--- # https://github.com/kevincoakley/ansible-role-k8s-rolling-update - name: Cluster update rollout hosts: kubernetes become: true gather_facts: true any_errors_fatal: true serial: 1 pre_tasks: - name: Pausing for 2 seconds... ansible.builtin.pause: seconds: 2 tasks: - name: Details ansible.builtin.command: "kubectl get node {{ inventory_hostname }} -o json" register: kubectl_get_node delegate_to: "{{ groups['master'][0] }}" failed_when: false changed_when: false - name: Update when: # When status.conditions[x].type == Ready then check stats.conditions[x].status for True|False - kubectl_get_node['stdout'] | from_json | json_query("status.conditions[?type == 'Ready'].status") # If spec.unschedulable is defined then the node is cordoned - not (kubectl_get_node['stdout'] | from_json).spec.unschedulable is defined block: - name: Cordon kubernetes.core.k8s_drain: name: "{{ inventory_hostname }}" kubeconfig: /etc/rancher/k3s/k3s.yaml state: cordon delegate_to: "{{ groups['master'][0] }}" - name: Drain kubernetes.core.k8s_drain: name: "{{ inventory_hostname }}" kubeconfig: /etc/rancher/k3s/k3s.yaml state: drain delete_options: delete_emptydir_data: true ignore_daemonsets: true terminate_grace_period: 600 wait_timeout: 900 pod_selectors: - app!=rook-ceph-osd delegate_to: "{{ groups['master'][0] }}" - name: Update ansible.builtin.apt: upgrade: dist update_cache: true - name: Check if reboot is required ansible.builtin.stat: path: /var/run/reboot-required register: reboot_required - name: Reboot when: reboot_required.stat.exists ansible.builtin.reboot: msg: Rebooting node post_reboot_delay: 120 reboot_timeout: 3600 - name: Uncordon kubernetes.core.k8s_drain: name: "{{ inventory_hostname }}" kubeconfig: /etc/rancher/k3s/k3s.yaml state: uncordon delegate_to: "{{ groups['master'][0] }}"