massive refactor: support destroy & more robust

.gitignore

@@ -3,4 +3,6 @@
 retry_files/
 fact_files/
 .vagrant/
-tmp/
+tmp/
+downloads/
+resources/

ansible.cfg

@@ -4,7 +4,7 @@ inventory = inventory.ini
 transport = ssh
 host_key_checking = False
 
-gathering = explicit
+# gathering = explicit
 fact_caching = jsonfile
 fact_caching_connection = fact_files
 retry_files_save_path = retry_files

deploy-cluster.yml

@@ -1,5 +1,6 @@
 ---
 - include: prepare.yml
+ when: not net_install
 
 - include: deploy-etcd.yml
 

destroy.yml

@@ -0,0 +1,131 @@
+---
+- hosts: masters
+ tasks:
+ - name: Detect kubernetes cluster exist
+ stat: path="{{ remote_bin_dir }}/kubectl"
+ register: st
+ - name: Delete all namespaces
+ shell: "{{ remote_bin_dir }}/kubectl get ns|awk '/Active/{print $1}'|grep -v default|grep -v kube-system|xargs -i {{ remote_bin_dir }}/kubectl delete ns {}"
+ when: st.stat.exists
+ run_once: true
+ register: output
+ changed_when: "'delete' in output.stdout"
+ - name: Drain all nodes
+ shell: "{{ remote_bin_dir }}/kubectl drain {{ item }} --ignore-daemonsets"
+ register: output
+ when: st.stat.exists
+ changed_when: "'already cordoned' not in output.stdout"
+ with_items: "{{ groups['nodes'] }}"
+
+- hosts: nodes
+ become: true
+ tasks:
+ - name: Detect service exist
+ stat: path=/etc/init/kubelet.conf
+ register: st
+ - name: Disable node services
+ service: name={{ item }} enabled=no
+ when: st.stat.exists
+ with_items:
+ - kubelet
+ - kube-proxy
+ - name: Stop node services
+ service: name={{ item }} state=stopped
+ when: st.stat.exists
+ with_items:
+ - kubelet
+ - kube-proxy
+
+
+- hosts: masters
+ become: true
+ tasks:
+ - name: Detect service exist
+ stat: path=/etc/init/kube-apiserver.conf
+ register: st
+ - name: Disable master services
+ service: name={{ item }} enabled=no
+ when: st.stat.exists
+ with_items:
+ - kubelet
+ - kube-apiserver
+ - kube-proxy
+ - kube-scheduler
+ - kube-controller-manager
+ - name: Stop master services
+ service: name={{ item }} state=stopped
+ when: st.stat.exists
+ with_items:
+ - kubelet
+ - kube-apiserver
+ - kube-proxy
+ - kube-scheduler
+ - kube-controller-manager
+
+
+- hosts: etcd
+ become: true
+ tasks:
+ - name: Detect service exist
+ stat: path=/etc/init/etcd.conf
+ register: st
+ - name: Disable services
+ service: name=etcd enabled=no
+ when: st.stat.exists
+ - name: Stop services
+ service: name=etcd state=stopped
+ when: st.stat.exists
+
+
+- hosts: all
+ become: true
+ tasks:
+ - name: Detect existing k8s containers
+ shell: "docker ps -a | awk '/k8s_/{print $1}' | wc -l"
+ register: k8s_containers
+ changed_when: k8s_containers.rc != 0
+ - name: Remove all k8s containers
+ shell: "docker ps -a | awk '/k8s_/{print $1}' | xargs -i docker rm -f -v {}"
+ when: k8s_containers.stdout != "0"
+ register: res
+ changed_when: res.rc == 0
+ - name: Detect existing k8s volumes
+ shell: "df -h | awk '/kubelet/{print $6}' | wc -l"
+ register: k8s_volumes
+ changed_when: k8s_volumes.rc != 0
+ - name: Unmount all k8s volumes
+ shell: "df -h | awk '/kubelet/{print $6}' | xargs -i umount {}"
+ when: k8s_volumes.stdout != "0"
+ register: res
+ changed_when: res.rc == 0
+ - name: Delete all files
+ file: path={{ item }} state=absent
+ with_items:
+ - /etc/init/kubelet.conf
+ - /etc/init/kube-proxy.conf
+ - /etc/init/kube-scheduler.conf
+ - /etc/init/kube-controller-manager.conf
+ - /etc/init/kube-apiserver.conf
+ - /etc/kubernetes
+ - /etc/etcd
+ - /etc/cni
+ - "{{ remote_bin_dir }}/hyperkube"
+ - "{{ remote_bin_dir }}/etcd"
+ - "{{ remote_bin_dir }}/etcdctl"
+ - "{{ remote_bin_dir }}/kubectl"
+ - "{{ remote_bin_dir }}/kubelet"
+ - "{{ remote_bin_dir }}/proxy"
+ - "{{ remote_bin_dir }}/scheduler"
+ - "{{ remote_bin_dir }}/apiserver"
+ - "{{ remote_bin_dir }}/controller-manager"
+ - "{{ remote_bin_dir }}/federation-apiserver"
+ - "{{ remote_bin_dir }}/federation-controller-manager"
+ - "{{ remote_bin_dir }}/cert-generator.sh"
+ - "{{ remote_bin_dir }}/docker-load.sh"
+ - "{{ remote_image_dir }}"
+ - /usr/local/bin/nsenter
+ - /opt/cni
+ - /var/log/kubernetes
+ - /var/lib/kubelet
+ - /var/log/etcd
+ - /var/lib/etcd

group_vars/all.yml

@@ -1,17 +1,62 @@
-cluster_name: cluster.local
-kube_master_ip: 10.7.0.10
-kube_service_cidr: 10.254.0.0/16
-calico_ippool_cidr: 172.16.0.0/16
 concurrent_node: 3 # deploy node concurrency
 
 essentials_installed: false # essential packages(docker,nsenter,socat...) installed
 net_install: false
-all_in_one: false
 
-public_iface: eth1 # for vagrant change this to eth1
+######### directory settings ##########
+download_dir: downloads
+bin_dir: resources/bin
+image_dir: resources/image
+remote_bin_dir: /opt/bin
+remote_image_dir: /opt/images
+
+
+########### addons settings ###########
 
 # kube-addons
 kube_ui: false
 cluster_logging: false
 cluster_monitoring: false
 kube_network_policy: false
+
+######### version settings ###########
+## binaries
+etcd_version: 2.2.5
+kube_version: 1.5.1
+nsenter_version: 2.25.2
+
+## images
+# util
+pause_version: 3.0
+exechealthz_version: 1.2
+# addon-manager
+kube_addon_manager_version: 6.1
+# dns
+kubedns_version: 1.9
+kube_dnsmasq_version: 1.4
+dnsmasq_metrics_version: 1.0
+# network
+calico_cni_version: 1.5.5
+calico_node_version: 1.0.0
+calico_ctl_version: 1.0.0
+kube_policy_controller_version: 0.5.1
+# dashboard
+kubernetes_dashboard_version: 1.5.0
+# logging
+fluentd_elasticsearch_version: 1.20
+elasticsearch_verison: 2.4.1
+kibana_version: 4.6.1
+# monitoring
+prometheus_version: 1.4.1
+node_exporter_version: 0.13.0
+grafana_version: 4.0.2
+
+######### network settings ##########
+cluster_name: cluster.local
+kube_master_ip: 10.7.0.10
+kube_service_cidr: 10.254.0.0/16
+calico_ippool_cidr: 172.16.0.0/16
+public_iface: eth1 # for vagrant change this to eth1
+
+dns_server: "{{ kube_service_cidr|ipaddr('net')|ipaddr(10)|ipaddr('address') }}"
+dns_domain: "{{ cluster_name }}"

prepare.yml

@@ -1,14 +1,8 @@
 ---
-- name: Prepare binaries on local machine
+- name: Prepare binaries and docker images on local machine
  hosts: localhost
  connection: local
  become: false
  gather_facts: false
  roles:
  - local
-
-- name: Prepare binaries on remote machines
- hosts: all
- become: true
- roles:
- - remote

roles/addons/tasks/dashboard.yml

@@ -0,0 +1,9 @@
+---
+- name: Create dashboard addons directory
+ file: path=/etc/kubernetes/addons state=directory mode=0755
+
+- name: Install kubernetes dashboard
+ template: src="dashboard/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/dashboard/{{ item }}.yaml" mode=0644
+ with_items:
+ - dashboard-controller
+ - dashboard-service

roles/addons/tasks/logging.yml

@@ -0,0 +1,12 @@
+---
+- name: Create logging addons directory
+ file: path=/etc/kubernetes/addons/logging state=directory mode=0755
+
+- name: Install logging addons
+ template: src="logging/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/logging/{{ item }}.yaml" mode=0644
+ with_items:
+ - es-rc
+ - es-svc
+ - fluentd-ds
+ - kibana-rc
+ - kibana-svc

roles/addons/tasks/main.yml

@@ -1,41 +1,18 @@
 ---
 - name: Ensure addons directory exist
- file: path={{ item }} state=directory mode=0755
- with_items:
- - /etc/kubernetes/addons/dns
- - /etc/kubernetes/addons/dashboard
- - /etc/kubernetes/addons/logging
- - /etc/kubernetes/addons/monitoring
+ file: path=/etc/kubernetes/addons/dns state=directory mode=0755
 
 - name: Install kubedns
  template: src="dns/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/dns/{{ item }}.yaml" mode=0644
  with_items:
  - skydns-rc
  - skydns-svc
 
-- name: Install kubernetes dashboard
- template: src="dashboard/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/dashboard/{{ item }}.yaml" mode=0644
- with_items:
- - dashboard-controller
- - dashboard-service
+- include: dashboard.yml
  when: kube_ui
 
-- name: Install logging addons
- template: src="logging/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/logging/{{ item }}.yaml" mode=0644
- with_items:
- - es-rc
- - es-svc
- - fluentd-ds
- - kibana-rc
- - kibana-svc
+- include: logging.yml
  when: cluster_logging
 
-- name: Install monitoring addons
- template: src="monitoring/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/monitoring/{{ item }}.yaml" mode=0644
- with_items:
- - node-exporter-ds
- - prometheus-rc
- - prometheus-svc
- - grafana-rc
- - grafana-svc
+- include: monitoring.yml
  when: cluster_monitoring

roles/addons/tasks/monitoring.yml

@@ -0,0 +1,12 @@
+---
+- name: Create monitoring addons directory
+ file: path=/etc/kubernetes/addons/monitoring state=directory mode=0755
+
+- name: Install monitoring addons
+ template: src="monitoring/{{ item }}.yaml.j2" dest="/etc/kubernetes/addons/monitoring/{{ item }}.yaml" mode=0644
+ with_items:
+ - node-exporter-ds
+ - prometheus-rc
+ - prometheus-svc
+ - grafana-rc
+ - grafana-svc

roles/remote/tasks/install-docker.yml → roles/common/tasks/install-docker.yml

@@ -1,3 +1,4 @@
+---
 - name: Add dockerproject key
  apt_key:
  keyserver=hkp:https://p80.pool.sks-keyservers.net:80
@@ -17,8 +18,8 @@
 
 - name: Install docker
  apt:
- name=docker-engine
- state=latest
+ name="docker-engine=1.12.*"
+ state=present
+ force=yes
  install_recommends=no
  update_cache=yes
- when: ansible_os_family == 'Debian'

roles/remote/tasks/install-essentials.yml → roles/common/tasks/install-essentials.yml

@@ -1,7 +1,4 @@
 ---
-- name: Update cache
- apt: update_cache=yes
-
 - name: Install essentials packages
  apt:
  name='{{ item }}'
@@ -11,7 +8,6 @@
  - apt-transport-https
  - ca-certificates
  - socat
- - rsync
  - util-linux # nsenter
  when: ansible_os_family == 'Debian'