richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5938 Commits
34 Branches
82 Tags
155 MiB
Tree: 0ac364dfae
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0ac364dfae'
${ noResults }
kubespray/roles/bootstrap-os/tasks/bootstrap-redhat.yml

114 lines
3.6 KiB
Raw Normal View History

Add RHEL support subscription registration (#6572)
4 years ago
Proxy small fixes (#7102) * Improve how we set 'proxy=' in yum.conf or dnf.conf Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Fixup spaces in no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Add svc,svc.{{ dns_domain }} to no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Proxy small fixes (#7102) * Improve how we set 'proxy=' in yum.conf or dnf.conf Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Fixup spaces in no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Add svc,svc.{{ dns_domain }} to no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203) This was introduced in 143e2272ff9d85ba81bfa8c4a67f29994d898d79 Extra repo is enabled by default in CentOS, and is not the right repo for EL8 Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository For RHEL 7, we need the "extras" repo for container-selinux For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Only use stat get_checksum: yes when needed (#7270) By default Ansible stat module compute checksum, list extended attributes and find mime type To find all stat invocations that really use one of those: git grep -F stat. | grep -vE 'stat.(islnk|exists|lnk_source|writeable)' Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
4 years ago
Add RHEL support subscription registration (#6572)
4 years ago
  1. ---
  2. - name: Gather host facts to get ansible_distribution_version ansible_distribution_major_version
  3. setup:
  4. gather_subset: '!all'
  5. filter: ansible_distribution_*version
  7. - name: Add proxy to yum.conf or dnf.conf if http_proxy is defined
  8. ini_file:
  9. path: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('/etc/yum.conf','/etc/dnf/dnf.conf') }}"
  10. section: main
  11. option: proxy
  12. value: "{{ http_proxy | default(omit) }}"
  13. state: "{{ http_proxy | default(False) | ternary('present', 'absent') }}"
  14. no_extra_spaces: true
  15. mode: 0644
  16. become: true
  17. when: not skip_http_proxy_on_os_packages
  19. - name: Check RHEL subscription-manager status
  20. command: /sbin/subscription-manager status
  21. register: rh_subscription_status
  22. changed_when: "rh_subscription_status != 0"
  23. ignore_errors: true # noqa ignore-errors
  24. become: true
  26. - name: RHEL subscription Organization ID/Activation Key registration
  27. redhat_subscription:
  28. state: present
  29. org_id: "{{ rh_subscription_org_id }}"
  30. activationkey: "{{ rh_subscription_activation_key }}"
  31. auto_attach: true
  32. force_register: true
  33. syspurpose:
  34. usage: "{{ rh_subscription_usage }}"
  35. role: "{{ rh_subscription_role }}"
  36. service_level_agreement: "{{ rh_subscription_sla }}"
  37. sync: true
  38. notify: RHEL auto-attach subscription
  39. ignore_errors: true # noqa ignore-errors
  40. become: true
  41. when:
  42. - rh_subscription_org_id is defined
  43. - rh_subscription_status.changed
  45. # this task has no_log set to prevent logging security sensitive information such as subscription passwords
  46. - name: RHEL subscription Username/Password registration
  47. redhat_subscription:
  48. state: present
  49. username: "{{ rh_subscription_username }}"
  50. password: "{{ rh_subscription_password }}"
  51. auto_attach: true
  52. force_register: true
  53. syspurpose:
  54. usage: "{{ rh_subscription_usage }}"
  55. role: "{{ rh_subscription_role }}"
  56. service_level_agreement: "{{ rh_subscription_sla }}"
  57. sync: true
  58. notify: RHEL auto-attach subscription
  59. ignore_errors: true # noqa ignore-errors
  60. become: true
  61. no_log: true
  62. when:
  63. - rh_subscription_username is defined
  64. - rh_subscription_status.changed
  66. # container-selinux is in extras repo
  67. - name: Enable RHEL 7 repos
  68. rhsm_repository:
  69. name:
  70. - "rhel-7-server-rpms"
  71. - "rhel-7-server-extras-rpms"
  72. state: enabled
  73. when:
  74. - rhel_enable_repos | default(True)
  75. - ansible_distribution_major_version == "7"
  77. # container-selinux is in appstream repo
  78. - name: Enable RHEL 8 repos
  79. rhsm_repository:
  80. name:
  81. - "rhel-8-for-*-baseos-rpms"
  82. - "rhel-8-for-*-appstream-rpms"
  83. state: enabled
  84. when:
  85. - rhel_enable_repos | default(True)
  86. - ansible_distribution_major_version == "8"
  88. - name: Check presence of fastestmirror.conf
  89. stat:
  90. path: /etc/yum/pluginconf.d/fastestmirror.conf
  91. get_attributes: no
  92. get_checksum: no
  93. get_mime: no
  94. register: fastestmirror
  96. # the fastestmirror plugin can actually slow down Ansible deployments
  97. - name: Disable fastestmirror plugin if requested
  98. lineinfile:
  99. dest: /etc/yum/pluginconf.d/fastestmirror.conf
  100. regexp: "^enabled=.*"
  101. line: "enabled=0"
  102. state: present
  103. become: true
  104. when:
  105. - fastestmirror.stat.exists
  106. - not centos_fastestmirror_enabled
  108. # libselinux-python is required on SELinux enabled hosts
  109. # See https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#managed-node-requirements
  110. - name: Install libselinux python package
  111. package:
  112. name: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}"
  113. state: present
  114. become: true