Open mikeholownych opened 5 years ago
Hello,
I have a similar problem. I need a solution. Can you help me ?
pwd
/Users/testuser/works/personal/test/ansible2/kube-ansible
ls
LICENSE Vagrantfile ansible.cfg cluster.yml extra-playbooks inventory roles
README.md addons.yml cluster.retry contrib hack reset-cluster.yml upgrade-cluster.yml
cat inventory/hosts.ini
[etcds]
192.168.1.11 ansible_ssh_user=testuser
192.168.1.12 ansible_ssh_user=testuser
192.168.1.13 ansible_ssh_user=testuser
[masters]
192.168.1.11 ansible_ssh_user=testuser
[nodes]
192.168.1.12 ansible_ssh_user=testuser
192.168.1.13 ansible_ssh_user=testuser
[kube-cluster:children]
masters
nodes
export ANSIBLE_HOST_KEY_CHECKING=False && time ansible-playbook -i inventory/hosts.ini cluster.yml
PLAY [masters] *****************************************************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] *********************************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:08 +0300 (0:00:00.136) 0:00:00.136 *******
ok: [192.168.1.11]
TASK [cluster-default : Configure cluster default vars] ************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:12 +0300 (0:00:04.009) 0:00:04.145 *******
ok: [192.168.1.11] => {
"msg": "Check roles/k8s-default/defaults/main.yml"
}
TASK [cluster-path : Configure cluster path vars] ******************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:12 +0300 (0:00:00.092) 0:00:04.238 *******
ok: [192.168.1.11] => {
"msg": "Check roles/cluster-path/defaults/main.yml"
}
TASK [download/package : Override local repository url] ************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:12 +0300 (0:00:00.087) 0:00:04.326 *******
TASK [download/package : Create download binaries tmp directory] ***************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:12 +0300 (0:00:00.084) 0:00:04.410 *******
ok: [192.168.1.11]
TASK [download/package : Create cfssl release directory] ***********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:13 +0300 (0:00:00.952) 0:00:05.362 *******
changed: [192.168.1.11]
TASK [download/package : Include download archive tasks] ***********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:14 +0300 (0:00:00.754) 0:00:06.117 *******
TASK [download/package : Include download binary tasks] ************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:14 +0300 (0:00:00.090) 0:00:06.208 *******
included: /Users/testuser/works/personal/test/ansible2/kube-ansible/roles/download/package/tasks/binary.yml for 192.168.1.11
TASK [download/package : Check cfssl binary already exists] ********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:14 +0300 (0:00:00.147) 0:00:06.356 *******
ok: [192.168.1.11]
TASK [download/package : Downloading cfssl file] *******************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:15 +0300 (0:00:00.950) 0:00:07.306 *******
[WARNING]: Module remote_tmp /root/.ansible/tmp did not exist and was created with a mode of 0700, this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually
changed: [192.168.1.11]
TASK [download/package : Copy cfssl file to release directory] *****************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:17 +0300 (0:00:02.061) 0:00:09.367 *******
changed: [192.168.1.11] => (item=cfssl)
TASK [download/package : Symlinks cfssl to /usr/local/bin] *********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:18 +0300 (0:00:01.354) 0:00:10.722 *******
changed: [192.168.1.11] => (item=cfssl)
TASK [download/package : Override local repository url] ************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:19 +0300 (0:00:00.797) 0:00:11.520 *******
TASK [download/package : Create download binaries tmp directory] ***************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:19 +0300 (0:00:00.091) 0:00:11.611 *******
ok: [192.168.1.11]
TASK [download/package : Create cfssljson release directory] *******************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:20 +0300 (0:00:00.755) 0:00:12.367 *******
ok: [192.168.1.11]
TASK [download/package : Include download archive tasks] ***********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:21 +0300 (0:00:00.783) 0:00:13.150 *******
TASK [download/package : Include download binary tasks] ************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:21 +0300 (0:00:00.088) 0:00:13.238 *******
included: /Users/testuser/works/personal/test/ansible2/kube-ansible/roles/download/package/tasks/binary.yml for 192.168.1.11
TASK [download/package : Check cfssljson binary already exists] ****************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:21 +0300 (0:00:00.144) 0:00:13.383 *******
ok: [192.168.1.11]
TASK [download/package : Downloading cfssljson file] ***************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:22 +0300 (0:00:01.435) 0:00:14.819 *******
changed: [192.168.1.11]
TASK [download/package : Copy cfssljson file to release directory] *************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:24 +0300 (0:00:01.644) 0:00:16.463 *******
changed: [192.168.1.11] => (item=cfssljson)
TASK [download/package : Symlinks cfssljson to /usr/local/bin] *****************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:25 +0300 (0:00:01.273) 0:00:17.737 *******
changed: [192.168.1.11] => (item=cfssljson)
TASK [cert : Check SSL CA json config] *****************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:26 +0300 (0:00:00.899) 0:00:18.636 *******
ok: [192.168.1.11]
TASK [cert : Generate SSL CA config] *******************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:27 +0300 (0:00:00.794) 0:00:19.431 *******
changed: [192.168.1.11]
TASK [cert : include_tasks] ****************************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:31 +0300 (0:00:04.152) 0:00:23.584 *******
included: /Users/testuser/works/personal/test/ansible2/kube-ansible/roles/cert/tasks/create-k8s-certs.yml for 192.168.1.11
TASK [cert : Ensure Kubernetes PKI directory already exists] *******************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:31 +0300 (0:00:00.177) 0:00:23.761 *******
changed: [192.168.1.11]
TASK [cert : Check Kubernetes SSL certificate json files] **********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:32 +0300 (0:00:00.887) 0:00:24.649 *******
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'ca-csr.json', 'name': 'kubernetes', 'org': 'Kubernetes', 'bare': 'ca'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'admin-csr.json', 'name': 'admin', 'org': 'system:masters', 'bare': 'admin'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'apiserver-csr.json', 'name': 'kube-apiserver', 'org': 'Kubernetes', 'bare': 'apiserver'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'manager-csr.json', 'name': 'system:kube-controller-manager', 'org': 'system:kube-controller-manager', 'bare': 'controller-manager'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'scheduler-csr.json', 'name': 'system:kube-scheduler', 'org': 'system:kube-scheduler', 'bare': 'scheduler'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'front-proxy-ca-csr.json', 'name': 'kubernetes-front', 'org': 'Kubernetes', 'bare': 'front-proxy-ca'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'front-proxy-client-csr.json', 'name': 'front-proxy-client', 'org': 'Kubernetes', 'bare': 'front-proxy-client'})
TASK [cert : Generate Kubernetes SSL certificate json files] *******************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:58:37 +0300 (0:00:04.553) 0:00:29.203 *******
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'ca-csr.json', 'name': 'kubernetes', 'org': 'Kubernetes', 'bare': 'ca'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'ca-csr.json', 'name': 'kubernetes', 'org': 'Kubernetes', 'bare': 'ca'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/admin.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'admin-csr.json', 'name': 'admin', 'org': 'system:masters', 'bare': 'admin'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'admin-csr.json', 'name': 'admin', 'org': 'system:masters', 'bare': 'admin'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/apiserver.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'apiserver-csr.json', 'name': 'kube-apiserver', 'org': 'Kubernetes', 'bare': 'apiserver'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'apiserver-csr.json', 'name': 'kube-apiserver', 'org': 'Kubernetes', 'bare': 'apiserver'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/controller-manager.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'manager-csr.json', 'name': 'system:kube-controller-manager', 'org': 'system:kube-controller-manager', 'bare': 'controller-manager'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'manager-csr.json', 'name': 'system:kube-controller-manager', 'org': 'system:kube-controller-manager', 'bare': 'controller-manager'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/scheduler.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'scheduler-csr.json', 'name': 'system:kube-scheduler', 'org': 'system:kube-scheduler', 'bare': 'scheduler'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'scheduler-csr.json', 'name': 'system:kube-scheduler', 'org': 'system:kube-scheduler', 'bare': 'scheduler'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/front-proxy-ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'front-proxy-ca-csr.json', 'name': 'kubernetes-front', 'org': 'Kubernetes', 'bare': 'front-proxy-ca'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'front-proxy-ca-csr.json', 'name': 'kubernetes-front', 'org': 'Kubernetes', 'bare': 'front-proxy-ca'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/front-proxy-client.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'front-proxy-client-csr.json', 'name': 'front-proxy-client', 'org': 'Kubernetes', 'bare': 'front-proxy-client'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'front-proxy-client-csr.json', 'name': 'front-proxy-client', 'org': 'Kubernetes', 'bare': 'front-proxy-client'}})
TASK [cert : Check Kubernetes SSL certificate authority files] *****************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:03 +0300 (0:00:26.610) 0:00:55.813 *******
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'ca-csr.json', 'bare': 'ca'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'front-proxy-ca-csr.json', 'bare': 'front-proxy-ca'})
TASK [cert : Create Kubernetes SSL certificate authority files] ****************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:05 +0300 (0:00:01.345) 0:00:57.159 *******
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'ca-csr.json', 'bare': 'ca'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'ca-csr.json', 'bare': 'ca'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/front-proxy-ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'front-proxy-ca-csr.json', 'bare': 'front-proxy-ca'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'front-proxy-ca-csr.json', 'bare': 'front-proxy-ca'}})
TASK [cert : Check Kubernetes SSL certificate key files] ***********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:07 +0300 (0:00:02.274) 0:00:59.434 *******
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'apiserver-csr.json', 'ca': 'ca', 'hosts': '172.16.35.9,10.96.0.1,127.0.0.1,kubernetes.default,kubernetes', 'bare': 'apiserver'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'admin-csr.json', 'ca': 'ca', 'bare': 'admin'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'manager-csr.json', 'ca': 'ca', 'bare': 'controller-manager'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'scheduler-csr.json', 'ca': 'ca', 'bare': 'scheduler'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'front-proxy-client-csr.json', 'ca': 'front-proxy-ca', 'bare': 'front-proxy-client'})
TASK [cert : Create Kubernetes SSL certificate key files] **********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:11 +0300 (0:00:03.518) 0:01:02.952 *******
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/apiserver.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'apiserver-csr.json', 'ca': 'ca', 'hosts': '172.16.35.9,10.96.0.1,127.0.0.1,kubernetes.default,kubernetes', 'bare': 'apiserver'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'apiserver-csr.json', 'ca': 'ca', 'hosts': '172.16.35.9,10.96.0.1,127.0.0.1,kubernetes.default,kubernetes', 'bare': 'apiserver'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/admin.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'admin-csr.json', 'ca': 'ca', 'bare': 'admin'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'admin-csr.json', 'ca': 'ca', 'bare': 'admin'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/controller-manager.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'manager-csr.json', 'ca': 'ca', 'bare': 'controller-manager'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'manager-csr.json', 'ca': 'ca', 'bare': 'controller-manager'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/scheduler.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'scheduler-csr.json', 'ca': 'ca', 'bare': 'scheduler'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'scheduler-csr.json', 'ca': 'ca', 'bare': 'scheduler'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/front-proxy-client.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'front-proxy-client-csr.json', 'ca': 'front-proxy-ca', 'bare': 'front-proxy-client'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'front-proxy-client-csr.json', 'ca': 'front-proxy-ca', 'bare': 'front-proxy-client'}})
TASK [cert : Check service account key already exists] *************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:17 +0300 (0:00:05.886) 0:01:08.839 *******
ok: [192.168.1.11 -> 192.168.1.11]
TASK [cert : Create service account private and public key] ********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:17 +0300 (0:00:00.743) 0:01:09.583 *******
changed: [192.168.1.11 -> 192.168.1.11] => (item=openssl genrsa -out /etc/kubernetes/pki/sa.key 2048)
changed: [192.168.1.11 -> 192.168.1.11] => (item=openssl rsa -in /etc/kubernetes/pki/sa.key -pubout -out /etc/kubernetes/pki/sa.pub)
TASK [common/copy-files : Check the files already exists] **********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:19 +0300 (0:00:01.534) 0:01:11.117 *******
ok: [192.168.1.11] => (item=/etc/kubernetes/pki/ca.pem)
ok: [192.168.1.11] => (item=/etc/kubernetes/pki/ca-key.pem)
TASK [common/copy-files : Read the config files] *******************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:20 +0300 (0:00:01.418) 0:01:12.536 *******
ok: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'charset': 'us-ascii', 'uid': 0, 'exists': True, 'attr_flags': '', 'woth': False, 'isreg': True, 'device_type': 0, 'mtime': 1554289146.4989, 'block_size': 4096, 'inode': 17544020, 'isgid': False, 'size': 1428, 'executable': False, 'isuid': False, 'readable': True, 'version': '931548068', 'pw_name': 'root', 'gid': 0, 'ischr': False, 'wusr': True, 'writeable': True, 'mimetype': 'text/plain', 'blocks': 8, 'xoth': False, 'islnk': False, 'nlink': 1, 'issock': False, 'rgrp': True, 'gr_name': 'root', 'path': '/etc/kubernetes/pki/ca.pem', 'xusr': False, 'atime': 1554289152.0834353, 'isdir': False, 'ctime': 1554289146.4989, 'isblk': False, 'wgrp': False, 'checksum': '5287e52d1257c9690d30390230a0082814767bc6', 'dev': 2049, 'roth': True, 'isfifo': False, 'mode': '0644', 'xgrp': False, 'rusr': True, 'attributes': []}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, 'item': '/etc/kubernetes/pki/ca.pem', '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': '/etc/kubernetes/pki/ca.pem'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/ca-key.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'charset': 'us-ascii', 'uid': 0, 'exists': True, 'attr_flags': '', 'woth': False, 'isreg': True, 'device_type': 0, 'mtime': 1554289146.4989, 'block_size': 4096, 'inode': 17544023, 'isgid': False, 'size': 1675, 'executable': False, 'isuid': False, 'readable': True, 'version': '18446744072552176892', 'pw_name': 'root', 'gid': 0, 'ischr': False, 'wusr': True, 'writeable': True, 'mimetype': 'text/plain', 'blocks': 8, 'xoth': False, 'islnk': False, 'nlink': 1, 'issock': False, 'rgrp': False, 'gr_name': 'root', 'path': '/etc/kubernetes/pki/ca-key.pem', 'xusr': False, 'atime': 1554289152.0834353, 'isdir': False, 'ctime': 1554289146.4989, 'isblk': False, 'wgrp': False, 'checksum': 'adb5bf2d8111cee560ec96d8003a9ee10b66e70b', 'dev': 2049, 'roth': False, 'isfifo': False, 'mode': '0600', 'xgrp': False, 'rusr': True, 'attributes': []}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, 'item': '/etc/kubernetes/pki/ca-key.pem', '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': '/etc/kubernetes/pki/ca-key.pem'})
TASK [common/copy-files : Write the content of files] **************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:22 +0300 (0:00:01.647) 0:01:14.184 *******
TASK [cert : include_tasks] ****************************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:22 +0300 (0:00:00.166) 0:01:14.350 *******
included: /Users/testuser/works/personal/test/ansible2/kube-ansible/roles/cert/tasks/create-k8s-kubelet-certs.yml for 192.168.1.11
TASK [cert : Check kubelet SSL certificate key files] **************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:22 +0300 (0:00:00.077) 0:01:14.428 *******
ok: [192.168.1.11]
TASK [cert : Generate kubelet SSL certificate json files] **********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:23 +0300 (0:00:00.690) 0:01:15.119 *******
changed: [192.168.1.11]
TASK [cert : Create kubelet SSL certificate key files] *************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:27 +0300 (0:00:04.684) 0:01:19.803 *******
changed: [192.168.1.11]
TASK [cert : include_tasks] ****************************************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:29 +0300 (0:00:01.232) 0:01:21.036 *******
included: /Users/testuser/works/personal/test/ansible2/kube-ansible/roles/cert/tasks/create-etcd-certs.yml for 192.168.1.11
TASK [cert : Ensure etcd PKI directory already exists] *************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:29 +0300 (0:00:00.104) 0:01:21.141 *******
changed: [192.168.1.11]
TASK [cert : Check etcd SSL certificate json files] ****************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:30 +0300 (0:00:00.976) 0:01:22.117 *******
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'etcd-ca-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd-ca'})
ok: [192.168.1.11 -> 192.168.1.11] => (item={'file': 'etcd-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd'})
TASK [cert : Generate etcd SSL certificate json files] *************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:32 +0300 (0:00:01.750) 0:01:23.868 *******
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/etcd/etcd-ca.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'etcd-ca-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd-ca'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'etcd-ca-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd-ca'}})
changed: [192.168.1.11 -> 192.168.1.11] => (item={'invocation': {'module_args': {'checksum_algorithm': 'sha1', 'get_checksum': True, 'follow': False, 'path': '/etc/kubernetes/pki/etcd/etcd.pem', 'get_md5': None, 'get_mime': True, 'get_attributes': True}}, 'stat': {'exists': False}, 'changed': False, '_ansible_parsed': True, '_ansible_no_log': False, 'failed': False, '_ansible_delegated_vars': {'ansible_delegated_host': '192.168.1.11', 'ansible_host': '192.168.1.11'}, 'item': {'file': 'etcd-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd'}, '_ansible_item_result': True, '_ansible_ignore_errors': None, '_ansible_item_label': {'file': 'etcd-csr.json', 'name': 'etcd', 'org': 'etcd', 'bare': 'etcd'}})
TASK [cert : Check etcd SSL certificate authority files] ***********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:39 +0300 (0:00:07.655) 0:01:31.524 *******
ok: [192.168.1.11 -> 192.168.1.11]
TASK [cert : Create etcd SSL certificate authority files] **********************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:40 +0300 (0:00:00.755) 0:01:32.279 *******
changed: [192.168.1.11 -> 192.168.1.11]
TASK [cert : Check etcd SSL certificate key file] ******************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:41 +0300 (0:00:00.976) 0:01:33.256 *******
ok: [192.168.1.11 -> 192.168.1.11]
TASK [cert : Create etcd SSL certificate key files] ****************************************************************************************************************************************************************************************************************************
Wednesday 03 April 2019 13:59:42 +0300 (0:00:00.728) 0:01:33.984 *******
fatal: [192.168.1.11]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_default_ipv4'\n\nThe error appears to have been in '/Users/testuser/works/personal/test/ansible2/kube-ansible/roles/cert/tasks/create-etcd-certs.yml': line 49, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Create etcd SSL certificate key files\n ^ here\n"}
NO MORE HOSTS LEFT *************************************************************************************************************************************************************************************************************************************************************
to retry, use: --limit @/Users/testuser/works/personal/test/ansible2/kube-ansible/cluster.retry
PLAY RECAP *********************************************************************************************************************************************************************************************************************************************************************
192.168.1.11 : ok=42 changed=18 unreachable=0 failed=1
Wednesday 03 April 2019 13:59:42 +0300 (0:00:00.118) 0:01:34.102 *******
===============================================================================
cert : Generate Kubernetes SSL certificate json files ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 26.61s
cert : Generate etcd SSL certificate json files ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 7.66s
cert : Create Kubernetes SSL certificate key files ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 5.89s
cert : Generate kubelet SSL certificate json files ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 4.68s
cert : Check Kubernetes SSL certificate json files ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 4.55s
cert : Generate SSL CA config ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 4.15s
Gathering Facts --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 4.01s
cert : Check Kubernetes SSL certificate key files ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 3.52s
cert : Create Kubernetes SSL certificate authority files ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 2.27s
download/package : Downloading cfssl file ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 2.06s
cert : Check etcd SSL certificate json files ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.75s
common/copy-files : Read the config files ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.65s
download/package : Downloading cfssljson file --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.64s
cert : Create service account private and public key -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.53s
download/package : Check cfssljson binary already exists ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.44s
common/copy-files : Check the files already exists ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.42s
download/package : Copy cfssl file to release directory ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.35s
cert : Check Kubernetes SSL certificate authority files ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.35s
download/package : Copy cfssljson file to release directory ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.27s
cert : Create kubelet SSL certificate key files ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.23s
ansible-playbook -i inventory/hosts.ini cluster.yml 16.81s user 6.57s system 24% cpu 1:35.93 total
I have a similar problem.
TASK [cert : Check etcd SSL certificate authority files] ***************************************************************
Wednesday 28 April 2021 13:01:18 +0000 (0:00:00.573) 0:00:13.658 *******
ok: [192.168.1.101 -> 192.168.1.101]
TASK [cert : Create etcd SSL certificate authority files] **************************************************************
Wednesday 28 April 2021 13:01:18 +0000 (0:00:00.308) 0:00:13.966 *******
TASK [cert : Check etcd SSL certificate key file] **********************************************************************
Wednesday 28 April 2021 13:01:18 +0000 (0:00:00.088) 0:00:14.055 *******
ok: [192.168.1.101 -> 192.168.1.101]
TASK [cert : Create etcd SSL certificate key files] ********************************************************************
Wednesday 28 April 2021 13:01:18 +0000 (0:00:00.277) 0:00:14.333 *******
fatal: [192.168.1.101]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'ansible_default_ipv4'\n\nThe error appears to have been in '/root/kube-ansible/roles/cert/tasks/create-etcd-certs.yml': line 49, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Create etcd SSL certificate key files\n ^ here\n"}
NO MORE HOSTS LEFT *****************************************************************************************************
to retry, use: --limit @/root/kube-ansible/cluster.retry
PLAY RECAP *************************************************************************************************************
192.168.1.101 : ok=31 changed=0 unreachable=0 failed=1
===============================================================================
cert : Check Kubernetes SSL certificate json files -------------------------------------------------------------- 1.47s
download/package : Create download binaries tmp directory ------------------------------------------------------- 1.38s
cert : Check Kubernetes SSL certificate key files --------------------------------------------------------------- 1.18s
download/package : Copy cfssl file to release directory --------------------------------------------------------- 0.59s
cert : Generate etcd SSL certificate json files ----------------------------------------------------------------- 0.57s
common/copy-files : Read the config files ----------------------------------------------------------------------- 0.54s
common/copy-files : Check the files already exists -------------------------------------------------------------- 0.52s
cert : Check Kubernetes SSL certificate authority files --------------------------------------------------------- 0.50s
download/package : Check cfssl binary already exists ------------------------------------------------------------ 0.49s
cert : Check etcd SSL certificate json files -------------------------------------------------------------------- 0.48s
download/package : Copy cfssljson file to release directory ----------------------------------------------------- 0.39s
download/package : Create cfssl release directory --------------------------------------------------------------- 0.35s
download/package : Check cfssljson binary already exists -------------------------------------------------------- 0.33s
download/package : Symlinks cfssljson to /usr/local/bin --------------------------------------------------------- 0.32s
download/package : Symlinks cfssl to /usr/local/bin ------------------------------------------------------------- 0.31s
cert : Check etcd SSL certificate authority files --------------------------------------------------------------- 0.31s
download/package : Create download binaries tmp directory ------------------------------------------------------- 0.31s
cert : Check service account key already exists ----------------------------------------------------------------- 0.29s
cert : Check SSL CA json config --------------------------------------------------------------------------------- 0.28s
cert : Check etcd SSL certificate key file ---------------------------------------------------------------------- 0.28s
TASK [cert : Create etcd SSL certificate key files] *** Tuesday 12 February 2019 15:11:02 -0500 (0:00:00.194) 0:00:10.056 ** fatal: [k8s-m1]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_default_ipv4'\n\nThe error appears to have been in '/home/mike/kube-ansible/roles/cert/tasks/create-etcd-certs.yml': line 49, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Create etcd SSL certificate key files\n ^ here\n"}