I just try to use set_fact,but only one one host: 47.108.234.26 get the
token value,the other master node : 47.108.213.148 dont get it
---
- hosts: master
gather_facts: no
tasks:
- name: register hash
shell: "openssl x509 -in /etc/kubernetes/pki/ca.crt -noout -pubkey |
openssl rsa -pubin -outform DER 2>/dev/null | sha256sum | cut -d' ' -f1"
register: kubeadm_hash
#when: inventory_hostname == groups['master']|first
- name: register token
shell: kubeadm token list |grep forever|awk '{print $1}'
register: kubeadm_token
#when: inventory_hostname == groups['master']|first
- name: Set facts
set_fact:
new_token: "{{kubeadm_token.stdout}}"
new_hash: "{{kubeadm_hash.stdout}}"
- name: add master node
shell: kubeadm join --control-plane {{ groups['master'][0] }}:6443
--token {{ new_token }} --discovery-token-ca-cert-hash sha256:{{ new_hash }}
when: inventory_hostname != groups['master']|first
the results is :
TASK [add master node]
******************************************************************************************************************************************************
skipping: [47.108.222.84]
fatal: [47.108.213.148]: FAILED! => {"changed": true, "cmd": "kubeadm join
--control-plane 47.108.222.84:6443 --token --discovery-token-ca-cert-hash
sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c",
"delta": "0:00:00.046088", "end": "2021-01-20 15:45:04.843444", "msg":
"non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.797356",
"stderr": "accepts at most 1 arg(s), received 2\nTo see the stack trace of
this error execute with --v=5 or higher", "stderr_lines": ["accepts at most
1 arg(s), received 2", "To see the stack trace of this error execute with
--v=5 or higher"], "stdout": "", "stdout_lines": []}
fatal: [47.108.234.26]: FAILED! => {"changed": true, "cmd": "kubeadm join
--control-plane 47.108.222.84:6443 --token otnb1h.cvagwwe7tgdvzbtx
--discovery-token-ca-cert-hash
sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c",
"delta": "0:00:00.332618", "end": "2021-01-20 15:45:05.120137", "msg":
"non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.787519",
"stderr": "\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the
Docker cgroup driver. The recommended driver is \"systemd\". Please follow
the guide at https://kubernetes.io/docs/setup/cri/\nerror execution phase
preflight: [preflight] Some fatal errors occurred:\n\t[ERROR
DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not
empty\n\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]:
/etc/kubernetes/kubelet.conf already exists\n\t[ERROR Port-10250]: Port
10250 is in use\n[preflight] If you know what you are doing, you can make a
check non-fatal with `--ignore-preflight-errors=...`\nTo see the stack
trace of this error execute with --v=5 or higher", "stderr_lines":
["\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker
cgroup driver. The recommended driver is \"systemd\". Please follow the
guide at https://kubernetes.io/docs/setup/cri/";, "error execution phase
preflight: [preflight] Some fatal errors occurred:", "\t[ERROR
DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not
empty", "\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]:
/etc/kubernetes/kubelet.conf already exists", "\t[ERROR Port-10250]: Port
10250 is in use", "[preflight] If you know what you are doing, you can make
a check non-fatal with `--ignore-preflight-errors=...`", "To see the stack
trace of this error execute with --v=5 or higher"], "stdout": "[preflight]
Running pre-flight checks", "stdout_lines": ["[preflight] Running
pre-flight checks"]}
在2021年1月20日星期三 UTC+8 下午3:53:15<liyo...@126.com> 写道:
> yes,I want only get one host in member of group ‘master’,how to write it ?
> [root@localhost ~]# cat /etc/ansible/hosts
> [master]
> 47.108.222.84
> 47.108.234.26
> 47.108.213.148
>
> only use "47.108.222.84" to do shell command
>
> 在2021年1月20日星期三 UTC+8 下午3:47:31<jyle...@gmail.com> 写道:
>
>> I'm wrong.... it's not hostvars['master'], because master is not the name
>> of your first host in group master
>>
>>
>> Le 20/01/2021 à 08:33, Jean-Yves LENHOF a écrit :
>>
>> You're looking for something like this I think (not tested) :
>>
>> - name: add master node
>> shell: "kubeadm join {{ groups['master']|first }}:6443 --token
>> {{hostvars['master']['kubeadm_token'].stdout}}
>> --discovery-token-ca-cert-hash
>> sha256:{{hostvars['master']['kubeadm_hash'].stdout}} --control-plane"
>> when: inventory_hostname != groups['master']|first
>>
>> Please be careful using special hostvars variable, there's no control in
>> this array if the variable exist, etc... so use with caution
>>
>> Regards,
>>
>> JYL
>>
>> Le 20/01/2021 à 08:17, liyo...@126.com a écrit :
>>
>> I know,but I want get the token in A host,use it in other hosts,how to do
>> it ?
>>
>> 在2021年1月20日星期三 UTC+8 下午2:31:36<dick....@geant.org> 写道:
>>
>>> Hii
>>>
>>> You're registering a variable for one host (47.108.222.84) but then try
>>> to use it for another (47.108.213.148).
>>>
>>> I'm have no experience with kubeadm but I think your logic wrt host
>>> selection should be improved, so that you can reliably pick the variable
>>> from a stable group name, instead of "the last item".
>>>
>>>
>>> On Wed, 20 Jan 2021 at 05:26, liyo...@126.com <liyo...@126.com> wrote:
>>>
>>>> when I edit a playbook test.yml:
>>>>
>>>> ---
>>>> - hosts: master
>>>> gather_facts: no
>>>> tasks:
>>>> - name: register hash
>>>> shell: "openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt |
>>>> openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex |
>>>> sed 's/^ .* //'|cut -d' ' -f 2"
>>>> register: kubeadm_hash
>>>> when: inventory_hostname == groups['master']|first
>>>>
>>>> - name: display hash
>>>> debug: msg="{{kubeadm_hash.stdout}}"
>>>> when: inventory_hostname == groups['master']|first
>>>>
>>>> - name: register token
>>>> shell: kubeadm token list |grep forever|awk '{print $1}'
>>>> register: kubeadm_token
>>>> when: inventory_hostname == groups['master']|first
>>>>
>>>> - name: display token
>>>> debug: msg="{{kubeadm_token.stdout}}"
>>>> when: inventory_hostname == groups['master']|first
>>>>
>>>> - name: add master node
>>>> shell: "kubeadm join {{ groups['master'][0] }}:6443 --token
>>>> {{kubeadm_token.stdout}} --discovery-token-ca-cert-hash
>>>> sha256:{{kubeadm_hash.stdout}} --control-plane"
>>>> when: inventory_hostname != groups['master']|first
>>>>
>>>>
>>>> the results is below:
>>>> PLAY [master]
>>>> ***************************************************************************************************************************************************************
>>>>
>>>> TASK [register hash]
>>>> ********************************************************************************************************************************************************
>>>> skipping: [47.108.234.26]
>>>> skipping: [47.108.213.148]
>>>> changed: [47.108.222.84]
>>>>
>>>> TASK [display hash]
>>>> *********************************************************************************************************************************************************
>>>> ok: [47.108.222.84] => {
>>>> "msg":
>>>> "af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c"
>>>> }
>>>> skipping: [47.108.213.148]
>>>> skipping: [47.108.234.26]
>>>>
>>>> TASK [register token]
>>>> *******************************************************************************************************************************************************
>>>> skipping: [47.108.234.26]
>>>> skipping: [47.108.213.148]
>>>> changed: [47.108.222.84]
>>>>
>>>> TASK [display token]
>>>> ********************************************************************************************************************************************************
>>>> ok: [47.108.222.84] => {
>>>> "msg": "otnb1h.cvagwwe7tgdvzbtx"
>>>> }
>>>> skipping: [47.108.234.26]
>>>> skipping: [47.108.213.148]
>>>>
>>>> TASK [add master node]
>>>> ******************************************************************************************************************************************************
>>>> skipping: [47.108.222.84]
>>>> fatal: [47.108.234.26]: FAILED! => {"msg": "The task includes an option
>>>> with an undefined variable. The error was: 'dict object' has no attribute
>>>> 'stdout'\n\nThe error appears to be in '/root/test.yml': line 23, column
>>>> 7,
>>>> but may\nbe elsewhere in the file depending on the exact syntax
>>>> problem.\n\nThe offending line appears to be:\n\n\n - name: add master
>>>> node\n ^ here\n"}
>>>> fatal: [47.108.213.148]: FAILED! => {"msg": "The task includes an
>>>> option with an undefined variable. The error was: 'dict object' has no
>>>> attribute 'stdout'\n\nThe error appears to be in '/root/test.yml': line
>>>> 23,
>>>> column 7, but may\nbe elsewhere in the file depending on the exact syntax
>>>> problem.\n\nThe offending line appears to be:\n\n\n - name: add master
>>>> node\n ^ here\n"}
>>>>
>>>> PLAY RECAP
>>>> ******************************************************************************************************************************************************************
>>>> 47.108.213.148 : ok=0 changed=0 unreachable=0
>>>> failed=1 skipped=4 rescued=0 ignored=0
>>>> 47.108.222.84 : ok=4 changed=2 unreachable=0
>>>> failed=0 skipped=1 rescued=0 ignored=0
>>>> 47.108.234.26 : ok=0 changed=0 unreachable=0
>>>> failed=1 skipped=4 rescued=0 ignored=0
>>>>
>>>> how to use it ?
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-proje...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/21ca354e-a0ed-4d10-9d01-8f48f170d22cn%40googlegroups.com
>>>>
>>>> <https://groups.google.com/d/msgid/ansible-project/21ca354e-a0ed-4d10-9d01-8f48f170d22cn%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> Sent from a mobile device - please excuse the brevity, spelling and
>>> punctuation.
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-proje...@googlegroups.com.
>>
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/1ed8d8ac-3d8b-29cd-576b-a26fecb91ed7%40lenhof.eu.org
>>
>> <https://groups.google.com/d/msgid/ansible-project/1ed8d8ac-3d8b-29cd-576b-a26fecb91ed7%40lenhof.eu.org?utm_medium=email&utm_source=footer>
>> .
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/09c4d4ba-09b6-4f6b-b20c-712c0f18d67bn%40googlegroups.com.
