-
Notifications
You must be signed in to change notification settings - Fork 3
/
deploy.yaml
92 lines (83 loc) · 2.36 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!ansible-playbook
---
# ----------------------------------------------------
- name: Create cloud resources (and wait for them to be ready)
hosts: localhost
gather_facts: false
roles:
- role: terraform
tags: ["terraform", "cloud"]
post_tasks:
- name: Remove existing SSH key entries for the cloud instances machine
shell: "ssh-keygen -R {{ hostvars[item]['ansible_ssh_host'] }}"
ignore_errors: True
changed_when: False
with_items: "{{ groups.all }}"
- name: Wait during nodes to be available
hosts: all
gather_facts: false
user: ubuntu
tasks:
- name: Wait for SSH connectivity
wait_for_connection:
timeout: 180
# ----------------------------------------------------
- name: Manage SSH known_hosts file on local host
hosts: localhost
connection: local
ignore_errors: true
roles:
- role: ssh-keys
tags: ["ssh"]
# ----------------------------------------------------
- name: Wait for nodes to finish cloud init
hosts: all
gather_facts: False
user: ubuntu
tags: ["cloud"]
roles:
- role: wait-cloud-init-done
- name: Delete resources for failed hosts
hosts: localhost
roles:
- role: delete-failed
vars: { "required_key": "cloud_init_success" }
#-------------------------------------------------------
- name: Configure password-based login for user ubuntu
hosts: all
user: ubuntu
become: True
become_user: root
roles:
- role: allow-password
when: enable_password_login_for_user_ubuntu == True
- name: Delete resources for failed hosts
hosts: localhost
roles:
- role: delete-failed
vars: { "required_key": "allow_password_success" }
when: enable_password_login_for_user_ubuntu == True
# ----------------------------------------------------
- name: Install microk8s
hosts: all
user: ubuntu
become: True
become_user: root
roles:
- role: microk8s
- name: Delete resources for failed hosts
hosts: localhost
roles:
- role: delete-failed
vars: { "required_key": "microk8s_success" }
# ----------------------------------------------------
- name: Fix permissions of kubeconf file(s)
hosts: localhost
connection: local
tasks:
- name: Change permissions
ansible.builtin.file:
path: "{{item}}"
mode: "0600"
with_fileglob:
- "{{generated_kubeconf_file_prefix}}*{{ generated_kubeconf_file_suffix }}"