mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-02-20 20:50:12 -03:30
baf0a331c9
Nodes to api-server relies by default certificates, and bootstrap tokens, and there should be no need to generate tokens for every nodes, even when enabling static token auth.
120 lines
2.8 KiB
YAML
120 lines
2.8 KiB
YAML
---
|
|
- name: Create kubernetes directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ kube_owner }}"
|
|
mode: "0755"
|
|
when: ('k8s_cluster' in group_names)
|
|
become: true
|
|
tags:
|
|
- kubelet
|
|
- kube-controller-manager
|
|
- kube-apiserver
|
|
- bootstrap-os
|
|
- apps
|
|
- network
|
|
- master # master tag is deprecated and replaced by control-plane
|
|
- control-plane
|
|
- node
|
|
with_items:
|
|
- "{{ kube_config_dir }}"
|
|
- "{{ kube_manifest_dir }}"
|
|
- "{{ kube_script_dir }}"
|
|
- "{{ kubelet_flexvolumes_plugins_dir }}"
|
|
|
|
- name: Create other directories of root owner
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: root
|
|
mode: "0755"
|
|
when: ('k8s_cluster' in group_names)
|
|
become: true
|
|
tags:
|
|
- kubelet
|
|
- kube-controller-manager
|
|
- kube-apiserver
|
|
- bootstrap-os
|
|
- apps
|
|
- network
|
|
- master # master tag is deprecated and replaced by control-plane
|
|
- control-plane
|
|
- node
|
|
with_items:
|
|
- "{{ kube_cert_dir }}"
|
|
- "{{ bin_dir }}"
|
|
|
|
- name: Check if kubernetes kubeadm compat cert dir exists
|
|
stat:
|
|
path: "{{ kube_cert_compat_dir }}"
|
|
get_attributes: false
|
|
get_checksum: false
|
|
get_mime: false
|
|
register: kube_cert_compat_dir_check
|
|
when:
|
|
- ('k8s_cluster' in group_names)
|
|
- kube_cert_dir != kube_cert_compat_dir
|
|
|
|
- name: Create kubernetes kubeadm compat cert dir (kubernetes/kubeadm issue 1498)
|
|
file:
|
|
src: "{{ kube_cert_dir }}"
|
|
dest: "{{ kube_cert_compat_dir }}"
|
|
state: link
|
|
mode: "0755"
|
|
when:
|
|
- ('k8s_cluster' in group_names)
|
|
- kube_cert_dir != kube_cert_compat_dir
|
|
- not kube_cert_compat_dir_check.stat.exists
|
|
|
|
- name: Create cni directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ kube_owner }}"
|
|
mode: "0755"
|
|
with_items:
|
|
- "/etc/cni/net.d"
|
|
- "/opt/cni/bin"
|
|
when:
|
|
- kube_network_plugin in ["calico", "weave", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
|
|
- ('k8s_cluster' in group_names)
|
|
tags:
|
|
- network
|
|
- cilium
|
|
- calico
|
|
- weave
|
|
- kube-ovn
|
|
- kube-router
|
|
- bootstrap-os
|
|
|
|
- name: Create calico cni directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ kube_owner }}"
|
|
mode: "0755"
|
|
with_items:
|
|
- "/var/lib/calico"
|
|
when:
|
|
- kube_network_plugin == "calico"
|
|
- ('k8s_cluster' in group_names)
|
|
tags:
|
|
- network
|
|
- calico
|
|
- bootstrap-os
|
|
|
|
- name: Create local volume provisioner directories
|
|
file:
|
|
path: "{{ local_volume_provisioner_storage_classes[item].host_dir }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: "{{ local_volume_provisioner_directory_mode }}"
|
|
with_items: "{{ local_volume_provisioner_storage_classes.keys() | list }}"
|
|
when:
|
|
- ('k8s_cluster' in group_names)
|
|
- local_volume_provisioner_enabled
|
|
tags:
|
|
- persistent_volumes
|