diff --git a/roles/rke2/tasks/add_manifest_addons.yml b/roles/rke2/tasks/add_manifest_addons.yml index 909693c7..8397da87 100644 --- a/roles/rke2/tasks/add_manifest_addons.yml +++ b/roles/rke2/tasks/add_manifest_addons.yml @@ -1,12 +1,12 @@ --- -- name: look up manifest files on localhost - find: +- name: Look up manifest files on localhost + ansible.builtin.find: paths: "{{ source_directory }}" register: local_files_find_return delegate_to: localhost -- name: create array of managed files +- name: Create array of managed files ansible.builtin.set_fact: managed_files: "{{local_files_find_return.files | map(attribute='path') | map('basename') }}" @@ -18,16 +18,16 @@ owner: root group: root -- name: look up manifest files on remote +- name: Look up manifest files on remote find: paths: "{{ destination_directory }}" register: remote_files_find_return -- name: create array of remote files +- name: Create array of remote files ansible.builtin.set_fact: current_files: "{{remote_files_find_return.files | map(attribute='path') | map('basename') }}" -- name: remove remote files not in managed files list +- name: Remove remote files not in managed files list ansible.builtin.file: path: "{{ destination_directory }}/{{ item }}" state: absent diff --git a/roles/rke2/tasks/calculate_rke2_version.yml b/roles/rke2/tasks/calculate_rke2_version.yml index 0a47cfc7..a8994a0d 100644 --- a/roles/rke2/tasks/calculate_rke2_version.yml +++ b/roles/rke2/tasks/calculate_rke2_version.yml @@ -22,9 +22,9 @@ args: executable: /usr/bin/bash - # - name: Set rke2_full_version fact from internet source - # ansible.builtin.set_fact: - # rke2_full_version: "{{ rke2_full_version.stdout }}" + - name: Set rke2_full_version fact from internet source + ansible.builtin.set_fact: + rke2_full_version: "{{ rke2_full_version.stdout }}" - name: Unset rke2_full_version if skipped ansible.builtin.set_fact: @@ -32,16 +32,15 @@ when: rke2_full_version is skipped -- name: Set rke2_full_version fact - ansible.builtin.set_fact: - rke2_full_version: "{{ rke2_full_version.stdout if ((install_rke2_version is not defined) or - (install_rke2_version | length == 0)) else install_rke2_version }}" - -# - name: Set rke2_full_version fact from variable source +# - name: Set rke2_full_version fact # ansible.builtin.set_fact: -# rke2_full_version: "{{ rke2_install_version }}" -# when: -# - rke2_install_version | length > 0 + # rke2_full_version: "{{ rke2_full_version.stdout if (install_rke2_version | length == 0) else install_rke2_version }}" + +- name: Set rke2_full_version fact from variable source + ansible.builtin.set_fact: + rke2_full_version: "{{ rke2_install_version }}" + when: + - rke2_install_version | length > 0 - name: Set rke2_package_state to latest ansible.builtin.set_fact: @@ -83,7 +82,7 @@ ansible.builtin.set_fact: rke2_version_rpm: "{{ '-' + rke2_version_rpm }}" when: - - rke2_version_rpm | length > 0 + - rke2_version_rpm | length > 0 # - name: Describe versions # ansible.builtin.debug: diff --git a/roles/rke2/tasks/check_node_ready.yml b/roles/rke2/tasks/check_node_ready.yml index a69e5831..1ce68e30 100644 --- a/roles/rke2/tasks/check_node_ready.yml +++ b/roles/rke2/tasks/check_node_ready.yml @@ -1,3 +1,5 @@ +--- + - name: Wait for k8s apiserver ansible.builtin.wait_for: host: localhost @@ -8,14 +10,14 @@ register: api_serve_status ignore_errors: "{{check_node_ready_ignore_errors}}" -- name: set fact +- name: Set fact ansible.builtin.set_fact: api_server_running: true - when: - - api_serve_status.state is not undefined - - api_serve_status.state == "present" + when: + - api_serve_status.state is not undefined + - api_serve_status.state == "present" -- name: set fact +- name: Set fact ansible.builtin.set_fact: api_server_running: "{{api_server_running}}" @@ -35,9 +37,9 @@ ansible.builtin.set_fact: metrics_running: true when: - - 200 | string in node_metrics.status | string + - 200 | string in node_metrics.status | string -- name: set fact for metrics_running +- name: Set fact for metrics_running ansible.builtin.set_fact: metrics_running: "{{metrics_running}}" @@ -46,8 +48,8 @@ kubelet_node_name: "{{ node_metrics.content | \ regex_search('kubelet_node_name{node=\"(.*)\"}',\ '\\1') }}" - when: - - 200 | string in node_metrics.status | string + when: + - 200 | string in node_metrics.status | string - name: Wait for node to show Ready status ansible.builtin.command: >- @@ -61,20 +63,20 @@ changed_when: false ignore_errors: "{{check_node_ready_ignore_errors}}" -- name: set fact +- name: Set fact ansible.builtin.set_fact: node_ready: "true" when: - - status_result.rc is not undefined - - status_result.rc | string == "0" + - status_result.rc is not undefined + - status_result.rc | string == "0" -- name: set fact +- name: Set fact ansible.builtin.set_fact: node_ready: "{{node_ready}}" -- name: node status - debug: +- name: Node status + ansible.builtin.debug: msg: | "node_ready: {{node_ready}}" "metrics_running: {{metrics_running}}" - "api_server_running: {{api_server_running}}" \ No newline at end of file + "api_server_running: {{api_server_running}}" diff --git a/roles/rke2/tasks/cis_hardening.yml b/roles/rke2/tasks/cis_hardening.yml index 53acff52..dec33eb2 100644 --- a/roles/rke2/tasks/cis_hardening.yml +++ b/roles/rke2/tasks/cis_hardening.yml @@ -2,10 +2,10 @@ - name: CIS MODE become: yes - when: - - (cluster_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) or - (group_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) or - (host_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) + when: + - (cluster_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) or + (group_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) or + (host_rke2_config.profile | default("") | regex_search('^cis(-\\d+.\\d+)?$')) block: - name: Create etcd group ansible.builtin.group: diff --git a/roles/rke2/tasks/config.yml b/roles/rke2/tasks/config.yml index 602652c7..edff3b99 100644 --- a/roles/rke2/tasks/config.yml +++ b/roles/rke2/tasks/config.yml @@ -1,12 +1,12 @@ --- # combine host and group vars to form primary rke2_config -- name: combine host and group config vars +- name: Combine host and group config vars ansible.builtin.set_fact: temp_group_rke2_config: "{{cluster_rke2_config | default({}) | ansible.builtin.combine((group_rke2_config | default({})), list_merge='prepend_rp') }}" # combine host and group vars to form primary rke2_config -- name: combine host and group config vars +- name: Combine host and group config vars ansible.builtin.set_fact: rke2_config: "{{temp_group_rke2_config | default({}) | ansible.builtin.combine((host_rke2_config | default({})), list_merge='prepend_rp') }}" diff --git a/roles/rke2/tasks/configure_rke2.yml b/roles/rke2/tasks/configure_rke2.yml index a9993651..6036a23a 100644 --- a/roles/rke2/tasks/configure_rke2.yml +++ b/roles/rke2/tasks/configure_rke2.yml @@ -36,5 +36,3 @@ file_path: "{{ rke2_pod_security_admission_config_file_path }}" when: - inventory_hostname in groups['rke2_servers'] - - diff --git a/roles/rke2/tasks/first_server.yml b/roles/rke2/tasks/first_server.yml index 080d18e5..d84b658b 100644 --- a/roles/rke2/tasks/first_server.yml +++ b/roles/rke2/tasks/first_server.yml @@ -4,7 +4,7 @@ - name: Include task file config.yml ansible.builtin.include_tasks: config.yml -- name: flush_handlers +- name: Flush_handlers ansible.builtin.meta: flush_handlers - block: @@ -15,4 +15,5 @@ check_node_ready_retries: 30 check_node_ready_delay: 10 check_node_ready_ignore_errors: false - any_errors_fatal: true \ No newline at end of file + any_errors_fatal: true + \ No newline at end of file diff --git a/roles/rke2/tasks/main.yml b/roles/rke2/tasks/main.yml index 72b3fd1e..f4323928 100644 --- a/roles/rke2/tasks/main.yml +++ b/roles/rke2/tasks/main.yml @@ -43,8 +43,6 @@ - name: Has rke2 been installed already ansible.builtin.include_tasks: previous_install.yml - - - name: Check for images bundle ansible.builtin.include_tasks: images_bundle.yml when: @@ -65,10 +63,10 @@ check_node_ready_delay: 2 check_node_ready_ignore_errors: true when: - - inventory_hostname in groups['rke2_servers'] + - inventory_hostname in groups['rke2_servers'] - name: Create a list of ready servers - set_fact: + ansible.builtin.set_fact: ready_servers: "{{ groups.rke2_servers| map('extract', hostvars)| selectattr('node_ready', 'equalto', true)| @@ -90,8 +88,6 @@ - name: Set rke2 configuration files ansible.builtin.include_tasks: configure_rke2.yml - - - name: Include task file add_manifest_addons.yml ansible.builtin.include_tasks: add_manifest_addons.yml vars: @@ -106,23 +102,23 @@ - name: Start the first rke2 node ansible.builtin.include_tasks: first_server.yml when: - - inventory_hostname in groups['rke2_servers'][0] - - ready_servers | length == 0 + - inventory_hostname in groups['rke2_servers'][0] + - ready_servers | length == 0 -- name: save_generated_token.yml +- name: Save_generated_token.yml ansible.builtin.include_tasks: save_generated_token.yml vars: token_source_node: "{{groups['rke2_servers'][0]}}" when: - - ready_servers | length == 0 + - ready_servers | length == 0 # is the ready_servers array is > 0, we assume it's an established cluster and treat all nodes equally (no need for initial server procedure) -- name: save_generated_token.yml +- name: Save_generated_token.yml ansible.builtin.include_tasks: save_generated_token.yml vars: token_source_node: "{{ready_servers[0]}}" when: - - ready_servers | length > 0 + - ready_servers | length > 0 - name: Start all other rke2 nodes ansible.builtin.include_tasks: other_nodes.yml diff --git a/roles/rke2/tasks/other_nodes.yml b/roles/rke2/tasks/other_nodes.yml index 80825e32..59ae3c11 100644 --- a/roles/rke2/tasks/other_nodes.yml +++ b/roles/rke2/tasks/other_nodes.yml @@ -9,5 +9,5 @@ - name: Generate config.yml on other nodes ansible.builtin.include_tasks: config.yml -- name: flush_handlers +- name: Flush_handlers ansible.builtin.meta: flush_handlers diff --git a/roles/rke2/tasks/rpm_install.yml b/roles/rke2/tasks/rpm_install.yml index 3f9b601e..e9a4fd50 100644 --- a/roles/rke2/tasks/rpm_install.yml +++ b/roles/rke2/tasks/rpm_install.yml @@ -20,9 +20,9 @@ gpgkey: "{{ rke2_versioned_yum_repo.gpgkey }}" enabled: "{{ rke2_versioned_yum_repo.enabled }}" -- name: debug install - debug: - msg: installing {{ service_name }}{{ rke2_version_rpm }} +# - name: Debug install +# ansible.builtin.debug: +# msg: installing {{ service_name }}{{ rke2_version_rpm }} - name: YUM-Based Install ansible.builtin.dnf: diff --git a/roles/rke2/tasks/save_generated_token.yml b/roles/rke2/tasks/save_generated_token.yml index c2742ea5..4717fd75 100644 --- a/roles/rke2/tasks/save_generated_token.yml +++ b/roles/rke2/tasks/save_generated_token.yml @@ -1,4 +1,4 @@ - +--- - name: Wait for node-token ansible.builtin.wait_for: @@ -30,14 +30,14 @@ temp_host_rke2_config: server: "https://{{ rke2_kubernetes_api_server_host }}:9345" when: - - rke2_kubernetes_api_server_host != "" + - rke2_kubernetes_api_server_host != "" - name: Set temp fact to store server config line with server URL ansible.builtin.set_fact: temp_host_rke2_config: server: "https://{{ token_source_node }}:9345" when: - - rke2_kubernetes_api_server_host == "" + - rke2_kubernetes_api_server_host == "" - name: Update host_rke2_config fact to contain server line ansible.builtin.set_fact: diff --git a/roles/rke2/tasks/tarball_install.yml b/roles/rke2/tasks/tarball_install.yml index 0aa960a2..3247d6ba 100644 --- a/roles/rke2/tasks/tarball_install.yml +++ b/roles/rke2/tasks/tarball_install.yml @@ -18,8 +18,6 @@ - rke2_install_tarball_url == "" - not rke2_installed or rke2_installed_version != rke2_full_version - - - name: Send provided tarball from local control machine if available ansible.builtin.copy: src: "{{ rke2_install_local_tarball_path }}" diff --git a/roles/rke2/vars/main.yml b/roles/rke2/vars/main.yml index d2944ee3..879b4f8c 100644 --- a/roles/rke2/vars/main.yml +++ b/roles/rke2/vars/main.yml @@ -5,4 +5,4 @@ rke2_version_changed: false rke2_reboot: false rke2_version_majmin: "" rke2_version_rpm: "" -rke2_package_state: "installed" \ No newline at end of file +rke2_package_state: "installed"