25cb90bc2d
* project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
136 lines
4.5 KiB
YAML
136 lines
4.5 KiB
YAML
---
|
|
- name: Master | restart kubelet
|
|
command: /bin/true
|
|
notify:
|
|
- Master | reload systemd
|
|
- Master | reload kubelet
|
|
- Master | wait for master static pods
|
|
|
|
- name: Master | wait for master static pods
|
|
command: /bin/true
|
|
notify:
|
|
- Master | wait for the apiserver to be running
|
|
- Master | wait for kube-scheduler
|
|
- Master | wait for kube-controller-manager
|
|
|
|
- name: Master | Restart apiserver
|
|
command: /bin/true
|
|
notify:
|
|
- Master | Remove apiserver container docker
|
|
- Master | Remove apiserver container containerd/crio
|
|
- Master | wait for the apiserver to be running
|
|
|
|
- name: Master | Restart kube-scheduler
|
|
command: /bin/true
|
|
notify:
|
|
- Master | Remove scheduler container docker
|
|
- Master | Remove scheduler container containerd/crio
|
|
- Master | wait for kube-scheduler
|
|
|
|
- name: Master | Restart kube-controller-manager
|
|
command: /bin/true
|
|
notify:
|
|
- Master | Remove controller manager container docker
|
|
- Master | Remove controller manager container containerd/crio
|
|
- Master | wait for kube-controller-manager
|
|
|
|
- name: Master | reload systemd
|
|
systemd:
|
|
daemon_reload: true
|
|
|
|
- name: Master | reload kubelet
|
|
service:
|
|
name: kubelet
|
|
state: restarted
|
|
|
|
- name: Master | Remove apiserver container docker
|
|
shell: "set -o pipefail && docker ps -af name=k8s_kube-apiserver* -q | xargs --no-run-if-empty docker rm -f"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_apiserver_container
|
|
retries: 10
|
|
until: remove_apiserver_container.rc == 0
|
|
delay: 1
|
|
when: container_manager == "docker"
|
|
|
|
- name: Master | Remove apiserver container containerd/crio
|
|
shell: "set -o pipefail && {{ bin_dir }}/crictl pods --name kube-apiserver* -q | xargs -I% --no-run-if-empty bash -c '{{ bin_dir }}/crictl stopp % && {{ bin_dir }}/crictl rmp %'"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_apiserver_container
|
|
retries: 10
|
|
until: remove_apiserver_container.rc == 0
|
|
delay: 1
|
|
when: container_manager in ['containerd', 'crio']
|
|
|
|
- name: Master | Remove scheduler container docker
|
|
shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -af name=k8s_kube-scheduler* -q | xargs --no-run-if-empty {{ docker_bin_dir }}/docker rm -f"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_scheduler_container
|
|
retries: 10
|
|
until: remove_scheduler_container.rc == 0
|
|
delay: 1
|
|
when: container_manager == "docker"
|
|
|
|
- name: Master | Remove scheduler container containerd/crio
|
|
shell: "set -o pipefail && {{ bin_dir }}/crictl pods --name kube-scheduler* -q | xargs -I% --no-run-if-empty bash -c '{{ bin_dir }}/crictl stopp % && {{ bin_dir }}/crictl rmp %'"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_scheduler_container
|
|
retries: 10
|
|
until: remove_scheduler_container.rc == 0
|
|
delay: 1
|
|
when: container_manager in ['containerd', 'crio']
|
|
|
|
- name: Master | Remove controller manager container docker
|
|
shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -af name=k8s_kube-controller-manager* -q | xargs --no-run-if-empty {{ docker_bin_dir }}/docker rm -f"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_cm_container
|
|
retries: 10
|
|
until: remove_cm_container.rc == 0
|
|
delay: 1
|
|
when: container_manager == "docker"
|
|
|
|
- name: Master | Remove controller manager container containerd/crio
|
|
shell: "set -o pipefail && {{ bin_dir }}/crictl pods --name kube-controller-manager* -q | xargs -I% --no-run-if-empty bash -c '{{ bin_dir }}/crictl stopp % && {{ bin_dir }}/crictl rmp %'"
|
|
args:
|
|
executable: /bin/bash
|
|
register: remove_cm_container
|
|
retries: 10
|
|
until: remove_cm_container.rc == 0
|
|
delay: 1
|
|
when: container_manager in ['containerd', 'crio']
|
|
|
|
- name: Master | wait for kube-scheduler
|
|
vars:
|
|
endpoint: "{{ kube_scheduler_bind_address if kube_scheduler_bind_address != '0.0.0.0' else 'localhost' }}"
|
|
uri:
|
|
url: https://{{ endpoint }}:10259/healthz
|
|
validate_certs: no
|
|
register: scheduler_result
|
|
until: scheduler_result.status == 200
|
|
retries: 60
|
|
delay: 1
|
|
|
|
- name: Master | wait for kube-controller-manager
|
|
vars:
|
|
endpoint: "{{ kube_controller_manager_bind_address if kube_controller_manager_bind_address != '0.0.0.0' else 'localhost' }}"
|
|
uri:
|
|
url: https://{{ endpoint }}:10257/healthz
|
|
validate_certs: no
|
|
register: controller_manager_result
|
|
until: controller_manager_result.status == 200
|
|
retries: 60
|
|
delay: 1
|
|
|
|
- name: Master | wait for the apiserver to be running
|
|
uri:
|
|
url: "{{ kube_apiserver_endpoint }}/healthz"
|
|
validate_certs: no
|
|
register: result
|
|
until: result.status == 200
|
|
retries: 60
|
|
delay: 1
|