From 4ff4a3198e2f1690db68c60bb776ed24a3dec0e6 Mon Sep 17 00:00:00 2001 From: michael Date: Tue, 6 Dec 2022 12:48:15 +1300 Subject: [PATCH] not sure was tired --- .gitignore | 1 + ansible/roles/k8s_control/defaults/main.yaml | 3 ++- ansible/roles/k8s_control/tasks/main.yaml | 18 ++++++++++++++- .../templates/core-dns_configmap.yaml.j2 | 8 +++++++ ansible/roles/k8s_network/tasks/main.yaml | 23 ++++++++----------- .../k8s_storage_ebs_deploy/tasks/disks.yaml | 1 + 6 files changed, 38 insertions(+), 16 deletions(-) create mode 100644 ansible/roles/k8s_control/templates/core-dns_configmap.yaml.j2 diff --git a/.gitignore b/.gitignore index 475ed6e..2910ab6 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ ansible/vault_password ansible/inventory/host_vars/*/vault.yaml ansible/roles/k8s_network/files/calico ansible/roles/k8s_storage_rook/files/rook +ansible/roles/k8s_control/files/core-dns ansible/roles/k8s_storage_ebs_manifests/files/ebs .vscode */vault.yaml \ No newline at end of file diff --git a/ansible/roles/k8s_control/defaults/main.yaml b/ansible/roles/k8s_control/defaults/main.yaml index c93d4ac..cca5440 100644 --- a/ansible/roles/k8s_control/defaults/main.yaml +++ b/ansible/roles/k8s_control/defaults/main.yaml @@ -10,4 +10,5 @@ k8s_v4_pod_cidr: 10.128.0.0/16 k8s_v6_pod_cidr: 2a01:4f8:13b:f202::00/64 k8s_v4_service_cidr: 10.96.0.0/16 k8s_v6_service_cidr: 2a01:4f8:13b:f203::00/116 -local_user: michael \ No newline at end of file +local_user: michael +dns_servers: ["192.168.199.254","2a01:4f8:13b:f201::254"] \ No newline at end of file diff --git a/ansible/roles/k8s_control/tasks/main.yaml b/ansible/roles/k8s_control/tasks/main.yaml index fa50acf..65fe362 100644 --- a/ansible/roles/k8s_control/tasks/main.yaml +++ b/ansible/roles/k8s_control/tasks/main.yaml @@ -66,7 +66,7 @@ ansible.builtin.shell: cmd: | kubeadm init \ - --control-plane-endpoint {{ k8s_endpoint }} \ + --control-plane-endpoint {{ k8s_v4_address }} \ --cri-socket /run/containerd/containerd.sock \ --pod-network-cidr {{ k8s_v4_pod_cidr }},{{ k8s_v6_pod_cidr }} \ --service-cidr {{ k8s_v4_service_cidr }},{{ k8s_v6_service_cidr}} \ @@ -122,6 +122,22 @@ group: "{{ local_user }}" mode: 0600 +- name: fix core-dns resolution + delegate_to: localhost + run_once: true + become: false + block: + + - name: template out core-dns configmap + ansible.builtin.template: + src: core-dns_configmap.yaml.j2 + dest: "{{ ansible_search_path[0] }}/files/core-dns/core-dns_configmap.yaml" + + - name: configure coredns to resolve directly from upstream + kubernetes.core.k8s: + src: "{{ ansible_search_path[0] }}/files/core-dns/core-dns_configmap.yaml" + state: present + - name: kubeadm join remaining control plain nodes when: ansible_host != hostvars[groups['k8s_control'][0]]['ansible_host'] ansible.builtin.shell: diff --git a/ansible/roles/k8s_control/templates/core-dns_configmap.yaml.j2 b/ansible/roles/k8s_control/templates/core-dns_configmap.yaml.j2 new file mode 100644 index 0000000..42da553 --- /dev/null +++ b/ansible/roles/k8s_control/templates/core-dns_configmap.yaml.j2 @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kube-dns + namespace: kube-system +data: + upstreamNameservers: | + {{ dns_servers }} \ No newline at end of file diff --git a/ansible/roles/k8s_network/tasks/main.yaml b/ansible/roles/k8s_network/tasks/main.yaml index 099687a..ddaf84b 100644 --- a/ansible/roles/k8s_network/tasks/main.yaml +++ b/ansible/roles/k8s_network/tasks/main.yaml @@ -37,10 +37,15 @@ calico_default_installation: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[0] | from_yaml }}" calico_default_apiserver: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[1] | from_yaml }}" -- name: create ipv6 settings for calico config +- name: create ip settings for calico config ansible.builtin.set_fact: - calico_ipv6: - blockSize: "{{ k8s_v6_network_blocksize }}" + calico_ip: + - blockSize: "{{ k8s_v4_network_blocksize }}" + cidr: "{{ k8s_v4_pod_cidr }}" + encapsulation: "{{ k8s_network_encapsulation }}" + natOutgoing: "{{ k8s_network_nat }}" + nodeSelector: "all()" + - blockSize: "{{ k8s_v6_network_blocksize }}" cidr: "{{ k8s_v6_pod_cidr }}" encapsulation: "{{ k8s_network_encapsulation }}" natOutgoing: "{{ k8s_network_nat }}" @@ -49,18 +54,8 @@ - name: update calico installation settings to desired values ansible.utils.update_fact: updates: - - path: calico_default_installation.spec.calicoNetwork.ipPools[0].blockSize - value: "{{ k8s_v4_network_blocksize }}" - - path: calico_default_installation.spec.calicoNetwork.ipPools[0].cidr - value: "{{ k8s_v4_pod_cidr }}" - - path: calico_default_installation.spec.calicoNetwork.ipPools[0].encapsulation - value: "{{ k8s_network_encapsulation }}" - - path: calico_default_installation.spec.calicoNetwork.ipPools[0].natOutgoing - value: "{{ k8s_network_nat }}" - - path: calico_default_installation.spec.calicoNetwork.ipPools[0].nodeSelector - value: "all()" - path: calico_default_installation.spec.calicoNetwork.ipPools - value: "{{ calico_default_installation.spec.calicoNetwork.ipPools + [ calico_ipv6 ] }}" + value: "{{ calico_ip }}" - path: calico_default_installation.spec.calicoNetwork.bgp value: "{{ k8s_network_bgp }}" - path: calico_default_installation.spec.calicoNetwork.linuxDataplane diff --git a/ansible/roles/k8s_storage_ebs_deploy/tasks/disks.yaml b/ansible/roles/k8s_storage_ebs_deploy/tasks/disks.yaml index f5f6d01..2a51c2c 100644 --- a/ansible/roles/k8s_storage_ebs_deploy/tasks/disks.yaml +++ b/ansible/roles/k8s_storage_ebs_deploy/tasks/disks.yaml @@ -2,6 +2,7 @@ - name: setup disks on storage nodes delegate_to: "{{ node }}" delegate_facts: true + become: true block: - name: ensure parted is installed