From a364a7c35939ac3cc43c509abb677e6d1dca7d07 Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Mon, 28 Nov 2022 13:29:56 +0100 Subject: [PATCH] Use interface autodetection;Skip TLS Verify --- .../roles/metacluster/tasks/registry.yml | 86 ++++++++++--------- .../workloadcluster/tasks/nodetemplates.yml | 2 +- .../ansible_payload/templates/clusterctl.j2 | 2 +- 3 files changed, 49 insertions(+), 41 deletions(-) diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml index 736e428..41790cf 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml @@ -1,43 +1,51 @@ -- name: Install harbor chart - kubernetes.core.helm: - name: harbor - chart_ref: /opt/metacluster/helm-charts/harbor - release_namespace: harbor - create_namespace: yes - wait: yes - kubeconfig: "{{ kubeconfig.path }}" - values: "{{ components.harbor.chart_values }}" +- block: -- name: Ensure harbor API availability - ansible.builtin.uri: - url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/health - method: GET - register: api_readycheck - until: - - api_readycheck.json.status is defined - - api_readycheck.json.status == 'healthy' - retries: 5 - delay: 30 + - name: Install harbor chart + kubernetes.core.helm: + name: harbor + chart_ref: /opt/metacluster/helm-charts/harbor + release_namespace: harbor + create_namespace: yes + wait: yes + kubeconfig: "{{ kubeconfig.path }}" + values: "{{ components.harbor.chart_values }}" -- name: Push images to registry - ansible.builtin.shell: - cmd: >- - skopeo copy \ - --insecure-policy \ - --dest-tls-verify=false \ - --dest-creds admin:{{ vapp['guestinfo.rootpw'] }} \ - docker-archive:./{{ item | basename }} \ - docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \ - skopeo list-tags \ + - name: Ensure harbor API availability + ansible.builtin.uri: + url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/health + method: GET + register: api_readycheck + until: + - api_readycheck.json.status is defined + - api_readycheck.json.status == 'healthy' + retries: 5 + delay: 30 + + - name: Push images to registry + ansible.builtin.shell: + cmd: >- + skopeo copy \ --insecure-policy \ - docker-archive:./{{ item | basename }} | \ - jq -r '.Tags[0]') - chdir: /opt/metacluster/container-images/ - loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}" - loop_control: - label: "{{ item | basename }}" + --dest-tls-verify=false \ + --dest-creds admin:{{ vapp['guestinfo.rootpw'] }} \ + docker-archive:./{{ item | basename }} \ + docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \ + skopeo list-tags \ + --insecure-policy \ + docker-archive:./{{ item | basename }} | \ + jq -r '.Tags[0]') + chdir: /opt/metacluster/container-images/ + loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}" + loop_control: + label: "{{ item | basename }}" -- name: Configure K3s node for private registry - ansible.builtin.template: - dest: /etc/rancher/k3s/registries.yaml - src: registries.j2 + - name: Configure K3s node for private registry + ansible.builtin.template: + dest: /etc/rancher/k3s/registries.yaml + src: registries.j2 + + module_defaults: + ansible.builtin.uri: + validate_certs: no + status_code: [200, 201] + body_format: json diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml index f1f9942..3b1129f 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml @@ -37,7 +37,7 @@ loop_control: index_var: index - - name: Add vApp properties (required for Network Protocol Profiles) + - name: Add vApp properties on deployed VM's community.vmware.vmware_guest: name: "{{ (item | basename | split('.'))[:-1] | join('.') }}" vapp_properties: diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 index b6a3af1..201a361 100644 --- a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 +++ b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 @@ -35,5 +35,5 @@ VSPHERE_SSH_AUTHORIZED_KEY: "{{ _template.cluster.publickey }}" KUBERNETES_VERSION: "{{ _template.cluster.version }}" CONTROL_PLANE_ENDPOINT_IP: "{{ _template.cluster.vip }}" -VIP_NETWORK_INTERFACE: "eth0" +VIP_NETWORK_INTERFACE: "" EXP_CLUSTER_RESOURCE_SET: "true"