richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7103 Commits
33 Branches
82 Tags
152 MiB
Tree: 169eb34a59
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '169eb34a59'
${ noResults }
kubespray/roles/bootstrap-os/tasks/bootstrap-redhat.yml

119 lines
4.0 KiB
Raw Normal View History

Add RHEL support subscription registration (#6572)
4 years ago
Proxy small fixes (#7102) * Improve how we set 'proxy=' in yum.conf or dnf.conf Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Fixup spaces in no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Add svc,svc.{{ dns_domain }} to no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Proxy small fixes (#7102) * Improve how we set 'proxy=' in yum.conf or dnf.conf Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Fixup spaces in no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> * Add svc,svc.{{ dns_domain }} to no_proxy Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Add proxy for subscription-manager (#8012) If using proxy, it is necessary to configure it before running "subscription-manager status" command. This adds the step.
3 years ago
Fix regex for replacing http_proxy (#8957)
2 years ago
Add proxy for subscription-manager (#8012) If using proxy, it is necessary to configure it before running "subscription-manager status" command. This adds the step.
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Add unsafe_show_logs switch (#9164) Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2 years ago
Add RHEL support subscription registration (#6572)
4 years ago
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203) This was introduced in 143e2272ff9d85ba81bfa8c4a67f29994d898d79 Extra repo is enabled by default in CentOS, and is not the right repo for EL8 Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository For RHEL 7, we need the "extras" repo for container-selinux For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
disable rhsm repo when rhel_enable_repos is false (#9973) Signed-off-by: tu1h <lihai.tu@daocloud.io>
1 year ago
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203) This was introduced in 143e2272ff9d85ba81bfa8c4a67f29994d898d79 Extra repo is enabled by default in CentOS, and is not the right repo for EL8 Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository For RHEL 7, we need the "extras" repo for container-selinux For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
disable rhsm repo when rhel_enable_repos is false (#9973) Signed-off-by: tu1h <lihai.tu@daocloud.io>
1 year ago
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203) This was introduced in 143e2272ff9d85ba81bfa8c4a67f29994d898d79 Extra repo is enabled by default in CentOS, and is not the right repo for EL8 Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository For RHEL 7, we need the "extras" repo for container-selinux For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
Add RHEL support subscription registration (#6572)
4 years ago
Only use stat get_checksum: yes when needed (#7270) By default Ansible stat module compute checksum, list extended attributes and find mime type To find all stat invocations that really use one of those: git grep -F stat. | grep -vE 'stat.(islnk|exists|lnk_source|writeable)' Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
4 years ago
Add RHEL support subscription registration (#6572)
4 years ago
  1. ---
  2. - name: Gather host facts to get ansible_distribution_version ansible_distribution_major_version
  3. setup:
  4. gather_subset: '!all'
  5. filter: ansible_distribution_*version
  7. - name: Add proxy to yum.conf or dnf.conf if http_proxy is defined
  8. ini_file:
  9. path: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('/etc/yum.conf','/etc/dnf/dnf.conf') }}"
  10. section: main
  11. option: proxy
  12. value: "{{ http_proxy | default(omit) }}"
  13. state: "{{ http_proxy | default(False) | ternary('present', 'absent') }}"
  14. no_extra_spaces: true
  15. mode: 0644
  16. become: true
  17. when: not skip_http_proxy_on_os_packages
  19. - name: Add proxy to RHEL subscription-manager if http_proxy is defined
  20. command: /sbin/subscription-manager config --server.proxy_hostname={{ http_proxy | regex_replace(':\d+$') }} --server.proxy_port={{ http_proxy | regex_replace('^.*:') }}
  21. become: true
  22. when:
  23. - not skip_http_proxy_on_os_packages
  24. - http_proxy is defined
  26. - name: Check RHEL subscription-manager status
  27. command: /sbin/subscription-manager status
  28. register: rh_subscription_status
  29. changed_when: "rh_subscription_status != 0"
  30. ignore_errors: true # noqa ignore-errors
  31. become: true
  33. - name: RHEL subscription Organization ID/Activation Key registration
  34. redhat_subscription:
  35. state: present
  36. org_id: "{{ rh_subscription_org_id }}"
  37. activationkey: "{{ rh_subscription_activation_key }}"
  38. auto_attach: true
  39. force_register: true
  40. syspurpose:
  41. usage: "{{ rh_subscription_usage }}"
  42. role: "{{ rh_subscription_role }}"
  43. service_level_agreement: "{{ rh_subscription_sla }}"
  44. sync: true
  45. notify: RHEL auto-attach subscription
  46. ignore_errors: true # noqa ignore-errors
  47. become: true
  48. when:
  49. - rh_subscription_org_id is defined
  50. - rh_subscription_status.changed
  52. # this task has no_log set to prevent logging security sensitive information such as subscription passwords
  53. - name: RHEL subscription Username/Password registration
  54. redhat_subscription:
  55. state: present
  56. username: "{{ rh_subscription_username }}"
  57. password: "{{ rh_subscription_password }}"
  58. auto_attach: true
  59. force_register: true
  60. syspurpose:
  61. usage: "{{ rh_subscription_usage }}"
  62. role: "{{ rh_subscription_role }}"
  63. service_level_agreement: "{{ rh_subscription_sla }}"
  64. sync: true
  65. notify: RHEL auto-attach subscription
  66. ignore_errors: true # noqa ignore-errors
  67. become: true
  68. no_log: "{{ not (unsafe_show_logs|bool) }}"
  69. when:
  70. - rh_subscription_username is defined
  71. - rh_subscription_status.changed
  73. # container-selinux is in extras repo
  74. - name: Enable RHEL 7 repos
  75. rhsm_repository:
  76. name:
  77. - "rhel-7-server-rpms"
  78. - "rhel-7-server-extras-rpms"
  79. state: "{{ 'enabled' if (rhel_enable_repos | default(True) | bool) else 'disabled' }}"
  80. when:
  81. - ansible_distribution_major_version == "7"
  83. # container-selinux is in appstream repo
  84. - name: Enable RHEL 8 repos
  85. rhsm_repository:
  86. name:
  87. - "rhel-8-for-*-baseos-rpms"
  88. - "rhel-8-for-*-appstream-rpms"
  89. state: "{{ 'enabled' if (rhel_enable_repos | default(True) | bool) else 'disabled' }}"
  90. when:
  91. - ansible_distribution_major_version == "8"
  93. - name: Check presence of fastestmirror.conf
  94. stat:
  95. path: /etc/yum/pluginconf.d/fastestmirror.conf
  96. get_attributes: no
  97. get_checksum: no
  98. get_mime: no
  99. register: fastestmirror
  101. # the fastestmirror plugin can actually slow down Ansible deployments
  102. - name: Disable fastestmirror plugin if requested
  103. lineinfile:
  104. dest: /etc/yum/pluginconf.d/fastestmirror.conf
  105. regexp: "^enabled=.*"
  106. line: "enabled=0"
  107. state: present
  108. become: true
  109. when:
  110. - fastestmirror.stat.exists
  111. - not centos_fastestmirror_enabled
  113. # libselinux-python is required on SELinux enabled hosts
  114. # See https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#managed-node-requirements
  115. - name: Install libselinux python package
  116. package:
  117. name: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}"
  118. state: present
  119. become: true