From e767c6a490aa75d4c5cb2aa0b2a9b8c0ddbb917c Mon Sep 17 00:00:00 2001
From: entlein <einentlein@gmail.com>
Date: Fri, 1 Jul 2022 09:29:58 +0200
Subject: [PATCH] reverting all my changes cause they didnt work
---
roles/rke2/handlers/main.yml | 7 -------
roles/rke2/tasks/config_rke2.yml | 13 ++-----------
roles/rke2/tasks/fix_selinux.yml | 8 ++++----
roles/rke2/tasks/main.yml | 11 ++++++-----
roles/rke2/tasks/registries.yml | 4 ++--
5 files changed, 14 insertions(+), 29 deletions(-)
diff --git a/roles/rke2/handlers/main.yml b/roles/rke2/handlers/main.yml
index 5389b9e..75b35a8 100644
--- a/roles/rke2/handlers/main.yml
+++ b/roles/rke2/handlers/main.yml
@@ -14,13 +14,6 @@
enabled: yes
state: restarted
daemon_reload: yes
- notify:
- - enable SELinux
-
-- name: enable SELinux
- selinux:
- policy: targeted
- state: enforcing
- name: reload rke2
ansible.builtin.systemd:
diff --git a/roles/rke2/tasks/config_rke2.yml b/roles/rke2/tasks/config_rke2.yml
index 76944ce..18040a8 100644
--- a/roles/rke2/tasks/config_rke2.yml
+++ b/roles/rke2/tasks/config_rke2.yml
@@ -33,20 +33,11 @@
template:
src: config.yaml.j2
dest: /etc/rancher/rke2/config.yaml
- # notify:
- # - restart rke2
+ notify:
+ - restart rke2
- name: enable rke2
ansible.builtin.systemd:
name: "rke2-{{ node_type }}"
enabled: yes
masked: no
-
-- name: restart rke2
- throttle: 1
- ansible.builtin.systemd:
- name: "rke2-{{ node_type }}"
- masked: no
- enabled: yes
- state: restarted
- daemon_reload: yes
\ No newline at end of file
diff --git a/roles/rke2/tasks/fix_selinux.yml b/roles/rke2/tasks/fix_selinux.yml
index a983f92..bee91ba 100644
--- a/roles/rke2/tasks/fix_selinux.yml
+++ b/roles/rke2/tasks/fix_selinux.yml
@@ -1,7 +1,7 @@
-- name: Sleep for 45 seconds so that the helm operator has deployed the deamonset
- ansible.builtin.wait_for:
- timeout: 45
- delegate_to: localhost
+# - name: Sleep for 45 seconds so that the helm operator has deployed the deamonset
+# ansible.builtin.wait_for:
+# timeout: 45
+# delegate_to: localhost
#- name: kill the openstack ccm pods to make sure they boot in permissive mode
# shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml rollout restart -n kube-system ds openstack-cloud-controller-manager "
diff --git a/roles/rke2/tasks/main.yml b/roles/rke2/tasks/main.yml
index 2a0b121..c54570b 100644
--- a/roles/rke2/tasks/main.yml
+++ b/roles/rke2/tasks/main.yml
@@ -6,21 +6,22 @@
- block:
- include_tasks: setup_host.yml
- include_tasks: install_rke2.yml
- when: ( not rke2_installed.stat.exists and state != 'absent' ) or (upgrade and state != 'absent' )
+ when: ( not rke2_installed.stat.exists and state != 'absent' and postinstall == 'False') or (upgrade and state != 'absent' and postinstall == 'False' )
- include_tasks: templates.yml
- when: "state != 'absent' and 'master' in group_names"
+ when: "state != 'absent' and 'master' in group_names and postinstall == 'False' "
- block:
- include_tasks: registries.yml
- include_tasks: config_rke2.yml
- when: state != 'absent'
+ when: state != 'absent' and postinstall == 'False'
- include_tasks: kubeconfig.yml
- when: state != 'absent' and 'master' in group_names
+ when: state != 'absent' and 'master' in group_names and postinstall == 'False'
+#This task runs only after the full installer went through and had a bit of time to boot, then starts to enforce SELinux
- include_tasks: fix_selinux.yml
- when: state != 'absent' and 'control-plane' in group_names
+ when: state != 'absent' and 'control-plane' in group_names and postinstall
- name: uninstall rke2
command: rke2-uninstall.sh
diff --git a/roles/rke2/tasks/registries.yml b/roles/rke2/tasks/registries.yml
index d9b8601..2341f70 100644
--- a/roles/rke2/tasks/registries.yml
+++ b/roles/rke2/tasks/registries.yml
@@ -2,6 +2,6 @@
template:
src: 'registry_mirrors.j2'
dest: '/etc/rancher/rke2/registries.yaml'
- # notify:
- # - restart rke2
+ notify:
+ - restart rke2
when: registry_mirrors is defined and registry_mirrors | length > 0
\ No newline at end of file
--
GitLab