diff --git a/ansible/bootstrap.yml b/ansible/bootstrap.yml
index 61ad3237b5615764f46c3c42ded2811453ccdbed..59110d209ac0d32cf1e61dde30ab4555bea406cb 100644
--- a/ansible/bootstrap.yml
+++ b/ansible/bootstrap.yml
@@ -37,29 +37,30 @@
# See https://open.greenhost.net/openappstack/openappstack/issues/102
strategy: linear
roles:
- - role: configure
- tags: ['configure']
+ - role: pre-configure
+ tags: ['pre-configure']
-- name: Prepare nodes
- hosts: all
- roles:
- - role: prepare_node
- tags: ['prepare_node']
-
-- name: Install control shell
+- name: Install Kubernetes
hosts: master
tasks:
- name: Run everything
block:
- import_role:
- name: get_control
- tags: ['get_control']
- # - import_role:
- # name: rke_configuration
- # tags: ['rke_configuration']
+ name: configure
+ tags: ['configure']
- import_role:
- name: setup
- tags: ['setup']
+ name: setup-kubernetes
+ tags: ['setup-kubernetes']
+ always:
+ - import_role:
+ name: finalize
+ tags: ['finalize']
+
+- name: Install OpenAppStack
+ hosts: master
+ tasks:
+ - name: Run everything
+ block:
- import_role:
name: apps
tags: ['apps']
diff --git a/ansible/roles/additional_config/README.md b/ansible/roles/additional_config/README.md
deleted file mode 100644
index abbef3b627044555998867b1d2ba2502fea23a51..0000000000000000000000000000000000000000
--- a/ansible/roles/additional_config/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-This role configures the cluster after app installation has started via
-flux.
-All resources that are not needed for flux should go here, so we save time by
-starting the flux install process early in the background.
diff --git a/ansible/roles/additional_config/tasks/dns.yml b/ansible/roles/additional_config/tasks/dns.yml
deleted file mode 100644
index 6ac1cdeed52633b9854f80bd57a2edc062e1ddec..0000000000000000000000000000000000000000
--- a/ansible/roles/additional_config/tasks/dns.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Use core-dns service for system resolver
- tags:
- - dns
- - core-dns
- lineinfile:
- path: /etc/resolv.conf
- insertbefore: BOF
- line: nameserver 10.43.0.10
diff --git a/ansible/roles/additional_config/tasks/main.yml b/ansible/roles/additional_config/tasks/main.yml
deleted file mode 100644
index c1ba30e5f842c4b78019646d597f21872fefe399..0000000000000000000000000000000000000000
--- a/ansible/roles/additional_config/tasks/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-- import_tasks: dns.yml
diff --git a/ansible/roles/apps/tasks/flux.yml b/ansible/roles/apps/tasks/core.yml
similarity index 94%
rename from ansible/roles/apps/tasks/flux.yml
rename to ansible/roles/apps/tasks/core.yml
index ddafeb9fffde54bd692dac6014f5ffa9cf0325b9..f4fe15e78257dbb7fff13b902c8365160883bf0d 100644
--- a/ansible/roles/apps/tasks/flux.yml
+++ b/ansible/roles/apps/tasks/core.yml
@@ -1,4 +1,18 @@
---
+- name: Create OAS namespaces
+ tags:
+ - kubernetes
+ - namespace
+ k8s:
+ name: '{{ item }}'
+ api_version: v1
+ kind: Namespace
+ state: present
+ with_items:
+ - 'oas'
+ - 'oas-apps'
+ - 'cert-manager'
+
- name: Install helm-operator
tags:
- flux
diff --git a/ansible/roles/apps/tasks/main.yml b/ansible/roles/apps/tasks/main.yml
index 129244cbeaee7995076ad52cbb3e2598b9be5ea5..8d5af2a12c9ad74231d2e60f28ffc1ae4bf778c8 100644
--- a/ansible/roles/apps/tasks/main.yml
+++ b/ansible/roles/apps/tasks/main.yml
@@ -1,7 +1,7 @@
---
-- name: Install helm operator, local-path-provisioner and flux
- import_tasks: flux.yml
+- name: Install namespaces, helm operator, local-path-provisioner and flux
+ import_tasks: core.yml
- name: Tasks pertaining to cert-manager
import_tasks: cert-manager.yml
diff --git a/ansible/roles/get_control/files/bashrc_oas b/ansible/roles/configure/files/bashrc_oas
similarity index 100%
rename from ansible/roles/get_control/files/bashrc_oas
rename to ansible/roles/configure/files/bashrc_oas
diff --git a/ansible/roles/get_control/files/oas-version-info.sh b/ansible/roles/configure/files/oas-version-info.sh
similarity index 100%
rename from ansible/roles/get_control/files/oas-version-info.sh
rename to ansible/roles/configure/files/oas-version-info.sh
diff --git a/ansible/roles/configure/tasks/main.yml b/ansible/roles/configure/tasks/main.yml
index 3815107ec6c43f4bb01cd63a5f4e2d0aff8b1cc6..07eea015fbcdb1c6d9a4facd255c2bf290f794d9 100644
--- a/ansible/roles/configure/tasks/main.yml
+++ b/ansible/roles/configure/tasks/main.yml
@@ -1,119 +1,102 @@
---
+# Create relevant directories
-- name: Configure journald
- import_tasks: journald.yml
+- name: Create some directories
+ file:
+ path: "{{ item }}"
+ state: directory
+ become: true
+ with_items:
+ - "{{ configuration_directory }}"
+ - "/usr/local/share/bash-completion/completions"
-- name: Update apt packages cache and install needed packages
- # apt-transport-https is needed for docker apt repo
- # curl and git is needed for helm plugin install
- tags:
- - firewall
- apt:
- state: present
- name:
- - apt-transport-https
- - curl
- - dnsutils
- - git
- - nftables
- - rsync
- - snapd
- - unattended-upgrades
- # Update again after 1 day
- cache_valid_time: 86400
- update_cache: yes
+- name: Create README in configuration directory
+ template:
+ src: configuration_README.md
+ dest: "{{ configuration_directory }}/README.md"
+ become: true
-- name: Remove unwanted packages
+- name: Install bash-completion
tags:
- - package
+ - bash
+ - completion
package:
- state: absent
- name: "{{ item }}"
- with_items:
- # In order to save disk space we remove traditional syslog packages
- # and only rely on systemd journald
- # see https://open.greenhost.net/openappstack/openappstack/-/issues/575
- - rsyslog
- - syslog-ng
+ name: "bash-completion"
-- name: Install python deps
+- name: Add kubectl bash kompletion
tags:
- - package
- package:
- name: "{{ item }}"
- with_items:
- - python3-pip
- - python3-setuptools
- - python3-wheel
- - python3-psutil
+ - bash
+ - kubectl
+ - completion
+ shell: kubectl completion bash > /etc/bash_completion.d/kubectl
+ args:
+ creates: /etc/bash_completion.d/kubectl
-- name: Install python packages via pip3
+- name: Add helm bash completion
tags:
- - package
- - pip
- pip:
- name:
- # The openshift python package is needed for ansible k8s resource.
- - openshift
- executable: /usr/bin/pip3
-
-- name: Set configuration directory
- set_fact:
- configuration_directory: "{{ configuration_directory }}"
-
-- name: Install kubectl snap
- # kubectl needs to get installed as "classic" snap
- command: snap install --classic kubectl
+ - bash
+ - helm
+ - completion
+ shell: helm completion bash > /etc/bash_completion.d/helm
args:
- creates: /snap/bin/kubectl
-
-- name: Create kubectl symlink to /usr/local/bin
- file:
- state: link
- src: /snap/bin/kubectl
- dest: /usr/local/bin/kubectl
+ creates: /etc/bash_completion.d/helm
-- name: Get current helm version
+- name: Deploy /root/.bashrc_oas
tags:
- - helm
- shell: helm version | grep 'Client' | cut -d'"' -f 2 | tr -d 'v'
- failed_when: false
- register: helm_version
- changed_when: false
+ - bash
+ - krew
+ copy:
+ dest: /root/.bashrc_oas
+ src: bashrc_oas
-- name: Show current helm version
+- name: Source /root/.bashrc_oas from /root/.bashrc
tags:
- - helm
- - debug
- debug:
- msg: 'Current helm version is: {{ helm_version.stdout }}'
+ - bash
+ blockinfile:
+ path: "/root/.bashrc"
+ state: present
+ create: true
+ block: |
+ # Source Openappstack addtions from .bashrc_oas
+ . /root/.bashrc_oas
-- name: Download helm install script
+- name: Record OpenAppStack version info
tags:
- - helm
- get_url:
- url: https://raw.githubusercontent.com/helm/helm/master/scripts/get
- dest: /usr/local/bin/get-helm
- force: yes
- mode: '0755'
- become: true
+ - version
+ shell: "{{ item }}"
+ with_items:
+ - cat ../VERSION
+ - git log --pretty=format:"%H" -n 1
+ - git tag -l $(<../VERSION) '--format=%(*objectname)'
+ delegate_to: localhost
+ register: openappstack_version
+ changed_when: false
-- name: Install helm
+- name: Create OpenAppStack version file
tags:
- - helm
- command: /usr/local/bin/get-helm --version v{{ helm.version }}
- when: helm_version.stdout != helm.version
+ - version
+ template:
+ src: "version.txt"
+ dest: "/var/lib/OpenAppStack/version.txt"
+ mode: "0444"
+ become: true
-- name: Get list of installed helm repos
+- name: Install oas-version-info.sh script
tags:
- - helm
- command: /usr/local/bin/helm repo list
- # `helm repo list` exits with an error code if the list of repos is empty.
- failed_when: false
- register: helm_repo_list
+ - debug
+ - scripts
+ - version
+ copy:
+ dest: /usr/local/bin/
+ src: oas-version-info.sh
+ mode: '0755'
+ become: true
-- name: Add helm stable repo
+- name: Use core-dns service for system resolver
tags:
- - helm
- command: /usr/local/bin/helm repo add stable https://kubernetes-charts.storage.googleapis.com/
- when: not (helm_repo_list.stdout | regex_search('^stable\\s', multiline=True))
+ - dns
+ - core-dns
+ lineinfile:
+ path: /etc/resolv.conf
+ insertbefore: BOF
+ line: nameserver 10.43.0.10
diff --git a/ansible/roles/get_control/templates/configuration_README.md b/ansible/roles/configure/templates/configuration_README.md
similarity index 100%
rename from ansible/roles/get_control/templates/configuration_README.md
rename to ansible/roles/configure/templates/configuration_README.md
diff --git a/ansible/roles/get_control/templates/version.txt b/ansible/roles/configure/templates/version.txt
similarity index 100%
rename from ansible/roles/get_control/templates/version.txt
rename to ansible/roles/configure/templates/version.txt
diff --git a/ansible/roles/get_control/tasks/main.yml b/ansible/roles/get_control/tasks/main.yml
deleted file mode 100644
index 92dae4fd2a2b96be6027ebbe2bcf5e867e9cf53e..0000000000000000000000000000000000000000
--- a/ansible/roles/get_control/tasks/main.yml
+++ /dev/null
@@ -1,134 +0,0 @@
----
-
-- name: Create some directories
- file:
- path: "{{ item }}"
- state: directory
- become: true
- with_items:
- - "{{ configuration_directory }}"
- - "{{ data_directory }}"
- - "{{ data_directory }}/ssh"
- - "{{ data_directory }}/rke"
- - "/usr/local/share/bash-completion/completions"
-
-- name: Create directory for values
- file:
- path: "{{ configuration_directory }}/values"
- state: directory
- become: true
-
-- name: Create README in configuration directory
- template:
- src: configuration_README.md
- dest: "{{ configuration_directory }}/README.md"
- become: true
-
-- name: Generate SSH keys for rke
- shell: ssh-keygen -f {{ data_directory }}/ssh/ssh_key -C "oas-control@${hostname}" -q -N ""
- args:
- creates: "{{ data_directory }}/ssh/ssh_key"
- become: true
-
-- name: Retrieve new public key
- slurp:
- src: "{{ data_directory }}/ssh/ssh_key.pub"
- register: ssh_key
- become: true
-
-- name: Allow access to node using new key
- authorized_key:
- key: "{{ ssh_key.content | b64decode }}"
- user: "root"
- comment: "OpenAppStack control"
- become: true
-
-- name: Store external ip on the node itself
- copy:
- content: "{{ ip_address }}"
- dest: "{{ data_directory }}/ip"
-
-- name: Install bash-completion
- tags:
- - bash
- - completion
- package:
- name: "bash-completion"
-
-- name: Add kubectl bash kompletion
- tags:
- - bash
- - kubectl
- - completion
- shell: kubectl completion bash > /etc/bash_completion.d/kubectl
- args:
- creates: /etc/bash_completion.d/kubectl
-
-- name: Add helm bash completion
- tags:
- - bash
- - helm
- - completion
- shell: helm completion bash > /etc/bash_completion.d/helm
- args:
- creates: /etc/bash_completion.d/helm
-
-- name: Deploy /root/.bashrc_oas
- tags:
- - bash
- - krew
- copy:
- dest: /root/.bashrc_oas
- src: bashrc_oas
-
-- name: Source /root/.bashrc_oas from /root/.bashrc
- tags:
- - bash
- blockinfile:
- path: "/root/.bashrc"
- state: present
- create: true
- block: |
- # Source Openappstack addtions from .bashrc_oas
- . /root/.bashrc_oas
-
-- name: Remove old oas_control and oas_control scripts
- file:
- state: absent
- path: '/usr/local/bin/{{ item }}'
- with_items:
- - 'oas_control'
- - 'oas_controlshell'
- become: true
-
-- name: Record OpenAppStack version info
- tags:
- - version
- shell: "{{ item }}"
- with_items:
- - cat ../VERSION
- - git log --pretty=format:"%H" -n 1
- - git tag -l $(<../VERSION) '--format=%(*objectname)'
- delegate_to: localhost
- register: openappstack_version
- changed_when: false
-
-- name: Create OpenAppStack version file
- tags:
- - version
- template:
- src: "version.txt"
- dest: "/var/lib/OpenAppStack/version.txt"
- mode: "0444"
- become: true
-
-- name: Install oas-version-info.sh script
- tags:
- - debug
- - scripts
- - version
- copy:
- dest: /usr/local/bin/
- src: oas-version-info.sh
- mode: '0755'
- become: true
diff --git a/ansible/roles/configure/handlers/main.yml b/ansible/roles/pre-configure/handlers/main.yml
similarity index 100%
rename from ansible/roles/configure/handlers/main.yml
rename to ansible/roles/pre-configure/handlers/main.yml
diff --git a/ansible/roles/prepare_node/tasks/main.yml b/ansible/roles/pre-configure/tasks/firewall.yml
similarity index 90%
rename from ansible/roles/prepare_node/tasks/main.yml
rename to ansible/roles/pre-configure/tasks/firewall.yml
index 8ceabfb7456c3819fb82cdd3a48d6dfa5711001a..a94a49059620eaabb754329397138373991a910a 100644
--- a/ansible/roles/prepare_node/tasks/main.yml
+++ b/ansible/roles/pre-configure/tasks/firewall.yml
@@ -40,6 +40,3 @@
state: absent
path: "/etc/iptables/"
become: true
-
- # - name: Install docker if necessary
- # import_tasks: "docker.yml"
diff --git a/ansible/roles/configure/tasks/journald.yml b/ansible/roles/pre-configure/tasks/journald.yml
similarity index 100%
rename from ansible/roles/configure/tasks/journald.yml
rename to ansible/roles/pre-configure/tasks/journald.yml
diff --git a/ansible/roles/pre-configure/tasks/main.yml b/ansible/roles/pre-configure/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4d5036284b5ef6a396b4df9a6e363c4f301996bf
--- /dev/null
+++ b/ansible/roles/pre-configure/tasks/main.yml
@@ -0,0 +1,110 @@
+---
+# Configures the VPS and ensures all the software we need running on it, is
+# running on it.
+
+- name: Configure journald
+ import_tasks: journald.yml
+
+- name: Update apt packages cache and install needed packages
+ # apt-transport-https is needed for docker apt repo
+ # curl and git is needed for helm plugin install
+ tags:
+ - firewall
+ apt:
+ state: present
+ name:
+ - apt-transport-https
+ - curl
+ - dnsutils
+ - git
+ - nftables
+ - rsync
+ - snapd
+ - unattended-upgrades
+ # Update again after 1 day
+ cache_valid_time: 86400
+ update_cache: yes
+
+- name: Remove unwanted packages
+ tags:
+ - package
+ package:
+ state: absent
+ name: "{{ item }}"
+ with_items:
+ # In order to save disk space we remove traditional syslog packages
+ # and only rely on systemd journald
+ # see https://open.greenhost.net/openappstack/openappstack/-/issues/575
+ - rsyslog
+ - syslog-ng
+
+- name: Install python deps
+ tags:
+ - package
+ package:
+ name: "{{ item }}"
+ with_items:
+ - python3-pip
+ - python3-setuptools
+ - python3-wheel
+ - python3-psutil
+
+- name: Install python packages via pip3
+ tags:
+ - package
+ - pip
+ pip:
+ name:
+ # The openshift python package is needed for ansible k8s resource.
+ - openshift
+ executable: /usr/bin/pip3
+
+- name: Set configuration directory
+ set_fact:
+ configuration_directory: "{{ configuration_directory }}"
+
+- name: Install kubectl snap
+ # kubectl needs to get installed as "classic" snap
+ command: snap install --classic kubectl
+ args:
+ creates: /snap/bin/kubectl
+
+- name: Create kubectl symlink to /usr/local/bin
+ file:
+ state: link
+ src: /snap/bin/kubectl
+ dest: /usr/local/bin/kubectl
+
+- name: Get current helm version
+ tags:
+ - helm
+ shell: helm version | grep 'Client' | cut -d'"' -f 2 | tr -d 'v'
+ failed_when: false
+ register: helm_version
+ changed_when: false
+
+- name: Show current helm version
+ tags:
+ - helm
+ - debug
+ debug:
+ msg: 'Current helm version is: {{ helm_version.stdout }}'
+
+- name: Download helm install script
+ tags:
+ - helm
+ get_url:
+ url: https://raw.githubusercontent.com/helm/helm/master/scripts/get
+ dest: /usr/local/bin/get-helm
+ force: yes
+ mode: '0755'
+ become: true
+
+- name: Install helm
+ tags:
+ - helm
+ command: /usr/local/bin/get-helm --version v{{ helm.version }}
+ when: helm_version.stdout != helm.version
+
+- name: Configure firewall
+ import_tasks: journald.yml
diff --git a/ansible/roles/configure/templates/journald.conf b/ansible/roles/pre-configure/templates/journald.conf
similarity index 100%
rename from ansible/roles/configure/templates/journald.conf
rename to ansible/roles/pre-configure/templates/journald.conf
diff --git a/ansible/roles/prepare_node/templates/nftables.conf b/ansible/roles/pre-configure/templates/nftables.conf
similarity index 100%
rename from ansible/roles/prepare_node/templates/nftables.conf
rename to ansible/roles/pre-configure/templates/nftables.conf
diff --git a/ansible/roles/prepare_node/defaults/main.yml b/ansible/roles/prepare_node/defaults/main.yml
deleted file mode 100644
index 289cb485f980bc2748aa0c9e598e55452c3ebe7a..0000000000000000000000000000000000000000
--- a/ansible/roles/prepare_node/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-docker_version: "5:18.09.2~3-0~debian-buster"
diff --git a/ansible/roles/prepare_node/handlers/main.yml b/ansible/roles/prepare_node/handlers/main.yml
deleted file mode 100644
index 7ae65fb9b0f8e808aa4e3d9af0765619893d3ac9..0000000000000000000000000000000000000000
--- a/ansible/roles/prepare_node/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: restart docker
- service:
- name: "docker"
- state: restarted
diff --git a/ansible/roles/prepare_node/tasks/docker.yml b/ansible/roles/prepare_node/tasks/docker.yml
deleted file mode 100644
index 68efeb811c3a3c24af9b65523701003664e2e9ab..0000000000000000000000000000000000000000
--- a/ansible/roles/prepare_node/tasks/docker.yml
+++ /dev/null
@@ -1,77 +0,0 @@
----
-
-- name: Install docker apt repo key
- tags:
- - apt
- - docker
- apt_key:
- url: "https://download.docker.com/linux/debian/gpg"
- id: "0x8D81803C0EBFCD88"
- become: true
-
-- name: Add docker apt repo
- tags:
- - apt
- - docker
- apt_repository:
- repo: "deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_facts['lsb']['codename'] }} stable"
- update_cache: true
- become: true
-
-- name: Gather the apt package facts
- tags:
- - docker
- package_facts:
- manager: auto
-
-# see https://rancher.com/docs/rke/latest/en/os/#software
-# Prevents docker from beeing upgraded to a non-supported version
-- name: Pin docker version to the rancher supported one
- tags:
- - apt
- - docker
- template:
- dest: /etc/apt/preferences.d/docker
- src: docker/docker-preferences
-
-# Until https://github.com/ansible/ansible/pull/33677 gets implemented, there's
-# no way of downgrading a deb package, so we simply uninstall them first
-- name: Uninstall unsupported docker-ce packages
- tags:
- - docker
- package:
- name: "docker-ce"
- state: absent
- when:
- - ansible_facts.packages["docker-ce"] is defined
- - docker_version not in ansible_facts.packages["docker-ce"][0].version
- become: true
-
-- name: Uninstall unsupported docker-ce-cli packages
- tags:
- - docker
- package:
- name: "docker-ce-cli"
- state: absent
- when:
- - ansible_facts.packages["docker-ce-cli"] is defined
- - docker_version not in ansible_facts.packages["docker-ce-cli"][0].version
- become: true
-
-- name: Install docker
- tags:
- - docker
- package:
- name:
- - "docker-ce={{ docker_version }}"
- - "docker-ce-cli={{ docker_version }}"
- become: true
-
-- name: Deploy /etc/docker/daemon.json
- tags:
- - docker
- template:
- src: docker/daemon.json
- dest: /etc/docker/daemon.json
- notify:
- - restart docker
diff --git a/ansible/roles/prepare_node/templates/docker/daemon.json b/ansible/roles/prepare_node/templates/docker/daemon.json
deleted file mode 100644
index ab8aa4f1f4022b4ca2bf986264aef55a7b7e01bb..0000000000000000000000000000000000000000
--- a/ansible/roles/prepare_node/templates/docker/daemon.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "log-driver": "json-file",
- "log-opts": {
- "max-size": "50m",
- "max-file": "2"
- }
-}
diff --git a/ansible/roles/prepare_node/templates/docker/docker-preferences b/ansible/roles/prepare_node/templates/docker/docker-preferences
deleted file mode 100644
index 5d478e112cd81bb5cd205cd0a89a03925bb47df7..0000000000000000000000000000000000000000
--- a/ansible/roles/prepare_node/templates/docker/docker-preferences
+++ /dev/null
@@ -1,4 +0,0 @@
-Explanation: Pin docker version to the rancher supported one, see https://rancher.com/docs/rke/latest/en/os/#software
-Package: docker-ce*
-Pin: version {{ docker_version }}
-Pin-Priority: 1000
diff --git a/ansible/roles/setup/tasks/k3s.yml b/ansible/roles/setup-kubernetes/tasks/k3s.yml
similarity index 100%
rename from ansible/roles/setup/tasks/k3s.yml
rename to ansible/roles/setup-kubernetes/tasks/k3s.yml
diff --git a/ansible/roles/setup/tasks/krew.yml b/ansible/roles/setup-kubernetes/tasks/krew.yml
similarity index 100%
rename from ansible/roles/setup/tasks/krew.yml
rename to ansible/roles/setup-kubernetes/tasks/krew.yml
diff --git a/ansible/roles/setup/tasks/main.yml b/ansible/roles/setup-kubernetes/tasks/main.yml
similarity index 77%
rename from ansible/roles/setup/tasks/main.yml
rename to ansible/roles/setup-kubernetes/tasks/main.yml
index 7a9681d7bfb77f860ff73ba0c8da2f288def3177..3d6969dc3104ac007a6fd65b2b6b7caa4e6a1775 100644
--- a/ansible/roles/setup/tasks/main.yml
+++ b/ansible/roles/setup-kubernetes/tasks/main.yml
@@ -1,5 +1,4 @@
---
-- import_tasks: ssh.yml
- import_tasks: k3s.yml
- import_tasks: krew.yml
- import_tasks: namespaces.yml
diff --git a/ansible/roles/setup/tasks/rke.yml b/ansible/roles/setup-kubernetes/tasks/rke.yml
similarity index 100%
rename from ansible/roles/setup/tasks/rke.yml
rename to ansible/roles/setup-kubernetes/tasks/rke.yml
diff --git a/ansible/roles/setup/tasks/namespaces.yml b/ansible/roles/setup/tasks/namespaces.yml
deleted file mode 100644
index 7e35c0e0cb889904b8f377e9ad54c01e5431b86d..0000000000000000000000000000000000000000
--- a/ansible/roles/setup/tasks/namespaces.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-
-- name: Create OAS namespaces
- tags:
- - kubernetes
- - namespace
- k8s:
- name: '{{ item }}'
- api_version: v1
- kind: Namespace
- state: present
- with_items:
- - 'oas'
- - 'oas-apps'
- - 'cert-manager'
diff --git a/ansible/roles/setup/tasks/ssh.yml b/ansible/roles/setup/tasks/ssh.yml
deleted file mode 100644
index a1f2621e21435decd46173a2d09dba1b5ebb991b..0000000000000000000000000000000000000000
--- a/ansible/roles/setup/tasks/ssh.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-
-# `rke up` needs to ssh into localhost so we need to configure
-# ssh access
-- name: Get master ssh-rsa public hostkey
- tags:
- - ssh
- command: cut -d" " -f 1-2 /etc/ssh/ssh_host_rsa_key.pub
- changed_when: false
- register: master_rsa_pub_hostkey
-
-- name: Create ssh_known_hosts
- tags:
- - ssh
- copy:
- dest: "{{ data_directory }}/ssh/ssh_known_hosts"
- content: "{{ ip_address }} {{ master_rsa_pub_hostkey.stdout }}"