update

2023-05-30 14:44:26 +09:00
parent 9a3174deef
commit 4c32a7239d
2598 changed files with 164595 additions and 487 deletions
--- a/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/fallback_ips.yml
+++ b/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/fallback_ips.yml
@@ -0,0 +1,31 @@
+---
+# Set 127.0.0.1 as fallback IP if we do not have host facts for host
+# ansible_default_ipv4 isn't what you think.
+# Thanks https://medium.com/opsops/ansible-default-ipv4-is-not-what-you-think-edb8ab154b10
+
+- name: Gather ansible_default_ipv4 from all hosts
+  tags: always
+  include_tasks: fallback_ips_gather.yml
+  when: hostvars[delegate_host_to_gather_facts].ansible_default_ipv4 is not defined
+  loop: "{{ groups['k8s_cluster']|default([]) + groups['etcd']|default([]) + groups['calico_rr']|default([]) }}"
+  loop_control:
+    loop_var: delegate_host_to_gather_facts
+  run_once: yes
+
+- name: create fallback_ips_base
+  set_fact:
+    fallback_ips_base: |
+      ---
+      {% for item in (groups['k8s_cluster']|default([]) + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique %}
+      {% set found = hostvars[item].get('ansible_default_ipv4') %}
+      {{ item }}: "{{ found.get('address', '127.0.0.1') }}"
+      {% endfor %}
+  delegate_to: localhost
+  connection: local
+  delegate_facts: yes
+  become: no
+  run_once: yes
+
+- name: set fallback_ips
+  set_fact:
+    fallback_ips: "{{ hostvars.localhost.fallback_ips_base | from_yaml }}"
--- a/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/fallback_ips_gather.yml
+++ b/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/fallback_ips_gather.yml
@@ -0,0 +1,11 @@
+---
+# include to workaround mitogen issue
+# https://github.com/dw/mitogen/issues/663
+
+- name: "Gather ansible_default_ipv4 from {{ delegate_host_to_gather_facts }}"
+  setup:
+    gather_subset: '!all,network'
+    filter: "ansible_default_ipv4"
+  delegate_to: "{{ delegate_host_to_gather_facts }}"
+  connection: "{{ (delegate_host_to_gather_facts == 'localhost') | ternary('local', omit) }}"
+  delegate_facts: yes
--- a/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/main.yaml
+++ b/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/main.yaml
@@ -0,0 +1,33 @@
+---
+- name: Configure defaults
+  debug:
+    msg: "Check roles/kubespray-defaults/defaults/main.yml"
+  tags:
+    - always
+
+# do not run gather facts when bootstrap-os in roles
+- name: set fallback_ips
+  import_tasks: fallback_ips.yml
+  when:
+    - "'bootstrap-os' not in ansible_play_role_names"
+    - fallback_ips is not defined
+  tags:
+    - always
+
+- name: set no_proxy
+  import_tasks: no_proxy.yml
+  when:
+    - "'bootstrap-os' not in ansible_play_role_names"
+    - http_proxy is defined or https_proxy is defined
+    - no_proxy is not defined
+  tags:
+    - always
+
+# TODO: Clean this task up when we drop backward compatibility support for `etcd_kubeadm_enabled`
+- name: Set `etcd_deployment_type` to "kubeadm" if `etcd_kubeadm_enabled` is true
+  set_fact:
+    etcd_deployment_type: kubeadm
+  when:
+    - etcd_kubeadm_enabled is defined and etcd_kubeadm_enabled
+  tags:
+    - always
--- a/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/no_proxy.yml
+++ b/kubespray/extra_playbooks/roles/kubespray-defaults/tasks/no_proxy.yml
@@ -0,0 +1,38 @@
+---
+- name: Set no_proxy to all assigned cluster IPs and hostnames
+  set_fact:
+    no_proxy_prepare: >-
+      {%- if loadbalancer_apiserver is defined -%}
+      {{ apiserver_loadbalancer_domain_name| default('') }},
+      {{ loadbalancer_apiserver.address | default('') }},
+      {%- endif -%}
+      {%- if no_proxy_exclude_workers | default(false) -%}
+      {% set cluster_or_master = 'kube_control_plane' %}
+      {%- else -%}
+      {% set cluster_or_master = 'k8s_cluster' %}
+      {%- endif -%}
+      {%- for item in (groups[cluster_or_master] + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique -%}
+      {{ hostvars[item]['access_ip'] | default(hostvars[item]['ip'] | default(fallback_ips[item])) }},
+      {%-   if item != hostvars[item].get('ansible_hostname', '') -%}
+      {{ hostvars[item]['ansible_hostname'] }},
+      {{ hostvars[item]['ansible_hostname'] }}.{{ dns_domain }},
+      {%-   endif -%}
+      {{ item }},{{ item }}.{{ dns_domain }},
+      {%- endfor -%}
+      {%- if additional_no_proxy is defined -%}
+      {{ additional_no_proxy }},
+      {%- endif -%}
+      127.0.0.1,localhost,{{ kube_service_addresses }},{{ kube_pods_subnet }},svc,svc.{{ dns_domain }}
+  delegate_to: localhost
+  connection: local
+  delegate_facts: yes
+  become: no
+  run_once: yes
+
+- name: Populates no_proxy to all hosts
+  set_fact:
+    no_proxy: "{{ hostvars.localhost.no_proxy_prepare }}"
+    proxy_env: "{{ proxy_env | combine({
+      'no_proxy': hostvars.localhost.no_proxy_prepare,
+      'NO_PROXY': hostvars.localhost.no_proxy_prepare
+    }) }}"