ansible-collections/kubernetes
2
0
Fork 0
Code Issues 8 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

feat(upgrade): If upgrade occurs, dont run remaining tasks

Browse Source 
!53
This commit is contained in:
Jon Lockwood
2024-03-29 19:44:38 +09:30
parent 7c20146660
commit c5371b8ff4
3 changed files with 53 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/projects/ansible/collection/kubernetes/index.md
View File

@ -74,5 +74,8 @@ For the available variables please view the [nfc_kubernetes role docs](roles/nfc
[In place cluster upgrades](https://docs.k3s.io/upgrades/manual#upgrade-k3s-using-the-binary) is the method used to conduct the cluster upgrades. The logic for the upgrades first confirms that K3s is installed and that the local binary and running k3s version are the desired versions. If they are not, they will be updated to the desired version. On completion of this the node has its `k3s` service restarted which completes the upgrade process. [In place cluster upgrades](https://docs.k3s.io/upgrades/manual#upgrade-k3s-using-the-binary) is the method used to conduct the cluster upgrades. The logic for the upgrades first confirms that K3s is installed and that the local binary and running k3s version are the desired versions. If they are not, they will be updated to the desired version. On completion of this the node has its `k3s` service restarted which completes the upgrade process.
!!! info
If an upgrade occurs, no other task within the play will run. This is by design. if you have further tasks to be run in addition to the upgrade, run the play again.
!!! danger !!! danger
not following the [Kubernetes version skew policy](https://kubernetes.io/releases/version-skew-policy/) when upgrading your cluster may break your cluster. not following the [Kubernetes version skew policy](https://kubernetes.io/releases/version-skew-policy/) when upgrading your cluster may break your cluster.

6
roles/nfc_kubernetes/tasks/install.yaml
View File

@ -72,6 +72,8 @@
install_kubernetes | default(true) | bool install_kubernetes | default(true) | bool
and and
kubernetes_installed | default(false) | bool kubernetes_installed | default(false) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
tags: tags:
- always - always
@ -88,6 +90,8 @@
kubernetes_config.kube_virt.enabled | default(nfc_role_kubernetes_install_kubevirt) kubernetes_config.kube_virt.enabled | default(nfc_role_kubernetes_install_kubevirt)
and and
inventory_hostname in kubernetes_config.kube_virt.nodes | default([ inventory_hostname ]) | list inventory_hostname in kubernetes_config.kube_virt.nodes | default([ inventory_hostname ]) | list
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
tags: tags:
- always - always
@ -104,5 +108,7 @@
kubernetes_config.helm.enabled | default(nfc_role_kubernetes_install_helm) kubernetes_config.helm.enabled | default(nfc_role_kubernetes_install_helm)
and and
nfc_role_kubernetes_master nfc_role_kubernetes_master
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
tags: tags:
- always - always

55
roles/nfc_kubernetes/tasks/k3s/install.yaml
View File

@ -379,6 +379,8 @@
ansible_os_family == 'Debian' ansible_os_family == 'Debian'
and and
item.when | default(true) | bool item.when | default(true) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
loop: "{{ download_files }}" loop: "{{ download_files }}"
vars: vars:
ansible_connection: local ansible_connection: local
@ -406,6 +408,8 @@
when: "{{ nfc_role_kubernetes_install_olm }}" when: "{{ nfc_role_kubernetes_install_olm }}"
when: > when: >
item.when | default(true) | bool item.when | default(true) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Required Initial config files - name: Required Initial config files
@ -419,7 +423,8 @@
loop: "{{ k3s.files }}" loop: "{{ k3s.files }}"
when: > when: >
item.when | default(true) | bool item.when | default(true) | bool
# kubernetes_config.cluster.prime.name == inventory_hostname and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Copy Intial required templates - name: Copy Intial required templates
@ -434,6 +439,8 @@
diff: true diff: true
when: > when: >
item.when | default(true) | bool item.when | default(true) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
vars: vars:
templates_to_apply: templates_to_apply:
- src: k3s-config.yaml.j2 - src: k3s-config.yaml.j2
@ -478,6 +485,8 @@
ansible.builtin.command: ansible.builtin.command:
cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy
changed_when: false changed_when: false
when: >
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Install K3s (prime master) - name: Install K3s (prime master)
@ -491,16 +500,8 @@
kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and and
not node_k3s.installed | bool not node_k3s.installed | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Config Link
ansible.builtin.shell:
cmd: >
ln -s /etc/rancher/k3s/k3s.yaml ~/.kube/config
executable: bash
creates: ~/.kube/config
when: >
nfc_role_kubernetes_master | default(false) | bool
- name: Install Calico Operator - name: Install Calico Operator
@ -523,6 +524,8 @@
'calico_manifest' not in ansible_run_tags 'calico_manifest' not in ansible_run_tags
and and
kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Install MetalLB Operator - name: Install MetalLB Operator
@ -542,6 +545,8 @@
nfc_kubernetes_enable_metallb | default(false) | bool nfc_kubernetes_enable_metallb | default(false) | bool
and and
kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Wait for kubernetes prime to be ready - name: Wait for kubernetes prime to be ready
@ -566,6 +571,20 @@
kubernetes_ready_check.rc != 0 kubernetes_ready_check.rc != 0
changed_when: false changed_when: false
failed_when: kubernetes_ready_check.rc != 0 failed_when: kubernetes_ready_check.rc != 0
when: >
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Config Link
ansible.builtin.shell:
cmd: >
ln -s /etc/rancher/k3s/k3s.yaml ~/.kube/config
executable: bash
creates: ~/.kube/config
when: >
nfc_role_kubernetes_master | default(false) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Install olm - name: Install olm
@ -582,6 +601,8 @@
kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and and
nfc_role_kubernetes_install_olm | default(false) | bool nfc_role_kubernetes_install_olm | default(false) | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Uninstall OLM - name: Uninstall OLM
@ -610,6 +631,8 @@
kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and and
'olm_uninstall' in ansible_run_tags 'olm_uninstall' in ansible_run_tags
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Enable Cluster Encryption - name: Enable Cluster Encryption
@ -622,6 +645,8 @@
and and
kubernetes_config.cluster.networking.encrypt | default(false) | bool kubernetes_config.cluster.networking.encrypt | default(false) | bool
and and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
and
( (
'calico_manifest' in ansible_run_tags 'calico_manifest' in ansible_run_tags
or or
@ -640,6 +665,8 @@
run_once: true run_once: true
register: k3s_join_token register: k3s_join_token
no_log: true # Value is sensitive no_log: true # Value is sensitive
when: >
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Create Token fact - name: Create Token fact
@ -648,6 +675,8 @@
delegate_to: "{{ kubernetes_config.cluster.prime.name | default(inventory_hostname) }}" delegate_to: "{{ kubernetes_config.cluster.prime.name | default(inventory_hostname) }}"
run_once: true run_once: true
no_log: true # Value is sensitive no_log: true # Value is sensitive
when: >
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Install K3s (master nodes) - name: Install K3s (master nodes)
@ -666,6 +695,8 @@
not kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname not kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and and
not node_k3s.installed | bool not node_k3s.installed | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Install K3s (worker nodes) - name: Install K3s (worker nodes)
@ -686,6 +717,8 @@
not kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname not kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname
and and
not node_k3s.installed | bool not node_k3s.installed | bool
and
not nfc_role_kubernetes_cluster_upgraded | default(false) | bool
- name: Set Kubernetes Final Install Fact - name: Set Kubernetes Final Install Fact