# roles/k8s/k8smaster/tasks/main.yml --- # === 9. kubeadm init (аналог шага 14) === - name: Initialize Kubernetes control plane (kubeadm init) ansible.builtin.command: > kubeadm init --apiserver-advertise-address={{ ansible_default_ipv4.address }} --pod-network-cidr=10.244.0.0/16 args: creates: /etc/kubernetes/admin.conf # === 10. kubeconfig для root и пользователя === - name: Ensure kubeconfig directory for root exists ansible.builtin.file: path: /root/.kube state: directory mode: "0700" - name: Copy admin kubeconfig for root ansible.builtin.copy: src: /etc/kubernetes/admin.conf dest: /root/.kube/config owner: root group: root mode: "0600" remote_src: yes - name: Ensure kubeconfig directory for user exists ansible.builtin.file: path: "/home/adminuser/.kube" state: directory owner: "adminuser" group: "adminuser" mode: "0700" - name: Copy admin kubeconfig to user home ansible.builtin.copy: src: /etc/kubernetes/admin.conf dest: "/home/adminuser/.kube/config" owner: "adminuser" group: "adminuser" mode: "0600" remote_src: yes # === 11. Ждём API-сервер === - name: Wait for Kubernetes API to become reachable ansible.builtin.command: kubectl get --raw=/healthz register: api_health until: api_health.rc == 0 retries: 30 delay: 10 environment: KUBECONFIG: /etc/kubernetes/admin.conf # === 12. Ставим Flannel CNI (НЕ ждём Ready ноды до него) === - name: Install Flannel CNI ansible.builtin.command: > kubectl apply --validate=false -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml register: flannel_result until: flannel_result.rc == 0 retries: 10 delay: 6 environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: Wait for flannel DaemonSet to be Ready ansible.builtin.command: > kubectl -n kube-flannel rollout status daemonset/kube-flannel-ds --timeout=300s register: flannel_rollout until: flannel_rollout.rc == 0 retries: 5 delay: 15 environment: KUBECONFIG: /etc/kubernetes/admin.conf # === 13. Теперь ждём, пока нода станет Ready === - name: Wait for control-plane node to become Ready ansible.builtin.shell: | kubectl get node "$(hostname -s)" \ -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}' register: node_ready until: node_ready.stdout == "True" retries: 30 delay: 10 environment: KUBECONFIG: /etc/kubernetes/admin.conf # === 14. Ждём CoreDNS === - name: Wait for CoreDNS deployment to be Ready ansible.builtin.command: > kubectl -n kube-system rollout status deployment/coredns --timeout=300s register: coredns_rollout until: coredns_rollout.rc == 0 retries: 5 delay: 15 environment: KUBECONFIG: /etc/kubernetes/admin.conf # === 14. Разрешаем поды на master (как шаг 18), если нужно === - name: Allow scheduling pods on control-plane node ansible.builtin.command: > kubectl taint nodes --all node-role.kubernetes.io/control-plane- environment: KUBECONFIG: /etc/kubernetes/admin.conf when: false # === 15. Проверка статуса кластера === - name: Get nodes ansible.builtin.command: kubectl get nodes register: nodes_out environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: Show nodes ansible.builtin.debug: var: nodes_out.stdout - name: Get all pods in all namespaces ansible.builtin.command: kubectl get pods -A register: pods_out environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: Show pods ansible.builtin.debug: var: pods_out.stdout # === 16. Вывести join-команду (как шаг 20) === - name: Get kubeadm join command ansible.builtin.command: kubeadm token create --print-join-command register: join_cmd - name: Show join command ansible.builtin.debug: msg: "Use this command on workers: {{ join_cmd.stdout }}"