 'upgrade_version' variable in the [inventory file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml). Follow [kubernetes official document](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) on how to upgrade kubernetes version. - -``` -ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/kubernetes/upgrade-kubernetes.yml -``` -For HCL Connections 8 we need to upgrade mongodb from v3 to v5 and OpenSearch replaces ElasticSearch7. So we need to backup data. This is a manual step. Please refer below links- +### Preparation if upgrading from Component Pack v7 +If upgrading from Component Pack v7, for v8 we need to upgrade MongoDB from v3 to v5 and OpenSearch replaces ElasticSearch7. So we need to backup data. This is a manual step. Please refer below links: [Backup mongo3 data](https://opensource.hcltechsw.com/connections-doc/admin/install/cp_install_services_tasks.html#backup_mongo3) [Backup ElasticSearch 7 data](https://opensource.hcltechsw.com/connections-doc/admin/install/cp_install_services_tasks.html#backup_es7) -Delete ingresses- -Remove ingresses before Component Pack deployment, otherwise the infrastructure will fail: +Also, remove ingresses before upgrading from Component Pack v7, otherwise the infrastructure will fail: ``` kubectl delete ingress -n connections $(kubectl get ingress -n connections | awk '{print $1}' | grep -vE "NAME") ``` +### Preparation if upgrading to Kubernetes 1.25 +
+ Click to expand if you are upgrading Kubernetes to v1.25 + +>As PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25, the following charts should be uninstalled before upgrading to Kubernetes v1.25. +> +>``` +>k8s-psp +>infrastructure +>opensearch-master +>opensearch-data +>opensearch-client +>kudos-boards-cp +>``` +> +>First, check if the chart is already deployed: +>``` +>helm ls --namespace connections | grep | grep -i DEPLOYED +>``` +> +>If found, delete the chart using below command: +>``` +>helm uninstall --namespace connections +>``` +>For more details see [PodSecurityPolicy is removed](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.25.md#podsecuritypolicy-is-removed-pod-security-admission-graduates-to-stable). +> +>Ensure you reconfigure NFS by running playbook playbooks/third_party/setup-nfs.yml. +
+ +Follow [kubernetes official document](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) on how to upgrade kubernetes version. Kubernetes can be upgraded using below playbook. Add 'upgrade_version' variable in the [inventory file](https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/environments/examples/cnx8/db2/group_vars/all.yml): + +``` +ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/third_party/kubernetes/upgrade-kubernetes.yml +``` + +### Running the Component Pack playbook Access to the HCL Harbor registry is needed to install the Component Pack. You can provide the Harbor credentials as environment variables. ``` @@ -111,9 +145,11 @@ Then execute ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/setup-component-pack-complete-harbor.yml ``` -Follow the steps in [Installing MongoDB 5 for Component Pack](https://opensource.hcltechsw.com/connections-doc/admin/install/installing_mongodb_5_for_component_pack_8.html) up till the point the image is imported into containerd. This is a manual step. -To migrate data from mongo 3 to mongo 5, [perform these steps](https://opensource.hcltechsw.com/connections-doc/admin/install/migrating_data_mongodb_v3_v5.html). This is a manual step. +Follow the steps in [Installing MongoDB 5 for Component Pack](https://opensource.hcltechsw.com/connections-doc/admin/install/installing_mongodb_5_for_component_pack_8.html) till the point the image is imported into containerd. This is a manual step. + +### Data migration if upgrading from Component Pack v7 +If upgrading from Component Pack v7, to migrate data from MongoDB 3 to MongoDB 5, [perform these steps](https://opensource.hcltechsw.com/connections-doc/admin/install/migrating_data_mongodb_v3_v5.html). This is a manual step. To migrate data from Elasticsearch 7 to OpenSearch, [perform these steps](https://opensource.hcltechsw.com/connections-doc/admin/install/cp_migrate_data_from_es7_to_opensearch.html). This is a manual step. @@ -123,8 +159,8 @@ After this we will delete all the pods using below command on the kubernetes mas kubectl delete pods -n connections $(kubectl get pods -n connections | awk '{print $1}' | grep -vE "NAME|bootstrap") ``` -Now run post installation tasks -Once your Component Pack installation is done, run this playbook to set up some post installation: +### Running post install playbook +Now run post installation tasks. Once your Component Pack installation is done, run this playbook to set up some post installation: ``` ansible-playbook -i environments/examples/cnx8/db2/inventory.ini playbooks/hcl/connections-post-install.yml diff --git a/environments/examples/cnx6/db2/group_vars/all.yml b/environments/examples/cnx6/db2/group_vars/all.yml old mode 100644 new mode 100755 index 2d945003..83f839f1 --- a/environments/examples/cnx6/db2/group_vars/all.yml +++ b/environments/examples/cnx6/db2/group_vars/all.yml @@ -37,9 +37,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections6.5 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections6.5 cnx_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/Connections6.5CR1 diff --git a/environments/examples/cnx7/db2/group_vars/all.yml b/environments/examples/cnx7/db2/group_vars/all.yml index 1c6d1c94..9a7e4d4c 100755 --- a/environments/examples/cnx7/db2/group_vars/all.yml +++ b/environments/examples/cnx7/db2/group_vars/all.yml @@ -40,9 +40,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections7 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections7 component_pack_download_location: http://{{ groups['installer'][0] }}:8001/cp @@ -81,7 +81,7 @@ cnx_enable_full_icec: true enable_prometheus_jmx_exporter: True -# uncomment these lines, set to the latest cFix to include it as part of the initial install +# uncomment these lines, set to the latest cFix to include it as part of the initial install #ifix_apar: CFix.70.XXXX #cnx_ifix_installer: "updateInstaller_XXXX.zip" #ifix_file: CFix.70.XXXX-IC7.0.0.0-Common-Fix.jar diff --git a/environments/examples/cnx7/flexnet_db2/group_vars/all.yml b/environments/examples/cnx7/flexnet_db2/group_vars/all.yml index 6b16dba9..e291cc94 100755 --- a/environments/examples/cnx7/flexnet_db2/group_vars/all.yml +++ b/environments/examples/cnx7/flexnet_db2/group_vars/all.yml @@ -40,9 +40,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections7 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections7 component_pack_download_location: http://{{ groups['installer'][0] }}:8001/cp @@ -88,7 +88,7 @@ cnx_enable_invite: true enable_prometheus_jmx_exporter: True -# uncomment these lines, set to the latest cFix to include it as part of the initial install +# uncomment these lines, set to the latest cFix to include it as part of the initial install # ifix_apar: LO100079 # cnx_ifix_installer: "updateInstaller_XXXX.zip" # ifix_file: HCL_Connections_70_Update.jar diff --git a/environments/examples/cnx7/mssql/group_vars/all.yml b/environments/examples/cnx7/mssql/group_vars/all.yml index 06111c4b..a26f1d7c 100755 --- a/environments/examples/cnx7/mssql/group_vars/all.yml +++ b/environments/examples/cnx7/mssql/group_vars/all.yml @@ -40,9 +40,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections7 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections7 component_pack_download_location: http://{{ groups['installer'][0] }}:8001/cp diff --git a/environments/examples/cnx7/oracle/group_vars/all.yml b/environments/examples/cnx7/oracle/group_vars/all.yml index ab520be5..35267bb5 100755 --- a/environments/examples/cnx7/oracle/group_vars/all.yml +++ b/environments/examples/cnx7/oracle/group_vars/all.yml @@ -40,9 +40,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections7 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections7 component_pack_download_location: http://{{ groups['installer'][0] }}:8001/cp diff --git a/environments/examples/cnx7/quick_start/group_vars/all.yml b/environments/examples/cnx7/quick_start/group_vars/all.yml index d12213d5..68ba47de 100755 --- a/environments/examples/cnx7/quick_start/group_vars/all.yml +++ b/environments/examples/cnx7/quick_start/group_vars/all.yml @@ -40,9 +40,9 @@ tdi_download_location: http://{{ groups['installer'][0 connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections7 iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections7 component_pack_download_location: http://{{ groups['installer'][0] }}:8001/cp diff --git a/environments/examples/cnx8/db2/group_vars/all.yml b/environments/examples/cnx8/db2/group_vars/all.yml old mode 100644 new mode 100755 index 3c3f95bb..9e188854 --- a/environments/examples/cnx8/db2/group_vars/all.yml +++ b/environments/examples/cnx8/db2/group_vars/all.yml @@ -35,17 +35,23 @@ tinyeditors_password: password # cnx_deploy_type: small ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 db2_download_location: http://{{ groups['installer'][0] }}:8001/DB2 tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI -connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs -cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" diff --git a/environments/examples/cnx8/oracle/group_vars/all.yml b/environments/examples/cnx8/oracle/group_vars/all.yml old mode 100644 new mode 100755 index 6b72eb68..c0a65019 --- a/environments/examples/cnx8/oracle/group_vars/all.yml +++ b/environments/examples/cnx8/oracle/group_vars/all.yml @@ -35,17 +35,23 @@ tinyeditors_password: password cnx_deploy_type: medium ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 oracle_download_location: http://{{ groups['installer'][0] }}:8001/Oracle tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI -connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs -cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" diff --git a/environments/examples/cnx8/quick_start/group_vars/all.yml b/environments/examples/cnx8/quick_start/group_vars/all.yml old mode 100644 new mode 100755 index 6b28a878..4de32ce8 --- a/environments/examples/cnx8/quick_start/group_vars/all.yml +++ b/environments/examples/cnx8/quick_start/group_vars/all.yml @@ -35,17 +35,23 @@ tinyeditors_password: password cnx_deploy_type: medium ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 db2_download_location: http://{{ groups['installer'][0] }}:8001/DB2 tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI -connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs -cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" diff --git a/environments/examples/existing_database/db2/group_vars/all.yml b/environments/examples/existing_database/db2/group_vars/all.yml index a973d6f8..686df34e 100755 --- a/environments/examples/existing_database/db2/group_vars/all.yml +++ b/environments/examples/existing_database/db2/group_vars/all.yml @@ -35,17 +35,23 @@ tinyeditors_password: password cnx_deploy_type: medium ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 db2_download_location: http://{{ groups['installer'][0] }}:8001/DB2 tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI -connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 -ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs -cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" diff --git a/environments/examples/existing_database/mssql/group_vars/all.yml b/environments/examples/existing_database/mssql/group_vars/all.yml index 6c50e023..0d4005c8 100755 --- a/environments/examples/existing_database/mssql/group_vars/all.yml +++ b/environments/examples/existing_database/mssql/group_vars/all.yml @@ -35,17 +35,27 @@ tinyeditors_password: password cnx_deploy_type: medium ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 mssql_download_location: http://{{ groups['installer'][0] }}:8001/MSSQL tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" diff --git a/environments/examples/existing_database/oracle/group_vars/all.yml b/environments/examples/existing_database/oracle/group_vars/all.yml index 98995d0f..5231ee81 100755 --- a/environments/examples/existing_database/oracle/group_vars/all.yml +++ b/environments/examples/existing_database/oracle/group_vars/all.yml @@ -35,17 +35,27 @@ tinyeditors_password: password cnx_deploy_type: medium ldap_user_mail_domain: "connections.example.com" +connections_kit_folder: Connections8 oracle_download_location: http://{{ groups['installer'][0] }}:8001/Oracle tdi_download_location: http://{{ groups['installer'][0] }}:8001/TDI connections_wizards_download_location: http://{{ groups['installer'][0] }}:8001/Connections8 +connections_wizards_download_location: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" iim_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_repository_url: http://{{ groups['installer'][0] }}:8001/was855 was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +was_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 ihs_repository_url: http://{{ groups['installer'][0] }}:8001/was855 ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP21 +ihs_fixes_repository_url: http://{{ groups['installer'][0] }}:8001/was855FP22 cnx_docs_download_location: http://{{ groups['installer'][0] }}:8001/Docs cnx_repository_url: http://{{ groups['installer'][0] }}:8001/Connections8 +cnx_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" tinyeditors_download_location: http://{{ groups['installer'][0] }}:8001/TinyEditors +cnx_fixes_repository_url: "http://{{ groups['installer'][0] }}:8001/{{ connections_kit_folder }}" + +cnx_fixes_version: "8.0.0.0_CR1" +cnx_fixes_files: + - { file_name: "HC8.0_CR1.zip" } cnx_package: "HCL_Connections_8.0_lin.tar" connections_wizards_package_name: "HCL_Connections_8.0_wizards_lin_aix.tar" @@ -96,7 +106,7 @@ cnx_enable_full_icec: true enable_prometheus_jmx_exporter: True -# uncomment these lines, set to the latest cFix to include it as part of the initial install +# uncomment these lines, set to the latest cFix to include it as part of the initial install # ifix_apar: CFix.70.2110 # cnx_ifix_installer: "updateInstaller_2104.zip" # ifix_file: CFix.70.2110-IC7.0.0.0-Common-Fix.jar diff --git a/playbooks/servers_check.yml b/playbooks/servers_check.yml new file mode 100644 index 00000000..5869c592 --- /dev/null +++ b/playbooks/servers_check.yml @@ -0,0 +1,7 @@ +--- +- name: Hosts Check + hosts: all + become: true + tasks: + - debug: var=ansible_default_ipv4.address + diff --git a/playbooks/third_party/was-nd-start.yml b/playbooks/third_party/was-nd-start.yml new file mode 100755 index 00000000..cdf69478 --- /dev/null +++ b/playbooks/third_party/was-nd-start.yml @@ -0,0 +1,31 @@ +--- +- name: Start HTTP Servers + hosts: ihs_servers + become: true + roles: + - roles/third_party/ibm/ihs/ibm-http-server-start + +- name: Start DMGR + hosts: dmgr + become: true + roles: + - roles/third_party/ibm/wasnd/was-dmgr-start + +- name: Start WAS Nodes + hosts: was_servers + serial: 1 + become: true + roles: + - roles/third_party/ibm/wasnd/was-nodeagent-start + +- name: Start CNX Clusters + hosts: dmgr + become: true + roles: + - roles/third_party/ibm/wasnd/was-dmgr-start-cluster + +- name: Start Docs Clusters + hosts: dmgr + become: true + roles: + - roles/hcl/docs/start_docs_clusters diff --git a/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_elasticsearch_config.yml b/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_elasticsearch_config.yml index c137c721..fbba1ca3 100755 --- a/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_elasticsearch_config.yml +++ b/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_elasticsearch_config.yml @@ -82,7 +82,7 @@ delegate_to: "{{ groups['component_pack_master'][0] }}" - name: Run {{ __config_blue_metrics_cmd }} - shell: "/usr/bin/python3 {{ __config_blue_metrics_cmd }}" + shell: "{{ __python_path }} {{ __config_blue_metrics_cmd }}" become_user: "{{ __sudo_user }}" register: configured_blue_metrics ignore_errors: true diff --git a/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_huddoboards_extension.yml b/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_huddoboards_extension.yml index 09f99789..ea8abfd0 100755 --- a/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_huddoboards_extension.yml +++ b/roles/hcl/component-pack-harbor/post-install-config/tasks/setup_huddoboards_extension.yml @@ -6,11 +6,23 @@ register: huddo_ext_already_installed_file delegate_to: "{{ hostvars[groups['nfs_servers'][0]]['inventory_hostname'] }}" + - name: Get nobody/nogroup + set_fact: + nobody: "{{ nfs_nobody | default('nobody') }}" + nogroup: "{{ nfs_nogroup | default('nobody') }}" + + - name: "Get user name for customizer PV folder owner" + command: id -nu 1000 + register: customizer_pv_username + delegate_to: "{{ hostvars[groups['nfs_servers'][0]]['inventory_hostname'] }}" + - name: "Create /{{ __customizer_huddo_extension }} if not exists (fresh)" file: path: "/{{ __customizer_huddo_extension }}" state: directory - mode: '0755' + owner: "{{ customizer_pv_username.stdout }}" + group: "{{ nogroup }}" + mode: '0700' delegate_to: "{{ hostvars[groups['nfs_servers'][0]]['inventory_hostname'] }}" when: not huddo_ext_already_installed_file.stat.exists @@ -25,7 +37,7 @@ file: path: "/{{ __customizer_huddo_extension }}/update.sh" state: file - mode: '0750' + mode: '0700' delegate_to: "{{ hostvars[groups['nfs_servers'][0]]['inventory_hostname'] }}" - name: "Update Huddo Extension if exists" @@ -48,6 +60,13 @@ cmd: "sed -i.original 's|https://boards.huddo.com|https://{{ cnx_application_ingress }}/boards|g' settings.js" delegate_to: "{{ hostvars[groups['nfs_servers'][0]]['inventory_hostname'] }}" + - name: "Change files ownership to {{ customizer_pv_username.stdout }}" + file: + path: "/{{ __customizer_huddo_extension }}" + recurse: yes + group: "{{ nogroup }}" + owner: "{{ customizer_pv_username.stdout }}" + - name: Authentication to CNX and store the LtpaToken2 (and other cookies) uri: url: https://{{ __frontend_fqdn }}/news/j_security_check diff --git a/roles/hcl/component-pack-harbor/post-install-config/vars/main.yml b/roles/hcl/component-pack-harbor/post-install-config/vars/main.yml index bc406edb..0bfbb276 100755 --- a/roles/hcl/component-pack-harbor/post-install-config/vars/main.yml +++ b/roles/hcl/component-pack-harbor/post-install-config/vars/main.yml @@ -18,6 +18,7 @@ __connections_admin_password: "{{ connections_admin_password | default('passwo __sudo_user: "{{ kubectl_user | default( ansible_env['SUDO_USER'] ) }}" __default_namespace: "{{ default_namespace | default('connections') }}" __frontend_fqdn: "{{ frontend_fqdn | default(localhost) }}" +__python_path: "{{ python_path | default('/usr/bin/python3') }}" __lcc_namespaces: xmlns="http://www.ibm.com/LotusConnections-config" diff --git a/roles/hcl/component-pack-harbor/tasks/configure_credentials.yml b/roles/hcl/component-pack-harbor/tasks/configure_credentials.yml index 5d8c657b..79c5edff 100755 --- a/roles/hcl/component-pack-harbor/tasks/configure_credentials.yml +++ b/roles/hcl/component-pack-harbor/tasks/configure_credentials.yml @@ -10,6 +10,11 @@ when: connections_created.rc != 0 become_user: "{{ __sudo_user }}" +- name: Applying Pod Security Admission policy to the '{{ __default_namespace }}' namespace when kuberntes version >= 1.25. Current version is {{ __kubernetes_version }} + command: kubectl label --overwrite ns {{ __default_namespace }} pod-security.kubernetes.io/enforce=baseline pod-security.kubernetes.io/enforce-version=latest pod-security.kubernetes.io/warn=baseline pod-security.kubernetes.io/warn-version=latest pod-security.kubernetes.io/audit=baseline pod-security.kubernetes.io/audit-version=latest + when: __kubernetes_version is version_compare('1.25', '>=') + become_user: "{{ __sudo_user }}" + - name: Delete credentials, to enable recreating it command: kubectl delete secret {{ __credentials_name }} -n {{ __default_namespace }} become_user: "{{ __sudo_user }}" diff --git a/roles/hcl/component-pack-harbor/tasks/configure_psp.yml b/roles/hcl/component-pack-harbor/tasks/configure_psp.yml new file mode 100755 index 00000000..ef908633 --- /dev/null +++ b/roles/hcl/component-pack-harbor/tasks/configure_psp.yml @@ -0,0 +1,23 @@ +--- +- name: Install PSP if kubernetes version < 1.25.0 and setup_psp is set to true + include_tasks: setup_psp.yml + when: + - __setup_psp |bool + - __kubernetes_version is version_compare('1.25', '<') + +- name: Check if PSP is already deployed when kubernetes version >= 1.25.0 + shell: helm ls --namespace {{ __default_namespace }} | grep k8s-psp | grep -i DEPLOYED + when: + - not __kubernetes_version is version_compare('1.25', '<') + changed_when: true + register: psp_already_provisioned + become_user: "{{ __sudo_user }}" + ignore_errors: true + +- name: Uninstall PSP as kubernetes version >= 1.25.0 + shell: helm uninstall k8s-psp --namespace {{ __default_namespace }} + when: + - not __kubernetes_version is version_compare('1.25', '<') + - psp_already_provisioned.rc == 0 + become_user: "{{ __sudo_user }}" + ignore_errors: true diff --git a/roles/hcl/component-pack-harbor/tasks/enable_es_metrics.yml b/roles/hcl/component-pack-harbor/tasks/enable_es_metrics.yml index 515c18d1..d83a8534 100755 --- a/roles/hcl/component-pack-harbor/tasks/enable_es_metrics.yml +++ b/roles/hcl/component-pack-harbor/tasks/enable_es_metrics.yml @@ -6,7 +6,7 @@ become_user: "{{ __sudo_user }}" - name: Run {{ __config_blue_metrics_cmd }} - shell: "/usr/bin/python3 {{ __config_blue_metrics_cmd }}" + shell: "{{ __python_path }} {{ __config_blue_metrics_cmd }}" become_user: "{{ __sudo_user }}" register: configured_blue_metrics ignore_errors: true @@ -274,7 +274,7 @@ ignore_errors: yes - name: Run {{ __config_blue_metrics_cmd }} - shell: "/usr/bin/python3 {{ __config_blue_metrics_cmd }}" + shell: "{{ __python_path }} {{ __config_blue_metrics_cmd }}" become_user: "{{ __sudo_user }}" register: configured_blue_metrics_repeat retries: 10 @@ -282,4 +282,4 @@ until: configured_blue_metrics_repeat.stdout|lower is not search("error") ignore_errors: true -- debug: var=configured_blue_metrics_repeat.stdout_lines \ No newline at end of file +- debug: var=configured_blue_metrics_repeat.stdout_lines diff --git a/roles/hcl/component-pack-harbor/tasks/main.yml b/roles/hcl/component-pack-harbor/tasks/main.yml index ed27dd25..9f663c3f 100755 --- a/roles/hcl/component-pack-harbor/tasks/main.yml +++ b/roles/hcl/component-pack-harbor/tasks/main.yml @@ -10,9 +10,8 @@ include_tasks: configure_credentials.yml when: __setup_credentials |bool -- name: Setup PSP - include_tasks: setup_psp.yml - when: __setup_psp |bool +- name: Configure PSP + include_tasks: configure_psp.yml - name: Setup connections-volumes include_tasks: setup_connections_volumes.yml @@ -42,6 +41,17 @@ include_tasks: setup_opensearch.yml when: __setup_opensearch |bool +- name: Check if opensearch is deployed and pod is in running state + shell: "kubectl wait -n {{ __default_namespace }} --for=jsonpath='{.status.phase}'=Running pods --selector app.kubernetes.io/name='opensearch' --timeout=1s" + register: opensearch_pod_running + become_user: "{{ __sudo_user }}" + ignore_errors: true + +- name: Set __setup_opensearch variable if opensearch is deployed and pod is in running state + set_fact: + __setup_opensearch: true + when: opensearch_pod_running.stdout != "" + - name: Setup Community Ingress Controller include_tasks: setup_community_ingress.yml when: __setup_community_ingress |bool @@ -54,6 +64,17 @@ include_tasks: setup_tailored_exp.yml when: __setup_tailored_exp |bool +- name: Check if Tailored Experience is deployed and pod is in running state + shell: "kubectl wait -n {{ __default_namespace }} --for=jsonpath='{.status.phase}'=Running pods --selector app='te-creation-wizard' --timeout=1s" + register: tailored_exp_pod_running + become_user: "{{ __sudo_user }}" + ignore_errors: true + +- name: Set __setup_tailored_exp variable if Tailored Experience is deployed and pod is in running state + set_fact: + __setup_tailored_exp: true + when: tailored_exp_pod_running.stdout != "" + - name: Setup ELK include_tasks: setup_elasticstack7.yml when: __setup_elasticstack7 |bool diff --git a/roles/hcl/component-pack-harbor/tasks/setup_community_ingress.yml b/roles/hcl/component-pack-harbor/tasks/setup_community_ingress.yml index e193308f..7e9e589c 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_community_ingress.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_community_ingress.yml @@ -1,4 +1,4 @@ -- name: Add Community Helm Repo +- name: Add Community Helm Repo shell: helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx become_user: "{{ __sudo_user }}" ignore_errors: true @@ -103,10 +103,10 @@ - helm_version.stdout == "v2" - ("api." not in cluster_flavor_check.stdout) -- name: copy cnx_ingress_values.yml from local host to remote host (relative path, ./files/) - copy: - src: cnx-ingress-values.yml - dest: $HOME/ +- name: Render cnx_ingress_values.j2 from local host to remote host $HOME/cnx-ingress-values.yml (relative path, ./template/) + template: + src: cnx-ingress-values.j2 + dest: $HOME/cnx-ingress-values.yml mode: '0777' become_user: "{{ __sudo_user }}" @@ -135,7 +135,7 @@ become_user: "{{ __sudo_user }}" - name: Install ingress-nginx - if Vanilla Kubernetes if Prom-Operator Not already Deployed helm-3 - shell: helm upgrade cnx-ingress -i ingress-nginx/ingress-nginx --namespace {{ __default_namespace }} --set {{ __communitying_ind_env_vanilla }} --wait + shell: helm upgrade cnx-ingress -i ingress-nginx/ingress-nginx --namespace {{ __default_namespace }} --set controller.image.allowPrivilegeEscalation=false --set {{ __communitying_ind_env_vanilla }} --wait when: - helm_version.stdout != "v2" - prom_operator_already_provisioned_helm3.rc != 0 @@ -167,7 +167,7 @@ become_user: "{{ __sudo_user }}" - name: Install ingress-nginx - if EKS/OpenShift if Prom-Operator Not already Deployed helm-3 - shell: helm upgrade cnx-ingress -i ingress-nginx/ingress-nginx --namespace {{ __default_namespace }} --set {{ __communitying_ind_env_eks_os }} --wait + shell: helm upgrade cnx-ingress -i ingress-nginx/ingress-nginx --namespace {{ __default_namespace }} --set controller.image.allowPrivilegeEscalation=false --set {{ __communitying_ind_env_eks_os }} --wait when: - helm_version.stdout != "v2" - ("eks.amazonaws.com" in cluster_flavor_check.stdout) or ("api." in cluster_flavor_check.stdout) diff --git a/roles/hcl/component-pack-harbor/tasks/setup_customizer.yml b/roles/hcl/component-pack-harbor/tasks/setup_customizer.yml index bab1f6cc..1719eb55 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_customizer.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_customizer.yml @@ -5,39 +5,35 @@ become_user: "{{ __sudo_user }}" ignore_errors: true -- name: Create local mount point "{{ __customizer_js_files_mount }}" - file: - path: "{{ __customizer_js_files_mount }}" - state: directory - mode: '0755' - when: - - customizer_completed.rc != 0 - -- name: Mount "{{ __customizer_js_files_dest }}" to "{{ __customizer_js_files_mount }}" first - mount: - fstype: nfs - opts: defaults - dump: 0 - passno: 0 - state: mounted - src: "{{ __customizer_js_files_dest }}" - path: "{{ __customizer_js_files_mount }}" - when: - - customizer_completed.rc != 0 +- name: Get nobody/nogroup + set_fact: + nobody: "{{ nfs_nobody | default('nobody') }}" + nogroup: "{{ nfs_nogroup | default('nobody') }}" - name: Copy HelloWorld js for customizer to "{{ __customizer_js_files_mount }}" copy: src: "{{ __customizer_helloworld_js_files }}" dest: "{{ __customizer_helloworld_js_dest }}" + owner: "1000" + group: "{{ nogroup }}" + mode: '0700' + directory_mode: '0700' + delegate_to: "{{ groups['nfs_servers'][0] }}" + - name: Copy *.js stuff for customizer to "{{ __customizer_js_files_mount }}" copy: src: "{{ item }}" dest: "{{ __customizer_js_files_mount }}" + owner: "1000" + group: "{{ nogroup }}" + mode: '0700' + directory_mode: '0700' with_items: - "files/customizer/container.css" - "files/customizer/containerUtils.js" - "files/customizer/utils.js" + delegate_to: "{{ groups['nfs_servers'][0] }}" when: - __cnx_major_version is version('7', '<=') @@ -45,6 +41,11 @@ copy: src: "files/ms-teams/customizations/ms-teams" dest: "{{ __customizer_js_files_mount }}" + owner: "1000" + group: "{{ nogroup }}" + mode: '0700' + directory_mode: '0700' + delegate_to: "{{ groups['nfs_servers'][0] }}" when: - __setup_teams |bool and __cnx_major_version is version('7', '<=') @@ -52,6 +53,11 @@ copy: src: "{{ __customizer_share_msteams_js_files }}" dest: "{{ __customizer_share_msteam_js_dest }}" + owner: "1000" + group: "{{ nogroup }}" + mode: '0700' + directory_mode: '0700' + delegate_to: "{{ groups['nfs_servers'][0] }}" when: - __cnx_major_version is version('7', '>') diff --git a/roles/hcl/component-pack-harbor/tasks/setup_kudosboards.yml b/roles/hcl/component-pack-harbor/tasks/setup_kudosboards.yml index ad378fb7..984e77f1 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_kudosboards.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_kudosboards.yml @@ -23,7 +23,7 @@ become_user: "{{ __sudo_user }}" - name: Get chart and version - shell: "helm search repo {{ __helm_repository_local_name }} {{ __helm_repo_flag }} | grep kudos-boards-cp | grep -v activity | awk {'print $2'}" + shell: "helm search repo {{ __helm_repository_local_name }} {{ __helm_repo_flag }} | grep huddo-boards-cp | grep -v activ | awk {'print $2'}" register: kudosboards_chart_version become_user: "{{ __sudo_user }}" @@ -39,5 +39,5 @@ when: __record_cp_versions|bool - name: Upgrade kudos-boards-cp - command: "helm upgrade kudos-boards-cp {{ __helm_repository_local_name }}/kudos-boards-cp -i --version {{ kudosboards_chart_version.stdout }} -f {{ __kudos_boards_destination }} --namespace {{ __default_namespace }}" + command: "helm upgrade kudos-boards-cp {{ __helm_repository_local_name }}/huddo-boards-cp -i --version {{ kudosboards_chart_version.stdout }} -f {{ __kudos_boards_destination }} --namespace {{ __default_namespace }}" become_user: "{{ __sudo_user }}" diff --git a/roles/hcl/component-pack-harbor/tasks/setup_ms_teams_extensions.yml b/roles/hcl/component-pack-harbor/tasks/setup_ms_teams_extensions.yml index f95652db..67b28d27 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_ms_teams_extensions.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_ms_teams_extensions.yml @@ -117,7 +117,8 @@ \"icon\": { \"type\": \"svg\", \"data\": \"data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgMTAyNCAxMDI0Ij4KICAgICAgPGRlZnM+CiAgICAgICAgPGxpbmVhckdyYWRpZW50IGlkPSJwbGF0ZS1maWxsIiB4MT0iLS4yIiB5MT0iLS4yIiB4Mj0iLjgiIHkyPSIuOCI+CiAgICAgICAgICA8c3RvcCBvZmZzZXQ9IjAiIHN0b3AtY29sb3I9IiM1YTYyYzQiPjwvc3RvcD4KICAgICAgICAgIDxzdG9wIG9mZnNldD0iMSIgc3RvcC1jb2xvcj0iIzM5NDBhYiI+PC9zdG9wPgogICAgICAgIDwvbGluZWFyR3JhZGllbnQ+CiAgICAgICAgPHN0eWxlPgogICAgICAgICAgLmNscy0xe2ZpbGw6IzUwNTljOX0uY2xzLTJ7ZmlsbDojN2I4M2VifQogICAgICAgIDwvc3R5bGU+CiAgICAgICAgPGZpbHRlciBpZD0icGVyc29uLXNoYWRvdyIgeD0iLTUwJSIgeT0iLTUwJSIgd2lkdGg9IjMwMCUiIGhlaWdodD0iMzAwJSI+CiAgICAgICAgICA8ZmVHYXVzc2lhbkJsdXIgaW49IlNvdXJjZUFscGhhIiBzdGREZXZpYXRpb249IjI1Ij48L2ZlR2F1c3NpYW5CbHVyPgogICAgICAgICAgPGZlT2Zmc2V0IGR5PSIyNSI+PC9mZU9mZnNldD4KICAgICAgICAgIDxmZUNvbXBvbmVudFRyYW5zZmVyPgogICAgICAgICAgICA8ZmVGdW5jQSB0eXBlPSJsaW5lYXIiIHNsb3BlPSIuMjUiPjwvZmVGdW5jQT4KICAgICAgICAgIDwvZmVDb21wb25lbnRUcmFuc2Zlcj4KICAgICAgICAgIDxmZU1lcmdlPgogICAgICAgICAgICA8ZmVNZXJnZU5vZGU+PC9mZU1lcmdlTm9kZT4KICAgICAgICAgICAgPGZlTWVyZ2VOb2RlIGluPSJTb3VyY2VHcmFwaGljIj48L2ZlTWVyZ2VOb2RlPgogICAgICAgICAgPC9mZU1lcmdlPgogICAgICAgIDwvZmlsdGVyPgoKCiAgICAgICAgPGZpbHRlciBpZD0iYmFjay1wbGF0ZS1zaGFkb3ciIHg9Ii01MCUiIHk9Ii01MCUiIHdpZHRoPSIzMDAlIiBoZWlnaHQ9IjMwMCUiPgogICAgICAgICAgCgk8ZmVHYXVzc2lhbkJsdXIgaW49IlNvdXJjZUFscGhhIiBzdGREZXZpYXRpb249IjI0Ij48L2ZlR2F1c3NpYW5CbHVyPgoJICA8ZmVPZmZzZXQgZHg9IjIiIGR5PSIyNCI+PC9mZU9mZnNldD4KICAgICAgICAgIDxmZUNvbXBvbmVudFRyYW5zZmVyPgogICAgICAgICAgPGZlRnVuY0EgdHlwZT0ibGluZWFyIiBzbG9wZT0iLjYiPjwvZmVGdW5jQT4KCiAgICAgICAgICA8L2ZlQ29tcG9uZW50VHJhbnNmZXI+CiAgICAgICAgICA8ZmVNZXJnZT4KICAgICAgICAgICAgPGZlTWVyZ2VOb2RlPjwvZmVNZXJnZU5vZGU+CiAgICAgICAgICAgIDxmZU1lcmdlTm9kZSBpbj0iU291cmNlR3JhcGhpYyI+PC9mZU1lcmdlTm9kZT4KICAgICAgICAgIDwvZmVNZXJnZT4KICAgICAgICA8L2ZpbHRlcj4KICAgICAgICA8ZmlsdGVyIGlkPSJ0ZWUtc2hhZG93IiB4PSItNTAlIiB5PSItNTAlIiB3aWR0aD0iMjUwJSIgaGVpZ2h0PSIyNTAlIj4KICAgICAgICAgIDxmZUdhdXNzaWFuQmx1ciBpbj0iU291cmNlQWxwaGEiIHN0ZERldmlhdGlvbj0iMTIiPjwvZmVHYXVzc2lhbkJsdXI+CiAgICAgICAgICA8ZmVPZmZzZXQgZHg9IjEwIiBkeT0iMjAiPjwvZmVPZmZzZXQ+CiAgICAgICAgICA8ZmVDb21wb25lbnRUcmFuc2Zlcj4KICAgICAgICAgICAgPGZlRnVuY0EgdHlwZT0ibGluZWFyIiBzbG9wZT0iLjIiPjwvZmVGdW5jQT4KICAgICAgICAgIDwvZmVDb21wb25lbnRUcmFuc2Zlcj4KICAgICAgICAgIDxmZU1lcmdlPgogICAgICAgICAgICA8ZmVNZXJnZU5vZGU+PC9mZU1lcmdlTm9kZT4KICAgICAgICAgICAgPGZlTWVyZ2VOb2RlIGluPSJTb3VyY2VHcmFwaGljIj48L2ZlTWVyZ2VOb2RlPgogICAgICAgICAgPC9mZU1lcmdlPgogICAgICAgIDwvZmlsdGVyPgoKICAgICAgIAoKICAgICAgICA8Y2xpcFBhdGggaWQ9ImJhY2stcGxhdGUtY2xpcCI+CiAgICAgICAgICA8cGF0aCBkPSJNNjg0IDQzMkg1MTJ2LTQ5LjE0M0ExMTIgMTEyIDAgMSAwIDQxNiAyNzJhMTExLjU1NiAxMTEuNTU2IDAgMCAwIDEwLjc4NSA0OEgxNjBhMzIuMDk0IDMyLjA5NCAwIDAgMC0zMiAzMnYzMjBhMzIuMDk0IDMyLjA5NCAwIDAgMCAzMiAzMmgxNzguNjdjMTUuMjM2IDkwLjggOTQuMiAxNjAgMTg5LjMzIDE2MCAxMDYuMDM5IDAgMTkyLTg1Ljk2MSAxOTItMTkyVjQ2OGEzNiAzNiAwIDAgMC0zNi0zNnoiIGZpbGw9IiNmZmYiPjwvcGF0aD4KICAgICAgICA8L2NsaXBQYXRoPgogICAgICA8L2RlZnM+CiAgICAgIDxnIGlkPSJzbWFsbF9wZXJzb24iIGZpbHRlcj0idXJsKCNwZXJzb24tc2hhZG93KSI+CiAgICAgICAgPHBhdGggaWQ9IkJvZHkiIGNsYXNzPSJjbHMtMSIgZD0iTTY5MiA0MzJoMTY4YTM2IDM2IDAgMCAxIDM2IDM2djE2NGExMjAgMTIwIDAgMCAxLTEyMCAxMjAgMTIwIDEyMCAwIDAgMS0xMjAtMTIwVjQ2OGEzNiAzNiAwIDAgMSAzNi0zNnoiPjwvcGF0aD4KICAgICAgICA8Y2lyY2xlIGlkPSJIZWFkIiBjbGFzcz0iY2xzLTEiIGN4PSI3NzYiIGN5PSIzMDQiIHI9IjgwIj48L2NpcmNsZT4KICAgICAgPC9nPgogICAgICA8ZyBpZD0iTGFyZ2VfUGVyc29uIiBmaWx0ZXI9InVybCgjcGVyc29uLXNoYWRvdykiPgogICAgICAgIDxwYXRoIGlkPSJCb2R5LTIiIGRhdGEtbmFtZT0iQm9keSIgY2xhc3M9ImNscy0yIiBkPSJNMzcyIDQzMmgzMTJhMzYgMzYgMCAwIDEgMzYgMzZ2MjA0YTE5MiAxOTIgMCAwIDEtMTkyIDE5MiAxOTIgMTkyIDAgMCAxLTE5Mi0xOTJWNDY4YTM2IDM2IDAgMCAxIDM2LTM2eiI+PC9wYXRoPgogICAgICAgIDxjaXJjbGUgaWQ9IkhlYWQtMiIgZGF0YS1uYW1lPSJIZWFkIiBjbGFzcz0iY2xzLTIiIGN4PSI1MjgiIGN5PSIyNzIiIHI9IjExMiI+PC9jaXJjbGU+CiAgICAgIDwvZz4KICAgICAgPHJlY3QgaWQ9IkJhY2tfUGxhdGUiIHg9IjEyOCIgeT0iMzIwIiB3aWR0aD0iMzg0IiBoZWlnaHQ9IjM4NCIgcng9IjMyIiByeT0iMzIiIGZpbHRlcj0idXJsKCNiYWNrLXBsYXRlLXNoYWRvdykiIGNsaXAtcGF0aD0idXJsKCNiYWNrLXBsYXRlLWNsaXApIiBmaWxsPSJ1cmwoI3BsYXRlLWZpbGwpIj48L3JlY3Q+CiAgICAgIDxwYXRoIGlkPSJMZXR0ZXJfVCIgZD0iTTM5OS4zNjUgNDQ1Ljg1NWgtNjAuMjkzdjE2NC4yaC0zOC40MTh2LTE2NC4yaC02MC4wMlY0MTRoMTU4LjczeiIgZmlsdGVyPSJ1cmwoI3RlZS1zaGFkb3cpIiBmaWxsPSIjZmZmIj48L3BhdGg+CiAgICA8L3N2Zz4=\" - } + }, + \"title\": \"Share in Teams\" }, \"path\": \"global\", \"state\": \"enabled\" diff --git a/roles/hcl/component-pack-harbor/tasks/setup_opensearch.yml b/roles/hcl/component-pack-harbor/tasks/setup_opensearch.yml index 6563f91e..5e7b1a3a 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_opensearch.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_opensearch.yml @@ -1,3 +1,23 @@ +- name: Avoid issues with 'out of virtual memory' exceptions as per documentation + sysctl: + name: "vm.max_map_count" + value: '262144' + sysctl_set: yes + reload: yes + delegate_to: "{{ item }}" + with_items: + - "{{ groups['k8s_workers'] }}" + +- name: Avoid issues with 'out of file descriptors' exceptions as per documentation + sysctl: + name: "fs.file-max" + value: '65536' + sysctl_set: yes + reload: yes + delegate_to: "{{ item }}" + with_items: + - "{{ groups['k8s_workers'] }}" + - name: "Render {{ __opensearch_master_env }}" template: src: "helmvars/opensearch_master.yml.j2" @@ -40,6 +60,43 @@ command: "helm upgrade opensearch-data {{ __helm_repository_local_name }}/opensearch -i --version {{ opensearch_chart_version.stdout }} -f {{ __opensearch_data_env }} --namespace {{ __default_namespace }} --set common.probe.readinessProbe.timeoutSeconds=60 --wait --timeout 10m" become_user: "{{ __sudo_user }}" +- name: Wait for OpenSearch master to get ready and accept requests + shell: kubectl exec {{ __opensearch_cluster_name }}-master-0 -n "{{ __default_namespace }}" -- bash -c "/usr/share/opensearch/probe/sendRequest.sh GET /_cluster/health" + become_user: "{{ __sudo_user }}" + register: cluster_readiness + until: cluster_readiness.stdout is search(__opensearch_cluster_name) + retries: 3 + delay: 30 + +- name: Creating a shell script file for changing opensearch disk watermark settings + copy: + dest: "~/opensearch-disk-watermark.sh" + content: | + kubectl exec {{ __opensearch_cluster_name }}-master-0 -n "{{ __default_namespace }}" -- bash -c "/usr/share/opensearch/probe/sendRequest.sh PUT '/_cluster/settings' -H 'Content-Type: application/json' -d '{\"transient\" : {\"cluster.routing.allocation.disk.watermark.flood_stage\" : \"{{ opensearch_watermark_flood_stage | default(95) | int }}%\",\"cluster.routing.allocation.disk.watermark.high\" : \"{{ opensearch_watermark_high | default(90) | int }}%\",\"cluster.routing.allocation.disk.watermark.low\" : \"{{ opensearch_watermark_low | default(85) | int }}%\"}}'" + become_user: "{{ __sudo_user }}" + when: + - (opensearch_watermark_low is defined) or (opensearch_watermark_high is defined) or (opensearch_watermark_low is defined) + +- name: Changing permission of "~/opensearch-disk-watermark.sh", adding "+x" + file: dest=~/opensearch-disk-watermark.sh mode=a+x + become_user: "{{ __sudo_user }}" + when: + - (opensearch_watermark_low is defined) or (opensearch_watermark_high is defined) or (opensearch_watermark_low is defined) + +- name: Execute the script to change opensearch disk watermark settings + command: sh ~/opensearch-disk-watermark.sh + become_user: "{{ __sudo_user }}" + when: + - (opensearch_watermark_low is defined) or (opensearch_watermark_high is defined) or (opensearch_watermark_low is defined) + +- name: Delete opensearch disk watermark settings shell script file + file: + path: "~/opensearch-disk-watermark.sh" + state: absent + become_user: "{{ __sudo_user }}" + when: + - (opensearch_watermark_low is defined) or (opensearch_watermark_high is defined) or (opensearch_watermark_low is defined) + - name: Upgrade opensearch client command: "helm upgrade opensearch-client {{ __helm_repository_local_name }}/opensearch -i --version {{ opensearch_chart_version.stdout }} -f {{ __opensearch_client_env }} --namespace {{ __default_namespace }} --set common.probe.readinessProbe.timeoutSeconds=60 --wait --timeout 10m" become_user: "{{ __sudo_user }}" @@ -60,5 +117,5 @@ become_user: "{{ __sudo_user }}" - name: Remove Master eligible nodes using voting configuration to support scaling down - shell: kubectl exec {{ __opensearch_cluster_name }}-master-0 -n "{{ __default_namespace }}" -- bash -c "curl --insecure --cert /usr/share/opensearch/config/certs/opensearch-healthcheck.crt.pem:{{ __opensearch_ca_password }} --key /usr/share/opensearch/config/certs/opensearch-healthcheck.key --cacert /usr/share/opensearch/config/certs/opensearch-http.crt.pem -X POST 'https://{{ __opensearch_cluster_name }}-master:9200/_cluster/voting_config_exclusions?node_names={{ __opensearch_cluster_name }}-master-1,{{ __opensearch_cluster_name }}-master-2'" + shell: kubectl exec {{ __opensearch_cluster_name }}-master-0 -n "{{ __default_namespace }}" -- bash -c "/usr/share/opensearch/probe/sendRequest.sh POST '/_cluster/voting_config_exclusions?node_names={{ __opensearch_cluster_name }}-master-1,{{ __opensearch_cluster_name }}-master-2'" become_user: "{{ __sudo_user }}" diff --git a/roles/hcl/component-pack-harbor/tasks/setup_orientme.yml b/roles/hcl/component-pack-harbor/tasks/setup_orientme.yml index 094a9a56..a0df2e74 100755 --- a/roles/hcl/component-pack-harbor/tasks/setup_orientme.yml +++ b/roles/hcl/component-pack-harbor/tasks/setup_orientme.yml @@ -2,6 +2,8 @@ template: src: "helmvars/orientme.yml.j2" dest: "{{ __orientme_env }}" + vars: + __setup_opensearch: "{{ __setup_opensearch|bool }}" become_user: "{{ __sudo_user }}" - name: Get chart and version diff --git a/roles/hcl/component-pack-harbor/files/cnx-ingress-values.yml b/roles/hcl/component-pack-harbor/templates/cnx-ingress-values.j2 similarity index 98% rename from roles/hcl/component-pack-harbor/files/cnx-ingress-values.yml rename to roles/hcl/component-pack-harbor/templates/cnx-ingress-values.j2 index 15088c2c..0dabe8c8 100755 --- a/roles/hcl/component-pack-harbor/files/cnx-ingress-values.yml +++ b/roles/hcl/component-pack-harbor/templates/cnx-ingress-values.j2 @@ -219,10 +219,10 @@ controller: serviceMonitor: enabled: true additionalLabels: - namespace: "connections" + namespace: "{{ __default_namespace }}" # The label to use to retrieve the job name from. # jobLabel: "app.kubernetes.io/name" - namespace: "connections" + namespace: "{{ __default_namespace }}" namespaceSelector: any: true # Default: scrape .Release.Namespace only @@ -237,7 +237,7 @@ controller: prometheusRule: enabled: true additionalLabels: - namespace: "connections" + namespace: "{{ __default_namespace }}" rules: # # These are just examples rules, please adapt them to your needs - alert: NGINXConfigFailed diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/infrastructure.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/infrastructure.yml.j2 index 922b6927..2f955e3a 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/infrastructure.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/infrastructure.yml.j2 @@ -16,6 +16,7 @@ mongodb: createSecret: false replicaCount: {{ __replica_count }} mongo5: + clusterDomain: cluster.local namespace: {{ __default_namespace }} createSecret: false replicaCount: {{ __replica_count }} diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/kudosboards.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/kudosboards.yml.j2 index 4b450591..9291b9f0 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/kudosboards.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/kudosboards.yml.j2 @@ -30,7 +30,6 @@ webfront: ingress: annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 - kubernetes.io/ingress.class: nginx path: /boards/(.*) # This hostname must match other Ingresses defined in your CP environment # If all ingresses start with * you must match the pattern, or all traffic will be routed to Boards and everything will break @@ -51,7 +50,6 @@ core: ingress: annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 - kubernetes.io/ingress.class: nginx path: /api-boards/(.*) # This hostname must match other Ingresses defined in your CP environment # If all ingresses start with * you must match the pattern, or all traffic will be routed to Boards and everything will break diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_client.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_client.yml.j2 index 8d7bdaa7..87d59abd 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_client.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_client.yml.j2 @@ -1,10 +1,22 @@ +image: + repository: {{ __docker_registry_url }} + clusterName: {{ __opensearch_cluster_name }} nodeGroup: "client" masterService: "{{ __opensearch_cluster_name }}-master" +pemkeyPass: {{ __opensearch_ca_password }} +imagePullSecrets: + - name: {{ __credentials_name }} roles: - remote_cluster_client -imageTag: "{{ __opensearch_version }}" +resources: + limits: + cpu: "2" + memory: "2048Mi" + requests: + cpu: "0.1" + memory: "1536Mi" replicas: {{ __opensearch_replica_count }} diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_data.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_data.yml.j2 index 888863ad..6a0e2031 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_data.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_data.yml.j2 @@ -1,11 +1,23 @@ +image: + repository: {{ __docker_registry_url }} + clusterName: {{ __opensearch_cluster_name }} nodeGroup: "data" masterService: "{{ __opensearch_cluster_name }}-master" +pemkeyPass: {{ __opensearch_ca_password }} +imagePullSecrets: + - name: {{ __credentials_name }} roles: - ingest - data -imageTag: "{{ __opensearch_version }}" +resources: + limits: + cpu: "2" + memory: "4096Mi" + requests: + cpu: "0.5" + memory: "3072Mi" replicas: {{ __opensearch_replica_count }} diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_master.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_master.yml.j2 index 81aeaf7b..ed78de41 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_master.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/opensearch_master.yml.j2 @@ -1,12 +1,16 @@ +image: + repository: {{ __docker_registry_url }} + clusterName: {{ __opensearch_cluster_name }} nodeGroup: "master" masterService: "{{ __opensearch_cluster_name }}-master" +pemkeyPass: {{ __opensearch_ca_password }} +imagePullSecrets: + - name: {{ __credentials_name }} roles: - master -imageTag: "{{ __opensearch_version }}" - service: labels: {} labelsHeadless: {} @@ -16,4 +20,12 @@ service: createSecret: false +resources: + limits: + cpu: "1" + memory: "1024Mi" + requests: + cpu: "0.1" + memory: "768Mi" + replicas: {{ __opensearch_replica_count }} diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/orientme.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/orientme.yml.j2 index aced9bfc..5eb0bf9d 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/orientme.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/orientme.yml.j2 @@ -54,7 +54,7 @@ orient-indexing-service: indexing: solr: false elasticsearch: {{ __setup_elasticsearch }} -{% if __setup_opensearch == "true" %} +{% if __setup_opensearch|lower == "true" %} opensearch: "true" {% else %} elasticsearch7: {{ __setup_elasticsearch7 }} @@ -64,7 +64,7 @@ orient-retrieval-service: replicaCount: {{ __replica_count }} retrieval: elasticsearch: {{ __setup_elasticsearch }} -{% if __setup_opensearch == "true" %} +{% if __setup_opensearch|lower == "true" %} opensearch: "true" {% else %} elasticsearch7: {{ __setup_elasticsearch7 }} diff --git a/roles/hcl/component-pack-harbor/templates/helmvars/outlook-addin.yml.j2 b/roles/hcl/component-pack-harbor/templates/helmvars/outlook-addin.yml.j2 index 9ec2b7bb..ff6a1868 100755 --- a/roles/hcl/component-pack-harbor/templates/helmvars/outlook-addin.yml.j2 +++ b/roles/hcl/component-pack-harbor/templates/helmvars/outlook-addin.yml.j2 @@ -4,7 +4,7 @@ env: # The path to where the addin app is being served, relative to the CONNECTIONS_URL. Do NOT start or end with `/` CONTEXT_ROOT: outlook-addin # A URL that a user can go to for support of the addin. - SUPPORT_URL: https://help.hcltechsw.com/connections/v7/connectors/enduser/c_ms_plugins_add_in_outlook.html + SUPPORT_URL: https://opensource.hcltechsw.com/connections-doc/connectors/enduser/c_ms_plugins_add_in_outlook.html # Client ID (aka. app ID) used when registering oauth app in Connections CONNECTIONS_CLIENT_ID: {% if cnx_setup_mt is defined | default(false) and cnx_setup_mt|bool %} connections_social_mobile {% else %} connections-outlook-desktop {% endif %} # Client secret generated by Connections when registering oauth app diff --git a/roles/hcl/component-pack-harbor/vars/main.yml b/roles/hcl/component-pack-harbor/vars/main.yml index 7674aaa8..8d39d2f5 100755 --- a/roles/hcl/component-pack-harbor/vars/main.yml +++ b/roles/hcl/component-pack-harbor/vars/main.yml @@ -1,4 +1,6 @@ --- +__kubernetes_version: "{{ kubernetes_version | default('1.25.1') }}" +__python_path: "{{ python_path | default('/usr/bin/python3') }}" __ansible_cache: "/tmp/k8s_ansible" __sudo_user: "{{ kubectl_user | default( ansible_env['SUDO_USER'] ) }}" __ansible_cache_charts: "/home/{{ __sudo_user }}/generated_charts" @@ -85,6 +87,7 @@ __skip_configure_redis: "{{ skip_configure_redis | default( __nfsMasterAddress: "{{ nfsMasterAddress | default( hostvars[groups['nfs_servers'][0]]['ansible_default_ipv4']['address'] ) }}" __persistentVolumePath: "{{ persistentVolumePath | default('pv-connections') }}" +__customizer_js_files_mount: "/{{ __persistentVolumePath }}/customizations" __customizer_huddo_extension: "{{ __persistentVolumePath }}/customizations/boards-extensions" __connections_volumes: "{{ __ansible_cache_charts }}/connections-volumes.yml" @@ -97,7 +100,6 @@ __infrastructure_env: "{{ __ansible_cache_charts }}/infra __customizer_env: "{{ __ansible_cache_charts }}/customizer.yml" __customizer_js_files: "{{ __support_folder }}/customizer" __customizer_js_files_dest: "{{ __nfsMasterAddress }}:/{{ __persistentVolumePath }}/customizations" -__customizer_js_files_mount: "/mnt/customizations" __customizer_helloworld_js_files: "files/helloWorld.user.js" __customizer_helloworld_js_dest: "{{ __customizer_js_files_mount }}/helloWorld/" __customizer_share_msteams_js_files: "files/connections-teams-share-extension-8.0.js" @@ -173,7 +175,6 @@ __outlook_tenant: "{{ outlook_tenant | default(' ') } __outlook_mt_auth_url: "{{ outlook_mt_auth_url | default('') }}" __setup_opensearch: "{{ setup_opensearch | default(true) |lower }}" -__opensearch_version: "{{ opensearch_version | default('1.3.0') }}" __opensearch_master_env: "{{ __ansible_cache_charts }}/opensearch_master.yml" __opensearch_data_env: "{{ __ansible_cache_charts }}/opensearch_data.yml" __opensearch_client_env: "{{ __ansible_cache_charts }}/opensearch_client.yml" diff --git a/roles/hcl/component-pack/templates/helmvars/outlook-addin.yml.j2 b/roles/hcl/component-pack/templates/helmvars/outlook-addin.yml.j2 old mode 100644 new mode 100755 index a8990f83..13f26a0d --- a/roles/hcl/component-pack/templates/helmvars/outlook-addin.yml.j2 +++ b/roles/hcl/component-pack/templates/helmvars/outlook-addin.yml.j2 @@ -4,7 +4,7 @@ env: # The path to where the addin app is being served, relative to the CONNECTIONS_URL. Do NOT start or end with `/` CONTEXT_ROOT: outlook-addin # A URL that a user can go to for support of the addin. - SUPPORT_URL: https://help.hcltechsw.com/connections/v7/connectors/enduser/c_ms_plugins_add_in_outlook.html + SUPPORT_URL: https://opensource.hcltechsw.com/connections-doc/connectors/enduser/c_ms_plugins_add_in_outlook.html # Client ID (aka. app ID) used when registering oauth app in Connections CONNECTIONS_CLIENT_ID: {% if cnx_setup_mt is defined | default(false) and cnx_setup_mt|bool %} connections_social_mobile {% else %} connections-outlook-desktop {% endif %} # Client secret generated by Connections when registering oauth app diff --git a/roles/hcl/connections-wizards/tasks/setup_connections_docs_oracle.yml b/roles/hcl/connections-wizards/tasks/setup_connections_docs_oracle.yml old mode 100644 new mode 100755 index f5c343fe..a5a56ea6 --- a/roles/hcl/connections-wizards/tasks/setup_connections_docs_oracle.yml +++ b/roles/hcl/connections-wizards/tasks/setup_connections_docs_oracle.yml @@ -38,7 +38,7 @@ apply: ignore_errors: yes vars: - db_command: "cd {{ __docs_installation_folder }}/oracle sh {{ item }}" + db_command: "cd {{ __docs_installation_folder }}/oracle; sh {{ item }}" with_items: - "dropDb.sh" when: @@ -54,7 +54,7 @@ include_tasks: ../../../third_party/oracle-install/tasks/run_db_command.yml register: all_creation_result vars: - db_command: "cd {{ __docs_installation_folder }}/oracle echo {{ __dbw_oracle_password }} | cd {{ __docs_installation_folder }}/oracle sh {{ item }} {{ __dbw_oracle_password }}" + db_command: "cd {{ __docs_installation_folder }}/oracle; echo {{ __dbw_oracle_password }} | sh {{ item }}" with_items: - "createDb.sh" - "updateDBSchema.sh" diff --git a/roles/hcl/connections-wizards/tasks/setup_connections_wizards.yml b/roles/hcl/connections-wizards/tasks/setup_connections_wizards.yml old mode 100644 new mode 100755 index 32db88d7..21a4f250 --- a/roles/hcl/connections-wizards/tasks/setup_connections_wizards.yml +++ b/roles/hcl/connections-wizards/tasks/setup_connections_wizards.yml @@ -265,3 +265,11 @@ when: - sharepoint_migration_result is not skipped - not sharepoint_migrations_already_done.stat.exists + +- name: Clean up installation folder(s) + file: + path: "{{ __db_extraction_folder }}" + state: absent + when: + - (not migrations_already_done.stat.exists) or (__cnx_force_repopulation |bool ) + diff --git a/roles/third_party/containerd-install/vars/main.yml b/roles/third_party/containerd-install/vars/main.yml old mode 100644 new mode 100755 index 253d4793..96b15b80 --- a/roles/third_party/containerd-install/vars/main.yml +++ b/roles/third_party/containerd-install/vars/main.yml @@ -1,5 +1,5 @@ --- -__containerd_default_version: "1.4.12-3.1.el{{ ansible_distribution_major_version }}" +__containerd_default_version: "1.6.9-3.1.el{{ ansible_distribution_major_version }}" __containerd_version: "{{ containerd_version | default( __containerd_default_version ) }}" __modules_containerd_conf_template: "containerd.conf.j2" diff --git a/roles/third_party/haproxy-install/vars/main.yml b/roles/third_party/haproxy-install/vars/main.yml old mode 100644 new mode 100755 index d424a1c3..1c546134 --- a/roles/third_party/haproxy-install/vars/main.yml +++ b/roles/third_party/haproxy-install/vars/main.yml @@ -1,6 +1,6 @@ --- -__haproxy_version: "{{ haproxy_version | default('2.5.1') }}" -__haproxy_major_version: "{{ haproxy_major_version | default('2.5') }}" +__haproxy_version: "{{ haproxy_version | default('2.6.6') }}" +__haproxy_major_version: "{{ haproxy_major_version | default('2.6') }}" __haproxy_url: "http://www.haproxy.org/download/{{ __haproxy_major_version }}/src/haproxy-{{ __haproxy_version }}.tar.gz" __haproxy_download_dir: "/tmp/haproxy-{{ __haproxy_version }}" diff --git a/roles/third_party/helm-install/vars/main.yml b/roles/third_party/helm-install/vars/main.yml old mode 100644 new mode 100755 index d6388184..f24e08a8 --- a/roles/third_party/helm-install/vars/main.yml +++ b/roles/third_party/helm-install/vars/main.yml @@ -1,4 +1,4 @@ --- -__helm_version: "{{ helm_version | default('3.7.2') }}" +__helm_version: "{{ helm_version | default('3.10.2') }}" __helm_url: "https://get.helm.sh/helm-v{{ __helm_version }}-linux-amd64.tar.gz" __helm_install_dir: "{{ helm_install_dir | default('/opt/helm') }}" diff --git a/roles/third_party/ibm/ihs/ibm-http-server-fix-install/tasks/define_vars.yml b/roles/third_party/ibm/ihs/ibm-http-server-fix-install/tasks/define_vars.yml old mode 100644 new mode 100755 index 2ed0e804..6cde8e82 --- a/roles/third_party/ibm/ihs/ibm-http-server-fix-install/tasks/define_vars.yml +++ b/roles/third_party/ibm/ihs/ibm-http-server-fix-install/tasks/define_vars.yml @@ -1,4 +1,11 @@ --- +- name: Use Fix Pack 22? + set_fact: + __ihs_fp_files: "{{ __ihs_fp_files_fp22 }}" + __ihs_version_check: "Updated to com.ibm.websphere.IHS.v85_{{ __ihs_version }}" + __ihs_version_id: "\"id='com.ibm.websphere.IHS.v85' version='{{ __ihs_version }}'\"" + when: ( __ihs_version == __ihs_fp_version_fp22 ) + - name: Use Fix Pack 21? set_fact: __ihs_fp_files: "{{ __ihs_fp_files_fp21 }}" diff --git a/roles/third_party/ibm/ihs/ibm-http-server-fix-install/vars/main.yml b/roles/third_party/ibm/ihs/ibm-http-server-fix-install/vars/main.yml old mode 100644 new mode 100755 index 713e3862..748f58a3 --- a/roles/third_party/ibm/ihs/ibm-http-server-fix-install/vars/main.yml +++ b/roles/third_party/ibm/ihs/ibm-http-server-fix-install/vars/main.yml @@ -13,8 +13,14 @@ __rsp_file: "{{ __logs_dir }}/ihs_plg_wct_fixes.rsp" __log_file: "{{ __logs_dir }}/ihs_fixes_install.{{ __now }}.log" __tpl_file: "ihs_plg_wct_fixes.rsp.j2" -__ihs_fp_version_latest: "{{ ihs_fp_version_latest | default( __ihs_fp_version_fp21 ) }}" -__ihs_fp_files_latest: "{{ ihs_fp_files_latest | default( __ihs_fp_files_fp21 ) }}" +__ihs_fp_version_latest: "{{ ihs_fp_version_latest | default( __ihs_fp_version_fp22 ) }}" +__ihs_fp_files_latest: "{{ ihs_fp_files_latest | default( __ihs_fp_files_fp22 ) }}" + +__ihs_fp_version_fp22: "8.5.5022.20220703_1123" +__ihs_fp_files_fp22: + - { file_name: 8.5.5-WS-WASSupplements-FP022-part1.zip } + - { file_name: 8.5.5-WS-WASSupplements-FP022-part2.zip } + - { file_name: 8.5.5-WS-WASSupplements-FP022-part3.zip } __ihs_fp_version_fp21: "8.5.5021.20220202_1245" __ihs_fp_files_fp21: @@ -54,16 +60,13 @@ __ihs_version_id: "\"id='com.ibm.websphere.IHS.v85' version='{{ __ihs_ve ### WCT __wct_version: "{{ wct_version | default( __wct_fp_version_latest ) }}" __wct_fp_files: "{{ wct_fp_files | default( __wct_fp_files_latest ) }}" -__wct_fp_version_latest: "{{ wct_fp_version_latest | default( __wct_fp_version_fp21 ) }}" -__wct_fp_files_latest: "{{ wct_fp_files_latest | default( __wct_fp_files_fp21 ) }}" - -__wct_fp_version_fp21: "8.5.5021.20220202_1245" -__wct_fp_files_fp21: - - { file_name: 8.5.5-WS-WCT-FP021-part1.zip } - - { file_name: 8.5.5-WS-WCT-FP021-part2.zip } +__wct_fp_version_latest: "{{ wct_fp_version_latest | default( __wct_fp_version_fp22 ) }}" +__wct_fp_files_latest: "{{ wct_fp_files_latest | default( __wct_fp_files_fp22 ) }}" -__wct_fp_files_fp12: - - { file_name: 9.0.5-WS-WCT-FP011.zip } +__wct_fp_version_fp22: "8.5.5022.20220703_1123" +__wct_fp_files_fp22: + - { file_name: 8.5.5-WS-WCT-FP022-part1.zip } + - { file_name: 8.5.5-WS-WCT-FP022-part2.zip } __iim_product_id: "\"id='com.ibm.cic.agent\"" __ihs_product_id: "\"id='com.ibm.websphere.IHS.v85'\"" diff --git a/roles/third_party/ibm/tdi-install/tasks/tdisol_install.yml b/roles/third_party/ibm/tdi-install/tasks/tdisol_install.yml old mode 100644 new mode 100755 index 10a6c9eb..414a1de6 --- a/roles/third_party/ibm/tdi-install/tasks/tdisol_install.yml +++ b/roles/third_party/ibm/tdi-install/tasks/tdisol_install.yml @@ -157,3 +157,8 @@ command: "sh {{ __tdi_sol_dest }}/TDI/populate_from_dn_file.sh" register: populatefromdnfile failed_when: populatefromdnfile.rc != 0 + +- name: "Cleanup Binaries directory" + file: + state: absent + path: "{{ __cnx_extraction_folder }}" diff --git a/roles/third_party/ibm/tdi-install/vars/main.yml b/roles/third_party/ibm/tdi-install/vars/main.yml old mode 100644 new mode 100755 index 15ae5936..3ac5f481 --- a/roles/third_party/ibm/tdi-install/vars/main.yml +++ b/roles/third_party/ibm/tdi-install/vars/main.yml @@ -9,7 +9,7 @@ __download_location: "{{ tdi_download_location | default('http://c7lb __oracle_download_location: "{{ oracle_download_location | default('http://c7lb1.cnx.cwp.pnp-hcl.com:8001/Oracle') }}" __package_name: "{{ tdi_package_name | default('SDI_7.2_XLIN86_64_ML.tar') }}" __jre_package_version: "{{ jre_package_version | default('ibm-java-x86_64-80') }}" -__jre_package_name: "{{ jre_package_name | default('ibm-java-jre-8.0-5.30-linux-x86_64.tgz') }}" +__jre_package_name: "{{ jre_package_name | default('ibm-java-jre-8.0-6.25-linux-x86_64.tgz') }}" __java_policy_file_path: "{{ __tdi_user_install_dir }}/jvm/jre/lib/security/java.policy" __upgrade_package_name: "{{ tdi_upgrade_package_name | default('7.2.0-ISS-SDI-FP0006.zip') }}" __upgrade_package_bin: "{{ tdi_upgrade_package_bin | default('SDI-7.2-FP0006.zip') }}" diff --git a/roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop/tasks/main.yml b/roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop/tasks/main.yml old mode 100644 new mode 100755 index d597c003..588e26e7 --- a/roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop/tasks/main.yml +++ b/roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop/tasks/main.yml @@ -35,4 +35,4 @@ file: path: "{{ __bin_dir }}/sec_prop_{{ __sec_custom_prop }}.success" state: touch - + when: cout is changed diff --git a/roles/third_party/ibm/wasnd/was-java-install/vars/main.yml b/roles/third_party/ibm/wasnd/was-java-install/vars/main.yml old mode 100644 new mode 100755 index 1a22491e..1f719e1f --- a/roles/third_party/ibm/wasnd/was-java-install/vars/main.yml +++ b/roles/third_party/ibm/wasnd/was-java-install/vars/main.yml @@ -29,7 +29,8 @@ __iim_keep_fetched_files: "{{ iim_keep_fetched_files | default(false) }}" __iim_preserve_artifacts: "{{ iim_preserve_artifacts | default(false) }}" __was_fixes_version: "{{ was_fp_version | default( __was_fp_version_latest ) }}" -__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp21 ) }}" +__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp22 ) }}" __was_fp_version_fp20: "8.5.5020.20210708_1826" __was_fp_version_fp19: "8.5.5019.20210118_0346" __was_fp_version_fp21: "8.5.5021.20220202_1245" +__was_fp_version_fp22: "8.5.5022.20220703_1123" diff --git a/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/define_vars.yml b/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/define_vars.yml old mode 100644 new mode 100755 index a2d8f2ee..285dc26d --- a/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/define_vars.yml +++ b/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/define_vars.yml @@ -1,4 +1,11 @@ --- +- name: Use Fix Pack 8.5.5.22? + set_fact: + __was_fixes_files: "{{ __was_fp_files_fp22 }}" + __was_fp_version_check: "Updated to com.ibm.websphere.ND.v85_{{ __was_fixes_version }}" + __was_fp_id: "\"id='com.ibm.websphere.ND.v85' version='{{ __was_fixes_version }}'\"" + when: ( __was_fixes_version == __was_fp_version_fp22 ) + - name: Use Fix Pack 8.5.5.21? set_fact: __was_fixes_files: "{{ __was_fp_files_fp21 }}" @@ -46,7 +53,6 @@ command: "egrep {{ __was_fp_id }} /var/ibm/InstallationManager/installed.xml" register: version_already_installed ignore_errors: true - - name: WebSphere Application Server version needs Log4j fix? set_fact: __was_version_needs_log4j_fix: True @@ -66,3 +72,23 @@ - debug: msg: "Log4j fix is already installed" when: log4j_fix_already_installed.rc == 0 + +- name: WebSphere Application Server version needs PH49497 To Fix Retrieve Signers? + set_fact: + __was_version_needs_PH49497_fix: True + when: "__was_fixes_version is version_compare(__was_fp_version_fp22, '=')" + +- debug: var=__was_version_needs_PH49497_fix + +- name: Is PH49497 fix already Installed? + command: "egrep {{ __was_PH49497_fix_id }} /var/ibm/InstallationManager/installed.xml" + register: PH49497_fix_already_installed + ignore_errors: true + +- debug: + msg: "PH49497 fix not installed" + when: PH49497_fix_already_installed.rc != 0 + +- debug: + msg: "PH49497 fix is already installed" + when: PH49497_fix_already_installed.rc == 0 diff --git a/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/main.yml b/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/main.yml old mode 100644 new mode 100755 index c6ab0972..b6298c08 --- a/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/main.yml +++ b/roles/third_party/ibm/wasnd/was-nd-fix-install/tasks/main.yml @@ -23,3 +23,16 @@ - __was_major_version is version('8', '=') - __was_version_needs_log4j_fix is defined - log4j_fix_already_installed.rc != 0 + +- name: Install WebSphere Application Server - PH49497 Fix + include_tasks: install_was_fixes.yml + vars: + __was_fixes_version: "{{ __was_fp_version_PH49497 }}" + __was_fp_id: "{{ __was_PH49497_fix_id }}" + __was_fixes_files: "{{ __was_fp_files_PH49497 }}" + __was_fp_id_prefix: "{{ __was_PH49497_fix_prefix }}" + version_already_installed: "{{ PH49497_fix_already_installed }}" + when: + - __was_major_version is version('8', '=') + - __was_version_needs_PH49497_fix is defined + - PH49497_fix_already_installed.rc != 0 diff --git a/roles/third_party/ibm/wasnd/was-nd-fix-install/vars/main.yml b/roles/third_party/ibm/wasnd/was-nd-fix-install/vars/main.yml old mode 100644 new mode 100755 index 4e92414f..1fffb9bb --- a/roles/third_party/ibm/wasnd/was-nd-fix-install/vars/main.yml +++ b/roles/third_party/ibm/wasnd/was-nd-fix-install/vars/main.yml @@ -10,13 +10,23 @@ __rsp_file: "{{ __logs_dir }}/was_nd_fixes.rsp" __log_file: "{{ __logs_dir }}/was_nd_fixes_install.{{ __now }}.log" __tpl_file: "was_nd_fixes.rsp.j2" -__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp21 ) }}" -__was_fp_files_latest: "{{ was_fp_files_latest | default( __was_fp_files_fp21 ) }}" +__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp22 ) }}" +__was_fp_files_latest: "{{ was_fp_files_latest | default( __was_fp_files_fp22 ) }}" __was_fp_version_log4j: "8.5.5011.20211215_1027" __was_fp_files_log4j: - { file_name: 8.5.5.11-ws-wasprod-ifph42762.zip } +__was_fp_version_PH49497: "8.5.5022.20220916_1309" +__was_fp_files_PH49497: + - { file_name: 8.5.5.22-WS-WAS-IFPH49497.zip } + +__was_fp_version_fp22: "8.5.5022.20220703_1123" +__was_fp_files_fp22: + - { file_name: 8.5.5-WS-WAS-FP022-part1.zip } + - { file_name: 8.5.5-WS-WAS-FP022-part2.zip } + - { file_name: 8.5.5-WS-WAS-FP022-part3.zip } + __was_fp_version_fp21: "8.5.5021.20220202_1245" __was_fp_files_fp21: - { file_name: 8.5.5-WS-WAS-FP021-part1.zip } @@ -52,9 +62,11 @@ __was_fixes_files: "{{ was_fp_files | default( __was_fp_files_latest ) } __was_fp_version_check: "Updated to {{ __was_product_id_prefix }}_{{ __was_fixes_version }}" __was_fp_id: "\"id='{{ __was_product_id_prefix }}' version='{{ __was_fixes_version }}'\"" __was_log4j_fix_id: "\"id='{{ __was_log4j_fix_prefix }}' version='{{ __was_fp_version_log4j }}'\"" +__was_PH49497_fix_id: "\"id='{{ __was_PH49497_fix_prefix }}' version='{{ __was_fp_version_PH49497 }}'\"" __was_product_id_prefix: "com.ibm.websphere.ND.v85" __was_log4j_fix_prefix: "8.5.5.11-WS-WASProd-IFPH42762" +__was_PH49497_fix_prefix: "8.5.5.22-WS-WAS-IFPH49497" __was_fp_id_prefix: "{{ was_fp_id_prefix | default( __was_product_id_prefix ) }}" __iim_product_id: "\"id='com.ibm.cic.agent\"" diff --git a/roles/third_party/ibm/wasnd/was-profile-create/tasks/main.yml b/roles/third_party/ibm/wasnd/was-profile-create/tasks/main.yml old mode 100644 new mode 100755 index 09438783..22d842a9 --- a/roles/third_party/ibm/wasnd/was-profile-create/tasks/main.yml +++ b/roles/third_party/ibm/wasnd/was-profile-create/tasks/main.yml @@ -19,15 +19,15 @@ dest: "{{ __rsp_file }}" when: - not profile_already_exists.stat.exists - - not ( __was_fixes_version == __was_fp_version_fp21 ) + - not ( __was_fixes_version == __was_fp_version_fp22 ) -- name: "Generate Response file {{ __rsp_file }} for FP21" +- name: "Generate Response file {{ __rsp_file }} for FP22" template: src: "{{ __tpl_file_no_inline_federation }}" dest: "{{ __rsp_file }}" when: - not profile_already_exists.stat.exists - - ( __was_fixes_version == __was_fp_version_fp21 ) + - ( __was_fixes_version == __was_fp_version_fp22 ) - name: "Create Was Profile" command: "{{ __was_install_location }}/bin/manageprofiles.sh -response {{ __rsp_file }}" @@ -40,7 +40,7 @@ command: "{{ __was_install_location }}/bin/addNode.sh {{ dmgr_hostname }} {{ __dmgr_soap_port }} -profileName {{ __profile_name }} -username {{ __was_username }} -password {{ __was_password }}" when: - not profile_already_exists.stat.exists - - ( __was_fixes_version == __was_fp_version_fp21 ) + - ( __was_fixes_version == __was_fp_version_fp22 ) - name: "Change SOAP request timeout in {{ __was_install_location }}/profiles/{{ __profile_name }}/properties/soap.client.props" replace: @@ -49,3 +49,11 @@ replace: "com.ibm.SOAP.requestTimeout={{ __was_soap_timeout }}" backup: yes ignore_errors: true + +- name: "Change to use jython V21 in {{ __was_install_location }}/profiles/{{ __profile_name }}/properties/wsadmin.properties for WAS9" + replace: + path: "{{ __was_install_location }}/profiles/{{ __profile_name }}/properties/wsadmin.properties" + regexp: "^(?!#)com.ibm.ws.scripting.usejython21=(.*)$" + replace: "com.ibm.ws.scripting.usejython21=true" + backup: yes + when: __was_major_version is version('9', '=') diff --git a/roles/third_party/ibm/wasnd/was-profile-create/vars/main.yml b/roles/third_party/ibm/wasnd/was-profile-create/vars/main.yml old mode 100644 new mode 100755 index e5ca2dd3..e2a2b4ec --- a/roles/third_party/ibm/wasnd/was-profile-create/vars/main.yml +++ b/roles/third_party/ibm/wasnd/was-profile-create/vars/main.yml @@ -18,5 +18,6 @@ __was_soap_timeout: "{{ was_soap_timeout | default('600') }}" __tpl_file_no_inline_federation: "was_profile_node_no_inline_federation.rsp.j2" __was_fp_version_fp20: "8.5.5020.20210708_1826" __was_fp_version_fp21: "8.5.5021.20220202_1245" -__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp21 ) }}" +__was_fp_version_fp22: "8.5.5022.20220703_1123" +__was_fp_version_latest: "{{ was_fp_version_latest | default( __was_fp_version_fp22 ) }}" __was_fixes_version: "{{ was_fp_version | default( __was_fp_version_latest ) }}" diff --git a/roles/third_party/kubernetes/install-network-addons/tasks/install_addons.yml b/roles/third_party/kubernetes/install-network-addons/tasks/install_addons.yml old mode 100644 new mode 100755 index 66ed69cc..837afd7f --- a/roles/third_party/kubernetes/install-network-addons/tasks/install_addons.yml +++ b/roles/third_party/kubernetes/install-network-addons/tasks/install_addons.yml @@ -1,19 +1,19 @@ - name: Install the Pod network add on as per documentation - command: kubectl apply -f https://docs.projectcalico.org/v{{ __calico_version }}/manifests/rbac/rbac-kdd-calico.yaml + command: kubectl apply -f https://projectcalico.docs.tigera.io/archive/v{{ __calico_version }}/manifests/rbac/rbac-kdd-calico.yaml when: - inventory_hostname == groups['k8s_masters'][0] - not __calico_install_latest |bool become: false - name: Install the Pod network add on as per documentation - Calico - command: kubectl apply -f https://docs.projectcalico.org/v{{ __calico_version }}/manifests/calico.yaml + command: kubectl apply -f https://projectcalico.docs.tigera.io/archive/v{{ __calico_version }}/manifests/calico.yaml when: - inventory_hostname == groups['k8s_masters'][0] - not __calico_install_latest |bool become: false - name: Install/Upgrade Calico to the latest & greatest - command: kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml + command: kubectl apply -f https://projectcalico.docs.tigera.io/manifests/calico.yaml when: - inventory_hostname == groups['k8s_masters'][0] - __calico_install_latest |bool diff --git a/roles/third_party/kubernetes/install-network-addons/vars/main.yml b/roles/third_party/kubernetes/install-network-addons/vars/main.yml old mode 100644 new mode 100755 index 551c0af2..2233af49 --- a/roles/third_party/kubernetes/install-network-addons/vars/main.yml +++ b/roles/third_party/kubernetes/install-network-addons/vars/main.yml @@ -1,3 +1,3 @@ --- -__calico_version: "{{ calico_version | default('3.21') }}" +__calico_version: "{{ calico_version | default('3.23') }}" __calico_install_latest: "{{ calico_install_latest | default(false) }}" diff --git a/roles/third_party/kubernetes/join-master-nodes/vars/main.yml b/roles/third_party/kubernetes/join-master-nodes/vars/main.yml old mode 100644 new mode 100755 index cb15697d..14b7dd01 --- a/roles/third_party/kubernetes/join-master-nodes/vars/main.yml +++ b/roles/third_party/kubernetes/join-master-nodes/vars/main.yml @@ -3,7 +3,7 @@ __ansible_cache: "/tmp/k8s_ansible" __etcd_second_node_clustering_success_file: "{{ __ansible_cache }}/etcd.second.node.clustering.success" __etcd_third_node_clustering_success_file: "{{ __ansible_cache }}/etcd.third.node.clustering.success" -__kubernetes_version: "{{ kubernetes_version | default('1.24.1') }}" +__kubernetes_version: "{{ kubernetes_version | default('1.25.1') }}" __join_command_template: "join.command.j2" __join_command_location: "{{ __ansible_cache }}/.join-command-control-plane" diff --git a/roles/third_party/kubernetes/kubernetes-install/templates/kubernetes.zypp.repo.j2 b/roles/third_party/kubernetes/kubernetes-install/templates/kubernetes.zypp.repo.j2 deleted file mode 100644 index 92ff4a9c..00000000 --- a/roles/third_party/kubernetes/kubernetes-install/templates/kubernetes.zypp.repo.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[kubernetes] -name=Kubernetes -baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch -enabled=1 -gpgcheck=1 -repo_gpgcheck=0 -gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg -exclude=kubelet kubeadm kubectl diff --git a/roles/third_party/kubernetes/kubernetes-install/vars/main.yml b/roles/third_party/kubernetes/kubernetes-install/vars/main.yml old mode 100644 new mode 100755 index d4d9ba30..123dd753 --- a/roles/third_party/kubernetes/kubernetes-install/vars/main.yml +++ b/roles/third_party/kubernetes/kubernetes-install/vars/main.yml @@ -1,5 +1,5 @@ --- -__kubernetes_version: "{{ kubernetes_version | default('1.24.1') }}" +__kubernetes_version: "{{ kubernetes_version | default('1.25.1') }}" __ansible_cache: "/tmp/k8s_ansible" diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/tasks/upgrade_cluster.yml b/roles/third_party/kubernetes/kubernetes-upgrade/tasks/upgrade_cluster.yml old mode 100644 new mode 100755 index 8916988f..773a0c68 --- a/roles/third_party/kubernetes/kubernetes-upgrade/tasks/upgrade_cluster.yml +++ b/roles/third_party/kubernetes/kubernetes-upgrade/tasks/upgrade_cluster.yml @@ -8,8 +8,21 @@ template: src: "{{ __kubeadm_config_template }}" dest: "{{ __kubeadm_config_location }}" + register: kubeadm_config_template_exists + ignore_errors: true when: inventory_hostname == groups['k8s_masters'][0] +- name: Use default kubeadm_config_template if specified kubernetes kubeadm_config_template does not exist + set_fact: + __kubeadm_config_template: "kubeadm.config.default.j2" + when: inventory_hostname == groups['k8s_masters'][0] and kubeadm_config_template_exists.failed + +- name: Use default master config initialization file + template: + src: "{{ __kubeadm_config_template }}" + dest: "{{ __kubeadm_config_location }}" + when: inventory_hostname == groups['k8s_masters'][0] and kubeadm_config_template_exists.failed + - name: Wait for the cluster to become healthy due to the latest restart pause: seconds: 30 diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.10.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.10.j2 deleted file mode 100644 index 4044b73a..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.10.j2 +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha2 -kind: MasterConfiguration -{% if enable_pod_security is defined %} -apiServerExtraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -kubernetesVersion: v{{ __kubernetes_version }} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} -apiServerCertSANs: -- "{{ __load_balancer_dns }}" -api: - controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.9.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.9.j2 deleted file mode 100644 index 4044b73a..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.11.9.j2 +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha2 -kind: MasterConfiguration -{% if enable_pod_security is defined %} -apiServerExtraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -kubernetesVersion: v{{ __kubernetes_version }} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} -apiServerCertSANs: -- "{{ __load_balancer_dns }}" -api: - controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.12.10.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.12.10.j2 deleted file mode 100644 index 0e389794..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.12.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.13.12.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.13.12.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.13.12.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.14.10.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.14.10.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.14.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.15.11.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.15.11.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.15.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.16.8.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.16.8.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.16.8.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.11.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.11.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.17.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.17.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.17.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.2.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.4.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.5.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.5.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.5.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.7.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.7.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.7.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.9.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.9.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.17.9.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.0.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.1.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.1.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.1.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.10.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.10.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.12.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.12.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.12.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.16.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.16.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.16.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.17.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.17.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.17.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.2.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.4.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.8.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.8.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.18.8.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.0.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.11.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.11.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.16.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.16.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.16.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.4.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.9.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.9.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.19.9.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.0.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.1.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.1.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.1.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.15.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.15.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.15.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.2.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.7.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.7.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.20.7.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.1.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.1.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.1.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.7.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.7.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.21.7.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.22.8.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.22.8.j2 deleted file mode 100755 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.22.8.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.1.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.25.1.j2 old mode 100644 new mode 100755 similarity index 95% rename from roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.1.j2 rename to roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.25.1.j2 index ce74f885..25051d9d --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.1.j2 +++ b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.1.25.1.j2 @@ -2,10 +2,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -43,10 +39,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: InitConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.2.j2 b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.default.j2 old mode 100644 new mode 100755 similarity index 95% rename from roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.2.j2 rename to roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.default.j2 index ce74f885..25051d9d --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.2.j2 +++ b/roles/third_party/kubernetes/kubernetes-upgrade/templates/kubeadm.config.default.j2 @@ -2,10 +2,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -43,10 +39,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: InitConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" diff --git a/roles/third_party/kubernetes/kubernetes-upgrade/vars/main.yml b/roles/third_party/kubernetes/kubernetes-upgrade/vars/main.yml old mode 100644 new mode 100755 index 20f18612..0c554d03 --- a/roles/third_party/kubernetes/kubernetes-upgrade/vars/main.yml +++ b/roles/third_party/kubernetes/kubernetes-upgrade/vars/main.yml @@ -1,5 +1,5 @@ --- -__kubernetes_version: "{{ upgrade_version | default('1.24.1') }}" +__kubernetes_version: "{{ upgrade_version | default('1.25.1') }}" __ansible_cache: "/tmp/k8s_ansible" diff --git a/roles/third_party/kubernetes/setup-master-node/tasks/render_config_file.yml b/roles/third_party/kubernetes/setup-master-node/tasks/render_config_file.yml old mode 100644 new mode 100755 index c27277eb..7a7f57c7 --- a/roles/third_party/kubernetes/setup-master-node/tasks/render_config_file.yml +++ b/roles/third_party/kubernetes/setup-master-node/tasks/render_config_file.yml @@ -12,4 +12,17 @@ template: src: "{{ __kubeadm_config_template }}" dest: "{{ __kubeadm_config_location }}" -# when: inventory_hostname == groups['k8s_masters'][0] + register: kubeadm_config_template_exists + ignore_errors: true + when: inventory_hostname == groups['k8s_masters'][0] + +- name: Use default kubeadm_config_template if specified kubernetes kubeadm_config_template does not exist + set_fact: + __kubeadm_config_template: "kubeadm.config.default.j2" + when: inventory_hostname == groups['k8s_masters'][0] and kubeadm_config_template_exists.failed + +- name: Use default master config initialization file + template: + src: "{{ __kubeadm_config_template }}" + dest: "{{ __kubeadm_config_location }}" + when: inventory_hostname == groups['k8s_masters'][0] and kubeadm_config_template_exists.failed diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.10.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.10.j2 deleted file mode 100644 index 4044b73a..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.10.j2 +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha2 -kind: MasterConfiguration -{% if enable_pod_security is defined %} -apiServerExtraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -kubernetesVersion: v{{ __kubernetes_version }} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} -apiServerCertSANs: -- "{{ __load_balancer_dns }}" -api: - controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.9.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.9.j2 deleted file mode 100644 index 4044b73a..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.11.9.j2 +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha2 -kind: MasterConfiguration -{% if enable_pod_security is defined %} -apiServerExtraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -kubernetesVersion: v{{ __kubernetes_version }} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} -apiServerCertSANs: -- "{{ __load_balancer_dns }}" -api: - controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.12.10.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.12.10.j2 deleted file mode 100644 index 0e389794..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.12.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1alpha3 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.13.12.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.13.12.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.13.12.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.14.10.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.14.10.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.14.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.15.11.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.15.11.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.15.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.16.8.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.16.8.j2 deleted file mode 100644 index 7e504d4f..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.16.8.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta1 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta1 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.11.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.11.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.2.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.4.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.5.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.5.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.5.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.7.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.7.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.7.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.9.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.9.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.17.9.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.0.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.1.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.1.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.1.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.10.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.10.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.10.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.12.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.12.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.12.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.16.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.16.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.16.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.17.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.17.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.17.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.18.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.18.j2 deleted file mode 100644 index 1751f680..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.18.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if single_node_installation is not defined %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if single_node_installation is not defined %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.19.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.19.j2 deleted file mode 100644 index 1751f680..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.19.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if single_node_installation is not defined %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if single_node_installation is not defined %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.2.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.4.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.8.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.8.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.18.8.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.0.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.11.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.11.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.11.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.4.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.4.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.4.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.9.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.9.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.19.9.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.0.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.0.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.0.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.1.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.1.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.1.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.13.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.13.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.13.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.2.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.2.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.2.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.7.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.7.j2 deleted file mode 100644 index 661b6ed2..00000000 --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.20.7.j2 +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: kubeadm.k8s.io/v1beta2 -kind: ClusterConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} ---- -apiVersion: kubeadm.k8s.io/v1beta2 -kind: InitConfiguration -kubernetesVersion: v{{ __kubernetes_version }} -apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} -{% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} - certSANS: - - "{{ __load_balancer_dns }}" -controlPlaneEndpoint: "{{ __load_balancer_dns }}:6443" -etcd: - local: - extraArgs: - listen-client-urls: "https://127.0.0.1:2379,https://{{ ansible_default_ipv4.address }}:2379" - advertise-client-urls: "https://{{ ansible_default_ipv4.address }}:2379" - listen-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" - initial-advertise-peer-urls: "https://{{ ansible_default_ipv4.address }}:2380" -{% if inventory_hostname == hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][1]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380" -{% elif inventory_hostname == hostvars[groups['k8s_masters'][2]]['inventory_hostname'] %} - initial-cluster: "{{ hostvars[groups['k8s_masters'][0]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][0]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][1]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][1]]['ansible_default_ipv4']['address'] }}:2380,{{ hostvars[groups['k8s_masters'][2]]['inventory_hostname'] }}=https://{{ hostvars[groups['k8s_masters'][2]]['ansible_default_ipv4']['address'] }}:2380" -{% endif %} -{% if inventory_hostname != hostvars[groups['k8s_masters'][0]]['inventory_hostname'] %} - initial-cluster-state: existing -{% endif %} - serverCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} - peerCertSANs: - - {{ inventory_hostname }} - - {{ ansible_default_ipv4.address }} -{% endif %} -networking: - # This CIDR is a Calico default. Substitute or remove for your CNI provider. - podSubnet: "{{ __pod_subnet }}" -{% endif %} diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.7.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.25.1.j2 old mode 100644 new mode 100755 similarity index 95% rename from roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.7.j2 rename to roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.25.1.j2 index 2dc75bf7..25051d9d --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.21.7.j2 +++ b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.25.1.j2 @@ -2,10 +2,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -43,10 +39,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: InitConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -83,4 +75,3 @@ networking: kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 cgroupDriver: systemd - diff --git a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.22.8.j2 b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.default.j2 old mode 100644 new mode 100755 similarity index 95% rename from roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.22.8.j2 rename to roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.default.j2 index 2dc75bf7..25051d9d --- a/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.1.22.8.j2 +++ b/roles/third_party/kubernetes/setup-master-node/templates/kubeadm.config.default.j2 @@ -2,10 +2,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -43,10 +39,6 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: InitConfiguration kubernetesVersion: v{{ __kubernetes_version }} apiServer: -{% if enable_pod_security is defined %} - extraArgs: - enable-admission-plugins: PodSecurityPolicy -{% endif %} {% if ((groups.k8s_workers | difference(groups.k8s_masters) | list)== [] and (groups.k8s_masters|length) == 1 and (groups.k8s_workers|length) == 1 ) != true %} certSANS: - "{{ __load_balancer_dns }}" @@ -83,4 +75,3 @@ networking: kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 cgroupDriver: systemd - diff --git a/roles/third_party/kubernetes/setup-master-node/vars/main.yml b/roles/third_party/kubernetes/setup-master-node/vars/main.yml old mode 100644 new mode 100755 index b73d917a..290b71d0 --- a/roles/third_party/kubernetes/setup-master-node/vars/main.yml +++ b/roles/third_party/kubernetes/setup-master-node/vars/main.yml @@ -1,5 +1,5 @@ --- -__kubernetes_version: "{{ kubernetes_version | default('1.24.1') }}" +__kubernetes_version: "{{ kubernetes_version | default('1.25.1') }}" __ansible_cache: "/tmp/k8s_ansible" diff --git a/roles/third_party/nfs-install/tasks/configure_master.yml b/roles/third_party/nfs-install/tasks/configure_master.yml old mode 100644 new mode 100755 index 3fcaf05c..050ef779 --- a/roles/third_party/nfs-install/tasks/configure_master.yml +++ b/roles/third_party/nfs-install/tasks/configure_master.yml @@ -1,10 +1,24 @@ -- name: Setup PV folders for root, kudos-board +- name: Get nobody/nogroup + set_fact: + nobody: "{{ nfs_nobody | default('nobody') }}" + nogroup: "{{ nfs_nogroup | default('nobody') }}" + +- name: Setup PV root folder + file: + path: "/pv-connections" + mode: '0700' + state: directory + owner: "{{ nobody }}" + group: "{{ nogroup }}" + +- name: Setup PV folders for kudos-board file: path: "{{ item }}" mode: '0700' state: directory + owner: 1000 + group: "{{ nogroup }}" with_items: - - "/pv-connections" - "/pv-connections/kudos-boards-minio" - name: Setup PV folders for ElasticSearch5 backup @@ -12,6 +26,8 @@ path: "/pv-connections/esbackup" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" when: __es_replicaset | int != 0 - name: Setup PV folders for ElasticSearch7 backup @@ -19,6 +35,8 @@ path: "/pv-connections/esbackup-7" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" when: __es7_replicaset | int != 0 - name: Setup PV folders for OpenSearch backup @@ -26,6 +44,8 @@ path: "/pv-connections/opensearchbackup" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" when: __opensearch_replicaset | int != 0 - name: Setup PV folders for mongo @@ -33,14 +53,19 @@ path: "/pv-connections/mongo-node-{{ item }}/data/db" mode: '0700' state: directory + owner: "1001" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __mongo_replicaset | int - 1 if __mongo_replicaset | int != 0 else 0}} when: __mongo_replicaset | int != 0 -- name: Setup PV folders for mongo5 +- name: Setup PV folders for mongo5 data/db folder file: path: "/pv-connections/mongo5-node-{{ item }}/data/db" mode: '0700' state: directory + owner: "1001" + group: "{{ nogroup }}" + recurse: true with_sequence: start=0 end={{ __mongo5_replicaset | int - 1 if __mongo5_replicaset | int != 0 else 0}} when: __mongo5_replicaset | int != 0 @@ -49,6 +74,8 @@ path: "/pv-connections/solr-data-solr-{{ item }}" mode: '0700' state: directory + owner: "1001" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __solr_replicaset | int - 1 if __solr_replicaset | int != 0 else 0}} when: __solr_replicaset | int != 0 @@ -57,6 +84,8 @@ path: "/pv-connections/zookeeper-data-zookeeper-{{ item }}" mode: '0700' state: directory + owner: "1001" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __zookeeper_replicaset | int - 1 if __zookeeper_replicaset | int != 0 else 0}} when: __zookeeper_replicaset | int != 0 @@ -65,6 +94,8 @@ path: "/pv-connections/esdata-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __es_replicaset | int - 1 if __es_replicaset | int != 0 else 0}} when: __es_replicaset | int != 0 @@ -73,6 +104,8 @@ path: "/pv-connections/esdata-7-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __es7_replicaset | int - 1 if __es7_replicaset | int != 0 else 0}} when: __es7_replicaset | int != 0 @@ -81,6 +114,8 @@ path: "/pv-connections/esmaster-7-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __es7_replicaset | int - 1 if __es7_replicaset | int != 0 else 0}} when: __es7_replicaset | int != 0 @@ -89,6 +124,8 @@ path: "/pv-connections/opensearchmaster-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __opensearch_replicaset | int - 1 if __opensearch_replicaset | int != 0 else 0}} when: __opensearch_replicaset | int != 0 @@ -97,6 +134,8 @@ path: "/pv-connections/opensearchdata-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __opensearch_replicaset | int - 1 if __opensearch_replicaset | int !=0 else 0}} when: __opensearch_replicaset | int != 0 @@ -105,6 +144,8 @@ path: "/pv-connections/opensearchclient-{{ item }}" mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_sequence: start=0 end={{ __opensearch_replicaset | int - 1 if __opensearch_replicaset | int !=0 else 0}} when: __opensearch_replicaset | int != 0 @@ -122,15 +163,17 @@ - name: Setup PV folders - customizations file: path: "{{ item }}" - mode: '0005' + mode: '0700' state: directory + owner: "1000" + group: "{{ nogroup }}" with_items: - "/pv-connections/customizations" - name: Render /etc/exports template: - src: "{{ __nfs_exports_template }}" + src: "nfs.exports.j2" dest: "{{ __nfs_exports_destination }}" - name: Enable and start nfs-server diff --git a/roles/third_party/nfs-install/templates/nfs.exports.j2 b/roles/third_party/nfs-install/templates/nfs.exports.j2 old mode 100644 new mode 100755 index 11d8151f..e58f5dc8 --- a/roles/third_party/nfs-install/templates/nfs.exports.j2 +++ b/roles/third_party/nfs-install/templates/nfs.exports.j2 @@ -1,30 +1,30 @@ {% for counter in range(0, __mongo_replicaset | int ) %} -/pv-connections/mongo-node-{{ counter }}/data/db {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/mongo-node-{{ counter }}/data/db {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} {% for counter in range(0, __mongo5_replicaset | int ) %} -/pv-connections/mongo5-node-{{ counter }}/data/db {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/mongo5-node-{{ counter }}/data/db {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} {% for counter in range(0, __solr_replicaset | int ) %} -/pv-connections/solr-data-solr-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/solr-data-solr-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} {% for counter in range(0, __zookeeper_replicaset | int ) %} -/pv-connections/zookeeper-data-zookeeper-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/zookeeper-data-zookeeper-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} {% if __es_replicaset | int != 0 %} -/pv-connections/esbackup {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/esbackup {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endif %} {% for counter in range(0, __es_replicaset | int ) %} -/pv-connections/esdata-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/esdata-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} {% if __es7_replicaset | int != 0 %} -/pv-connections/esbackup-7 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/esbackup-7 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endif %} {% for counter in range(0, __es7_replicaset | int ) %} -/pv-connections/esmaster-7-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) -/pv-connections/esdata-7-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/esmaster-7-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) +/pv-connections/esdata-7-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} -/pv-connections/customizations {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) -/pv-connections/kudos-boards-minio {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/customizations {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) +/pv-connections/kudos-boards-minio {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% if __nfs_docs_setup|bool %} {{ __docs_data_shared }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(insecure,rw,async,no_root_squash) {{ __viewer_data_shared }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(insecure,rw,async,no_root_squash) @@ -32,10 +32,10 @@ {{ __cnx_data_shared }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(insecure,rw,async,no_root_squash) {{ __cnx_message_stores }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(insecure,rw,async,no_root_squash) {% if __opensearch_replicaset | int != 0 %} -/pv-connections/opensearchbackup {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/opensearchbackup {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endif %} {% for counter in range(0, __opensearch_replicaset | int ) %} -/pv-connections/opensearchmaster-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) -/pv-connections/opensearchdata-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) -/pv-connections/opensearchclient-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,no_root_squash) +/pv-connections/opensearchmaster-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) +/pv-connections/opensearchdata-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) +/pv-connections/opensearchclient-{{ counter }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['network'] }}/{{ __nfs_export_netmask }}(rw,root_squash) {% endfor %} diff --git a/roles/third_party/nfs-install/templates/nfsSetupScript/nfsSetup.sh b/roles/third_party/nfs-install/templates/nfsSetupScript/nfsSetup.sh index cd86705b..99a38863 100755 --- a/roles/third_party/nfs-install/templates/nfsSetupScript/nfsSetup.sh +++ b/roles/third_party/nfs-install/templates/nfsSetupScript/nfsSetup.sh @@ -17,7 +17,7 @@ IFS='\.' read -a DEC_IP <<< "$(hostname -i)" VOLUMES=$(cat volumes.txt) for VOLUME in $VOLUMES; do sed -i "/${VOLUME////\\/}/d" /etc/exports - echo "$VOLUME ${DEC_IP[0]}.${DEC_IP[1]}.0.0/255.255.0.0(rw,no_root_squash)" >> /etc/exports + echo "$VOLUME ${DEC_IP[0]}.${DEC_IP[1]}.0.0/255.255.0.0(rw,root_squash)" >> /etc/exports done # Enable and start resources for NFS @@ -32,9 +32,5 @@ systemctl start nfs-idmap # Restart NFS server and configure the firewall systemctl restart nfs-server -set +o errexit -firewall-cmd --permanent --zone=public --add-service=nfs -firewall-cmd --reload -set -o errexit echo "NFS successfully configured!" diff --git a/set-disableGetTokenFromMBean.yml b/set-disableGetTokenFromMBean.yml new file mode 100644 index 00000000..cec5be65 --- /dev/null +++ b/set-disableGetTokenFromMBean.yml @@ -0,0 +1,31 @@ +--- +# Note: the disableGetTokenFromMBean is set by the Connections Installer. +# This playbook is meant to be a fixup script in case it should be set to false for Azure OIDC and the flag is reset during Connections server upgrade. + + - name: Gather facts + hosts: dmgr + tasks: [] + + - name: Disable com.ibm.websphere.security.disableGetTokenFromMBean + hosts: dmgr + become: true + roles: + - role: roles/third_party/ibm/wasnd/was-dmgr-config-sec-custom-prop + vars: + __sec_custom_prop: "com.ibm.websphere.security.disableGetTokenFromMBean" + __sec_custom_prop_value: "false" + sec_custom_prop_append: false + sec_custom_prop_always_write: true + + - name: Synchronize WAS nodes + hosts: dmgr + become: true + roles: + - roles/third_party/ibm/wasnd/was-dmgr-full-sync-nodes + + - name: Restart CNX Clusters + hosts: dmgr + become: true + roles: + - roles/third_party/ibm/wasnd/was-dmgr-stop-cluster + - roles/third_party/ibm/wasnd/was-dmgr-start-cluster