Verify valid settings before deploy (#1705)

Also fix yaml lint issues

Fixes #1703

inventory/group_vars/all.yml

@@ -116,6 +116,9 @@ bin_dir: /usr/local/bin
 ## Please specify true if you want to perform a kernel upgrade
 kernel_upgrade: false
 
+# Set to true to allow pre-checks to fail and continue deployment
+#ignore_assert_errors: false
+
 ## Etcd auto compaction retention for mvcc key value store in hour
 #etcd_compaction_retention: 0
 

roles/kubernetes/node/tasks/facts.yml

@@ -1,3 +1,4 @@
+---
 - name: look up docker cgroup driver
   shell: "docker info | grep 'Cgroup Driver' | awk -F': ' '{ print $2; }'"
   register: docker_cgroup_driver_result

roles/kubernetes/preinstall/defaults/main.yml

@@ -1,6 +1,9 @@
 ---
 run_gitinfos: false
 
+# Set to true to allow pre-checks to fail and continue deployment
+ignore_assert_errors: false
+
 epel_rpm_download_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
 
 common_required_pkgs:

roles/kubernetes/preinstall/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
-- include: pre-upgrade.yml
+- include: verify-settings.yml
-  tags: [upgrade, bootstrap-os]
+  tags: asserts
 
 - name: Force binaries directory for Container Linux by CoreOS
   set_fact:

roles/kubernetes/preinstall/tasks/pre-upgrade.yml

@@ -1,6 +0,0 @@
----
-- name: Stop if non systemd OS type
-  assert:
-    that: ansible_service_mgr == "systemd"
-  tags:
-    - asserts

roles/kubernetes/preinstall/tasks/verify-settings.yml

@@ -0,0 +1,71 @@
+---
+- name: Stop if ansible version is too low
+  assert:
+    that:
+      - ansible_version.full|version_compare('2.3.0.0', '>=')
+  run_once: yes
+
+- name: Stop if non systemd OS type
+  assert:
+    that: ansible_service_mgr == "systemd"
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: Stop if unknown OS
+  assert:
+    that: ansible_distribution in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'CoreOS', 'Container Linux by CoreOS']
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: Stop if unknown network plugin
+  assert:
+    that: network_plugin in ['calico', 'canal', 'flannel', 'weave', 'cloud']
+  when: network_plugin is defined
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: Stop if incompatible network plugin and cloudprovider
+  assert:
+    that: network_plugin != calico
+  when: cloud_provider is defined and cloud_provider == 'azure'
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: "Stop if known booleans are set as strings (Use JSON format on CLI: -e \"{'key': true }\")"
+  assert:
+    that: item|type_debug == 'bool'
+  run_once: yes
+  with_items:
+    - kubeadm_enabled
+    - download_run_once
+    - deploy_netchecker
+    - download_always_pull
+    - efk_enabled
+    - helm_enabled
+    - openstack_lbaas_Enabled
+    - rbac_enabled
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: Stop if even number of etcd hosts
+  assert:
+    that: groups.etcd|length is not divisibleby 2
+  ignore_errors: "{{ ignore_assert_errors }}"
+
+- name: Stop if memory is too small for masters
+  assert:
+    that: ansible_memtotal_mb >= 1500
+  ignore_errors: "{{ ignore_assert_errors }}"
+  when: inventory_hostname in groups['kube-master']
+
+- name: Stop if memory is too small for nodes
+  assert:
+    that: ansible_memtotal_mb >= 1024
+  ignore_errors: "{{ ignore_assert_errors }}"
+  when: inventory_hostname in groups['kube-node']
+
+- name: Stop if ip var does not match local ips
+  assert:
+    that: ip in ansible_all_ipv4_addresses
+  ignore_errors: "{{ ignore_assert_errors }}"
+  when: ip is defined
+
+- name: Stop if access_ip is not pingable
+  command: ping -c1 {{ access_ip }}
+  when: access_ip is defined
+  ignore_errors: "{{ ignore_assert_errors }}"

roles/kubespray-defaults/defaults/main.yaml

@@ -10,6 +10,9 @@ is_atomic: false
 ## Change this to use another Kubernetes version, e.g. a current beta release
 kube_version: v1.6.7
 
+# Set to true to allow pre-checks to fail and continue deployment
+ignore_assert_errors: false
+
 # Directory where the binaries will be installed
 bin_dir: /usr/local/bin
 docker_bin_dir: /usr/bin