Fix chicken and egg problem with proxy_env not defined on the first … (#5896)

* Fix chicken and egg problem with proxy_env not defined on the first envinronment usage. * Disable fact gathering for the first proxy_env evaluation. * Move proxy_env var set up from the role defaults to the root playbooks as fact.
2020-04-08 10:53:43 +03:00
parent 2c21e7bd3a
commit 910a821d0b
4 changed files with 78 additions and 44 deletions
--- a/upgrade-cluster.yml
+++ b/upgrade-cluster.yml
@ -13,11 +13,25 @@
  vars:
    ansible_connection: local

+- hosts: all
+  gather_facts: false
+  tasks:
+    - name: "Set up proxy environment"
+      set_fact:
+        proxy_env:
+          http_proxy: "{{ http_proxy | default ('') }}"
+          HTTP_PROXY: "{{ http_proxy | default ('') }}"
+          https_proxy: "{{ https_proxy | default ('') }}"
+          HTTPS_PROXY: "{{ https_proxy | default ('') }}"
+          no_proxy: "{{ no_proxy | default ('') }}"
+          NO_PROXY: "{{ no_proxy | default ('') }}"
+      no_log: true
+
 - hosts: bastion[0]
  gather_facts: False
  roles:
-    - { role: kubespray-defaults}
-    - { role: bastion-ssh-config, tags: ["localhost", "bastion"]}
+    - { role: kubespray-defaults }
+    - { role: bastion-ssh-config, tags: ["localhost", "bastion"] }

 - hosts: k8s-cluster:etcd:calico-rr
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
@ -27,7 +41,7 @@
    # fail. bootstrap-os fixes this on these systems, so in later plays it can be enabled.
    ansible_ssh_pipelining: false
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: bootstrap-os, tags: bootstrap-os}

 - name: Download images to ansible host cache via first kube-master node
@ -43,7 +57,7 @@
  hosts: k8s-cluster:etcd:calico-rr
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: kubernetes/preinstall, tags: preinstall }
    - { role: download, tags: download, when: "not skip_downloads" }
  environment: "{{ proxy_env }}"
@ -53,14 +67,14 @@
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  serial: "{{ serial | default('20%') }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) }
  environment: "{{ proxy_env }}"

 - hosts: etcd
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - role: etcd
      tags: etcd
      vars:
@ -71,7 +85,7 @@
 - hosts: k8s-cluster
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - role: etcd
      tags: etcd
      vars:
@ -84,7 +98,7 @@
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  serial: 1
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: upgrade/pre-upgrade, tags: pre-upgrade }
    - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) }
    - { role: kubernetes/node, tags: node }
@ -101,7 +115,7 @@
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  serial: "{{ serial | default('20%') }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller }
    - { role: network_plugin, tags: network }
    - { role: kubernetes-apps/network_plugin, tags: network }
@ -112,7 +126,7 @@
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  serial: "{{ serial | default('20%') }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: upgrade/pre-upgrade, tags: pre-upgrade }
    - { role: container-engine, tags: "container-engine", when: deploy_container_engine|default(true) }
    - { role: kubernetes/node, tags: node }
@ -124,26 +138,26 @@
 - hosts: kube-master[0]
  any_errors_fatal: true
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: kubernetes-apps/rotate_tokens, tags: rotate_tokens, when: "secret_changed|default(false)" }
-    - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"]}
+    - { role: win_nodes/kubernetes_patch, tags: ["master", "win_nodes"] }

 - hosts: calico-rr
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: network_plugin/calico/rr, tags: network }
  environment: "{{ proxy_env }}"

 - hosts: kube-master
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: kubernetes-apps, tags: apps }
  environment: "{{ proxy_env }}"

 - hosts: k8s-cluster
  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
  roles:
-    - { role: kubespray-defaults}
+    - { role: kubespray-defaults }
    - { role: kubernetes/preinstall, when: "dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'", tags: resolvconf }