Added code

ansible/playbooks/k8s-api-ha.yml

@@ -4,4 +4,4 @@
   become: true
   gather_facts: true
   roles:
-    - k8s-ha-api
+    - k8s-api-ha

ansible/roles/k8s-api-ha/vars/main.yml

@@ -10,6 +10,6 @@ haproxy_backend_server:
   - { backend_name: "k8s-cr02", backend_ip: "192.168.111.192", backend_port: "6443"}
   - { backend_name: "k8s-cr03", backend_ip: "192.168.111.193", backend_port: "6443"}
 
-keepalived_vip: "192.168.111.100/24"
+keepalived_vip: "192.168.111.190/24"
 keepalived_auth_pass: "1q2w3e4r"
 

ansible/roles/k8s-deploy-cluster/tasks/k8s-control-plane-setup.yml

@@ -15,30 +15,71 @@
         group: root
         mode: '0644'
 
-
-    - name: Initialize Kubernetes control plane with kubeadm init
+    - name: Initialize Kubernetes control plane with kubeadm init ( !!! WAITING !!! )
       command: >
         kubeadm init
         --config /etc/kubernetes/kubeadm-kubelet-config.yaml
         --upload-certs
       register: k8s_init
 
+
+    - name: Ensure .kube directory exists.
+      file:
+        path: ~/.kube
+        state: directory
+        mode: 0755
+
+    - name: Symlink the kubectl admin.conf to ~/.kube/conf
+      file:
+        src: /etc/kubernetes/admin.conf
+        dest: ~/.kube/config
+        state: link
+        mode: 0644
+
+    - name: Configure Calico networking.
+      command: "kubectl apply -f  {{ k8s_calico_manifest_file }}"
+      register: calico_result
+
+    - name: Initialize Kubernetes control plane
+      command: kubeadm init --upload-certs
+      register: k8s_init
+      args:
+        creates: /etc/kubernetes/manifests/kube-apiserver.yaml
+
+    - name: Upload certs to get certificate key
+      command: kubeadm init phase upload-certs --upload-certs
+      register: certs_out
+
+    - name: Create new join token (worker)
+      command: kubeadm token create --print-join-command
+      register: join_cmd
+
+    - name: Extract join command base (without --control-plane)
+      set_fact:
+        join_command_base: "{{ join_cmd.stdout.split('--control-plane')[0] | default('') | trim }}"
+
+    - name: Extract certificate key
+      set_fact:
+        certificate_key: "{{ (certs_out.stdout_lines | last) | default('') | trim }}"
+
+    - name: Full control-plane join command
+      set_fact:
+        controlplane_join_cmd: "{{ join_command_base }} --control-plane --certificate-key {{ certificate_key }}"
+
+    - name: Full worker join command
+      set_fact:
+        worker_join_cmd: "{{ join_command_base }}"
+
+    - name: Show join commands
+      debug:
+        msg:
+          controlplane: "{{ controlplane_join_cmd }}"
+          worker: "{{ worker_join_cmd }}"
+
+
     when: hostvars[inventory_hostname].role_node == "control-first"
 
 
 
-  - name: Ensure .kube directory exists.
-    file:
-      path: ~/.kube
-      state: directory
-      mode: 0755
-
-  - name: Symlink the kubectl admin.conf to ~/.kube/conf.
-    file:
-      src: /etc/kubernetes/admin.conf
-      dest: ~/.kube/config
-      state: link
-      mode: 0644
-
-
   when: not k8s_init_stat.stat.exists
+#  when: k8s_init_stat.stat.exists

ansible/roles/k8s-deploy-cluster/vars/main.yml

@@ -21,3 +21,5 @@ k8s_clusterName: "k8s-cl01.k8s-test.local"
 k8s_dnsDomain: "k8s-cl01.local"
 k8s_podSubnet: "10.111.111.0/16"
 
+k8s_calico_manifest_file: "https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/calico.yaml"
+