From edc19464e298b43a2d2ade37da50f455e7f4a119 Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Thu, 5 Jan 2023 13:48:47 +0100 Subject: [PATCH] Revert readycheck for step-ca;Revert retries;DRY;Upgrade components;Fix syntax --- ansible/roles/assets/tasks/manifests.yml | 4 ++-- .../firstboot/files/ansible_payload/playbook.yml | 1 + .../roles/metacluster/tasks/assets.yml | 4 ++-- .../roles/metacluster/tasks/certauthority.yml | 14 ++------------ .../roles/metacluster/tasks/git.yml | 4 ++-- .../roles/metacluster/tasks/gitops.yml | 4 ++-- .../roles/metacluster/tasks/k3s.yml | 4 ++-- .../roles/metacluster/tasks/registry.yml | 8 ++++---- .../roles/metacluster/tasks/storage.yml | 4 ++-- .../roles/workloadcluster/tasks/clusterapi.yml | 2 +- .../firstboot/files/ansible_payload/vars/.keep | 0 .../files/ansible_payload/vars/defaults.yml | 6 ++++++ ansible/vars/metacluster.yml | 9 ++++----- 13 files changed, 30 insertions(+), 34 deletions(-) delete mode 100644 ansible/roles/firstboot/files/ansible_payload/vars/.keep create mode 100644 ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml diff --git a/ansible/roles/assets/tasks/manifests.yml b/ansible/roles/assets/tasks/manifests.yml index af0e1da..ae9c3c5 100644 --- a/ansible/roles/assets/tasks/manifests.yml +++ b/ansible/roles/assets/tasks/manifests.yml @@ -54,8 +54,8 @@ dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml loop_control: label: "{{ item.url | basename }}" - retries: 5 - delay: 5 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.short }}" until: clusterapi_manifests is not failed # - name: Inject manifests diff --git a/ansible/roles/firstboot/files/ansible_payload/playbook.yml b/ansible/roles/firstboot/files/ansible_payload/playbook.yml index b7ff5b8..629a28e 100644 --- a/ansible/roles/firstboot/files/ansible_payload/playbook.yml +++ b/ansible/roles/firstboot/files/ansible_payload/playbook.yml @@ -3,6 +3,7 @@ connection: local gather_facts: true vars_files: + - defaults.yml - metacluster.yml # become: true roles: diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml index d8a2598..35f4b91 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml @@ -7,6 +7,6 @@ loop_control: label: "{{ item | basename }}" # Probably should add a task before that ensures K3s node is fully initialized before starting imports; currently K3s goes away briefly during this loop - retries: 9 - delay: 10 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.short }}" until: import_result is not failed diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml index 1ae8c2c..e634eec 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml @@ -6,21 +6,11 @@ chart_ref: /opt/metacluster/helm-charts/step-certificates release_namespace: step-ca create_namespace: yes - wait: no + # Unable to use REST api based readycheck due to missing ingress + wait: yes kubeconfig: "{{ kubeconfig.path }}" values: "{{ components.stepcertificates.chart_values }}" - - name: Ensure step-ca API availability - ansible.builtin.uri: - url: https://ca.{{ vapp['metacluster.fqdn'] }}/health - method: GET - register: api_readycheck - until: - - api_readycheck.json.status is defined - - api_readycheck.json.status == 'ok' - retries: 9 - delay: 60 - - name: Retrieve configmap w/ root certificate kubernetes.core.k8s_info: kind: ConfigMap diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml index 09d1299..4294ed5 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml @@ -18,8 +18,8 @@ until: - api_readycheck.json.status is defined - api_readycheck.json.status == 'pass' - retries: 9 - delay: 60 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.long }}" - name: Configure additional SSH ingress ansible.builtin.template: diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml index 8707d7d..2214b9b 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml @@ -17,8 +17,8 @@ register: api_readycheck until: - api_readycheck.json.Version is defined - retries: 9 - delay: 60 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.long }}" - name: Generate argo-cd API token ansible.builtin.uri: diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml index 69bd55c..379bd12 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml @@ -49,8 +49,8 @@ status_code: [200, 401] register: api_readycheck until: api_readycheck.json.apiVersion is defined - retries: 5 - delay: 30 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.medium }}" - name: Install kubectl tab-completion ansible.builtin.shell: diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml index 8bc51ae..58cad16 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml @@ -18,8 +18,8 @@ until: - api_readycheck.json.status is defined - api_readycheck.json.status == 'healthy' - retries: 9 - delay: 60 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.long }}" - name: Push images to registry ansible.builtin.shell: @@ -39,8 +39,8 @@ loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}" loop_control: label: "{{ item | basename }}" - retries: 5 - delay: 10 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.short }}" until: push_result is not failed - name: Get all stored container images (=artifacts) diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml index 12197e9..cf818f6 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml @@ -16,8 +16,8 @@ register: api_readycheck until: - api_readycheck is not failed - retries: 9 - delay: 60 + retries: "{{ playbook.retries }}" + delay: "{{ playbook.delays.long }}" module_defaults: ansible.builtin.uri: diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml index e200c5a..3dfe612 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml @@ -58,7 +58,7 @@ - name: Store custom cluster-template ansible.builtin.copy: dest: /opt/metacluster/cluster-api/custom-cluster-template.yaml - content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + {{ components.clusterapi.management.version.infrastructure_vsphere }}) }}" + content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + components.clusterapi.management.version.infrastructure_vsphere ) }}" - name: Initialize Cluster API management cluster ansible.builtin.shell: diff --git a/ansible/roles/firstboot/files/ansible_payload/vars/.keep b/ansible/roles/firstboot/files/ansible_payload/vars/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml b/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml new file mode 100644 index 0000000..6a7457b --- /dev/null +++ b/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml @@ -0,0 +1,6 @@ +playbook: + retries: 5 + delays: + long: 60 + medium: 30 + short: 10 diff --git a/ansible/vars/metacluster.yml b/ansible/vars/metacluster.yml index 5df821b..3150f97 100644 --- a/ansible/vars/metacluster.yml +++ b/ansible/vars/metacluster.yml @@ -1,9 +1,7 @@ platform: k3s: - # version: v1.26.0+k3s1 - # max supported version by Longhorn is