Remove debugging;Sanitize hypervisor username;Traefik /data volume permission fix #2;Specify kubeconfig x3
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-01-24 16:41:18 +01:00
parent 17cf7925d6
commit dd802e0620
4 changed files with 36 additions and 18 deletions

View File

@ -1,3 +1,27 @@
- block:
- name: Generate vCenter API token
ansible.builtin.uri:
url: https://{{ vapp['hv.fqdn'] }}/api/session
method: POST
headers:
Authorization: Basic {{ ( vapp['hv.username'] ~ ':' ~ vapp['hv.password'] ) | b64encode }}
register: vcenterapi_token
- name: Retrieve vCenter API session details
ansible.builtin.uri:
url: https://{{ vapp['hv.fqdn'] }}/api/session
method: GET
headers:
vmware-api-session-id: "{{ vcenter_api_token.json }}"
register: vcenter_session
module_defaults:
ansible.builtin.uri:
validate_certs: no
status_code: [200, 201]
body_format: json
- name: Configure clusterctl
ansible.builtin.template:
src: clusterctl.j2
@ -12,7 +36,7 @@
hv:
fqdn: "{{ vapp['hv.fqdn'] }}"
tlsthumbprint: "{{ tls_thumbprint.stdout }}"
username: "{{ vapp['hv.username'] }}"
username: "{{ vcenter_session.json.user }}"
password: "{{ vapp['hv.password'] }}"
datacenter: "{{ vcenter_info.datacenter }}"
datastore: "{{ vcenter_info.datastore }}"

View File

@ -7,7 +7,8 @@
state: patched
definition: |
spec:
numberOfReplicas: {{ lookup('kubernetes.core.k8s', kind='node') | length | int }}
loop: "{{ lookup('kubernetes.core.k8s', api_version='longhorn.io/v1beta2', kind='volume', namespace='longhorn-system') }}"
numberOfReplicas: {{ lookup('kubernetes.core.k8s', kind='node', kubeconfig=(kubeconfig.path)) | length | int }}
kubeconfig: "{{ kubeconfig.path }}"
loop: "{{ lookup('kubernetes.core.k8s', api_version='longhorn.io/v1beta2', kind='volume', namespace='longhorn-system', kubeconfig=(kubeconfig.path)) }}"
loop_control:
label: "{{ item.metadata.name }}"

View File

@ -19,17 +19,18 @@ platform:
- "--certificatesResolvers.stepca.acme.storage=/data/acme.json"
- "--certificatesResolvers.stepca.acme.tlsChallenge=true"
- "--certificatesresolvers.stepca.acme.certificatesduration=24"
deployment:
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
globalArguments: []
ingressRoute:
dashboard:
enabled: false
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
persistence:
enabled: true
ports:

View File

@ -14,10 +14,6 @@ build {
vm_name = "${var.vm_name}-upgrade"
}
provisioner "shell" {
inline = ["echo ${source.name}"]
}
provisioner "ansible" {
pause_before = "2m30s"
@ -36,10 +32,6 @@ build {
]
}
provisioner "shell" {
inline = ["echo ${source.name}"]
}
post-processor "shell-local" {
inline = [
"pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",