github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c66bafaa188b22bcfbce75056541cc2cafda8a64
kubernetes/contrib/ansible/roles/master/tasks/main.yml
Eric Paris c66bafaa18 Generate a kubeconfig for kubectl which can be taken off the masterA 
/etc/kubernetes/kuectl.kubeconfig
2015-07-01 13:19:06 -04:00

74 lines
2.4 KiB
YAML
Raw Blame History

---
- include: generic-install.yml
when: not is_atomic and not ansible_distribution == "CentOS"
- include: centos.yml
when: not is_atomic and ansible_distribution == "CentOS"
- name: write the config file for the api server
template: src=apiserver.j2 dest={{ kube_config_dir }}/apiserver
notify:
- restart apiserver
- name: Ensure that a token auth file exists (addons may populate it)
file: path={{ kube_token_dir }}/known_tokens.csv state=touch
changed_when: false
- name: add cap_net_bind_service to kube-apiserver
capabilities: path=/usr/bin/kube-apiserver capability=cap_net_bind_service=ep state=present
when: not is_atomic
- name: Enable apiserver
service: name=kube-apiserver enabled=yes state=started
- name: Get the node token values
slurp:
src: "{{ kube_token_dir }}/{{ item }}-{{ inventory_hostname }}.token"
with_items:
- "system:controller_manager"
- "system:scheduler"
- "system:kubectl"
register: tokens
delegate_to: "{{ groups['masters'][0] }}"
- name: Set token facts
set_fact:
controller_manager_token: "{{ tokens.results[0].content|b64decode }}"
scheduler_token: "{{ tokens.results[1].content|b64decode }}"
kubectl_token: "{{ tokens.results[2].content|b64decode }}"
- name: write the config file for the controller-manager
template: src=controller-manager.j2 dest={{ kube_config_dir }}/controller-manager
notify:
- restart controller-manager
- name: write the kubecfg (auth) file for controller-manager
template: src=controller-manager.kubeconfig.j2 dest={{ kube_config_dir }}/controller-manager.kubeconfig
notify:
- restart controller-manager
- name: Enable controller-manager
service: name=kube-controller-manager enabled=yes state=started
- name: write the config file for the scheduler
template: src=scheduler.j2 dest={{ kube_config_dir }}/scheduler
notify:
- restart scheduler
- name: write the kubecfg (auth) file for scheduler
template: src=scheduler.kubeconfig.j2 dest={{ kube_config_dir }}/scheduler.kubeconfig
notify:
- restart scheduler
- name: Enable scheduler
service: name=kube-scheduler enabled=yes state=started
- name: write the kubecfg (auth) file for kubectl
template: src=kubectl.kubeconfig.j2 dest={{ kube_config_dir }}/kubectl.kubeconfig
- include: firewalld.yml
when: has_firewalld
- include: iptables.yml
when: not has_firewalld and has_iptables
Reference in New Issue View Git Blame Copy Permalink