kubespray 2.24 추가

2024-02-16 17:08:09 +09:00
parent 1fa9b0df4b
commit f69d904725
1423 changed files with 89069 additions and 2 deletions
--- a/roles/adduser/defaults/main.yml
+++ b/roles/adduser/defaults/main.yml
@@ -0,0 +1,27 @@
+---
+kube_owner: kube
+kube_cert_group: kube-cert
+etcd_data_dir: "/var/lib/etcd"
+
+addusers:
+  etcd:
+    name: etcd
+    comment: "Etcd user"
+    create_home: no
+    system: yes
+    shell: /sbin/nologin
+  kube:
+    name: kube
+    comment: "Kubernetes user"
+    create_home: no
+    system: yes
+    shell: /sbin/nologin
+    group: "{{ kube_cert_group }}"
+
+adduser:
+  name: "{{ user.name }}"
+  group: "{{ user.name | default(None) }}"
+  comment: "{{ user.comment | default(None) }}"
+  shell: "{{ user.shell | default(None) }}"
+  system: "{{ user.system | default(None) }}"
+  create_home: "{{ user.create_home | default(None) }}"
--- a/roles/adduser/molecule/default/converge.yml
+++ b/roles/adduser/molecule/default/converge.yml
@@ -0,0 +1,10 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+  gather_facts: false
+  roles:
+    - role: adduser
+  vars:
+    user:
+      name: foo
--- a/roles/adduser/molecule/default/molecule.yml
+++ b/roles/adduser/molecule/default/molecule.yml
@@ -0,0 +1,23 @@
+---
+role_name_check: 1
+dependency:
+  name: galaxy
+driver:
+  name: vagrant
+  provider:
+    name: libvirt
+platforms:
+  - name: adduser-01
+    box: generic/ubuntu2004
+    cpus: 1
+    memory: 512
+    provider_options:
+      driver: kvm
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      callbacks_enabled: profile_tasks
+      timeout: 120
+verifier:
+  name: testinfra
--- a/roles/adduser/tasks/main.yml
+++ b/roles/adduser/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+- name: User | Create User Group
+  group:
+    name: "{{ user.group | default(user.name) }}"
+    system: "{{ user.system | default(omit) }}"
+
+- name: User | Create User
+  user:
+    comment: "{{ user.comment | default(omit) }}"
+    create_home: "{{ user.create_home | default(omit) }}"
+    group: "{{ user.group | default(user.name) }}"
+    home: "{{ user.home | default(omit) }}"
+    shell: "{{ user.shell | default(omit) }}"
+    name: "{{ user.name }}"
+    system: "{{ user.system | default(omit) }}"
+  when: user.name != "root"
--- a/roles/adduser/vars/coreos.yml
+++ b/roles/adduser/vars/coreos.yml
@@ -0,0 +1,8 @@
+---
+addusers:
+  - name: kube
+    comment: "Kubernetes user"
+    shell: /sbin/nologin
+    system: yes
+    group: "{{ kube_cert_group }}"
+    create_home: no
--- a/roles/adduser/vars/debian.yml
+++ b/roles/adduser/vars/debian.yml
@@ -0,0 +1,15 @@
+---
+addusers:
+  - name: etcd
+    comment: "Etcd user"
+    create_home: yes
+    home: "{{ etcd_data_dir }}"
+    system: yes
+    shell: /sbin/nologin
+
+  - name: kube
+    comment: "Kubernetes user"
+    create_home: no
+    system: yes
+    shell: /sbin/nologin
+    group: "{{ kube_cert_group }}"
--- a/roles/adduser/vars/redhat.yml
+++ b/roles/adduser/vars/redhat.yml
@@ -0,0 +1,15 @@
+---
+addusers:
+  - name: etcd
+    comment: "Etcd user"
+    create_home: yes
+    home: "{{ etcd_data_dir }}"
+    system: yes
+    shell: /sbin/nologin
+
+  - name: kube
+    comment: "Kubernetes user"
+    create_home: no
+    system: yes
+    shell: /sbin/nologin
+    group: "{{ kube_cert_group }}"