Code Review / ta / caas-kubernetes.git / blob
? search:


df119788a4eb99815b8b3ec7a2e32db88a333fdc
[ta/caas-kubernetes.git] / ansible / roles / kube_master / meta / main.yml
1 ---
2 # Copyright 2019 Nokia
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #     http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15
16 dependencies:
17   - role: creategroup
18     _name: kube
19     _gid: "{{ caas.uid.kube }}"
20     become: true
21     become_user: "root"
22
23   - role: createuser
24     _name: kube
25     _group: kube
26     _groups: ''
27     _shell: /sbin/nologin
28     _home: /
29     _uid: "{{ caas.uid.kube }}"
30     become: true
31     become_user: "root"
32
33   # apiserver cert
34   - role: cert
35     instance: "apiserver{{ nodeindex }}"
36     cert_path: /etc/kubernetes/ssl
37     common_name: "system:apiserver"
38     alt_names:
39       dns:
40         - "{{ caas.apiserver_service_name}}"
41         - "{{ caas.apiserver_in_hosts }}"
42       ip:
43         - "{{ ansible_host }}"
44         - "{{ caas.apiserver_svc_ip }}"
45     add_users:
46       - kube
47     become: true
48     become_user: "root"
49   # kube-controller-manager cert
50   - role: cert
51     instance: "kube-controller-manager{{ nodeindex }}"
52     cert_path: /etc/kubernetes/ssl
53     common_name: "system:kube-controller-manager"
54     org_name: "system:masters"
55     alt_names:
56       ip:
57         - "{{ ansible_host }}"
58     add_users:
59       - kube
60     kube_conf:
61       - path: "/etc/kubernetes/kubeconfig/cmc.yml"
62         apiserver: "{{ caas.apiserver_svc_ip }}"
63         apiserver_port: "{{ caas.apiserver_svc_port }}"
64     become: true
65     become_user: "root"
66   # scheduler cert
67   - role: cert
68     instance: "kube-scheduler{{ nodeindex }}"
69     cert_path: /etc/kubernetes/ssl
70     common_name: "system:kube-scheduler"
71     alt_names:
72       ip:
73         - "{{ ansible_host }}"
74     add_users:
75       - kube
76     kube_conf:
77       - path: "/etc/kubernetes/kubeconfig/schedulerc.yml"
78         apiserver: "{{ caas.apiserver_svc_ip }}"
79         apiserver_port: "{{ caas.apiserver_svc_port }}"
80     become: true
81     become_user: "root"
82
83   - role: cert
84     instance: "metrics"
85     cert_name: "metrics.crt"
86     key_name: "metrics.key"
87     common_name: "metrics"
88     cert_path: /etc/kubernetes/ssl
89     alt_names:
90       dns:
91         - custom-metrics-apiserver.kube-system.svc.nokia.net
92     add_users:
93       - kube
94     become: true
95     become_user: "root"
96
97   - role: docker_image_load
98     images:
99       - hyperkube
packages, configures, and integrates the major components of the Kubernetes management plane (https://github.com/kubernetes/kubernetes ). Includes the code related to deploying the API server, scheduler, controller-manager, kube-proxy, and kubelet components.