blob: 097710d14db9c82322be65607701d755bd2dd6fe [file] [log] [blame]
Tadas Sutkaitis0b597442024-02-15 06:13:39 +02001# Copyright (c) 2024 VEXXHOST, Inc.
Mohammed Naser336caf42022-03-11 17:56:45 -05002#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
Mohammed Naser8eafb7e2023-02-08 18:46:34 +000015- hosts: "{{ target | default('all') }}"
Mohammed Naser336caf42022-03-11 17:56:45 -050016 become: true
17 roles:
Tadas Sutkaitisc4f0ded2023-03-29 18:51:19 +030018 - role: defaults
ricolin2f1cfea2022-11-26 03:35:56 +080019 - role: sysctl
Mohammed Naser545bc432023-04-16 23:02:23 +000020 tags:
21 - sysctl
Mohammed Naser64f84a42022-09-01 16:59:30 -040022 - role: ethtool
23 tags:
24 - ethtool
Tadas Sutkaitis0b597442024-02-15 06:13:39 +020025 # NOTE(fitbeard) networkd-dispatcher is not available for EL distros
26 when: ansible_facts['os_family'] in ['Debian']
Tadas Sutkaitisc4f0ded2023-03-29 18:51:19 +030027 post_tasks:
28 - name: Set a fact with the "atmosphere_images" for other plays
29 ansible.builtin.set_fact:
30 atmosphere_images: "{{ atmosphere_images }}"
Mohammed Naser5c7bf2b2023-06-05 17:15:44 -040031 tags:
32 - always
Tadas Sutkaitisc4f0ded2023-03-29 18:51:19 +030033
Rico Line7132672024-02-28 00:10:53 +080034- hosts: "{{ target | default('all') }}"
35 become: true
36 gather_facts: false
37 tasks:
38 - name: Install PIP
39 ansible.builtin.package:
40 name: python3-pip
41
42 # (rico) there is dependency isuse with pyopenssl and cryptography before 22.1.0
43 # This make sure we have consist dependency between them.
44 - name: Upgrade pyopenssl in pip
45 ansible.builtin.pip:
46 name:
47 - pyopenssl>=22.1.0
48 extra_args: --upgrade
49
Tadas Sutkaitisc4f0ded2023-03-29 18:51:19 +030050- import_playbook: vexxhost.kubernetes.site
51 vars:
52 keepalived_image: "{{ atmosphere_images['keepalived'] }}"
53 keepalived_vrid: "{{ kubernetes_keepalived_vrid }}"
54 keepalived_interface: "{{ kubernetes_keepalived_interface }}"
55 keepalived_vip: "{{ kubernetes_keepalived_vip }}"
56 haproxy_image: "{{ atmosphere_images['haproxy'] }}"
57 containerd_pause_image: "{{ atmosphere_images['pause'] }}"
58 kubernetes_image_repository: "{{ atmosphere_images['kube_apiserver'] | vexxhost.kubernetes.docker_image('prefix') }}"
59 cilium_node_image: "{{ atmosphere_images['cilium_node'] }}"
60 cilium_operator_image: "{{ atmosphere_images['cilium_operator'] }}"
vexxhost-bot71aa62f2024-09-24 18:05:33 -040061 kube_vip_image: "{{ atmosphere_images['kube_vip'] }}"
Tadas Sutkaitisc4f0ded2023-03-29 18:51:19 +030062
63- hosts: "{{ target | default('all') }}"
64 become: true
65 roles:
66 - role: vexxhost.atmosphere.kubernetes_node_labels
67 tags:
68 - kubernetes-node-labels
Oleksandr Kozachenkodcf6a8b2023-03-09 12:06:12 +010069
70# NOTE(mnaser): Add task to uninstall "unattended-upgrades" to avoid system
71# upgrades during the deployment
Mohammed Naseraa790272023-10-06 18:46:27 -040072- hosts: "{{ target | default('all') }}"
Oleksandr Kozachenkodcf6a8b2023-03-09 12:06:12 +010073 become: true
74 gather_facts: false
75 tasks:
76 - name: Uninstall unattended-upgrades
Tadas Sutkaitis0b597442024-02-15 06:13:39 +020077 ansible.builtin.package:
Oleksandr Kozachenkodcf6a8b2023-03-09 12:06:12 +010078 name: unattended-upgrades
79 state: absent