forked from kubernetes-sigs/kubespray
-
Notifications
You must be signed in to change notification settings - Fork 0
/
lab_setup.yml
120 lines (108 loc) · 4.1 KB
/
lab_setup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
# ACI fabric config must exist before we start deploying K8S, so I install acc provision on the ansible host.
# and I push the ACI config from there. After I will also install it on the kube-master
- hosts: 127.0.0.1
gather_facts: no
tasks:
- name: Install ACC Provision on the local host
pip:
name: acc-provision
version: 1.9.0
- name: Push ACI fabric config
command: /usr/local/bin/acc-provision --flavor=kubernetes-1.9 -a -u admin -p "{{ aci_admin_pass }}" -c roles/network_plugin/contiv-aci/defaults/main.yml -o /dev/null
register: command_result
failed_when: "'IOError' in command_result.stderr"
- name: Include vars of aci-provision
include_vars:
file: roles/network_plugin/contiv-aci/defaults/main.yml
- name: Create ACI Tenant
aci_tenant:
hostname: "{{ aci_config.apic_hosts[0] }}"
username: admin
password: "{{ aci_admin_pass }}"
validate_certs: no
tenant: "{{ aci_config.vrf.tenant }}"
state: present
- name: Create ACI VRF
aci_vrf:
hostname: "{{ aci_config.apic_hosts[0] }}"
username: admin
password: "{{ aci_admin_pass }}"
validate_certs: no
vrf: "{{ aci_config.vrf.name }}"
tenant: "{{ aci_config.vrf.tenant }}"
state: present
- name: Create ACI L3OUT (Just L3OUT and ExtEPG)
aci_rest:
hostname: "{{ aci_config.apic_hosts[0] }}"
username: admin
password: "{{ aci_admin_pass }}"
validate_certs: no
path: "/api/mo/uni/tn-{{ aci_config.vrf.tenant }}.json"
method: post
content: |
{
"l3extOut": {
"attributes": {
"descr": "",
"dn": "uni/tn-{{ aci_config.vrf.tenant }}/out-{{ aci_config.l3out.name }}",
"enforceRtctrl": "export",
"name": """{{ aci_config.l3out.name }}""",
"nameAlias": "",
"ownerKey": "",
"ownerTag": "",
"targetDscp": "unspecified"
},
"children": [
{
"l3extRsEctx": {
"attributes": {
"tnFvCtxName": """{{ aci_config.vrf.name }}"""
}
}
},
{
"l3extInstP": {
"attributes": {
"descr": "",
"floodOnEncap": "disabled",
"matchT": "AtleastOne",
"name": """{{ aci_config.l3out.external_networks[0] }}""",
"nameAlias": "",
"prefGrMemb": "exclude",
"prio": "unspecified",
"targetDscp": "unspecified"
},
"children": [
{
"l3extSubnet": {
"attributes": {
"aggregate": "",
"descr": "",
"ip": "0.0.0.0/0",
"name": "",
"nameAlias": "",
"scope": "import-security"
}
}
}
]
}
}
]
}
}
#- hosts: vmware-vm
# gather_facts: False
# connection: local
# roles:
# - vmware-vm
- hosts: all
gather_facts: True
roles:
- aci-host
- hosts: kube-master
gather_facts: False
roles:
- aci-host/acc-provision
- include: cluster.yml