homelab/k8s/upgrade.yml

- name: Upgrade kubernetes to specified version
  hosts: root_master
  become: yes
  become_method: sudo
  become_user: root
  tasks:
  - name: Remove apparmor for sanity reasons
    apt:
      name: "apparmor"
      state: absent
      autoremove: yes
      purge: yes
  - name: Check if keyring exists
    stat:
      path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg
    register: keyring_file
  - name: Install certificate
    command: "{{ item }} chdir=/tmp"
    with_items:
      - "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"
      - "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"
      - "rm Release.key"
    when: not keyring_file.stat.exists
  - name: Check if apt repo exists
    stat:
      path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
    register: apt_repo
  - name: Setup APT repo
    copy:
      dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
      content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"
    when: not apt_repo.stat.exists
  - name: Update cache
    apt:
      update_cache: yes
  - name: Unhold packages
    dpkg_selections:
      name: "{{ item }}"
      selection: install
    with_items:
      # - "kubelet"
      - "kubeadm"
  - name: Upgrading packages
    apt:
      upgrade: yes
  - name: Upgrade plan
    shell: "kubeadm upgrade plan >> /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Pulling new container images
    shell: "kubeadm config images pull"
  - name: Apply upgrade plan
    shell: "sudo kubeadm upgrade apply -y {{ K8S_TARGET_MINOR }} >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Unhold kubelet
    dpkg_selections:
      name: kubelet
      selection: install
  - name: Update kubelet
    apt:
      update_cache: yes
      upgrade: yes
  - name: Restart kubelet
    service:
      name: kubelet
      state: restarted
  - name: Pin new package versions
    dpkg_selections:
      name: "{{ item }}"
      selection: hold
    with_items:
      - "kubelet"
      - "kubeadm"
- name: Upgrade masters
  hosts: masters
  become: yes
  become_method: sudo
  become_user: root
  tasks:
  - name: Remove apparmor for sanity reasons
    apt:
      name: "apparmor"
      state: absent
      autoremove: yes
      purge: yes
  - name: Check if keyring exists
    stat:
      path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg
    register: keyring_file
  - name: Install certificate
    command: "{{ item }} chdir=/tmp"
    with_items:
      - "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"
      - "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"
      - "rm Release.key"
    when: not keyring_file.stat.exists
  - name: Check if apt repo exists
    stat:
      path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
    register: apt_repo
  - name: Setup APT repo
    copy:
      dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
      content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"
    when: not apt_repo.stat.exists
  - name: Update cache
    apt:
      update_cache: yes
  - name: Unhold packages
    dpkg_selections:
      name: "{{ item }}"
      selection: install
    with_items:
      # - "kubelet"
      - "kubeadm"
  - name: Upgrading packages
    apt:
      upgrade: yes
  - name: Pulling new container images
    shell: "kubeadm config images pull"
  - name: Apply upgrade for masters
    shell: "sudo kubeadm upgrade node >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Unhold kubelet
    dpkg_selections:
      name: kubelet
      selection: install
  - name: Update kubelet
    apt:
      update_cache: yes
      upgrade: yes
  - name: Restart kubelet
    service:
      name: kubelet
      state: restarted
  - name: Pin new package versions
    dpkg_selections:
      name: "{{ item }}"
      selection: hold
    with_items:
      - "kubelet"
      - "kubeadm"
Add 'k8s/upgrade.yml' 9 months ago			`- name: Upgrade kubernetes to specified version`
			`hosts: root_master`
			`become: yes`
			`become_method: sudo`
			`become_user: root`
			`tasks:`
			`- name: Remove apparmor for sanity reasons`
			`apt:`
			`name: "apparmor"`
			`state: absent`
			`autoremove: yes`
			`purge: yes`
			`- name: Check if keyring exists`
			`stat:`
			`path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg`
			`register: keyring_file`
			`- name: Install certificate`
			`command: "{{ item }} chdir=/tmp"`
			`with_items:`
			`- "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"`
			`- "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"`
			`- "rm Release.key"`
			`when: not keyring_file.stat.exists`
			`- name: Check if apt repo exists`
			`stat:`
			`path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list`
			`register: apt_repo`
			`- name: Setup APT repo`
			`copy:`
			`dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list`
			`content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"`
			`when: not apt_repo.stat.exists`
			`- name: Update cache`
			`apt:`
			`update_cache: yes`
			`- name: Unhold packages`
			`dpkg_selections:`
			`name: "{{ item }}"`
			`selection: install`
			`with_items:`
			`# - "kubelet"`
			`- "kubeadm"`
			`- name: Upgrading packages`
			`apt:`
			`upgrade: yes`
			`- name: Upgrade plan`
			`shell: "kubeadm upgrade plan >> /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"`
			`args:`
			`creates: /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}`
			`- name: Pulling new container images`
			`shell: "kubeadm config images pull"`
			`- name: Apply upgrade plan`
			`shell: "sudo kubeadm upgrade apply -y {{ K8S_TARGET_MINOR }} >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"`
			`args:`
			`creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}`
			`- name: Unhold kubelet`
			`dpkg_selections:`
			`name: kubelet`
			`selection: install`
			`- name: Update kubelet`
			`apt:`
			`update_cache: yes`
			`upgrade: yes`
			`- name: Restart kubelet`
			`service:`
			`name: kubelet`
			`state: restarted`
			`- name: Pin new package versions`
			`dpkg_selections:`
			`name: "{{ item }}"`
			`selection: hold`
			`with_items:`
			`- "kubelet"`
			`- "kubeadm"`
			`- name: Upgrade masters`
			`hosts: masters`
			`become: yes`
			`become_method: sudo`
			`become_user: root`
			`tasks:`
			`- name: Remove apparmor for sanity reasons`
			`apt:`
			`name: "apparmor"`
			`state: absent`
			`autoremove: yes`
			`purge: yes`
			`- name: Check if keyring exists`
			`stat:`
			`path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg`
			`register: keyring_file`
			`- name: Install certificate`
			`command: "{{ item }} chdir=/tmp"`
			`with_items:`
			`- "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"`
			`- "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"`
			`- "rm Release.key"`
			`when: not keyring_file.stat.exists`
			`- name: Check if apt repo exists`
			`stat:`
			`path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list`
			`register: apt_repo`
			`- name: Setup APT repo`
			`copy:`
			`dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list`
			`content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"`
			`when: not apt_repo.stat.exists`
			`- name: Update cache`
			`apt:`
			`update_cache: yes`
			`- name: Unhold packages`
			`dpkg_selections:`
			`name: "{{ item }}"`
			`selection: install`
			`with_items:`
			`# - "kubelet"`
			`- "kubeadm"`
			`- name: Upgrading packages`
			`apt:`
			`upgrade: yes`
			`- name: Pulling new container images`
			`shell: "kubeadm config images pull"`
			`- name: Apply upgrade for masters`
			`shell: "sudo kubeadm upgrade node >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"`
			`args:`
			`creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}`
			`- name: Unhold kubelet`
			`dpkg_selections:`
			`name: kubelet`
			`selection: install`
			`- name: Update kubelet`
			`apt:`
			`update_cache: yes`
			`upgrade: yes`
			`- name: Restart kubelet`
			`service:`
			`name: kubelet`
			`state: restarted`
			`- name: Pin new package versions`
			`dpkg_selections:`
			`name: "{{ item }}"`
			`selection: hold`
			`with_items:`
			`- "kubelet"`
			`- "kubeadm"`