roles/kubernetes/tasks/main.yml

# Copyright (c) 2022 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

- name: Add repository keys
  ansible.builtin.copy:
    src: apt-key.gpg
    dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg
    owner: root
    group: root
    mode: "0644"
  when:
    - kubernetes_repo_url == _kubernetes_upstream_apt_repository

- name: Add repository
  ansible.builtin.apt_repository:
    repo:
      deb
      {% if kubernetes_repo_url == _kubernetes_upstream_apt_repository %}[signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg]{% endif %}
      {{ kubernetes_repo_url }}
      kubernetes-xenial
      main
    state: present

- name: Setup version pins
  ansible.builtin.template:
    src: apt-preferences.j2
    dest: /etc/apt/preferences.d/kubernetes
    mode: "0644"

- name: Install packages
  ansible.builtin.apt:
    name:
      - "cri-tools={{ kubernetes_cri_tools_version }}-00"
      - "kubeadm={{ kubernetes_version }}-00"
      - "kubectl={{ kubernetes_version }}-00"
      - "kubelet={{ kubernetes_version }}-00"
    state: present

- name: Create crictl config
  ansible.builtin.template:
    src: crictl.yaml.j2
    dest: /etc/crictl.yaml
    owner: root
    mode: "0644"

- name: Enable kernel modules on-boot
  ansible.builtin.template:
    src: modules-load.conf.j2
    dest: /etc/modules-load.d/k8s.conf
    owner: root
    group: root
    mode: "0644"

- name: Enable kernel modules in runtime
  community.general.modprobe:
    name: "{{ item }}"
    state: present
  loop: "{{ kubernetes_kernel_modules }}"

- name: Configure sysctl values
  ansible.posix.sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
    state: present
  loop: "{{ kubernetes_sysctls }}"

- name: Disable swap on the host
  when: not kubernetes_allow_unsafe_swap | bool
  block:
    - name: Check swap status
      ansible.builtin.command: /sbin/swapon -s
      changed_when: false
      register: _swapon

    - name: Disable swap
      ansible.builtin.command: /sbin/swapoff -a
      changed_when: true
      ignore_errors: "{{ ansible_check_mode }}"
      when:
        - _swapon.stdout

    - name: Remove swapfile from /etc/fstab
      ansible.posix.mount:
        name: "{{ item }}"
        fstype: swap
        state: absent
      with_items:
        - swap
        - none

    - name: Create noswap systemd service config file
      ansible.builtin.copy:
        src: noswap.service
        dest: /etc/systemd/system/noswap.service
        owner: root
        group: root
        mode: "0644"
      notify: Enable noswap service

- name: Configure short hostname
  ansible.builtin.hostname:
    name: "{{ inventory_hostname_short }}"

- name: Ensure hostname inside hosts file
  ansible.builtin.lineinfile:
    path: /etc/hosts
    regexp: '^127\.0\.1\.1'
    line: 127.0.1.1 {{ inventory_hostname }} {{ inventory_hostname_short }}

- name: Setup control plane
  when: inventory_hostname in groups[kubernetes_control_plane_group]
  ansible.builtin.include_tasks: control-plane.yml

- name: Setup nodes
  when: inventory_hostname not in groups[kubernetes_control_plane_group]
  ansible.builtin.include_tasks: nodes.yml

- name: Add labels to control plane nodes
  delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
  kubernetes.core.k8s:
    state: patched
    kind: Node
    name: "{{ inventory_hostname_short }}"
    definition:
      metadata:
        labels: "{{ kubernetes_control_plane_labels }}"
  when:
    - inventory_hostname in groups['controllers']

- name: Add labels to compute nodes
  delegate_to: "{{ groups[kubernetes_control_plane_group][0] }}"
  kubernetes.core.k8s:
    state: patched
    kind: Node
    name: "{{ inventory_hostname_short }}"
    definition:
      metadata:
        labels: "{{ kubernetes_compute_node_labels }}"
  when:
    - inventory_hostname in groups['computes']