dsk-dev kubespray 이동

ansible/kubespray/roles/network_plugin/kube-router/tasks/annotate.yml

@@ -0,0 +1,21 @@
+---
+- name: kube-router | Add annotations on kube_control_plane
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  with_items:
+  - "{{ kube_router_annotations_master }}"
+  delegate_to: "{{ groups['kube_control_plane'][0] }}"
+  when: kube_router_annotations_master is defined and inventory_hostname in groups['kube_control_plane']
+
+- name: kube-router | Add annotations on kube_node
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  with_items:
+  - "{{ kube_router_annotations_node }}"
+  delegate_to: "{{ groups['kube_control_plane'][0] }}"
+  when: kube_router_annotations_node is defined and inventory_hostname in groups['kube_node']
+
+- name: kube-router | Add common annotations on all servers
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  with_items:
+  - "{{ kube_router_annotations_all }}"
+  delegate_to: "{{ groups['kube_control_plane'][0] }}"
+  when: kube_router_annotations_all is defined and inventory_hostname in groups['k8s_cluster']

ansible/kubespray/roles/network_plugin/kube-router/tasks/main.yml

@@ -0,0 +1,62 @@
+---
+- name: kube-router | Create annotations
+  include: annotate.yml
+  tags: annotate
+
+- name: kube-router | Create config directory
+  file:
+    path: /var/lib/kube-router
+    state: directory
+    owner: "{{ kube_owner }}"
+    recurse: true
+    mode: 0755
+
+- name: kube-router | Create kubeconfig
+  template:
+    src: kubeconfig.yml.j2
+    dest: /var/lib/kube-router/kubeconfig
+    mode: 0644
+    owner: "{{ kube_owner }}"
+  notify:
+    - reset_kube_router
+
+- name: kube-router | Slurp cni config
+  slurp:
+    src: /etc/cni/net.d/10-kuberouter.conflist
+  register: cni_config_slurp
+  ignore_errors: true  # noqa ignore-errors
+
+- name: kube-router | Set cni_config variable
+  set_fact:
+    cni_config: "{{ cni_config_slurp.content | b64decode | from_json }}"
+  when:
+    - not cni_config_slurp.failed
+
+- name: kube-router | Set host_subnet variable
+  set_fact:
+    host_subnet: "{{ cni_config | json_query('plugins[?bridge==`kube-bridge`].ipam.subnet') | first }}"
+  when:
+    - cni_config is defined
+    - cni_config | json_query('plugins[?bridge==`kube-bridge`].ipam.subnet') | length > 0
+
+- name: kube-router | Create cni config
+  template:
+    src: cni-conf.json.j2
+    dest: /etc/cni/net.d/10-kuberouter.conflist
+    mode: 0644
+    owner: "{{ kube_owner }}"
+  notify:
+    - reset_kube_router
+
+- name: kube-router | Delete old configuration
+  file:
+    path: /etc/cni/net.d/10-kuberouter.conf
+    state: absent
+
+- name: kube-router | Create manifest
+  template:
+    src: kube-router.yml.j2
+    dest: "{{ kube_config_dir }}/kube-router.yml"
+    mode: 0644
+  delegate_to: "{{ groups['kube_control_plane'] | first }}"
+  run_once: true

ansible/kubespray/roles/network_plugin/kube-router/tasks/reset.yml

@@ -0,0 +1,28 @@
+---
+- name: reset | check kube-dummy-if network device
+  stat:
+    path: /sys/class/net/kube-dummy-if
+    get_attributes: no
+    get_checksum: no
+    get_mime: no
+  register: kube_dummy_if
+
+- name: reset | remove the network device created by kube-router
+  command: ip link del kube-dummy-if
+  when: kube_dummy_if.stat.exists
+
+- name: check kube-bridge exists
+  stat:
+    path: /sys/class/net/kube-bridge
+    get_attributes: no
+    get_checksum: no
+    get_mime: no
+  register: kube_bridge_if
+
+- name: reset | donw the network bridge create by kube-router
+  command: ip link set kube-bridge down
+  when: kube_bridge_if.stat.exists
+
+- name: reset | remove the network bridge create by kube-router
+  command: ip link del kube-bridge
+  when: kube_bridge_if.stat.exists