From e43df6b7c98e22ec1a796cf1796b4b6b6612338f Mon Sep 17 00:00:00 2001 From: Simon Ungar Felding Date: Thu, 10 Oct 2024 15:48:18 +0200 Subject: [PATCH 1/2] remove old nodes when restoring etcd --- tasks/first_server.yml | 44 +++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/tasks/first_server.yml b/tasks/first_server.yml index a87557c..e6505f4 100644 --- a/tasks/first_server.yml +++ b/tasks/first_server.yml @@ -138,15 +138,41 @@ - not ansible_check_mode - rke2_cni != 'none' -- name: Restore etcd - remove old .node-password.rke2 secrets - ansible.builtin.shell: | - {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml \ - delete secret {{ item }}.node-password.rke2 -n kube-system 2>&1 || true - args: - executable: /bin/bash - with_items: "{{ groups[rke2_cluster_group_name] }}" - changed_when: false - when: not ansible_check_mode and inventory_hostname != item and (do_etcd_restore is defined or do_etcd_restore_from_s3 is defined) +- name: Restore etcd + when: do_etcd_restore is defined or do_etcd_restore_from_s3 is defined + block: + - name: Get registered nodes + ansible.builtin.shell: | + {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml \ + get nodes --no-headers | awk '{print $1}' + args: + executable: /bin/bash + changed_when: false + register: registered_node_names + + - name: Get all node names + ansible.builtin.set_fact: + node_names: "{{ hostvars | dict2items | map(attribute='value.rke2_node_name') }}" + run_once: true + register: node_names + + - name: remove old .node-password.rke2 secrets + ansible.builtin.shell: | + {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml \ + delete secret {{ item }}.node-password.rke2 -n kube-system 2>&1 || true + args: + executable: /bin/bash + with_items: "{{ registered_node_names.stdout_lines | difference(node_names) }}" + changed_when: false + + - name: remove old nodes + ansible.builtin.shell: | + {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml \ + delete node {{ item }} 2>&1 || true + args: + executable: /bin/bash + with_items: "{{ registered_node_names.stdout_lines | difference(node_names) }}" + changed_when: false - name: Set an Active Server variable ansible.builtin.set_fact: From 3e1842e1fa13a66e65fb77608c4ffc706b1a4cd5 Mon Sep 17 00:00:00 2001 From: Simon Ungar Felding Date: Thu, 10 Oct 2024 16:11:28 +0200 Subject: [PATCH 2/2] ease readability --- tasks/first_server.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tasks/first_server.yml b/tasks/first_server.yml index e6505f4..2c9e637 100644 --- a/tasks/first_server.yml +++ b/tasks/first_server.yml @@ -40,7 +40,13 @@ - name: Register if we need to do a etcd restore from s3 ansible.builtin.set_fact: do_etcd_restore_from_s3: true - when: not rke2_etcd_snapshot_file and rke2_etcd_snapshot_s3_options is defined and rke2_etcd_snapshot_s3_options.access_key and rke2_etcd_snapshot_s3_options.secret_key and rke2_etcd_snapshot_s3_options.bucket and rke2_etcd_snapshot_s3_options.snapshot_name + when: + - not rke2_etcd_snapshot_file + - rke2_etcd_snapshot_s3_options is defined + - rke2_etcd_snapshot_s3_options.access_key + - rke2_etcd_snapshot_s3_options.secret_key + - rke2_etcd_snapshot_s3_options.bucket + - rke2_etcd_snapshot_s3_options.snapshot_name - name: Restore etcd from file when: do_etcd_restore is defined