From 3c12c6beb35e0f115e8eccdf0732b54614314a67 Mon Sep 17 00:00:00 2001
From: avoidik <avoidik@gmail.com>
Date: Sat, 31 Mar 2018 02:59:59 +0300
Subject: [PATCH 1/5] Move cloud config configurations to proper location

---
 .../{preinstall => node}/templates/azure-cloud-config.j2          | 0
 .../{preinstall => node}/templates/openstack-cloud-config.j2      | 0
 .../{preinstall => node}/templates/vsphere-cloud-config.j2        | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename roles/kubernetes/{preinstall => node}/templates/azure-cloud-config.j2 (100%)
 rename roles/kubernetes/{preinstall => node}/templates/openstack-cloud-config.j2 (100%)
 rename roles/kubernetes/{preinstall => node}/templates/vsphere-cloud-config.j2 (100%)

diff --git a/roles/kubernetes/preinstall/templates/azure-cloud-config.j2 b/roles/kubernetes/node/templates/azure-cloud-config.j2
similarity index 100%
rename from roles/kubernetes/preinstall/templates/azure-cloud-config.j2
rename to roles/kubernetes/node/templates/azure-cloud-config.j2
diff --git a/roles/kubernetes/preinstall/templates/openstack-cloud-config.j2 b/roles/kubernetes/node/templates/openstack-cloud-config.j2
similarity index 100%
rename from roles/kubernetes/preinstall/templates/openstack-cloud-config.j2
rename to roles/kubernetes/node/templates/openstack-cloud-config.j2
diff --git a/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2 b/roles/kubernetes/node/templates/vsphere-cloud-config.j2
similarity index 100%
rename from roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2
rename to roles/kubernetes/node/templates/vsphere-cloud-config.j2

From b6da596ec1e2b03ac326dc9f85926debb34de5bb Mon Sep 17 00:00:00 2001
From: avoidik <avoidik@gmail.com>
Date: Sat, 31 Mar 2018 03:18:23 +0300
Subject: [PATCH 2/5] Move default configuration parameters for cloud-config

---
 roles/kubernetes/node/defaults/main.yml       | 43 +++++++++++++++++++
 roles/kubernetes/preinstall/defaults/main.yml | 29 -------------
 2 files changed, 43 insertions(+), 29 deletions(-)

diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 2cbf56e1d..52ca8d59d 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -92,3 +92,46 @@ kube_cadvisor_port: 0
 
 # The read-only port for the Kubelet to serve on with no authentication/authorization.
 kube_read_only_port: 0
+
+
+# For the openstack integration kubelet will need credentials to access
+# openstack apis like nova and cinder. Per default this values will be
+# read from the environment.
+openstack_auth_url: "{{ lookup('env','OS_AUTH_URL')  }}"
+openstack_username: "{{ lookup('env','OS_USERNAME')  }}"
+openstack_password: "{{ lookup('env','OS_PASSWORD')  }}"
+openstack_region: "{{ lookup('env','OS_REGION_NAME')  }}"
+openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')|default(lookup('env','OS_PROJECT_ID'),true)  }}"
+openstack_domain_name: "{{ lookup('env','OS_USER_DOMAIN_NAME') }}"
+openstack_domain_id: "{{ lookup('env','OS_USER_DOMAIN_ID') }}"
+
+# For the vsphere integration, kubelet will need credentials to access
+# vsphere apis
+# Documentation regarding these values can be found
+# https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/vsphere/vsphere.go#L105
+vsphere_vcenter_ip: "{{ lookup('env', 'VSPHERE_VCENTER') }}"
+vsphere_vcenter_port: "{{ lookup('env', 'VSPHERE_VCENTER_PORT') }}"
+vsphere_user: "{{ lookup('env', 'VSPHERE_USER') }}"
+vsphere_password: "{{ lookup('env', 'VSPHERE_PASSWORD') }}"
+vsphere_datacenter: "{{ lookup('env', 'VSPHERE_DATACENTER') }}"
+vsphere_datastore: "{{ lookup('env', 'VSPHERE_DATASTORE') }}"
+vsphere_working_dir: "{{ lookup('env', 'VSPHERE_WORKING_DIR') }}"
+vsphere_insecure: "{{ lookup('env', 'VSPHERE_INSECURE') }}"
+vsphere_resource_pool: "{{ lookup('env', 'VSPHERE_RESOURCE_POOL') }}"
+
+vsphere_scsi_controller_type: pvscsi
+# vsphere_public_network is name of the network the VMs are joined to
+vsphere_public_network: "{{ lookup('env', 'VSPHERE_PUBLIC_NETWORK')|default('') }}"
+
+## When azure is used, you need to also set the following variables.
+## see docs/azure.md for details on how to get these values
+#azure_tenant_id:
+#azure_subscription_id:
+#azure_aad_client_id:
+#azure_aad_client_secret:
+#azure_resource_group:
+#azure_location:
+#azure_subnet_name:
+#azure_security_group_name:
+#azure_vnet_name:
+#azure_route_table_name:
diff --git a/roles/kubernetes/preinstall/defaults/main.yml b/roles/kubernetes/preinstall/defaults/main.yml
index 295f10178..149cbb42a 100644
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -23,35 +23,6 @@ disable_ipv6_dns: false
 kube_cert_group: kube-cert
 kube_config_dir: /etc/kubernetes
 
-# For the openstack integration kubelet will need credentials to access
-# openstack apis like nova and cinder. Per default this values will be
-# read from the environment.
-openstack_auth_url: "{{ lookup('env','OS_AUTH_URL')  }}"
-openstack_username: "{{ lookup('env','OS_USERNAME')  }}"
-openstack_password: "{{ lookup('env','OS_PASSWORD')  }}"
-openstack_region: "{{ lookup('env','OS_REGION_NAME')  }}"
-openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')|default(lookup('env','OS_PROJECT_ID'),true)  }}"
-openstack_domain_name: "{{ lookup('env','OS_USER_DOMAIN_NAME') }}"
-openstack_domain_id: "{{ lookup('env','OS_USER_DOMAIN_ID') }}"
-
-# For the vsphere integration, kubelet will need credentials to access
-# vsphere apis
-# Documentation regarding these values can be found
-# https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/vsphere/vsphere.go#L105
-vsphere_vcenter_ip: "{{ lookup('env', 'VSPHERE_VCENTER') }}"
-vsphere_vcenter_port: "{{ lookup('env', 'VSPHERE_VCENTER_PORT') }}"
-vsphere_user: "{{ lookup('env', 'VSPHERE_USER') }}"
-vsphere_password: "{{ lookup('env', 'VSPHERE_PASSWORD') }}"
-vsphere_datacenter: "{{ lookup('env', 'VSPHERE_DATACENTER') }}"
-vsphere_datastore: "{{ lookup('env', 'VSPHERE_DATASTORE') }}"
-vsphere_working_dir: "{{ lookup('env', 'VSPHERE_WORKING_DIR') }}"
-vsphere_insecure: "{{ lookup('env', 'VSPHERE_INSECURE') }}"
-vsphere_resource_pool: "{{ lookup('env', 'VSPHERE_RESOURCE_POOL') }}"
-
-vsphere_scsi_controller_type: pvscsi
-# vsphere_public_network is name of the network the VMs are joined to
-vsphere_public_network: "{{ lookup('env', 'VSPHERE_PUBLIC_NETWORK')|default('') }}"
-
 # Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content
 # for hostnet pods and infra needs
 resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf

From ab8760cc83a6bb6f9e33723e6348fe30bbb358c8 Mon Sep 17 00:00:00 2001
From: avoidik <avoidik@gmail.com>
Date: Sat, 31 Mar 2018 03:24:57 +0300
Subject: [PATCH 3/5] Move credentials pre-check

---
 roles/kubernetes/node/tasks/main.yml       | 8 ++++++++
 roles/kubernetes/preinstall/tasks/main.yml | 8 --------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml
index 78e6d92d6..defd3e9f7 100644
--- a/roles/kubernetes/node/tasks/main.yml
+++ b/roles/kubernetes/node/tasks/main.yml
@@ -134,6 +134,14 @@
   tags:
     - kube-proxy
 
+- include_tasks: "{{ cloud_provider }}-credential-check.yml"
+  when:
+    - cloud_provider is defined
+    - cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
+  tags:
+    - cloud-provider
+    - facts
+
 - name: Write cloud-config
   template:
     src: "{{ cloud_provider }}-cloud-config.j2"
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index aca0c9606..4b948831a 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -71,14 +71,6 @@
     - cloud-provider
     - facts
 
-- include_tasks: "{{ cloud_provider }}-credential-check.yml"
-  when:
-    - cloud_provider is defined
-    - cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
-  tags:
-    - cloud-provider
-    - facts
-
 - name: Create cni directories
   file:
     path: "{{ item }}"

From 15efdf0c16724fa5389c35e27b01cb12ae1f3557 Mon Sep 17 00:00:00 2001
From: avoidik <avoidik@gmail.com>
Date: Sat, 31 Mar 2018 03:26:37 +0300
Subject: [PATCH 4/5] Move credential checks

---
 .../tasks => node/templates}/azure-credential-check.yml           | 0
 .../tasks => node/templates}/openstack-credential-check.yml       | 0
 .../tasks => node/templates}/vsphere-credential-check.yml         | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename roles/kubernetes/{preinstall/tasks => node/templates}/azure-credential-check.yml (100%)
 rename roles/kubernetes/{preinstall/tasks => node/templates}/openstack-credential-check.yml (100%)
 rename roles/kubernetes/{preinstall/tasks => node/templates}/vsphere-credential-check.yml (100%)

diff --git a/roles/kubernetes/preinstall/tasks/azure-credential-check.yml b/roles/kubernetes/node/templates/azure-credential-check.yml
similarity index 100%
rename from roles/kubernetes/preinstall/tasks/azure-credential-check.yml
rename to roles/kubernetes/node/templates/azure-credential-check.yml
diff --git a/roles/kubernetes/preinstall/tasks/openstack-credential-check.yml b/roles/kubernetes/node/templates/openstack-credential-check.yml
similarity index 100%
rename from roles/kubernetes/preinstall/tasks/openstack-credential-check.yml
rename to roles/kubernetes/node/templates/openstack-credential-check.yml
diff --git a/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml b/roles/kubernetes/node/templates/vsphere-credential-check.yml
similarity index 100%
rename from roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
rename to roles/kubernetes/node/templates/vsphere-credential-check.yml

From aa301c31d10643750da91600b7915601cb99aad1 Mon Sep 17 00:00:00 2001
From: avoidik <avoidik@gmail.com>
Date: Sat, 31 Mar 2018 13:29:00 +0300
Subject: [PATCH 5/5] Move credential checks into proper folder

---
 .../node/{templates => tasks}/azure-credential-check.yml          | 0
 .../node/{templates => tasks}/openstack-credential-check.yml      | 0
 .../node/{templates => tasks}/vsphere-credential-check.yml        | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename roles/kubernetes/node/{templates => tasks}/azure-credential-check.yml (100%)
 rename roles/kubernetes/node/{templates => tasks}/openstack-credential-check.yml (100%)
 rename roles/kubernetes/node/{templates => tasks}/vsphere-credential-check.yml (100%)

diff --git a/roles/kubernetes/node/templates/azure-credential-check.yml b/roles/kubernetes/node/tasks/azure-credential-check.yml
similarity index 100%
rename from roles/kubernetes/node/templates/azure-credential-check.yml
rename to roles/kubernetes/node/tasks/azure-credential-check.yml
diff --git a/roles/kubernetes/node/templates/openstack-credential-check.yml b/roles/kubernetes/node/tasks/openstack-credential-check.yml
similarity index 100%
rename from roles/kubernetes/node/templates/openstack-credential-check.yml
rename to roles/kubernetes/node/tasks/openstack-credential-check.yml
diff --git a/roles/kubernetes/node/templates/vsphere-credential-check.yml b/roles/kubernetes/node/tasks/vsphere-credential-check.yml
similarity index 100%
rename from roles/kubernetes/node/templates/vsphere-credential-check.yml
rename to roles/kubernetes/node/tasks/vsphere-credential-check.yml