theshire/ansible/main/playbooks/cluster-rollout-update.yaml

---
# https://github.com/kevincoakley/ansible-role-k8s-rolling-update
- name: Cluster update rollout
  hosts: kubernetes
  become: true
  gather_facts: true
  any_errors_fatal: true
  serial: 1
  pre_tasks:
    - name: Pausing for 2 seconds...
      ansible.builtin.pause:
        seconds: 2
  tasks:
    - name: Details
      ansible.builtin.command: "kubectl get node {{ inventory_hostname }} -o json"
      register: kubectl_get_node
      delegate_to: "{{ groups['master'][0] }}"
      failed_when: false
      changed_when: false

    - name: Update
      when:
        # When status.conditions[x].type == Ready then check stats.conditions[x].status for True|False
        - kubectl_get_node['stdout'] | from_json | json_query("status.conditions[?type == 'Ready'].status")
        # If spec.unschedulable is defined then the node is cordoned
        - not (kubectl_get_node['stdout'] | from_json).spec.unschedulable is defined
      block:
        - name: Cordon
          kubernetes.core.k8s_drain:
            name: "{{ inventory_hostname }}"
            kubeconfig: /etc/rancher/k3s/k3s.yaml
            state: cordon
          delegate_to: "{{ groups['master'][0] }}"

        - name: Drain
          kubernetes.core.k8s_drain:
            name: "{{ inventory_hostname }}"
            kubeconfig: /etc/rancher/k3s/k3s.yaml
            state: drain
            delete_options:
              delete_emptydir_data: true
              ignore_daemonsets: true
              terminate_grace_period: 600
              wait_timeout: 900
            pod_selectors:
              - app!=rook-ceph-osd
          delegate_to: "{{ groups['master'][0] }}"

        - name: Update
          ansible.builtin.apt:
            upgrade: dist
            update_cache: true

        - name: Check if reboot is required
          ansible.builtin.stat:
            path: /var/run/reboot-required
          register: reboot_required

        - name: Reboot
          when: reboot_required.stat.exists
          ansible.builtin.reboot:
            msg: Rebooting node
            post_reboot_delay: 120
            reboot_timeout: 3600

        - name: Uncordon
          kubernetes.core.k8s_drain:
            name: "{{ inventory_hostname }}"
            kubeconfig: /etc/rancher/k3s/k3s.yaml
            state: uncordon
          delegate_to: "{{ groups['master'][0] }}"
Homelab 2024-01-11 15:03:54 -06:00			`---`
			`# https://github.com/kevincoakley/ansible-role-k8s-rolling-update`
			`- name: Cluster update rollout`
			`hosts: kubernetes`
			`become: true`
			`gather_facts: true`
			`any_errors_fatal: true`
			`serial: 1`
			`pre_tasks:`
			`- name: Pausing for 2 seconds...`
			`ansible.builtin.pause:`
			`seconds: 2`
			`tasks:`
			`- name: Details`
			`ansible.builtin.command: "kubectl get node {{ inventory_hostname }} -o json"`
			`register: kubectl_get_node`
			`delegate_to: "{{ groups['master'][0] }}"`
			`failed_when: false`
			`changed_when: false`

			`- name: Update`
			`when:`
			`# When status.conditions[x].type == Ready then check stats.conditions[x].status for True\|False`
			`- kubectl_get_node['stdout'] \| from_json \| json_query("status.conditions[?type == 'Ready'].status")`
			`# If spec.unschedulable is defined then the node is cordoned`
			`- not (kubectl_get_node['stdout'] \| from_json).spec.unschedulable is defined`
			`block:`
			`- name: Cordon`
			`kubernetes.core.k8s_drain:`
			`name: "{{ inventory_hostname }}"`
			`kubeconfig: /etc/rancher/k3s/k3s.yaml`
			`state: cordon`
			`delegate_to: "{{ groups['master'][0] }}"`

			`- name: Drain`
			`kubernetes.core.k8s_drain:`
			`name: "{{ inventory_hostname }}"`
			`kubeconfig: /etc/rancher/k3s/k3s.yaml`
			`state: drain`
			`delete_options:`
			`delete_emptydir_data: true`
			`ignore_daemonsets: true`
			`terminate_grace_period: 600`
			`wait_timeout: 900`
			`pod_selectors:`
			`- app!=rook-ceph-osd`
			`delegate_to: "{{ groups['master'][0] }}"`

			`- name: Update`
			`ansible.builtin.apt:`
			`upgrade: dist`
			`update_cache: true`

			`- name: Check if reboot is required`
			`ansible.builtin.stat:`
			`path: /var/run/reboot-required`
			`register: reboot_required`

			`- name: Reboot`
			`when: reboot_required.stat.exists`
			`ansible.builtin.reboot:`
			`msg: Rebooting node`
			`post_reboot_delay: 120`
			`reboot_timeout: 3600`

			`- name: Uncordon`
			`kubernetes.core.k8s_drain:`
			`name: "{{ inventory_hostname }}"`
			`kubeconfig: /etc/rancher/k3s/k3s.yaml`
			`state: uncordon`
			`delegate_to: "{{ groups['master'][0] }}"`