roles/kubernetes/tasks/main.yml - atmosphere - Gitiles

 # Copyright (c) 2022 VEXXHOST, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.

 - name: Add repository keys
   ansible.builtin.copy:
     src: apt-key.gpg
     dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg
     owner: root
     group: root
     mode: 0644
   when:
     - kubernetes_repo_url == _kubernetes_upstream_apt_repository

 - name: Add repository
   ansible.builtin.apt_repository:
     repo:
       deb
       {% if kubernetes_repo_url == _kubernetes_upstream_apt_repository %}[signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg]{% endif %}
       {{ kubernetes_repo_url }}
       kubernetes-xenial
       main
     state: present

 - name: Setup version pins
   ansible.builtin.template:
     src: apt-preferences.j2
     dest: /etc/apt/preferences.d/kubernetes
     mode: 0644

 - name: Install packages
   ansible.builtin.apt:
     name:
       - "containerd"
       - "kubeadm={{ kubernetes_version }}-00"
       - "kubectl={{ kubernetes_version }}-00"
       - "kubelet={{ kubernetes_version }}-00"
     state: present

 - name: Enable kernel modules on-boot
   ansible.builtin.template:
     src: modules-load.conf.j2
     dest: /etc/modules-load.d/k8s.conf
     owner: root
     group: root
     mode: 0644

 - name: Enable kernel modules in runtime
   community.general.modprobe:
     name: "{{ item }}"
     state: present
   loop: "{{ kubernetes_kernel_modules }}"

 - name: Configure sysctl values
   ansible.posix.sysctl:
     name: "{{ item.name }}"
     value: "{{ item.value }}"
     state: present
   loop: "{{ kubernetes_sysctls }}"

 - name: Check swap status
   ansible.builtin.command: /sbin/swapon -s
   changed_when: false
   register: _swapon

 - name: Disable swap
   ansible.builtin.command: /sbin/swapoff -a
   ignore_errors: "{{ ansible_check_mode }}"
   when:
     - _swapon.stdout

 - name: Remove swapfile from /etc/fstab
   ansible.posix.mount:
     name: "{{ item }}"
     fstype: swap
     state: absent
   with_items:
     - swap
     - none

 - name: Configure short hostname
   ansible.builtin.hostname:
     name: "{{ inventory_hostname_short }}"

 - name: Ensure hostname inside hosts file
   ansible.builtin.lineinfile:
     path: /etc/hosts
     regexp: '^127\.0\.1\.1'
     line: 127.0.1.1 {{ inventory_hostname }} {{ inventory_hostname_short }}

 - name: Setup control plane
   when: inventory_hostname in groups[kubernetes_control_plane_group]
   ansible.builtin.include_tasks: control-plane.yml

 - name: Setup nodes
   when: inventory_hostname not in groups[kubernetes_control_plane_group]
   ansible.builtin.include_tasks: nodes.yml

 - name: Add labels to control plane nodes
   delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
   kubernetes.core.k8s:
     state: patched
     kind: Node
     name: "{{ inventory_hostname_short }}"
     definition:
       metadata:
         labels: "{{ kubernetes_control_plane_labels }}"
   when:
     - inventory_hostname in groups['controllers']

 - name: Add labels to compute nodes
   delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
   kubernetes.core.k8s:
     state: patched
     kind: Node
     name: "{{ inventory_hostname_short }}"
     definition:
       metadata:
         labels: "{{ kubernetes_compute_node_labels }}"
   when:
     - inventory_hostname in groups['computes']
	# Copyright (c) 2022 VEXXHOST, Inc.
	#
	# Licensed under the Apache License, Version 2.0 (the "License"); you may
	# not use this file except in compliance with the License. You may obtain
	# a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	# License for the specific language governing permissions and limitations
	# under the License.

	- name: Add repository keys
	ansible.builtin.copy:
	src: apt-key.gpg
	dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg
	owner: root
	group: root
	mode: 0644
	when:
	- kubernetes_repo_url == _kubernetes_upstream_apt_repository

	- name: Add repository
	ansible.builtin.apt_repository:
	repo:
	deb
	{% if kubernetes_repo_url == _kubernetes_upstream_apt_repository %}[signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg]{% endif %}
	{{ kubernetes_repo_url }}
	kubernetes-xenial
	main
	state: present

	- name: Setup version pins
	ansible.builtin.template:
	src: apt-preferences.j2
	dest: /etc/apt/preferences.d/kubernetes
	mode: 0644

	- name: Install packages
	ansible.builtin.apt:
	name:
	- "containerd"
	- "kubeadm={{ kubernetes_version }}-00"
	- "kubectl={{ kubernetes_version }}-00"
	- "kubelet={{ kubernetes_version }}-00"
	state: present

	- name: Enable kernel modules on-boot
	ansible.builtin.template:
	src: modules-load.conf.j2
	dest: /etc/modules-load.d/k8s.conf
	owner: root
	group: root
	mode: 0644

	- name: Enable kernel modules in runtime
	community.general.modprobe:
	name: "{{ item }}"
	state: present
	loop: "{{ kubernetes_kernel_modules }}"

	- name: Configure sysctl values
	ansible.posix.sysctl:
	name: "{{ item.name }}"
	value: "{{ item.value }}"
	state: present
	loop: "{{ kubernetes_sysctls }}"

	- name: Check swap status
	ansible.builtin.command: /sbin/swapon -s
	changed_when: false
	register: _swapon

	- name: Disable swap
	ansible.builtin.command: /sbin/swapoff -a
	ignore_errors: "{{ ansible_check_mode }}"
	when:
	- _swapon.stdout

	- name: Remove swapfile from /etc/fstab
	ansible.posix.mount:
	name: "{{ item }}"
	fstype: swap
	state: absent
	with_items:
	- swap
	- none

	- name: Configure short hostname
	ansible.builtin.hostname:
	name: "{{ inventory_hostname_short }}"

	- name: Ensure hostname inside hosts file
	ansible.builtin.lineinfile:
	path: /etc/hosts
	regexp: '^127\.0\.1\.1'
	line: 127.0.1.1 {{ inventory_hostname }} {{ inventory_hostname_short }}

	- name: Setup control plane
	when: inventory_hostname in groups[kubernetes_control_plane_group]
	ansible.builtin.include_tasks: control-plane.yml

	- name: Setup nodes
	when: inventory_hostname not in groups[kubernetes_control_plane_group]
	ansible.builtin.include_tasks: nodes.yml

	- name: Add labels to control plane nodes
	delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
	kubernetes.core.k8s:
	state: patched
	kind: Node
	name: "{{ inventory_hostname_short }}"
	definition:
	metadata:
	labels: "{{ kubernetes_control_plane_labels }}"
	when:
	- inventory_hostname in groups['controllers']

	- name: Add labels to compute nodes
	delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
	kubernetes.core.k8s:
	state: patched
	kind: Node
	name: "{{ inventory_hostname_short }}"
	definition:
	metadata:
	labels: "{{ kubernetes_compute_node_labels }}"
	when:
	- inventory_hostname in groups['computes']