Working on Talos using DCI

2023-09-18 21:11:59 +02:00 · 2023-09-18 21:11:59 +02:00 · 2610c84f67
parent 43df517500
commit 2610c84f67
17 changed files with 76 additions and 15 deletions
--- a/roles/talos_configs_apply/meta/main.yml
+++ b/roles/talos_configs_apply/meta/main.yml
--- a/roles/talos_configs_apply/tasks/main.yml
+++ b/roles/talos_configs_apply/tasks/main.yml
@ -10,6 +10,40 @@
 - name: Import talos_machine_status tasks
  ansible.builtin.import_tasks: "{{ role_path }}/../../shared/tasks/talos_machine_status.yml"

+- name: Try Talos node config
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.command:
+    cmd: >-
+      talosctl  apply-config
+        --file '{{ talos_node_config_file }}'
+        --nodes '{{ ansible_remote }}'
+        --endpoints '{{ ansible_remote }}'
+        --mode reboot
+        --timeout 2m
+        {% if talos_machine_status.spec.stage == 'maintenance' %} --insecure{% endif %}
+  changed_when: true
+  environment:
+    TALOSCONFIG: "{{ talosconfig }}"
+
+- name: Wait for Talos port 50000 to close
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
+    timeout: 100
+    state: stopped
+
+- name: Wait for Talos port 50000 to open
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
+    delay: 5
+    timeout: 100
+
 - name: Apply Talos node config
  delegate_to: "{{ talosctl_host }}"
  become: no
@ -32,3 +66,4 @@
    host: "{{ ansible_remote }}"
    port: 50000
    delay: 5
+    timeout: 60
--- a/roles/talos_configs_create/handlers/main.yml
+++ b/roles/talos_configs_create/handlers/main.yml
--- a/roles/talos_configs_create/meta/main.yml
+++ b/roles/talos_configs_create/meta/main.yml
--- a/roles/talos_configs_create/tasks/create_control_configs.yml
+++ b/roles/talos_configs_create/tasks/create_control_configs.yml
--- a/roles/talos_configs_create/tasks/create_secrets.yml
+++ b/roles/talos_configs_create/tasks/create_secrets.yml
--- a/roles/talos_configs_create/tasks/create_talosconfig.yml
+++ b/roles/talos_configs_create/tasks/create_talosconfig.yml
--- a/roles/talos_configs_create/tasks/create_worker_configs.yml
+++ b/roles/talos_configs_create/tasks/create_worker_configs.yml
--- a/roles/talos_configs_create/tasks/main.yml
+++ b/roles/talos_configs_create/tasks/main.yml
--- a/roles/talos_dci_finish/tasks/main.yml
+++ b/roles/talos_dci_finish/tasks/main.yml
@ -1,12 +1,5 @@
 ---

- name: Wait for Talos port 50000
-  delegate_to: "{{ talosctl_host }}"
-  become: no
-  ansible.builtin.wait_for:
-    host: "{{ ansible_remote }}"
-    port: 50000
-
 - name: Call DCI Manager API to finish operation
  when: dci_server_info.operation.status == 'running'
  delegate_to: "{{ dci_manager_access_host }}"
@ -18,5 +11,5 @@
      X-Xsrf-Token: "{{ dci_token }}"
    body_format: json
    body: "{}"
-  register: _dci_finish
-  until: _dci_server.status != 503
+  register: dci_finish
+  until: dci_finish.status != 503
--- a/roles/talos_dci_login/tasks/main.yml
+++ b/roles/talos_dci_login/tasks/main.yml
@ -20,7 +20,8 @@
      password: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first }}"
    status_code: 201
  register: _dci_manager_login
-  until: _dci_manager_login.status != 503
+  until: _dci_manager_login.status != 503 and _dci_manager_login.status != -1
+  retries: 10

 - name: Set token fact
  ansible.builtin.set_fact:
--- a/roles/talos_dci_reinstall/tasks/main.yml
+++ b/roles/talos_dci_reinstall/tasks/main.yml
@ -1,5 +1,10 @@
 ---

+- name: Sleep 60 seconds because we just called Finish
+  when: dci_finish is defined and dci_finish is success
+  ansible.builtin.pause:
+    minutes: 1
+
 - name: Call DCI Manager API to reinstall Talos Linux
  delegate_to: "{{ dci_manager_access_host }}"
  become: no
@ -15,12 +20,13 @@
      hdd_raid: "no_raid"
      os_template_id: "{{ dci_manager_talos_os_template_id }}"
      password: "_not_used_"
-  register: _dci_finish
-  until: _dci_server.status != 503
+  register: _dci_reinstall
+  until: _dci_reinstall.status != 503 and _dci_reinstall.status != -1

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
  become: no
  ansible.builtin.wait_for:
+    delay: 10
    host: "{{ ansible_remote }}"
    port: 50000
--- a/roles/talos_wait_port/meta/main.yml
+++ b/roles/talos_wait_port/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: common
--- a/roles/talos_wait_port/tasks/main.yml
+++ b/roles/talos_wait_port/tasks/main.yml
@ -0,0 +1,8 @@
+---
+
+- name: Wait for Talos port 50000
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
--- a/talos.yml
+++ b/talos.yml
@ -1,6 +1,12 @@
 ---
 # Playbook Talos Install

+- name: Wait for Talos port
+  become: no
+  gather_facts: false
+  roles:
+    - role: talos_wait_port
+
 - name: Talos hardware nodes
  become: no
  gather_facts: false
@ -11,14 +17,14 @@
      tags:
        - talos_dci_finish

- name: Talos configs
+- name: Talos config
  become: no
  gather_facts: false
  hosts:
    - talos
  roles:
-    - role: talos_configs_create
-    - role: talos_configs_apply
+    - role: talos_config_create
+    - role: talos_config_apply

 - name: Talos bootstrap
  become: no
--- a/talos_config_apply.yml
+++ b/talos_config_apply.yml
@ -0,0 +1,8 @@
+---
+
+- name: Apply Talos Config
+  gather_facts: false
+  hosts:
+    - talos
+  roles:
+    - role: talos_config_apply
--- a/talos_dci_reinstall.yml
+++ b/talos_dci_reinstall.yml
@ -5,4 +5,5 @@
  hosts:
    - talos_hardware_nodes
  roles:
+    - role: talos_dci_finish
    - role: talos_dci_reinstall