55 lines
1.7 KiB
YAML
55 lines
1.7 KiB
YAML
---
|
|
- include: generic-install.yml
|
|
when: not is_atomic and not ansible_distribution == "CentOS"
|
|
|
|
- include: centos.yml
|
|
when: not is_atomic and ansible_distribution == "CentOS"
|
|
|
|
- name: write the config file for the api server
|
|
template: src=apiserver.j2 dest={{ kube_config_dir }}/apiserver
|
|
notify:
|
|
- restart apiserver
|
|
|
|
- name: Ensure that a token auth file exists (addons may populate it)
|
|
file: path={{kube_config_dir }}/known_tokens.csv state=touch
|
|
changed_when: false
|
|
|
|
- name: write the config file for the controller-manager
|
|
template: src=controller-manager.j2 dest={{ kube_config_dir }}/controller-manager
|
|
notify:
|
|
- restart controller-manager
|
|
|
|
- name: write the config file for the scheduler
|
|
template: src=scheduler.j2 dest={{ kube_config_dir }}/scheduler
|
|
notify:
|
|
- restart scheduler
|
|
|
|
- name: add cap_net_bind_service to kube-apiserver
|
|
capabilities: path=/usr/bin/kube-apiserver capability=cap_net_bind_service=ep state=present
|
|
when: not is_atomic
|
|
|
|
- name: write the kubecfg (auth) file for controller-manager
|
|
template: src=controller-manager.kubeconfig.j2 dest={{ kube_config_dir }}/controller-manager.kubeconfig
|
|
notify:
|
|
- restart controller-manager
|
|
|
|
- name: write the kubecfg (auth) file for scheduler
|
|
template: src=scheduler.kubeconfig.j2 dest={{ kube_config_dir }}/scheduler.kubeconfig
|
|
notify:
|
|
- restart scheduler
|
|
|
|
- name: Enable apiserver
|
|
service: name=kube-apiserver enabled=yes state=started
|
|
|
|
- name: Enable controller-manager
|
|
service: name=kube-controller-manager enabled=yes state=started
|
|
|
|
- name: Enable scheduler
|
|
service: name=kube-scheduler enabled=yes state=started
|
|
|
|
- include: firewalld.yml
|
|
when: has_firewalld
|
|
|
|
- include: iptables.yml
|
|
when: not has_firewalld and has_iptables
|