Finally Ansible run completed

2023-10-16 22:27:33 +02:00 · 2023-10-16 22:27:33 +02:00 · 0889cc8caa
parent b4ff3dfd32
commit 0889cc8caa
10 changed files with 66 additions and 37 deletions
--- a/k8s_services.yml
+++ b/k8s_services.yml
@ -1,6 +1,6 @@
 # Playbook Services Install
 ---
- name: Install services on K8S
+- name: Install Infracstructure and Storage services on K8S
  become: false
  gather_facts: false
  hosts:
@ -15,27 +15,14 @@
    - role: k8s_cert_manager
      tags:
        - cert_manager
-    - role: k8s_rancher
-      tags:
-        - rancher
    - role: k8s_local_path_storage
      tags:
        - local_path_storage
    - role: k8s_mayastor
      tags:
        - mayastor
-    - role: k8s_velero
-      tags:
-        - velero
-    - role: k8s_node_problem_detector
-      tags:
-        - k8s_node_problem_detector
-        - monitoring
-    - role: k8s_rancher_monitoring
-      tags:
-        - rancher_monitoring

- name: Install per-node services on K8S
+- name: Install per-node Storage services on K8S
  become: false
  gather_facts: false
  hosts:
@ -45,3 +32,23 @@
      tags:
        - mayastor
        - mayastor_diskpool
+
+- name: Install services on K8S
+  become: false
+  gather_facts: false
+  hosts:
+    - talos_first_nodes
+  roles:
+    - role: k8s_rancher
+      tags:
+        - rancher
+    - role: k8s_rancher_monitoring
+      tags:
+        - rancher_monitoring
+    - role: k8s_velero
+      tags:
+        - velero
+    - role: k8s_node_problem_detector
+      tags:
+        - k8s_node_problem_detector
+        - monitoring
--- a/playbook.yml
+++ b/playbook.yml
@ -4,17 +4,6 @@
  tags:
    - hostbill

- name: Include playbook talos
-  ansible.builtin.import_playbook: talos.yml
-  tags:
-    - talos
-
- name: Include playbook k8s_services
-  ansible.builtin.import_playbook: k8s_services.yml
-  tags:
-    - k8s_services
-    - services
-
 - name: Include playbook os
  ansible.builtin.import_playbook: os.yml
  tags:
@ -26,3 +15,14 @@
  tags:
    - applications
    - loadbalancer
+
+- name: Include playbook talos
+  ansible.builtin.import_playbook: talos.yml
+  tags:
+    - talos
+
+- name: Include playbook k8s_services
+  ansible.builtin.import_playbook: k8s_services.yml
+  tags:
+    - k8s_services
+    - services
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@ -1,7 +1,7 @@
 ---
 kubernetes_version: v1.26.9 # Rancher can't run on v1.27, see https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/rancher-v2-7-6/
 talos_image_version: v1.4.7
-talos_version: v1.5.2
+talos_version: v1.5.3
 ansible_root_dir: "{{ inventory_dir | ansible.builtin.dirname }}"
 ansible_vault_password_file: "{{ ansible_root_dir }}/.ansible/vault_pass"
 talos_generic_config_dir: "{{ ansible_root_dir }}/configs/talos"
--- a/roles/k8s_mayastor/tasks/main.yml
+++ b/roles/k8s_mayastor/tasks/main.yml
@ -28,6 +28,7 @@
    release_namespace: mayastor
    create_namespace: false
    wait: true
+    wait_timeout: "30m"
    # https://github.com/openebs/mayastor-extensions/blob/develop/chart/values.yaml
    values:
      io_engine:
--- a/roles/k8s_node_problem_detector/tasks/main.yml
+++ b/roles/k8s_node_problem_detector/tasks/main.yml
@ -17,6 +17,7 @@
    release_namespace: kube-system
    create_namespace: false
    wait: true
+    wait_timeout: "30m"
    set_values:
      # https://github.com/deliveryhero/helm-charts/blob/master/stable/node-problem-detector/values.yaml
      # https://github.com/deliveryhero/helm-charts/tree/master/stable/node-problem-detector#values
--- a/roles/k8s_rancher/tasks/main.yml
+++ b/roles/k8s_rancher/tasks/main.yml
@ -1,10 +1,10 @@
 ---

- name: Helm add Rancher repo
+- name: Helm add Rancher Server Charts repo
  delegate_to: "{{ kubectl_host }}"
  run_once: true
  kubernetes.core.helm_repository:
-    name: rancher
+    name: rancher-server-charts
    repo_url: "https://releases.rancher.com/server-charts/latest"

 - name: Verify Rancher hostname
@ -21,11 +21,12 @@
  delegate_to: "{{ kubectl_host }}"
  kubernetes.core.helm:
    kubeconfig: "{{ kubeconfig }}"
-    chart_ref: rancher/rancher
+    chart_ref: rancher-server-charts/rancher
    release_name: rancher
    release_namespace: cattle-system
    create_namespace: true
    wait: true
+    wait_timeout: "30m"
    # https://ranchermanager.docs.rancher.com/getting-started/installation-and-upgrade/installation-references/helm-chart-options
    # https://github.com/rancher/rancher/blob/release/v2.8/chart/values.yaml
    values:
--- a/roles/k8s_rancher_monitoring/tasks/main.yml
+++ b/roles/k8s_rancher_monitoring/tasks/main.yml
@ -1,10 +1,10 @@
 ---

- name: Helm add Rancher Monitoring repo
+- name: Helm add Rancher Charts repo
  delegate_to: "{{ kubectl_host }}"
  run_once: true
  kubernetes.core.helm_repository:
-    name: rancher-monitoring
+    name: rancher-charts
    repo_url: "https://raw.githubusercontent.com/rancher/charts/release-v2.8"

 - name: Namespace
@ -21,15 +21,27 @@
          pod-security.kubernetes.io/enforce: privileged
          pod-security.kubernetes.io/warn: privileged

+- name: Helm deploy Rancher Monitoring CRDs
+  delegate_to: "{{ kubectl_host }}"
+  kubernetes.core.helm:
+    kubeconfig: "{{ kubeconfig }}"
+    chart_ref: rancher-charts/rancher-monitoring-crd
+    release_name: rancher-monitoring-crd
+    release_namespace: cattle-monitoring-system
+    create_namespace: false
+    wait: true
+    wait_timeout: "30m"
+
 - name: Helm deploy Rancher Monitoring
  delegate_to: "{{ kubectl_host }}"
  kubernetes.core.helm:
    kubeconfig: "{{ kubeconfig }}"
-    chart_ref: rancher/rancher
-    release_name: rancher
+    chart_ref: rancher-charts/rancher-monitoring
+    release_name: rancher-monitoring
    release_namespace: cattle-monitoring-system
    create_namespace: false
    wait: true
+    wait_timeout: "30m"
    # https://github.com/rancher/charts/blob/release-v2.8/charts/rancher-monitoring/102.0.1%2Bup40.1.2/values.yaml
    values:
      global:
@ -46,7 +58,7 @@
            - ReadWriteOnce
          enabled: true
          size: 1Gi
-          storageClassName: mayastor-2replicas
+          storageClassName: local-path
          type: pvc
        sidecar:
          dashboards:
@ -78,7 +90,7 @@
                resources:
                  requests:
                    storage: 20Gi
-                storageClassName: mayastor-2replicas
+                storageClassName: local-path
      alertmanager:
        alertmanagerSpec:
          externalUrl: "https://{{ rancher_hostname }}/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-alertmanager:9093/proxy"
--- a/roles/k8s_traefik/tasks/main.yml
+++ b/roles/k8s_traefik/tasks/main.yml
@ -16,6 +16,7 @@
    release_namespace: traefik
    create_namespace: true
    wait: true
+    wait_timeout: "30m"
    # https://github.com/traefik/traefik-helm-chart/blob/master/traefik/values.yaml
    values:
      deployment:
@ -48,3 +49,7 @@
  ansible.builtin.uri:
    url: "http://{{ ingress_ips[0] }}/"
    status_code: [200, 404]
+  register: _traefik_check
+  until: _traefik_check is success
+  retries: 30
+  delay: 2
--- a/roles/k8s_velero/tasks/main.yml
+++ b/roles/k8s_velero/tasks/main.yml
@ -29,6 +29,7 @@
    release_namespace: velero
    create_namespace: false
    wait: true
+    wait_timeout: "30m"
    # https://github.com/vmware-tanzu/helm-charts/blob/main/charts/velero/values.yaml
    values:
      snapshotsEnabled: false
--- a/roles/not_used/hashicorp_secrets/tasks/main.yml
+++ b/roles/not_used/hashicorp_secrets/tasks/main.yml
@ -20,6 +20,7 @@
    release_namespace: vault-secrets-operator-system
    create_namespace: true
    wait: true
+    wait_timeout: "30m"
    # https://github.com/hashicorp/vault-secrets-operator/blob/main/chart/values.yaml
    values:
      defaultVaultConnection:
@ -81,4 +82,4 @@
        refreshAfter: 30s

        # Name of the CRD to authenticate to Vault
-        vaultAuthRef: static-auth
+        vaultAuthRef: static-auth