You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

265 lines
11 KiB

Added file and container image caching (#4828) * File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant. * When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching. * The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache * A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost. * Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009 * Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused. * Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml * All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching. Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical. Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
5 years ago
Added file and container image caching (#4828) * File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant. * When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching. * The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache * A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost. * Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009 * Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused. * Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml * All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching. Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical. Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
5 years ago
Added file and container image caching (#4828) * File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant. * When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching. * The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache * A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost. * Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009 * Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused. * Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml * All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching. Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical. Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
5 years ago
  1. # -*- mode: ruby -*-
  2. # # vi: set ft=ruby :
  3. # For help on using kubespray with vagrant, check out docs/vagrant.md
  4. require 'fileutils'
  5. Vagrant.require_version ">= 2.0.0"
  6. CONFIG = File.join(File.dirname(__FILE__), ENV['KUBESPRAY_VAGRANT_CONFIG'] || 'vagrant/config.rb')
  7. FLATCAR_URL_TEMPLATE = "https://%s.release.flatcar-linux.net/amd64-usr/current/flatcar_production_vagrant.json"
  8. # Uniq disk UUID for libvirt
  9. DISK_UUID = Time.now.utc.to_i
  10. SUPPORTED_OS = {
  11. "flatcar-stable" => {box: "flatcar-stable", user: "core", box_url: FLATCAR_URL_TEMPLATE % ["stable"]},
  12. "flatcar-beta" => {box: "flatcar-beta", user: "core", box_url: FLATCAR_URL_TEMPLATE % ["beta"]},
  13. "flatcar-alpha" => {box: "flatcar-alpha", user: "core", box_url: FLATCAR_URL_TEMPLATE % ["alpha"]},
  14. "flatcar-edge" => {box: "flatcar-edge", user: "core", box_url: FLATCAR_URL_TEMPLATE % ["edge"]},
  15. "ubuntu1604" => {box: "generic/ubuntu1604", user: "vagrant"},
  16. "ubuntu1804" => {box: "generic/ubuntu1804", user: "vagrant"},
  17. "ubuntu2004" => {box: "generic/ubuntu2004", user: "vagrant"},
  18. "centos" => {box: "centos/7", user: "vagrant"},
  19. "centos-bento" => {box: "bento/centos-7.6", user: "vagrant"},
  20. "centos8" => {box: "centos/8", user: "vagrant"},
  21. "centos8-bento" => {box: "bento/centos-8", user: "vagrant"},
  22. "fedora32" => {box: "fedora/32-cloud-base", user: "vagrant"},
  23. "fedora33" => {box: "fedora/33-cloud-base", user: "vagrant"},
  24. "opensuse" => {box: "bento/opensuse-leap-15.2", user: "vagrant"},
  25. "opensuse-tumbleweed" => {box: "opensuse/Tumbleweed.x86_64", user: "vagrant"},
  26. "oraclelinux" => {box: "generic/oracle7", user: "vagrant"},
  27. "oraclelinux8" => {box: "generic/oracle8", user: "vagrant"},
  28. "rhel7" => {box: "generic/rhel7", user: "vagrant"},
  29. "rhel8" => {box: "generic/rhel8", user: "vagrant"},
  30. }
  31. if File.exist?(CONFIG)
  32. require CONFIG
  33. end
  34. # Defaults for config options defined in CONFIG
  35. $num_instances ||= 3
  36. $instance_name_prefix ||= "k8s"
  37. $vm_gui ||= false
  38. $vm_memory ||= 2048
  39. $vm_cpus ||= 2
  40. $shared_folders ||= {}
  41. $forwarded_ports ||= {}
  42. $subnet ||= "172.18.8"
  43. $subnet_ipv6 ||= "fd3c:b398:0698:0756"
  44. $os ||= "ubuntu1804"
  45. $network_plugin ||= "flannel"
  46. # Setting multi_networking to true will install Multus: https://github.com/intel/multus-cni
  47. $multi_networking ||= false
  48. $download_run_once ||= "True"
  49. $download_force_cache ||= "True"
  50. # The first three nodes are etcd servers
  51. $etcd_instances ||= $num_instances
  52. # The first two nodes are kube masters
  53. $kube_master_instances ||= $num_instances == 1 ? $num_instances : ($num_instances - 1)
  54. # All nodes are kube nodes
  55. $kube_node_instances ||= $num_instances
  56. # The following only works when using the libvirt provider
  57. $kube_node_instances_with_disks ||= false
  58. $kube_node_instances_with_disks_size ||= "20G"
  59. $kube_node_instances_with_disks_number ||= 2
  60. $override_disk_size ||= false
  61. $disk_size ||= "20GB"
  62. $local_path_provisioner_enabled ||= false
  63. $local_path_provisioner_claim_root ||= "/opt/local-path-provisioner/"
  64. $libvirt_nested ||= false
  65. $playbook ||= "cluster.yml"
  66. host_vars = {}
  67. $box = SUPPORTED_OS[$os][:box]
  68. # if $inventory is not set, try to use example
  69. $inventory = "inventory/sample" if ! $inventory
  70. $inventory = File.absolute_path($inventory, File.dirname(__FILE__))
  71. # if $inventory has a hosts.ini file use it, otherwise copy over
  72. # vars etc to where vagrant expects dynamic inventory to be
  73. if ! File.exist?(File.join(File.dirname($inventory), "hosts.ini"))
  74. $vagrant_ansible = File.join(File.dirname(__FILE__), ".vagrant", "provisioners", "ansible")
  75. FileUtils.mkdir_p($vagrant_ansible) if ! File.exist?($vagrant_ansible)
  76. $vagrant_inventory = File.join($vagrant_ansible,"inventory")
  77. FileUtils.rm_f($vagrant_inventory)
  78. FileUtils.ln_s($inventory, $vagrant_inventory)
  79. end
  80. if Vagrant.has_plugin?("vagrant-proxyconf")
  81. $no_proxy = ENV['NO_PROXY'] || ENV['no_proxy'] || "127.0.0.1,localhost"
  82. (1..$num_instances).each do |i|
  83. $no_proxy += ",#{$subnet}.#{i+100}"
  84. end
  85. end
  86. Vagrant.configure("2") do |config|
  87. config.vm.box = $box
  88. if SUPPORTED_OS[$os].has_key? :box_url
  89. config.vm.box_url = SUPPORTED_OS[$os][:box_url]
  90. end
  91. config.ssh.username = SUPPORTED_OS[$os][:user]
  92. # plugin conflict
  93. if Vagrant.has_plugin?("vagrant-vbguest") then
  94. config.vbguest.auto_update = false
  95. end
  96. # always use Vagrants insecure key
  97. config.ssh.insert_key = false
  98. if ($override_disk_size)
  99. unless Vagrant.has_plugin?("vagrant-disksize")
  100. system "vagrant plugin install vagrant-disksize"
  101. end
  102. config.disksize.size = $disk_size
  103. end
  104. (1..$num_instances).each do |i|
  105. config.vm.define vm_name = "%s-%01d" % [$instance_name_prefix, i] do |node|
  106. node.vm.hostname = vm_name
  107. if Vagrant.has_plugin?("vagrant-proxyconf")
  108. node.proxy.http = ENV['HTTP_PROXY'] || ENV['http_proxy'] || ""
  109. node.proxy.https = ENV['HTTPS_PROXY'] || ENV['https_proxy'] || ""
  110. node.proxy.no_proxy = $no_proxy
  111. end
  112. ["vmware_fusion", "vmware_workstation"].each do |vmware|
  113. node.vm.provider vmware do |v|
  114. v.vmx['memsize'] = $vm_memory
  115. v.vmx['numvcpus'] = $vm_cpus
  116. end
  117. end
  118. node.vm.provider :virtualbox do |vb|
  119. vb.memory = $vm_memory
  120. vb.cpus = $vm_cpus
  121. vb.gui = $vm_gui
  122. vb.linked_clone = true
  123. vb.customize ["modifyvm", :id, "--vram", "8"] # ubuntu defaults to 256 MB which is a waste of precious RAM
  124. vb.customize ["modifyvm", :id, "--audio", "none"]
  125. end
  126. node.vm.provider :libvirt do |lv|
  127. lv.nested = $libvirt_nested
  128. lv.cpu_mode = "host-model"
  129. lv.memory = $vm_memory
  130. lv.cpus = $vm_cpus
  131. lv.default_prefix = 'kubespray'
  132. # Fix kernel panic on fedora 28
  133. if $os == "fedora"
  134. lv.cpu_mode = "host-passthrough"
  135. end
  136. end
  137. if $kube_node_instances_with_disks
  138. # Libvirt
  139. driverletters = ('a'..'z').to_a
  140. node.vm.provider :libvirt do |lv|
  141. # always make /dev/sd{a/b/c} so that CI can ensure that
  142. # virtualbox and libvirt will have the same devices to use for OSDs
  143. (1..$kube_node_instances_with_disks_number).each do |d|
  144. lv.storage :file, :device => "hd#{driverletters[d]}", :path => "disk-#{i}-#{d}-#{DISK_UUID}.disk", :size => $kube_node_instances_with_disks_size, :bus => "ide"
  145. end
  146. end
  147. end
  148. if $expose_docker_tcp
  149. node.vm.network "forwarded_port", guest: 2375, host: ($expose_docker_tcp + i - 1), auto_correct: true
  150. end
  151. $forwarded_ports.each do |guest, host|
  152. node.vm.network "forwarded_port", guest: guest, host: host, auto_correct: true
  153. end
  154. if ["rhel7","rhel8"].include? $os
  155. # Vagrant synced_folder rsync options cannot be used for RHEL boxes as Rsync package cannot
  156. # be installed until the host is registered with a valid Red Hat support subscription
  157. node.vm.synced_folder ".", "/vagrant", disabled: false
  158. $shared_folders.each do |src, dst|
  159. node.vm.synced_folder src, dst
  160. end
  161. else
  162. node.vm.synced_folder ".", "/vagrant", disabled: false, type: "rsync", rsync__args: ['--verbose', '--archive', '--delete', '-z'] , rsync__exclude: ['.git','venv']
  163. $shared_folders.each do |src, dst|
  164. node.vm.synced_folder src, dst, type: "rsync", rsync__args: ['--verbose', '--archive', '--delete', '-z']
  165. end
  166. end
  167. ip = "#{$subnet}.#{i+100}"
  168. node.vm.network :private_network, ip: ip,
  169. :libvirt__guest_ipv6 => 'yes',
  170. :libvirt__ipv6_address => "#{$subnet_ipv6}::#{i+100}",
  171. :libvirt__ipv6_prefix => "64",
  172. :libvirt__forward_mode => "none",
  173. :libvirt__dhcp_enabled => false
  174. # Disable swap for each vm
  175. node.vm.provision "shell", inline: "swapoff -a"
  176. # ubuntu1804 and ubuntu2004 have IPv6 explicitly disabled. This undoes that.
  177. if ["ubuntu1804", "ubuntu2004"].include? $os
  178. node.vm.provision "shell", inline: "rm -f /etc/modprobe.d/local.conf"
  179. node.vm.provision "shell", inline: "sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf /etc/sysctl.conf"
  180. end
  181. # Disable firewalld on oraclelinux/redhat vms
  182. if ["oraclelinux","oraclelinux8","rhel7","rhel8"].include? $os
  183. node.vm.provision "shell", inline: "systemctl stop firewalld; systemctl disable firewalld"
  184. end
  185. host_vars[vm_name] = {
  186. "ip": ip,
  187. "flannel_interface": "eth1",
  188. "kube_network_plugin": $network_plugin,
  189. "kube_network_plugin_multus": $multi_networking,
  190. "download_run_once": $download_run_once,
  191. "download_localhost": "False",
  192. "download_cache_dir": ENV['HOME'] + "/kubespray_cache",
  193. # Make kubespray cache even when download_run_once is false
  194. "download_force_cache": $download_force_cache,
  195. # Keeping the cache on the nodes can improve provisioning speed while debugging kubespray
  196. "download_keep_remote_cache": "False",
  197. "docker_rpm_keepcache": "1",
  198. # These two settings will put kubectl and admin.config in $inventory/artifacts
  199. "kubeconfig_localhost": "True",
  200. "kubectl_localhost": "True",
  201. "local_path_provisioner_enabled": "#{$local_path_provisioner_enabled}",
  202. "local_path_provisioner_claim_root": "#{$local_path_provisioner_claim_root}",
  203. "ansible_ssh_user": SUPPORTED_OS[$os][:user]
  204. }
  205. # Only execute the Ansible provisioner once, when all the machines are up and ready.
  206. if i == $num_instances
  207. node.vm.provision "ansible" do |ansible|
  208. ansible.playbook = $playbook
  209. $ansible_inventory_path = File.join( $inventory, "hosts.ini")
  210. if File.exist?($ansible_inventory_path)
  211. ansible.inventory_path = $ansible_inventory_path
  212. end
  213. ansible.become = true
  214. ansible.limit = "all,localhost"
  215. ansible.host_key_checking = false
  216. ansible.raw_arguments = ["--forks=#{$num_instances}", "--flush-cache", "-e ansible_become_pass=vagrant"]
  217. ansible.host_vars = host_vars
  218. #ansible.tags = ['download']
  219. ansible.groups = {
  220. "etcd" => ["#{$instance_name_prefix}-[1:#{$etcd_instances}]"],
  221. "kube_control_plane" => ["#{$instance_name_prefix}-[1:#{$kube_master_instances}]"],
  222. "kube_node" => ["#{$instance_name_prefix}-[1:#{$kube_node_instances}]"],
  223. "k8s_cluster:children" => ["kube_control_plane", "kube_node"],
  224. }
  225. end
  226. end
  227. end
  228. end
  229. end