Fix safe upgrade

Even though there it kubeadm_token_ttl=0 which means that kubeadm token never expires, it is not present in `kubeadm token list` after cluster is provisioned (at least after it is running for some time) and there is issue regarding this kubernetes/kubeadm#335, so we need to create a new temporary token during the cluster upgrade.

roles/kubernetes/kubeadm/tasks/main.yml

@@ -22,6 +22,16 @@
   delegate_to: "{{ groups['kube-master'][0] }}"
   run_once: true
 
+- name: Create kubeadm token for joining nodes with 24h expiration (default)
+  command: "{{ bin_dir }}/kubeadm token create"
+  run_once: true
+  register: temp_token
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Override predefined kubeadm_token that expires after 24h
+  set_fact:
+    kubeadm_token: "{{ temp_token.stdout }}"
+
 - name: Create kubeadm client config
   template:
     src: kubeadm-client.conf.j2