djpbessems/Packer.Images
djpbessems/Packer.Images
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert readycheck for step-ca;Revert retries;DRY;Upgrade components;Fix syntax
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Danny Bessems 2023-01-05 13:48:47 +01:00
parent 85dcbb73a4
commit edc19464e2
13 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/roles/assets/tasks/manifests.yml
View File

@ -54,8 +54,8 @@
dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
loop_control:
label: "{{ item.url | basename }}"
retries: 5
delay: 5
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.short }}"
until: clusterapi_manifests is not failed
# - name: Inject manifests

1
ansible/roles/firstboot/files/ansible_payload/playbook.yml
View File

@ -3,6 +3,7 @@
connection: local
gather_facts: true
vars_files:
- defaults.yml
- metacluster.yml
# become: true
roles:

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml
View File

@ -7,6 +7,6 @@
loop_control:
label: "{{ item | basename }}"
# Probably should add a task before that ensures K3s node is fully initialized before starting imports; currently K3s goes away briefly during this loop
retries: 9
delay: 10
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.short }}"
until: import_result is not failed

14
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml
View File

@ -6,21 +6,11 @@
chart_ref: /opt/metacluster/helm-charts/step-certificates
release_namespace: step-ca
create_namespace: yes
wait: no
# Unable to use REST api based readycheck due to missing ingress
wait: yes
kubeconfig: "{{ kubeconfig.path }}"
values: "{{ components.stepcertificates.chart_values }}"
- name: Ensure step-ca API availability
ansible.builtin.uri:
url: https://ca.{{ vapp['metacluster.fqdn'] }}/health
method: GET
register: api_readycheck
until:
- api_readycheck.json.status is defined
- api_readycheck.json.status == 'ok'
retries: 9
delay: 60
- name: Retrieve configmap w/ root certificate
kubernetes.core.k8s_info:
kind: ConfigMap

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml
View File

@ -18,8 +18,8 @@
until:
- api_readycheck.json.status is defined
- api_readycheck.json.status == 'pass'
retries: 9
delay: 60
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.long }}"
- name: Configure additional SSH ingress
ansible.builtin.template:

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml
View File

@ -17,8 +17,8 @@
register: api_readycheck
until:
- api_readycheck.json.Version is defined
retries: 9
delay: 60
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.long }}"
- name: Generate argo-cd API token
ansible.builtin.uri:

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml
View File

@ -49,8 +49,8 @@
status_code: [200, 401]
register: api_readycheck
until: api_readycheck.json.apiVersion is defined
retries: 5
delay: 30
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.medium }}"
- name: Install kubectl tab-completion
ansible.builtin.shell:

8
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
View File

@ -18,8 +18,8 @@
until:
- api_readycheck.json.status is defined
- api_readycheck.json.status == 'healthy'
retries: 9
delay: 60
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.long }}"
- name: Push images to registry
ansible.builtin.shell:
@ -39,8 +39,8 @@
loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
loop_control:
label: "{{ item | basename }}"
retries: 5
delay: 10
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.short }}"
until: push_result is not failed
- name: Get all stored container images (=artifacts)

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml
View File

@ -16,8 +16,8 @@
register: api_readycheck
until:
- api_readycheck is not failed
retries: 9
delay: 60
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.long }}"
module_defaults:
ansible.builtin.uri:

2
ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
View File

@ -58,7 +58,7 @@
- name: Store custom cluster-template
ansible.builtin.copy:
dest: /opt/metacluster/cluster-api/custom-cluster-template.yaml
content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + {{ components.clusterapi.management.version.infrastructure_vsphere }}) }}"
content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + components.clusterapi.management.version.infrastructure_vsphere ) }}"
- name: Initialize Cluster API management cluster
ansible.builtin.shell:

0
ansible/roles/firstboot/files/ansible_payload/vars/.keep
View File

6
ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml Normal file
View File

@ -0,0 +1,6 @@
playbook:
retries: 5
delays:
long: 60
medium: 30
short: 10

9
ansible/vars/metacluster.yml
View File

@ -1,9 +1,7 @@
platform:
k3s:
# version: v1.26.0+k3s1
# max supported version by Longhorn is <v1.25.0
version: v1.24.9+k3s1
version: v1.26.0+k3s1
gitops:
repository:
@ -151,7 +149,7 @@ components:
longhorn:
helm:
version: 1.3.2
version: 1.4.0
chart: longhorn/longhorn
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
chart_values: !unsafe |
@ -167,7 +165,8 @@ components:
step-certificates:
helm:
version: 1.18.2+20220324
# version: 1.18.2+20220324
version: 1.23.0
chart: smallstep/step-certificates
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
chart_values: !unsafe |