richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7122 Commits
33 Branches
82 Tags
153 MiB
Tree: 951face343
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '951face343'
${ noResults }
kubespray/roles/kubernetes/preinstall/tasks/0050-create_directories.yml

105 lines
2.5 KiB
Raw Normal View History

Fix yaml checks
6 years ago
Update dir list
6 years ago
feat: make kubernetes owner parametrized (#8952) * feat: make kubernetes owner parametrized * docs: update hardening guide with configuration for CIS 1.1.19 * fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
Update dir list
6 years ago
move flexvolume plugin directory creation to preinstall (#4999) * move flexvolume plugin directory creation to preinstall * changes per pr feedback
5 years ago
Update dir list
6 years ago
fix-kube-bench-1.1.19 (#9937)
1 year ago
change owner to root for bin_dir directory (#6814)
4 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
change owner to root for bin_dir directory (#6814)
4 years ago
fix-kube-bench-1.1.19 (#9937)
1 year ago
change owner to root for bin_dir directory (#6814)
4 years ago
Only create kubeadm compat cert dir link if it does not exist (#4840)
5 years ago
Only use stat get_checksum: yes when needed (#7270) By default Ansible stat module compute checksum, list extended attributes and find mime type To find all stat invocations that really use one of those: git grep -F stat. | grep -vE 'stat.(islnk|exists|lnk_source|writeable)' Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
4 years ago
Only create kubeadm compat cert dir link if it does not exist (#4840)
5 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
Only create kubeadm compat cert dir link if it does not exist (#4840)
5 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Only create kubeadm compat cert dir link if it does not exist (#4840)
5 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Update dir list
6 years ago
feat: make kubernetes owner parametrized (#8952) * feat: make kubernetes owner parametrized * docs: update hardening guide with configuration for CIS 1.1.19 * fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Update dir list
6 years ago
Remove ovn4nfv support (#8265)
3 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
Update dir list
6 years ago
add Kube-OVN cni to kubespray (#5020)
5 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
Update dir list
6 years ago
Bugfixes for Local Volume Provisioner - Fixed an issue where storage class host directories were looped through excessive target hosts - Fixes examples in the LVP `README.md` to use nested dicts instead of a list of dicts
6 years ago
Update dir list
6 years ago
Support multiple local volume provisioner StorageClasses (#3450) - Local Volume StorageClass configuration is now manged by `local_volume_provisioner_storage_classes`, a list of maps that specifies local storage classes with `name` `host_dir` and `mount_dir` keys per entry - Tasks and templates updated to loop through local volume storage classes - Previous defaults for path/class names were not changed - Fixed an issue where a `kubernetes/preinstall` was creating directories inconsistently with the `kubernetes-apps/external_provisioner/local_volume_provisioner` task
6 years ago
Make local volume provisioner dir mode a variable (#4821) * Make local volume provisioner dir mode a variable I need to change this for Nagios monitoring. Others may need to as well. Had to close previous commits, sorry for the spam. * Make local volume provisioner dir mode a variable I need to change this for Nagios monitoring. Others may need to as well. Had to close previous commits, sorry for the spam.
5 years ago
Fix support for ansible 2.7.9 (#4375)
6 years ago
Update dir list
6 years ago
Rename ansible groups to use _ instead of - (#7552) * rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
3 years ago
Update dir list
6 years ago
  1. ---
  2. - name: Create kubernetes directories
  3. file:
  4. path: "{{ item }}"
  5. state: directory
  6. owner: "{{ kube_owner }}"
  7. mode: 0755
  8. when: inventory_hostname in groups['k8s_cluster']
  9. become: true
  10. tags:
  11. - kubelet
  12. - k8s-secrets
  13. - kube-controller-manager
  14. - kube-apiserver
  15. - bootstrap-os
  16. - apps
  17. - network
  18. - master
  19. - node
  20. with_items:
  21. - "{{ kube_config_dir }}"
  22. - "{{ kube_manifest_dir }}"
  23. - "{{ kube_script_dir }}"
  24. - "{{ kubelet_flexvolumes_plugins_dir }}"
  26. - name: Create other directories of root owner
  27. file:
  28. path: "{{ item }}"
  29. state: directory
  30. owner: root
  31. mode: 0755
  32. when: inventory_hostname in groups['k8s_cluster']
  33. become: true
  34. tags:
  35. - kubelet
  36. - k8s-secrets
  37. - kube-controller-manager
  38. - kube-apiserver
  39. - bootstrap-os
  40. - apps
  41. - network
  42. - master
  43. - node
  44. with_items:
  45. - "{{ kube_cert_dir }}"
  46. - "{{ bin_dir }}"
  48. - name: Check if kubernetes kubeadm compat cert dir exists
  49. stat:
  50. path: "{{ kube_cert_compat_dir }}"
  51. get_attributes: no
  52. get_checksum: no
  53. get_mime: no
  54. register: kube_cert_compat_dir_check
  55. when:
  56. - inventory_hostname in groups['k8s_cluster']
  57. - kube_cert_dir != kube_cert_compat_dir
  59. - name: Create kubernetes kubeadm compat cert dir (kubernetes/kubeadm issue 1498)
  60. file:
  61. src: "{{ kube_cert_dir }}"
  62. dest: "{{ kube_cert_compat_dir }}"
  63. state: link
  64. mode: 0755
  65. when:
  66. - inventory_hostname in groups['k8s_cluster']
  67. - kube_cert_dir != kube_cert_compat_dir
  68. - not kube_cert_compat_dir_check.stat.exists
  70. - name: Create cni directories
  71. file:
  72. path: "{{ item }}"
  73. state: directory
  74. owner: "{{ kube_owner }}"
  75. mode: 0755
  76. with_items:
  77. - "/etc/cni/net.d"
  78. - "/opt/cni/bin"
  79. - "/var/lib/calico"
  80. when:
  81. - kube_network_plugin in ["calico", "weave", "canal", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
  82. - inventory_hostname in groups['k8s_cluster']
  83. tags:
  84. - network
  85. - cilium
  86. - calico
  87. - weave
  88. - canal
  89. - kube-ovn
  90. - kube-router
  91. - bootstrap-os
  93. - name: Create local volume provisioner directories
  94. file:
  95. path: "{{ local_volume_provisioner_storage_classes[item].host_dir }}"
  96. state: directory
  97. owner: root
  98. group: root
  99. mode: "{{ local_volume_provisioner_directory_mode }}"
  100. with_items: "{{ local_volume_provisioner_storage_classes.keys() | list }}"
  101. when:
  102. - inventory_hostname in groups['k8s_cluster']
  103. - local_volume_provisioner_enabled
  104. tags:
  105. - persistent_volumes