self-hosting/roles/kubectl/tasks/main.yml

---
- name: Download kubernetes-client archive
  get_url:
    url: "https://dl.k8s.io/v{{kubectl_version}}/kubernetes-client-{{kubectl_os}}-{{kubectl_arch}}.tar.gz"
    checksum: "{{kubectl_checksum}}"
    dest: "{{kubectl_tmp_directory}}"
  tags:
    - kubectl

- name: Unarchive kubernetes-client
  unarchive:
    src: "{{kubectl_tmp_directory}}/kubernetes-client-{{kubectl_os}}-{{kubectl_arch}}.tar.gz"
    dest: "{{kubectl_tmp_directory}}"
  tags:
    - kubectl

- name: Copy kubectl binary to destination directory
  copy:
    src: "{{kubectl_tmp_directory}}/kubernetes/client/bin/{{item}}"
    dest: "{{kubectl_bin_directory}}/{{item}}"
    mode: 0755
    owner: root
    group: root
    remote_src: yes
  with_items:
    - kubectl

- name: Generate a kubeconfig file for each worker node (set-cluster)
  shell: "kubectl config set-cluster {{k8s_config_cluster_name}} --certificate-authority={{k8s_ca_conf_directory}}/ca-k8s-apiserver.pem --embed-certs=true --server=https://{{hostvars[groups['k8s_master'][0]]['ansible_'+hostvars[item]['peervpn_conf_interface']].ipv4.address}}:{{k8s_apiserver_secure_port}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
  with_inventory_hostnames:
    - k8s_worker
  tags:
    - k8s-auth-config-kubelet

- name: Generate a kubeconfig file for each worker node (set-credentials)
  shell: "kubectl config set-credentials system:node:{{hostvars[item]['ansible_hostname']}} --client-certificate={{k8s_ca_conf_directory}}/cert-{{item}}.pem --client-key={{k8s_ca_conf_directory}}/cert-{{item}}-key.pem --embed-certs=true --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
  with_inventory_hostnames:
    - k8s_worker
  tags:
    - k8s-auth-config-kubelet

- name: Generate a kubeconfig file for each worker node (set-context)
  shell: "kubectl config set-context default --cluster={{k8s_config_cluster_name}} --user=system:node:{{hostvars[item]['ansible_hostname']}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
  with_inventory_hostnames:
    - k8s_worker
  tags:
    - k8s-auth-config-kubelet

- name: Set use-context
  shell: "kubectl config use-context default --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
  with_inventory_hostnames:
    - k8s_worker
  tags:
    - k8s-auth-config-kubelet
Custom kubectl role 2018-07-31 13:29:25 +02:00			`---`
			`- name: Download kubernetes-client archive`
			`get_url:`
			`url: "https://dl.k8s.io/v{{kubectl_version}}/kubernetes-client-{{kubectl_os}}-{{kubectl_arch}}.tar.gz"`
			`checksum: "{{kubectl_checksum}}"`
			`dest: "{{kubectl_tmp_directory}}"`
			`tags:`
			`- kubectl`

			`- name: Unarchive kubernetes-client`
			`unarchive:`
			`src: "{{kubectl_tmp_directory}}/kubernetes-client-{{kubectl_os}}-{{kubectl_arch}}.tar.gz"`
			`dest: "{{kubectl_tmp_directory}}"`
			`tags:`
			`- kubectl`

			`- name: Copy kubectl binary to destination directory`
			`copy:`
			`src: "{{kubectl_tmp_directory}}/kubernetes/client/bin/{{item}}"`
			`dest: "{{kubectl_bin_directory}}/{{item}}"`
			`mode: 0755`
			`owner: root`
			`group: root`
			`remote_src: yes`
			`with_items:`
			`- kubectl`
Add configuration to kubectl role 2018-07-31 18:08:17 +02:00
			`- name: Generate a kubeconfig file for each worker node (set-cluster)`
			`shell: "kubectl config set-cluster {{k8s_config_cluster_name}} --certificate-authority={{k8s_ca_conf_directory}}/ca-k8s-apiserver.pem --embed-certs=true --server=https://{{hostvars[groups['k8s_master'][0]]['ansible_'+hostvars[item]['peervpn_conf_interface']].ipv4.address}}:{{k8s_apiserver_secure_port}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"`
			`with_inventory_hostnames:`
			`- k8s_worker`
			`tags:`
			`- k8s-auth-config-kubelet`

			`- name: Generate a kubeconfig file for each worker node (set-credentials)`
			`shell: "kubectl config set-credentials system:node:{{hostvars[item]['ansible_hostname']}} --client-certificate={{k8s_ca_conf_directory}}/cert-{{item}}.pem --client-key={{k8s_ca_conf_directory}}/cert-{{item}}-key.pem --embed-certs=true --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"`
			`with_inventory_hostnames:`
			`- k8s_worker`
			`tags:`
			`- k8s-auth-config-kubelet`

			`- name: Generate a kubeconfig file for each worker node (set-context)`
			`shell: "kubectl config set-context default --cluster={{k8s_config_cluster_name}} --user=system:node:{{hostvars[item]['ansible_hostname']}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"`
			`with_inventory_hostnames:`
			`- k8s_worker`
			`tags:`
			`- k8s-auth-config-kubelet`

			`- name: Set use-context`
			`shell: "kubectl config use-context default --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"`
			`with_inventory_hostnames:`
			`- k8s_worker`
			`tags:`
			`- k8s-auth-config-kubelet`