Move files between payload folders;Define upgrade vapp properties;Join metacluster

2023-01-20 13:23:34 +01:00
parent 1428fe73f7
commit 43d83e8e31
11 changed files with 110 additions and 56 deletions
--- a/ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/main.yml
@ -1,13 +1 @@
- block:
-
-    - name: Check for vCenter connectivity
-      community.vmware.vmware_vcenter_settings_info:
-        schema: vsphere
-      register: vcenter_info
-
-  module_defaults:
-    group/vmware:
-      hostname: "{{ vapp['hv.fqdn'] }}"
-      validate_certs: no
-      username: "{{ vapp['hv.username'] }}"
-      password: "{{ vapp['hv.password'] }}"
+- import_tasks: vcenter.yml
--- a/ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/vcenter.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/vcenter.yml
@ -0,0 +1,13 @@
+- block:
+
+    - name: Check for vCenter connectivity
+      community.vmware.vmware_vcenter_settings_info:
+        schema: vsphere
+      register: vcenter_info
+
+  module_defaults:
+    group/vmware:
+      hostname: "{{ vapp['hv.fqdn'] }}"
+      validate_certs: no
+      username: "{{ vapp['hv.username'] }}"
+      password: "{{ vapp['hv.password'] }}"
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/compresstarballs.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/compresstarballs.j2
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/systemdunit.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/systemdunit.j2
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/tty.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/tty.j2
--- a/ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml
@ -12,7 +12,7 @@
    - preflight
    - users
    - disks
-    # - metacluster
+    - metacluster
    # - workloadcluster
    - tty
    - cleanup
--- a/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/k3s.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/k3s.yml
@ -0,0 +1,63 @@
+- name: Store custom configuration files
+  ansible.builtin.copy:
+    dest: "{{ item.filename }}"
+    content: "{{ item.content }}"
+  loop:
+    - filename: /etc/rancher/k3s/config.yaml
+      content: |
+        kubelet-arg:
+          - "config=/etc/rancher/k3s/kubelet.config"
+    - filename: /etc/rancher/k3s/kubelet.config
+      content: |
+        apiVersion: kubelet.config.k8s.io/v1beta1
+        kind: KubeletConfiguration
+
+        shutdownGracePeriod: 180s
+        shtudownGracePeriodCriticalPods: 60s
+  loop_control:
+    label: "{{ item.filename }}"
+
+- name: Gather service facts
+  ansible.builtin.service_facts:
+    # Module requires no attributes
+
+- name: Install K3s
+  ansible.builtin.command:
+    cmd: ./install.sh
+    chdir: /opt/metacluster/k3s
+  environment:
+    INSTALL_K3S_SKIP_DOWNLOAD: 'true'
+    INSTALL_K3S_EXEC: "server --token {{ vapp['metacluster.token'] }} --server https://{{ vapp['metacluster.fqdn'] }}:6443 --disable local-storage --config /etc/rancher/k3s/config.yaml"
+  when: ansible_facts.services['k3s.service'] is undefined
+
+- name: Ensure API availability
+  ansible.builtin.uri:
+    url: https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose
+    method: GET
+    validate_certs: no
+    status_code: [200, 401]
+  register: api_readycheck
+  until: api_readycheck.json.apiVersion is defined
+  retries: "{{ playbook.retries }}"
+  delay: "{{ playbook.delays.medium }}"
+
+- name: Install kubectl tab-completion
+  ansible.builtin.shell:
+    cmd: kubectl completion bash | tee /etc/bash_completion.d/kubectl
+
+- name: Initialize tempfile
+  ansible.builtin.tempfile:
+    state: file
+  register: kubeconfig
+
+- name: Retrieve kubeconfig
+  ansible.builtin.command:
+    cmd: kubectl config view --raw
+  register: kubectl_config
+
+- name: Store kubeconfig in tempfile
+  ansible.builtin.copy:
+    dest: "{{ kubeconfig.path }}"
+    content: "{{ kubectl_config.stdout }}"
+    mode: 0600
+  no_log: true
--- a/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/main.yml
@ -0,0 +1,9 @@
+# - import_tasks: init.yml
+- import_tasks: k3s.yml
+# - import_tasks: assets.yml
+# - import_tasks: ingress.yml
+# - import_tasks: storage.yml
+# - import_tasks: certauthority.yml
+# - import_tasks: registry.yml
+# - import_tasks: git.yml
+# - import_tasks: gitops.yml
--- a/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/main.yml
@ -0,0 +1,2 @@
+- import_tasks: vcenter.yml
+- import_tasks: metacluster.yml
--- a/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/metacluster.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/metacluster.yml
@ -0,0 +1,6 @@
+- name: Check for metacluster connectivity
+  ansible.builtin.uri:
+    url: https://{{ vapp['metacluster.fqdn'] }}:6443/livez?verbose
+    method: GET
+    validate_certs: no
+    status_code: [200, 401]