bugfix: kubernetes deployment without root user and global become

4 years ago · 211039f7e6
parent 763c104ac2
commit 211039f7e6
5 changed files with 15 additions and 14 deletions
--- a/kubernetes.yml
+++ b/kubernetes.yml
@ -11,12 +11,11 @@
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
-      delegate_to: 127.0.0.1
-      become: false
+      tags:
+        - always

    - name: "Import autodiscover pre-tasks"
      import_tasks: tasks/autodiscover_pre_tasks.yml
-      become: false
      tags:
        - always

@ -25,8 +24,8 @@
    - { role: kubernetes/namespace }
    - { role: kubernetes/cloud-controller-manager }
    - { role: kubernetes/container-storage-interface }
-# TODO setup prometheus operator here
-    - { role: kubernetes/cert-manager } # TODO depends on prometheus
-    - { role: kubernetes/external-dns } # TODO depends on prometheus
-    - { role: kubernetes/ingress-controller } # TODO depends on prometheus
-    - { role: kubernetes/apps } # TODO depends on prometheus (argo-cd)
+    - { role: kubernetes/apps, tags: prometheus }
+    - { role: kubernetes/cert-manager }
+    - { role: kubernetes/external-dns }
+    - { role: kubernetes/ingress-controller }
+    - { role: kubernetes/apps, tags: !prometheus }
--- a/provisioning.yml
+++ b/provisioning.yml
@ -13,6 +13,8 @@
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
+      tags:
+        - always

    - name: "Getting all firewalls from hetzner"
      uri:
--- a/roles/kubernetes/base/tasks/main.yml
+++ b/roles/kubernetes/base/tasks/main.yml
@ -62,6 +62,7 @@
    owner: root
    group: root
    remote_src: yes
+  become: yes
  when:
  - inventory_hostname == groups['kube_control_plane'][0]
  tags:
--- a/setup.yml
+++ b/setup.yml
@ -2,7 +2,7 @@

 - name: 'apply setup to {{ host | default("all") }}'
  hosts: '{{ host | default("all") }}'
-  serial: "{{ serial_number | default(5) }}"
+  serial: "{{ serial_number | default(10) }}"
  strategy: free
  vars:
    ansible_ssh_host: "{{ stage_server_domain }}"
@ -17,8 +17,7 @@
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
      tags:
-        - common
-        - pgadmin4
+        - always

    - name: Updating apt cache
      apt:
--- a/smardigo.yml
+++ b/smardigo.yml
@ -14,8 +14,8 @@
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
-      delegate_to: 127.0.0.1
-      become: false
+      tags:
+        - always

    - name: "Import autodiscover pre-tasks"
      import_tasks: tasks/autodiscover_pre_tasks.yml