From 0cbd993b3a3e3877b4a2564c940f65558fd5feb4 Mon Sep 17 00:00:00 2001 From: Elias Probst Date: Fri, 6 Sep 2024 20:38:43 +0200 Subject: [PATCH 1/2] fix: etc restore - don't fail in check mode In check mode, `active_server` is not guaranteed to be defined, thereby causing the Jinja of the existing `when` condition to fail. Fix this, by also checking, whether `active_server` is defined. --- tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/main.yml b/tasks/main.yml index 90cc201..168a259 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -58,6 +58,7 @@ - name: Restore etcd specific tasks ansible.builtin.include_tasks: first_server_restore.yml when: + - active_server is defined - inventory_hostname == active_server or inventory_hostname == groups[rke2_servers_group_name].0 - do_etcd_restore is defined or do_etcd_restore_from_s3 is defined From 18cd57c837415f58fd2c832b7ba4ce2157f03481 Mon Sep 17 00:00:00 2001 From: Elias Probst Date: Fri, 6 Sep 2024 20:38:59 +0200 Subject: [PATCH 2/2] fix: allow to use check mode without failures Fix `when` conditions of various tasks to make them properly work with Ansible's check mode. --- tasks/change_config.yml | 5 ++++- tasks/first_server.yml | 12 +++++++++--- tasks/main.yml | 2 ++ tasks/remaining_nodes.yml | 1 + tasks/standalone.yml | 4 ++-- tasks/summary.yml | 1 + 6 files changed, 19 insertions(+), 6 deletions(-) diff --git a/tasks/change_config.yml b/tasks/change_config.yml index ec0b244..a0746f0 100644 --- a/tasks/change_config.yml +++ b/tasks/change_config.yml @@ -18,6 +18,7 @@ delay: 15 delegate_to: "{{ active_server | default(groups[rke2_servers_group_name].0) }}" run_once: true + when: not ansible_check_mode - name: Wait for all pods to be ready again ansible.builtin.shell: | @@ -34,4 +35,6 @@ delay: 15 delegate_to: "{{ active_server | default(groups[rke2_servers_group_name].0) }}" run_once: true - when: rke2_wait_for_all_pods_to_be_ready + when: + - not ansible_check_mode + - rke2_wait_for_all_pods_to_be_ready diff --git a/tasks/first_server.yml b/tasks/first_server.yml index ffc804f..a87557c 100644 --- a/tasks/first_server.yml +++ b/tasks/first_server.yml @@ -65,6 +65,7 @@ --token {{ rke2_token }} register: task_output # <- Registers the command output. changed_when: task_output.rc != 0 # <- Uses the return code to define when the task has changed. + when: not ansible_check_mode - name: Restore etcd from s3 when: do_etcd_restore_from_s3 is defined @@ -86,6 +87,7 @@ --token {{ rke2_token }} register: task_output # <- Registers the command output. changed_when: task_output.rc != 0 # <- Uses the return code to define when the task has changed. + when: not ansible_check_mode - name: Start RKE2 service on the first server ansible.builtin.systemd: @@ -116,7 +118,9 @@ - ('"cni plugin not initialized" in node_status.stdout' or '"kubelet is posting ready status." in node_status.stdout') retries: 100 delay: 15 - when: rke2_cni == 'none' + when: + - not ansible_check_mode + - rke2_cni == 'none' - name: Wait for the first server be ready - with CNI ansible.builtin.shell: | @@ -130,7 +134,9 @@ '" Ready " in first_server.stdout' retries: 40 delay: 15 - when: rke2_cni != 'none' + when: + - not ansible_check_mode + - rke2_cni != 'none' - name: Restore etcd - remove old .node-password.rke2 secrets ansible.builtin.shell: | @@ -140,7 +146,7 @@ executable: /bin/bash with_items: "{{ groups[rke2_cluster_group_name] }}" changed_when: false - when: inventory_hostname != item and (do_etcd_restore is defined or do_etcd_restore_from_s3 is defined) + when: not ansible_check_mode and inventory_hostname != item and (do_etcd_restore is defined or do_etcd_restore_from_s3 is defined) - name: Set an Active Server variable ansible.builtin.set_fact: diff --git a/tasks/main.yml b/tasks/main.yml index 168a259..e5e479b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -75,7 +75,9 @@ loop_var: _host_item when: - hostvars[_host_item].inventory_hostname == inventory_hostname + - installed_version is defined - installed_version != "not installed" + - rke2_version is defined - rke2_version != running_version - name: Flush handlers diff --git a/tasks/remaining_nodes.yml b/tasks/remaining_nodes.yml index d9ace5b..310a259 100644 --- a/tasks/remaining_nodes.yml +++ b/tasks/remaining_nodes.yml @@ -90,5 +90,6 @@ retries: 100 delay: 15 when: + - not ansible_check_mode - rke2_cni != 'none' - inventory_hostname == active_server or inventory_hostname == groups[rke2_servers_group_name].0 diff --git a/tasks/standalone.yml b/tasks/standalone.yml index fa2ce26..4b1e85a 100644 --- a/tasks/standalone.yml +++ b/tasks/standalone.yml @@ -50,7 +50,7 @@ - ('"cni plugin not initialized" in node_status.stdout' or '"kubelet is posting ready status." in node_status.stdout') retries: 100 delay: 15 - when: rke2_cni == 'none' + when: not ansible_check_mode and rke2_cni == 'none' - name: Wait for the first server be ready - with CNI ansible.builtin.shell: | @@ -64,4 +64,4 @@ - '" Ready " in first_server.stdout' retries: 40 delay: 15 - when: rke2_cni != 'none' + when: not ansible_check_mode rke2_cni != 'none' diff --git a/tasks/summary.yml b/tasks/summary.yml index e5a83c6..88dc321 100644 --- a/tasks/summary.yml +++ b/tasks/summary.yml @@ -18,6 +18,7 @@ delegate_to: localhost become: false when: + - not ansible_check_mode - rke2_download_kubeconf | bool - name: Summary