Fix control plane setup without a hardcoded key (#4610)

roles/kubernetes/master/tasks/kubeadm-setup.yml

@@ -114,13 +114,23 @@
 - name: set kubeadm certificate key
   set_fact:
     kubeadm_certificate_key: "{{ item | regex_search('--certificate-key ([^ ]+)','\\1') | first }}"
-  with_items: "{{ (hostvars['kube-master'][0]['kubeadm_init']|default({'stdout_lines': []}))['stdout_lines'] }}"
+  with_items: "{{ hostvars[groups['kube-master'][0]]['kubeadm_init'].stdout_lines | default([]) }}"
   when:
     - kubeadm_version is version('v1.14.0', '>=')
     - kubeadm_certificate_key is not defined
     - item | trim | match('.*--certificate-key .*')
     - hostvars['kube-master'][0]['kubeadm_init']['stdout_lines'] is defined
 
+- name: Create hardcoded kubeadm token for joining nodes with 24h expiration (if defined)
+  shell: >-
+    {{ bin_dir }}/kubeadm --kubeconfig /etc/kubernetes/admin.conf token delete {{ kubeadm_token }} || :;
+    {{ bin_dir }}/kubeadm --kubeconfig /etc/kubernetes/admin.conf token create {{ kubeadm_token }}
+  when:
+    - inventory_hostname == groups['kube-master']|first
+    - kubeadm_token is defined
+  tags:
+    - kubeadm_token
+
 - name: Create kubeadm token for joining nodes with 24h expiration (default)
   command: "{{ bin_dir }}/kubeadm --kubeconfig /etc/kubernetes/admin.conf token create"
   register: temp_token
@@ -139,16 +149,6 @@
   tags:
     - kubeadm_token
 
-- name: Create hardcoded kubeadm token for joining nodes with 24h expiration (if defined)
-  shell: >-
-    {{ bin_dir }}/kubeadm --kubeconfig /etc/kubernetes/admin.conf token delete {{ kubeadm_token }} || :;
-    {{ bin_dir }}/kubeadm --kubeconfig /etc/kubernetes/admin.conf token create {{ kubeadm_token }}
-  when:
-    - inventory_hostname == groups['kube-master']|first
-    - kubeadm_token is defined
-  tags:
-    - kubeadm_token
-
 - name: kubeadm | Initialize other masters (experimental control plane)
   include: kubeadm-secondary-experimental.yml
   when: kubeadm_control_plane