Revert readycheck for step-ca;Revert retries;DRY;Upgrade components;Fix syntax

2023-01-05 13:48:47 +01:00
parent 85dcbb73a4
commit edc19464e2
13 changed files with 30 additions and 34 deletions
--- a/ansible/roles/firstboot/files/ansible_payload/playbook.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/playbook.yml
@ -3,6 +3,7 @@
  connection: local
  gather_facts: true
  vars_files:
+    - defaults.yml
    - metacluster.yml
  # become: true
  roles:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml
@ -7,6 +7,6 @@
  loop_control:
    label: "{{ item | basename }}"
  # Probably should add a task before that ensures K3s node is fully initialized before starting imports; currently K3s goes away briefly during this loop
-  retries: 9
-  delay: 10
+  retries: "{{ playbook.retries }}"
+  delay: "{{ playbook.delays.short }}"
  until: import_result is not failed
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml
@ -6,21 +6,11 @@
        chart_ref: /opt/metacluster/helm-charts/step-certificates
        release_namespace: step-ca
        create_namespace: yes
-        wait: no
+        # Unable to use REST api based readycheck due to missing ingress
+        wait: yes
        kubeconfig: "{{ kubeconfig.path }}"
        values: "{{ components.stepcertificates.chart_values }}"

-    - name: Ensure step-ca API availability
-      ansible.builtin.uri:
-        url: https://ca.{{ vapp['metacluster.fqdn'] }}/health
-        method: GET
-      register: api_readycheck
-      until:
-        - api_readycheck.json.status is defined
-        - api_readycheck.json.status == 'ok'
-      retries: 9
-      delay: 60
-
    - name: Retrieve configmap w/ root certificate
      kubernetes.core.k8s_info:
        kind: ConfigMap
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml
@ -18,8 +18,8 @@
      until:
        - api_readycheck.json.status is defined
        - api_readycheck.json.status == 'pass'
-      retries: 9
-      delay: 60
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.long }}"

    - name: Configure additional SSH ingress
      ansible.builtin.template:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml
@ -17,8 +17,8 @@
      register: api_readycheck
      until:
        - api_readycheck.json.Version is defined
-      retries: 9
-      delay: 60
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.long }}"

    - name: Generate argo-cd API token
      ansible.builtin.uri:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml
@ -49,8 +49,8 @@
    status_code: [200, 401]
  register: api_readycheck
  until: api_readycheck.json.apiVersion is defined
-  retries: 5
-  delay: 30
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.medium }}"

 - name: Install kubectl tab-completion
  ansible.builtin.shell:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
@ -18,8 +18,8 @@
      until:
        - api_readycheck.json.status is defined
        - api_readycheck.json.status == 'healthy'
-      retries: 9
-      delay: 60
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.long }}"

    - name: Push images to registry
      ansible.builtin.shell:
@ -39,8 +39,8 @@
      loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
      loop_control:
        label: "{{ item | basename }}"
-      retries: 5
-      delay: 10
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.short }}"
      until: push_result is not failed

    - name: Get all stored container images (=artifacts)
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml
@ -16,8 +16,8 @@
      register: api_readycheck
      until:
        - api_readycheck is not failed
-      retries: 9
-      delay: 60
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.long }}"

  module_defaults:
    ansible.builtin.uri:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@ -58,7 +58,7 @@
 - name: Store custom cluster-template
  ansible.builtin.copy:
    dest: /opt/metacluster/cluster-api/custom-cluster-template.yaml
-    content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + {{ components.clusterapi.management.version.infrastructure_vsphere }}) }}"
+    content: "{{ lookup('kubernetes.core.kustomize', dir='/opt/metacluster/cluster-api/infrastructure-vsphere/' + components.clusterapi.management.version.infrastructure_vsphere ) }}"

 - name: Initialize Cluster API management cluster
  ansible.builtin.shell:
--- a/ansible/roles/firstboot/files/ansible_payload/vars/.keep
+++ b/ansible/roles/firstboot/files/ansible_payload/vars/.keep
--- a/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml
@ -0,0 +1,6 @@
+playbook:
+  retries: 5
+  delays:
+    long: 60
+    medium: 30
+    short: 10