promenade/roles/deploy-kubelet/tasks/deploy-cluster-ha.yaml

---
- name:  Grab the ETCD IP
  shell: hyperkube kubectl get services --all-namespaces | grep "etcd-service" | awk '{ print $3 }'
  register: etcd_service_ip

# - name: Deploy Calico manifest template
#   template:
#     src: calico.yaml
#     dest: /opt/openstack-helm/manifests/calico.yaml
#   register: calico_changed
#
# - name: Install calicoctl tool
#   get_url:
#     url: "https://github.com/projectcalico/calicoctl/releases/download/{{ calicoctl_version }}/calicoctl"
#     dest: /usr/bin/calicoctl
#     validate_certs: false
#     mode: 0755
#
# - name: Check for Calico deployment
#   shell: hyperkube kubectl get services --all-namespaces | grep calico
#   ignore_errors: True
#   register: calico_deployed
#
# - name: Deploy BGP Peer Manifest (1)
#   template:
#     src: calico-peer.yaml
#     dest: /opt/openstack-helm/manifests/calico-peer.yaml
#
# - name: Deploy BGP Peer Manifest (2)
#   template:
#     src: calico-peer2.yaml
#     dest: /opt/openstack-helm/manifests/calico-peer2.yaml
#
# - name: Create Calico Pods
#   shell: hyperkube kubectl create -f /opt/openstack-helm/manifests/calico.yaml
#   when: calico_deployed | failed and "{{ inventory_hostname }} in groups['bootstrap']"
#
# - action: shell hyperkube kubectl get pods --all-namespaces | grep calico
#   register: calico_output
#   until: calico_output.stdout.find("Running") != -1
#   retries: 20
#   delay: 15
#
# - name: Create BGP Peering(1)
#   shell: calicoctl create -f /opt/openstack-helm/manifests/calico-peer.yaml --skip-exists
#   environment:
#     ETCD_ENDPOINTS: "http://{{ etcd_service_ip.stdout }}:2379"
#   when: calico_deployed | failed and "{{ inventory_hostname }} in groups['bootstrap']"
#
# - name: Create BGP Peering(2)
#   shell: calicoctl create -f /opt/openstack-helm/manifests/calico-peer2.yaml --skip-exists
#   environment:
#     ETCD_ENDPOINTS: "http://{{ etcd_service_ip.stdout }}:2379"
#   when: calico_deployed | failed and "{{ inventory_hostname }} in groups['bootstrap']"

- name: Check ClusterHA in KubeDNS
  shell: hyperkube kubectl get services --all-namespaces | grep cluster-ha
  ignore_errors: true
  register: cluster_ha_present

- name: Install ClusterHA ConfigMaps
  template:
    src: cluster-ha.j2
    dest: /opt/openstack-helm/manifests/cluster-ha.yaml
  register: cluster_ha_configmaps

- name: Delete ClusterHA if present
  shell: hyperkube kubectl delete -f /opt/openstack-helm/manifests/cluster-ha.yaml
  when: cluster_ha_present | succeeded and cluster_ha_configmaps | changed
  ignore_errors: true

- name: Deploy ClusterHA ConfigMaps
  shell: hyperkube kubectl create -f /opt/openstack-helm/manifests/cluster-ha.yaml
  when: cluster_ha_configmaps | changed

- name: Determine KubeDNS Server
  shell: hyperkube kubectl get svc kube-dns --namespace=kube-system | awk '{print $2}' | sed -n '$p'
  register: kube_dns_server

- name: Add KubeDNS to /etc/resolv.conf
  lineinfile:
    dest: /etc/resolv.conf
    insertafter: "^#     DO"
    line: "nameserver {{ kube_dns_server.stdout }}"
    state: present
    backup: true

- name: Remove /etc/hosts entry if present
  lineinfile:
    dest: /etc/hosts
    line: "{{ hostvars[groups['master'][0]]['ansible_default_ipv4']['address'] }} {{ api_server_fqdn }}"
    state: absent

- name: Test Kubernetes cluster
  shell: hyperkube kubectl get nodes