private-ai-platform/ansible/roles/k8s/install/03_master/tasks/main.yml

# roles/k8s/k8smaster/tasks/main.yml
---
# === 9. kubeadm init (аналог шага 14) ===
- name: Initialize Kubernetes control plane (kubeadm init)
  ansible.builtin.command: >
    kubeadm init
    --apiserver-advertise-address={{ ansible_default_ipv4.address }}
    --pod-network-cidr=10.244.0.0/16
  args:
    creates: /etc/kubernetes/admin.conf

# === 10. kubeconfig для root и пользователя ===
- name: Ensure kubeconfig directory for root exists
  ansible.builtin.file:
    path: /root/.kube
    state: directory
    mode: "0700"

- name: Copy admin kubeconfig for root
  ansible.builtin.copy:
    src: /etc/kubernetes/admin.conf
    dest: /root/.kube/config
    owner: root
    group: root
    mode: "0600"
    remote_src: yes

- name: Ensure kubeconfig directory for user exists
  ansible.builtin.file:
    path: "/home/adminuser/.kube"
    state: directory
    owner: "adminuser"
    group: "adminuser"
    mode: "0700"

- name: Copy admin kubeconfig to user home
  ansible.builtin.copy:
    src: /etc/kubernetes/admin.conf
    dest: "/home/adminuser/.kube/config"
    owner: "adminuser"
    group: "adminuser"
    mode: "0600"
    remote_src: yes

# === 11. Ждём API-сервер ===
- name: Wait for Kubernetes API to become reachable
  ansible.builtin.command: kubectl get --raw=/healthz
  register: api_health
  until: api_health.rc == 0
  retries: 30
  delay: 10
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

# === 12. Ставим Flannel CNI (НЕ ждём Ready ноды до него) ===
- name: Install Flannel CNI
  ansible.builtin.command: >
    kubectl apply --validate=false
    -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
  register: flannel_result
  until: flannel_result.rc == 0
  retries: 10
  delay: 6
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

- name: Wait for flannel DaemonSet to be Ready
  ansible.builtin.command: >
    kubectl -n kube-flannel rollout status daemonset/kube-flannel-ds --timeout=300s
  register: flannel_rollout
  until: flannel_rollout.rc == 0
  retries: 5
  delay: 15
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

# === 13. Теперь ждём, пока нода станет Ready ===
- name: Wait for control-plane node to become Ready
  ansible.builtin.shell: |
    kubectl get node "$(hostname -s)" \
      -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}'
  register: node_ready
  until: node_ready.stdout == "True"
  retries: 30
  delay: 10
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

# === 14. Ждём CoreDNS ===
- name: Wait for CoreDNS deployment to be Ready
  ansible.builtin.command: >
    kubectl -n kube-system rollout status deployment/coredns --timeout=300s
  register: coredns_rollout
  until: coredns_rollout.rc == 0
  retries: 5
  delay: 15
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

# === 14. Разрешаем поды на master (как шаг 18), если нужно ===
- name: Allow scheduling pods on control-plane node
  ansible.builtin.command: >
    kubectl taint nodes --all node-role.kubernetes.io/control-plane-
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf
  when: false

# === 15. Проверка статуса кластера ===
- name: Get nodes
  ansible.builtin.command: kubectl get nodes
  register: nodes_out
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

- name: Show nodes
  ansible.builtin.debug:
    var: nodes_out.stdout

- name: Get all pods in all namespaces
  ansible.builtin.command: kubectl get pods -A
  register: pods_out
  environment:
    KUBECONFIG: /etc/kubernetes/admin.conf

- name: Show pods
  ansible.builtin.debug:
    var: pods_out.stdout

# === 16. Вывести join-команду (как шаг 20) ===
- name: Get kubeadm join command
  ansible.builtin.command: kubeadm token create --print-join-command
  register: join_cmd

- name: Show join command
  ansible.builtin.debug:
    msg: "Use this command on workers: {{ join_cmd.stdout }}"