Remove debugging;Sanitize hypervisor username;Traefik /data volume permission fix #2;Specify kubeconfig x3
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-01-24 16:41:18 +01:00
parent 17cf7925d6
commit dd802e0620
4 changed files with 36 additions and 18 deletions

View File

@ -1,3 +1,27 @@
- block:
- name: Generate vCenter API token
ansible.builtin.uri:
url: https://{{ vapp['hv.fqdn'] }}/api/session
method: POST
headers:
Authorization: Basic {{ ( vapp['hv.username'] ~ ':' ~ vapp['hv.password'] ) | b64encode }}
register: vcenterapi_token
- name: Retrieve vCenter API session details
ansible.builtin.uri:
url: https://{{ vapp['hv.fqdn'] }}/api/session
method: GET
headers:
vmware-api-session-id: "{{ vcenter_api_token.json }}"
register: vcenter_session
module_defaults:
ansible.builtin.uri:
validate_certs: no
status_code: [200, 201]
body_format: json
- name: Configure clusterctl - name: Configure clusterctl
ansible.builtin.template: ansible.builtin.template:
src: clusterctl.j2 src: clusterctl.j2
@ -12,7 +36,7 @@
hv: hv:
fqdn: "{{ vapp['hv.fqdn'] }}" fqdn: "{{ vapp['hv.fqdn'] }}"
tlsthumbprint: "{{ tls_thumbprint.stdout }}" tlsthumbprint: "{{ tls_thumbprint.stdout }}"
username: "{{ vapp['hv.username'] }}" username: "{{ vcenter_session.json.user }}"
password: "{{ vapp['hv.password'] }}" password: "{{ vapp['hv.password'] }}"
datacenter: "{{ vcenter_info.datacenter }}" datacenter: "{{ vcenter_info.datacenter }}"
datastore: "{{ vcenter_info.datastore }}" datastore: "{{ vcenter_info.datastore }}"

View File

@ -7,7 +7,8 @@
state: patched state: patched
definition: | definition: |
spec: spec:
numberOfReplicas: {{ lookup('kubernetes.core.k8s', kind='node') | length | int }} numberOfReplicas: {{ lookup('kubernetes.core.k8s', kind='node', kubeconfig=(kubeconfig.path)) | length | int }}
loop: "{{ lookup('kubernetes.core.k8s', api_version='longhorn.io/v1beta2', kind='volume', namespace='longhorn-system') }}" kubeconfig: "{{ kubeconfig.path }}"
loop: "{{ lookup('kubernetes.core.k8s', api_version='longhorn.io/v1beta2', kind='volume', namespace='longhorn-system', kubeconfig=(kubeconfig.path)) }}"
loop_control: loop_control:
label: "{{ item.metadata.name }}" label: "{{ item.metadata.name }}"

View File

@ -19,17 +19,18 @@ platform:
- "--certificatesResolvers.stepca.acme.storage=/data/acme.json" - "--certificatesResolvers.stepca.acme.storage=/data/acme.json"
- "--certificatesResolvers.stepca.acme.tlsChallenge=true" - "--certificatesResolvers.stepca.acme.tlsChallenge=true"
- "--certificatesresolvers.stepca.acme.certificatesduration=24" - "--certificatesresolvers.stepca.acme.certificatesduration=24"
deployment:
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
globalArguments: [] globalArguments: []
ingressRoute: ingressRoute:
dashboard: dashboard:
enabled: false enabled: false
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
persistence: persistence:
enabled: true enabled: true
ports: ports:

View File

@ -14,10 +14,6 @@ build {
vm_name = "${var.vm_name}-upgrade" vm_name = "${var.vm_name}-upgrade"
} }
provisioner "shell" {
inline = ["echo ${source.name}"]
}
provisioner "ansible" { provisioner "ansible" {
pause_before = "2m30s" pause_before = "2m30s"
@ -36,10 +32,6 @@ build {
] ]
} }
provisioner "shell" {
inline = ["echo ${source.name}"]
}
post-processor "shell-local" { post-processor "shell-local" {
inline = [ inline = [
"pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\", "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",