 Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up. 5 years ago Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up. 5 years ago |
|
---
local_release_dir: /tmp/releases
download_cache_dir: /tmp/kubespray_cache
# If this is true, debug information will be displayed but
# may contain some private data, so it is recommended to set it to false
# in the production environment.
unsafe_show_logs: false
# do not delete remote cache files after using them
# NOTE: Setting this parameter to TRUE is only really useful when developing kubespray
download_keep_remote_cache: false
# Only useful when download_run_once is false: Localy cached files and images are
# uploaded to kubernetes nodes. Also, images downloaded on those nodes are copied
# back to the ansible runner's cache, if they are not yet preset.
download_force_cache: false
# Used to only evaluate vars from download role
skip_downloads: false
# Optionally skip kubeadm images download
skip_kubeadm_images: false
kubeadm_images: {}
# if this is set to true will only download files once. Doesn't work
# on Flatcar Container Linux by Kinvolk unless the download_localhost is true and localhost
# is running another OS type. Default compress level is 1 (fastest).
download_run_once: false
download_compress: 1
# if this is set to true will download container
download_container: true
# if this is set to true, uses the localhost for download_run_once mode
# (requires docker and sudo to access docker). You may want this option for
# local caching of docker images or for Flatcar Container Linux by Kinvolk cluster nodes.
# Otherwise, uses the first node in the kube_control_plane group to store images
# in the download_run_once mode.
download_localhost: false
# Always pull images if set to True. Otherwise check by the repo's tag/digest.
download_always_pull: false
# Some problems may occur when downloading files over https proxy due to ansible bug
# https://github.com/ansible/ansible/issues/32750. Set this variable to False to disable
# SSL validation of get_url module. Note that kubespray will still be performing checksum validation.
download_validate_certs: true
# Use the first kube_control_plane if download_localhost is not set
download_delegate: "{% if download_localhost %}localhost{% else %}{{ groups['kube_control_plane'][0] }}{% endif %}"
# Allow control the times of download retries for files and containers
download_retries: 4
# The docker_image_info_command might seems weird but we are using raw/endraw and `{{ `{{` }}` to manage the double jinja2 processing
docker_image_pull_command: "{{ docker_bin_dir }}/docker pull"
docker_image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs -i {{ '{{' }} docker_bin_dir }}/docker inspect -f {% raw %}'{{ '{{' }} if .RepoTags }}{{ '{{' }} join .RepoTags \",\" }}{{ '{{' }} end }}{{ '{{' }} if .RepoDigests }},{{ '{{' }} join .RepoDigests \",\" }}{{ '{{' }} end }}' {% endraw %} {} | tr '\n' ','"
nerdctl_image_info_command: "{{ bin_dir }}/nerdctl -n k8s.io images --format '{% raw %}{{ .Repository }}:{{ .Tag }}{% endraw %}' 2>/dev/null | grep -v ^:$ | tr '\n' ','"
# Using the ctr instead of nerdctl to workdaround the https://github.com/kubernetes-sigs/kubespray/issues/10670
nerdctl_image_pull_command: "{{ bin_dir }}/ctr -n k8s.io images pull{% if containerd_registries_mirrors is defined %} --hosts-dir {{ containerd_cfg_dir }}/certs.d{%- endif -%}"
crictl_image_info_command: "{{ bin_dir }}/crictl images --verbose | awk -F ': ' '/RepoTags|RepoDigests/ {print $2}' | tr '\n' ','"
crictl_image_pull_command: "{{ bin_dir }}/crictl pull"
image_command_tool: "{%- if container_manager == 'containerd' -%}nerdctl{%- elif container_manager == 'crio' -%}crictl{%- else -%}{{ container_manager }}{%- endif -%}"
image_command_tool_on_localhost: "{{ image_command_tool }}"
image_pull_command: "{{ lookup('vars', image_command_tool + '_image_pull_command') }}"
image_info_command: "{{ lookup('vars', image_command_tool + '_image_info_command') }}"
image_pull_command_on_localhost: "{{ lookup('vars', image_command_tool_on_localhost + '_image_pull_command') }}"
image_info_command_on_localhost: "{{ lookup('vars', image_command_tool_on_localhost + '_image_info_command') }}"
# Arch of Docker images and needed packages
image_arch: "{{ host_architecture | default('amd64') }}"
# Versions
crun_version: 1.14.4
runc_version: v1.1.13
kata_containers_version: 3.1.3
youki_version: 0.1.0
gvisor_version: 20240305
containerd_version: 1.7.22
cri_dockerd_version: 0.3.11
# this is relevant when container_manager == 'docker'
docker_containerd_version: 1.6.32
# gcr and kubernetes image repo define
gcr_image_repo: "gcr.io"
kube_image_repo: "registry.k8s.io"
# docker image repo define
docker_image_repo: "docker.io"
# quay image repo define
quay_image_repo: "quay.io"
# github image repo define (ex multus only use that)
github_image_repo: "ghcr.io"
# TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
# after migration to container download
calico_version: "v3.28.1"
calico_ctl_version: "{{ calico_version }}"
calico_cni_version: "{{ calico_version }}"
calico_flexvol_version: "{{ calico_version }}"
calico_policy_version: "{{ calico_version }}"
calico_typha_version: "{{ calico_version }}"
calico_apiserver_version: "{{ calico_version }}"
typha_enabled: false
calico_apiserver_enabled: false
flannel_version: "v0.22.0"
flannel_cni_version: "v1.1.2"
weave_version: 2.8.7
cni_version: "v1.4.0"
cilium_version: "v1.15.4"
cilium_cli_version: "v0.16.0"
cilium_enable_hubble: false
kube_ovn_version: "v1.12.21"
kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}"
kube_router_version: "v2.0.0"
multus_version: "v4.1.0"
helm_version: "v3.15.4"
nerdctl_version: "1.7.6"
krew_version: "v0.4.4"
skopeo_version: "v1.15.0"
# Get kubernetes major version (i.e. 1.17.4 => 1.17)
kube_major_version: "{{ kube_version | regex_replace('^v([0-9])+\\.([0-9]+)\\.[0-9]+', 'v\\1.\\2') }}"
pod_infra_supported_versions:
v1.30: "3.9"
v1.29: "3.9"
v1.28: "3.9"
pod_infra_version: "{{ pod_infra_supported_versions[kube_major_version] }}"
etcd_supported_versions:
v1.30: "v3.5.12"
v1.29: "v3.5.12"
v1.28: "v3.5.12"
etcd_version: "{{ etcd_supported_versions[kube_major_version] }}"
crictl_supported_versions:
v1.30: "v1.30.0"
v1.29: "v1.29.0"
v1.28: "v1.28.0"
crictl_version: "{{ crictl_supported_versions[kube_major_version] }}"
crio_supported_versions:
v1.30: v1.30.3
v1.29: v1.29.1
v1.28: v1.28.4
crio_version: "{{ crio_supported_versions[kube_major_version] }}"
# Scheduler plugins doesn't build for K8s 1.29 yet
scheduler_plugins_supported_versions:
v1.30: 0
v1.29: 0
v1.28: v0.28.9
scheduler_plugins_version: "{{ scheduler_plugins_supported_versions[kube_major_version] }}"
yq_version: "v4.42.1"
github_url: https://github.com
dl_k8s_io_url: https://dl.k8s.io
storage_googleapis_url: https://storage.googleapis.com
get_helm_url: https://get.helm.sh
# Download URLs
kubelet_download_url: "{{ dl_k8s_io_url }}/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubelet"
kubectl_download_url: "{{ dl_k8s_io_url }}/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubectl"
kubeadm_download_url: "{{ dl_k8s_io_url }}/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubeadm"
etcd_download_url: "{{ github_url }}/etcd-io/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
cni_download_url: "{{ github_url }}/containernetworking/plugins/releases/download/{{ cni_version }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
calicoctl_download_url: "{{ github_url }}/projectcalico/calico/releases/download/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
calico_crds_download_url: "{{ github_url }}/projectcalico/calico/archive/{{ calico_version }}.tar.gz"
ciliumcli_download_url: "{{ github_url }}/cilium/cilium-cli/releases/download/{{ cilium_cli_version }}/cilium-linux-{{ image_arch }}.tar.gz"
crictl_download_url: "{{ github_url }}/kubernetes-sigs/cri-tools/releases/download/{{ crictl_version }}/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
crio_download_url: "{{ storage_googleapis_url }}/cri-o/artifacts/cri-o.{{ image_arch }}.{{ crio_version }}.tar.gz"
helm_download_url: "{{ get_helm_url }}/helm-{{ helm_version }}-linux-{{ image_arch }}.tar.gz"
runc_download_url: "{{ github_url }}/opencontainers/runc/releases/download/{{ runc_version }}/runc.{{ image_arch }}"
crun_download_url: "{{ github_url }}/containers/crun/releases/download/{{ crun_version }}/crun-{{ crun_version }}-linux-{{ image_arch }}"
youki_download_url: "{{ github_url }}/containers/youki/releases/download/v{{ youki_version }}/youki_{{ youki_version | regex_replace('\\.', '_') }}_linux.tar.gz"
kata_containers_download_url: "{{ github_url }}/kata-containers/kata-containers/releases/download/{{ kata_containers_version }}/kata-static-{{ kata_containers_version }}-{{ ansible_architecture }}.tar.xz"
# gVisor only supports amd64 and uses x86_64 to in the download link
gvisor_runsc_download_url: "{{ storage_googleapis_url }}/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/runsc"
gvisor_containerd_shim_runsc_download_url: "{{ storage_googleapis_url }}/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/containerd-shim-runsc-v1"
nerdctl_download_url: "{{ github_url }}/containerd/nerdctl/releases/download/v{{ nerdctl_version }}/nerdctl-{{ nerdctl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
krew_download_url: "{{ github_url }}/kubernetes-sigs/krew/releases/download/{{ krew_version }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz"
containerd_download_url: "{{ github_url }}/containerd/containerd/releases/download/v{{ containerd_version }}/containerd-{{ containerd_version }}-linux-{{ image_arch }}.tar.gz"
cri_dockerd_download_url: "{{ github_url }}/Mirantis/cri-dockerd/releases/download/v{{ cri_dockerd_version }}/cri-dockerd-{{ cri_dockerd_version }}.{{ image_arch }}.tgz"
skopeo_download_url: "{{ github_url }}/lework/skopeo-binary/releases/download/{{ skopeo_version }}/skopeo-linux-{{ image_arch }}"
yq_download_url: "{{ github_url }}/mikefarah/yq/releases/download/{{ yq_version }}/yq_linux_{{ image_arch }}"
etcd_binary_checksum: "{{ etcd_binary_checksums[image_arch][etcd_version] }}"
cni_binary_checksum: "{{ cni_binary_checksums[image_arch][cni_version] }}"
kubelet_binary_checksum: "{{ kubelet_checksums[image_arch][kube_version] }}"
kubectl_binary_checksum: "{{ kubectl_checksums[image_arch][kube_version] }}"
kubeadm_binary_checksum: "{{ kubeadm_checksums[image_arch][kube_version] }}"
yq_binary_checksum: "{{ yq_checksums[image_arch][yq_version] }}"
calicoctl_binary_checksum: "{{ calicoctl_binary_checksums[image_arch][calico_ctl_version] }}"
calico_crds_archive_checksum: "{{ calico_crds_archive_checksums[calico_version] }}"
ciliumcli_binary_checksum: "{{ ciliumcli_binary_checksums[image_arch][cilium_cli_version] }}"
crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}"
crio_archive_checksum: "{{ crio_archive_checksums[image_arch][crio_version] }}"
cri_dockerd_archive_checksum: "{{ cri_dockerd_archive_checksums[image_arch][cri_dockerd_version] }}"
helm_archive_checksum: "{{ helm_archive_checksums[image_arch][helm_version] }}"
runc_binary_checksum: "{{ runc_checksums[image_arch][runc_version] }}"
crun_binary_checksum: "{{ crun_checksums[image_arch][crun_version] }}"
youki_archive_checksum: "{{ youki_checksums[image_arch][youki_version] }}"
kata_containers_binary_checksum: "{{ kata_containers_binary_checksums[image_arch][kata_containers_version] }}"
gvisor_runsc_binary_checksum: "{{ gvisor_runsc_binary_checksums[image_arch][gvisor_version] }}"
gvisor_containerd_shim_binary_checksum: "{{ gvisor_containerd_shim_binary_checksums[image_arch][gvisor_version] }}"
nerdctl_archive_checksum: "{{ nerdctl_archive_checksums[image_arch][nerdctl_version] }}"
krew_archive_checksum: "{{ krew_archive_checksums[host_os][image_arch][krew_version] }}"
containerd_archive_checksum: "{{ containerd_archive_checksums[image_arch][containerd_version] }}"
skopeo_binary_checksum: "{{ skopeo_binary_checksums[image_arch][skopeo_version] }}"
# Containers
# In some cases, we need a way to set --registry-mirror or --insecure-registry for docker,
# it helps a lot for local private development or bare metal environment.
# So you need define --registry-mirror or --insecure-registry, and modify the following url address.
# example:
# You need to deploy kubernetes cluster on local private development.
# Also provide the address of your own private registry.
# And use --insecure-registry options for docker
kube_proxy_image_repo: "{{ kube_image_repo }}/kube-proxy"
etcd_image_repo: "{{ quay_image_repo }}/coreos/etcd"
etcd_image_tag: "{{ etcd_version }}"
flannel_image_repo: "{{ docker_image_repo }}/flannel/flannel"
flannel_image_tag: "{{ flannel_version }}"
flannel_init_image_repo: "{{ docker_image_repo }}/flannel/flannel-cni-plugin"
flannel_init_image_tag: "{{ flannel_cni_version }}"
calico_node_image_repo: "{{ quay_image_repo }}/calico/node"
calico_node_image_tag: "{{ calico_version }}"
calico_cni_image_repo: "{{ quay_image_repo }}/calico/cni"
calico_cni_image_tag: "{{ calico_cni_version }}"
calico_flexvol_image_repo: "{{ quay_image_repo }}/calico/pod2daemon-flexvol"
calico_flexvol_image_tag: "{{ calico_flexvol_version }}"
calico_policy_image_repo: "{{ quay_image_repo }}/calico/kube-controllers"
calico_policy_image_tag: "{{ calico_policy_version }}"
calico_typha_image_repo: "{{ quay_image_repo }}/calico/typha"
calico_typha_image_tag: "{{ calico_typha_version }}"
calico_apiserver_image_repo: "{{ quay_image_repo }}/calico/apiserver"
calico_apiserver_image_tag: "{{ calico_apiserver_version }}"
pod_infra_image_repo: "{{ kube_image_repo }}/pause"
pod_infra_image_tag: "{{ pod_infra_version }}"
netcheck_version: "v1.2.2"
netcheck_agent_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-agent"
netcheck_agent_image_tag: "{{ netcheck_version }}"
netcheck_server_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-server"
netcheck_server_image_tag: "{{ netcheck_version }}"
netcheck_etcd_image_tag: "v3.4.17"
weave_kube_image_repo: "{{ docker_image_repo }}/rajchaudhuri/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "{{ docker_image_repo }}/rajchaudhuri/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
cilium_image_repo: "{{ quay_image_repo }}/cilium/cilium"
cilium_image_tag: "{{ cilium_version }}"
cilium_operator_image_repo: "{{ quay_image_repo }}/cilium/operator"
cilium_operator_image_tag: "{{ cilium_version }}"
cilium_hubble_relay_image_repo: "{{ quay_image_repo }}/cilium/hubble-relay"
cilium_hubble_relay_image_tag: "{{ cilium_version }}"
cilium_hubble_certgen_image_repo: "{{ quay_image_repo }}/cilium/certgen"
cilium_hubble_certgen_image_tag: "v0.1.8"
cilium_hubble_ui_image_repo: "{{ quay_image_repo }}/cilium/hubble-ui"
cilium_hubble_ui_image_tag: "v0.11.0"
cilium_hubble_ui_backend_image_repo: "{{ quay_image_repo }}/cilium/hubble-ui-backend"
cilium_hubble_ui_backend_image_tag: "v0.11.0"
cilium_hubble_envoy_image_repo: "{{ docker_image_repo }}/envoyproxy/envoy"
cilium_hubble_envoy_image_tag: "v1.22.5"
kube_ovn_container_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn"
kube_ovn_container_image_tag: "{{ kube_ovn_version }}"
kube_ovn_vpc_container_image_repo: "{{ docker_image_repo }}/kubeovn/vpc-nat-gateway"
kube_ovn_vpc_container_image_tag: "{{ kube_ovn_version }}"
kube_ovn_dpdk_container_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn-dpdk"
kube_ovn_dpdk_container_image_tag: "{{ kube_ovn_dpdk_version }}"
kube_router_image_repo: "{{ docker_image_repo }}/cloudnativelabs/kube-router"
kube_router_image_tag: "{{ kube_router_version }}"
multus_image_repo: "{{ github_image_repo }}/k8snetworkplumbingwg/multus-cni"
multus_image_tag: "{{ multus_version }}"
external_openstack_cloud_controller_image_repo: "registry.k8s.io/provider-os/openstack-cloud-controller-manager"
external_openstack_cloud_controller_image_tag: "v1.30.0"
kube_vip_image_repo: "{{ github_image_repo }}/kube-vip/kube-vip"
kube_vip_image_tag: v0.8.0
nginx_image_repo: "{{ docker_image_repo }}/library/nginx"
nginx_image_tag: 1.25.2-alpine
haproxy_image_repo: "{{ docker_image_repo }}/library/haproxy"
haproxy_image_tag: 2.8.2-alpine
# Coredns version should be supported by corefile-migration (or at least work with)
# bundle with kubeadm; if not 'basic' upgrade can sometimes fail
coredns_version: "{{ 'v1.11.1' if (kube_version is version('v1.29.0', '>=')) else 'v1.10.1' }}"
coredns_image_is_namespaced: "{{ (coredns_version is version('v1.7.1', '>=')) }}"
coredns_image_repo: "{{ kube_image_repo }}{{ '/coredns/coredns' if (coredns_image_is_namespaced | bool) else '/coredns' }}"
coredns_image_tag: "{{ coredns_version if (coredns_image_is_namespaced | bool) else (coredns_version | regex_replace('^v', '')) }}"
nodelocaldns_version: "1.22.28"
nodelocaldns_image_repo: "{{ kube_image_repo }}/dns/k8s-dns-node-cache"
nodelocaldns_image_tag: "{{ nodelocaldns_version }}"
dnsautoscaler_version: v1.8.8
dnsautoscaler_image_repo: "{{ kube_image_repo }}/cpa/cluster-proportional-autoscaler"
dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
scheduler_plugins_controller_image_repo: "{{ kube_image_repo }}/scheduler-plugins/controller"
scheduler_plugins_controller_image_tag: "{{ scheduler_plugins_version }}"
scheduler_plugins_scheduler_image_repo: "{{ kube_image_repo }}/scheduler-plugins/kube-scheduler"
scheduler_plugins_scheduler_image_tag: "{{ scheduler_plugins_version }}"
registry_version: "2.8.1"
registry_image_repo: "{{ docker_image_repo }}/library/registry"
registry_image_tag: "{{ registry_version }}"
metrics_server_version: "v0.7.0"
metrics_server_image_repo: "{{ kube_image_repo }}/metrics-server/metrics-server"
metrics_server_image_tag: "{{ metrics_server_version }}"
local_volume_provisioner_version: "v2.5.0"
local_volume_provisioner_image_repo: "{{ kube_image_repo }}/sig-storage/local-volume-provisioner"
local_volume_provisioner_image_tag: "{{ local_volume_provisioner_version }}"
cephfs_provisioner_version: "v2.1.0-k8s1.11"
cephfs_provisioner_image_repo: "{{ quay_image_repo }}/external_storage/cephfs-provisioner"
cephfs_provisioner_image_tag: "{{ cephfs_provisioner_version }}"
rbd_provisioner_version: "v2.1.1-k8s1.11"
rbd_provisioner_image_repo: "{{ quay_image_repo }}/external_storage/rbd-provisioner"
rbd_provisioner_image_tag: "{{ rbd_provisioner_version }}"
local_path_provisioner_version: "v0.0.24"
local_path_provisioner_image_repo: "{{ docker_image_repo }}/rancher/local-path-provisioner"
local_path_provisioner_image_tag: "{{ local_path_provisioner_version }}"
ingress_nginx_version: "v1.11.2"
ingress_nginx_controller_image_repo: "{{ kube_image_repo }}/ingress-nginx/controller"
ingress_nginx_opentelemetry_image_repo: "{{ kube_image_repo }}/ingress-nginx/opentelemetry"
ingress_nginx_controller_image_tag: "{{ ingress_nginx_version }}"
ingress_nginx_opentelemetry_image_tag: "v20230721-3e2062ee5"
ingress_nginx_kube_webhook_certgen_image_repo: "{{ kube_image_repo }}/ingress-nginx/kube-webhook-certgen"
ingress_nginx_kube_webhook_certgen_image_tag: "v1.4.3"
alb_ingress_image_repo: "{{ docker_image_repo }}/amazon/aws-alb-ingress-controller"
alb_ingress_image_tag: "v1.1.9"
cert_manager_version: "v1.14.7"
cert_manager_controller_image_repo: "{{ quay_image_repo }}/jetstack/cert-manager-controller"
cert_manager_controller_image_tag: "{{ cert_manager_version }}"
cert_manager_cainjector_image_repo: "{{ quay_image_repo }}/jetstack/cert-manager-cainjector"
cert_manager_cainjector_image_tag: "{{ cert_manager_version }}"
cert_manager_webhook_image_repo: "{{ quay_image_repo }}/jetstack/cert-manager-webhook"
cert_manager_webhook_image_tag: "{{ cert_manager_version }}"
csi_attacher_image_repo: "{{ kube_image_repo }}/sig-storage/csi-attacher"
csi_attacher_image_tag: "v3.3.0"
csi_provisioner_image_repo: "{{ kube_image_repo }}/sig-storage/csi-provisioner"
csi_provisioner_image_tag: "v3.0.0"
csi_snapshotter_image_repo: "{{ kube_image_repo }}/sig-storage/csi-snapshotter"
csi_snapshotter_image_tag: "v5.0.0"
csi_resizer_image_repo: "{{ kube_image_repo }}/sig-storage/csi-resizer"
csi_resizer_image_tag: "v1.3.0"
csi_node_driver_registrar_image_repo: "{{ kube_image_repo }}/sig-storage/csi-node-driver-registrar"
csi_node_driver_registrar_image_tag: "v2.4.0"
csi_livenessprobe_image_repo: "{{ kube_image_repo }}/sig-storage/livenessprobe"
csi_livenessprobe_image_tag: "v2.5.0"
snapshot_controller_supported_versions:
v1.30: "v7.0.2"
v1.29: "v7.0.2"
v1.28: "v7.0.2"
snapshot_controller_image_repo: "{{ kube_image_repo }}/sig-storage/snapshot-controller"
snapshot_controller_image_tag: "{{ snapshot_controller_supported_versions[kube_major_version] }}"
cinder_csi_plugin_version: "v1.30.0"
cinder_csi_plugin_image_repo: "{{ kube_image_repo }}/provider-os/cinder-csi-plugin"
cinder_csi_plugin_image_tag: "{{ cinder_csi_plugin_version }}"
aws_ebs_csi_plugin_version: "v0.5.0"
aws_ebs_csi_plugin_image_repo: "{{ docker_image_repo }}/amazon/aws-ebs-csi-driver"
aws_ebs_csi_plugin_image_tag: "{{ aws_ebs_csi_plugin_version }}"
gcp_pd_csi_plugin_version: "v1.9.2"
gcp_pd_csi_plugin_image_repo: "{{ kube_image_repo }}/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver"
gcp_pd_csi_plugin_image_tag: "{{ gcp_pd_csi_plugin_version }}"
azure_csi_image_repo: "mcr.microsoft.com/oss/kubernetes-csi"
azure_csi_provisioner_image_tag: "v2.2.2"
azure_csi_attacher_image_tag: "v3.3.0"
azure_csi_resizer_image_tag: "v1.3.0"
azure_csi_livenessprobe_image_tag: "v2.5.0"
azure_csi_node_registrar_image_tag: "v2.4.0"
azure_csi_snapshotter_image_tag: "v3.0.3"
azure_csi_plugin_version: "v1.10.0"
azure_csi_plugin_image_repo: "mcr.microsoft.com/k8s/csi"
azure_csi_plugin_image_tag: "{{ azure_csi_plugin_version }}"
gcp_pd_csi_image_repo: "gke.gcr.io"
gcp_pd_csi_driver_image_tag: "v0.7.0-gke.0"
gcp_pd_csi_provisioner_image_tag: "v1.5.0-gke.0"
gcp_pd_csi_attacher_image_tag: "v2.1.1-gke.0"
gcp_pd_csi_resizer_image_tag: "v0.4.0-gke.0"
gcp_pd_csi_registrar_image_tag: "v1.2.0-gke.0"
dashboard_image_repo: "{{ docker_image_repo }}/kubernetesui/dashboard"
dashboard_image_tag: "v2.7.0"
dashboard_metrics_scraper_repo: "{{ docker_image_repo }}/kubernetesui/metrics-scraper"
dashboard_metrics_scraper_tag: "v1.0.8"
metallb_speaker_image_repo: "{{ quay_image_repo }}/metallb/speaker"
metallb_controller_image_repo: "{{ quay_image_repo }}/metallb/controller"
metallb_version: v0.13.9
node_feature_discovery_version: v0.16.4
node_feature_discovery_image_repo: "{{ kube_image_repo }}/nfd/node-feature-discovery"
node_feature_discovery_image_tag: "{{ node_feature_discovery_version }}"
downloads:
netcheck_server:
enabled: "{{ deploy_netchecker }}"
container: true
repo: "{{ netcheck_server_image_repo }}"
tag: "{{ netcheck_server_image_tag }}"
sha256: "{{ netcheck_server_digest_checksum | default(None) }}"
groups:
- k8s_cluster
netcheck_agent:
enabled: "{{ deploy_netchecker }}"
container: true
repo: "{{ netcheck_agent_image_repo }}"
tag: "{{ netcheck_agent_image_tag }}"
sha256: "{{ netcheck_agent_digest_checksum | default(None) }}"
groups:
- k8s_cluster
etcd:
container: "{{ etcd_deployment_type != 'host' }}"
file: "{{ etcd_deployment_type == 'host' }}"
enabled: true
version: "{{ etcd_version }}"
dest: "{{ local_release_dir }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
repo: "{{ etcd_image_repo }}"
tag: "{{ etcd_image_tag }}"
sha256: >-
{{ etcd_binary_checksum if (etcd_deployment_type == 'host')
else etcd_digest_checksum | d(None) }}
url: "{{ etcd_download_url }}"
unarchive: "{{ etcd_deployment_type == 'host' }}"
owner: "root"
mode: "0755"
groups:
- etcd
cni:
enabled: true
file: true
version: "{{ cni_version }}"
dest: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
sha256: "{{ cni_binary_checksum }}"
url: "{{ cni_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
kubeadm:
enabled: true
file: true
version: "{{ kube_version }}"
dest: "{{ local_release_dir }}/kubeadm-{{ kube_version }}-{{ image_arch }}"
sha256: "{{ kubeadm_binary_checksum }}"
url: "{{ kubeadm_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
kubelet:
enabled: true
file: true
version: "{{ kube_version }}"
dest: "{{ local_release_dir }}/kubelet-{{ kube_version }}-{{ image_arch }}"
sha256: "{{ kubelet_binary_checksum }}"
url: "{{ kubelet_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
kubectl:
enabled: true
file: true
version: "{{ kube_version }}"
dest: "{{ local_release_dir }}/kubectl-{{ kube_version }}-{{ image_arch }}"
sha256: "{{ kubectl_binary_checksum }}"
url: "{{ kubectl_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- kube_control_plane
crictl:
file: true
enabled: true
version: "{{ crictl_version }}"
dest: "{{ local_release_dir }}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz"
sha256: "{{ crictl_binary_checksum }}"
url: "{{ crictl_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- k8s_cluster
crio:
file: true
enabled: "{{ container_manager == 'crio' }}"
version: "{{ crio_version }}"
dest: "{{ local_release_dir }}/cri-o.{{ image_arch }}.{{ crio_version }}tar.gz"
sha256: "{{ crio_archive_checksum }}"
url: "{{ crio_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- k8s_cluster
cri_dockerd:
file: true
enabled: "{{ container_manager == 'docker' }}"
version: "{{ cri_dockerd_version }}"
dest: "{{ local_release_dir }}/cri-dockerd-{{ cri_dockerd_version }}.{{ image_arch }}.tar.gz"
sha256: "{{ cri_dockerd_archive_checksum }}"
url: "{{ cri_dockerd_download_url }}"
unarchive: true
unarchive_extra_opts:
- --strip=1
owner: "root"
mode: "0755"
groups:
- k8s_cluster
crun:
file: true
enabled: "{{ crun_enabled }}"
version: "{{ crun_version }}"
dest: "{{ local_release_dir }}/crun-{{ crun_version }}-{{ image_arch }}"
sha256: "{{ crun_binary_checksum }}"
url: "{{ crun_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
youki:
file: true
enabled: "{{ youki_enabled }}"
version: "{{ youki_version }}"
dest: "{{ local_release_dir }}/youki_{{ youki_version | regex_replace('\\.', '_') }}_linux.tar.gz"
sha256: "{{ youki_archive_checksum }}"
url: "{{ youki_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- k8s_cluster
runc:
file: true
enabled: "{{ container_manager == 'containerd' }}"
version: "{{ runc_version }}"
dest: "{{ local_release_dir }}/runc-{{ runc_version }}.{{ image_arch }}"
sha256: "{{ runc_binary_checksum }}"
url: "{{ runc_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
kata_containers:
enabled: "{{ kata_containers_enabled }}"
file: true
version: "{{ kata_containers_version }}"
dest: "{{ local_release_dir }}/kata-static-{{ kata_containers_version }}-{{ image_arch }}.tar.xz"
sha256: "{{ kata_containers_binary_checksum }}"
url: "{{ kata_containers_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
containerd:
enabled: "{{ container_manager == 'containerd' }}"
file: true
version: "{{ containerd_version }}"
dest: "{{ local_release_dir }}/containerd-{{ containerd_version }}-linux-{{ image_arch }}.tar.gz"
sha256: "{{ containerd_archive_checksum }}"
url: "{{ containerd_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
gvisor_runsc:
enabled: "{{ gvisor_enabled }}"
file: true
version: "{{ gvisor_version }}"
dest: "{{ local_release_dir }}/gvisor-runsc-{{ gvisor_version }}-{{ ansible_architecture }}"
sha256: "{{ gvisor_runsc_binary_checksum }}"
url: "{{ gvisor_runsc_download_url }}"
unarchive: false
owner: "root"
mode: 755
groups:
- k8s_cluster
gvisor_containerd_shim:
enabled: "{{ gvisor_enabled }}"
file: true
version: "{{ gvisor_version }}"
dest: "{{ local_release_dir }}/gvisor-containerd-shim-runsc-v1-{{ gvisor_version }}-{{ ansible_architecture }}"
sha256: "{{ gvisor_containerd_shim_binary_checksum }}"
url: "{{ gvisor_containerd_shim_runsc_download_url }}"
unarchive: false
owner: "root"
mode: 755
groups:
- k8s_cluster
nerdctl:
file: true
enabled: "{{ container_manager == 'containerd' }}"
version: "{{ nerdctl_version }}"
dest: "{{ local_release_dir }}/nerdctl-{{ nerdctl_version }}-linux-{{ image_arch }}.tar.gz"
sha256: "{{ nerdctl_archive_checksum }}"
url: "{{ nerdctl_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- k8s_cluster
skopeo:
file: true
enabled: "{{ container_manager == 'crio' }}"
version: "{{ skopeo_version }}"
dest: "{{ local_release_dir }}/skopeo-{{ skopeo_version }}-{{ image_arch }}"
sha256: "{{ skopeo_binary_checksum }}"
url: "{{ skopeo_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- kube_control_plane
cilium:
enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
container: true
repo: "{{ cilium_image_repo }}"
tag: "{{ cilium_image_tag }}"
sha256: "{{ cilium_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_operator:
enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
container: true
repo: "{{ cilium_operator_image_repo }}"
tag: "{{ cilium_operator_image_tag }}"
sha256: "{{ cilium_operator_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_hubble_relay:
enabled: "{{ cilium_enable_hubble }}"
container: true
repo: "{{ cilium_hubble_relay_image_repo }}"
tag: "{{ cilium_hubble_relay_image_tag }}"
sha256: "{{ cilium_hubble_relay_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_hubble_certgen:
enabled: "{{ cilium_enable_hubble }}"
container: true
repo: "{{ cilium_hubble_certgen_image_repo }}"
tag: "{{ cilium_hubble_certgen_image_tag }}"
sha256: "{{ cilium_hubble_certgen_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_hubble_ui:
enabled: "{{ cilium_enable_hubble }}"
container: true
repo: "{{ cilium_hubble_ui_image_repo }}"
tag: "{{ cilium_hubble_ui_image_tag }}"
sha256: "{{ cilium_hubble_ui_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_hubble_ui_backend:
enabled: "{{ cilium_enable_hubble }}"
container: true
repo: "{{ cilium_hubble_ui_backend_image_repo }}"
tag: "{{ cilium_hubble_ui_backend_image_tag }}"
sha256: "{{ cilium_hubble_ui_backend_digest_checksum | default(None) }}"
groups:
- k8s_cluster
cilium_hubble_envoy:
enabled: "{{ cilium_enable_hubble }}"
container: true
repo: "{{ cilium_hubble_envoy_image_repo }}"
tag: "{{ cilium_hubble_envoy_image_tag }}"
sha256: "{{ cilium_hubble_envoy_digest_checksum | default(None) }}"
groups:
- k8s_cluster
ciliumcli:
enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
file: true
version: "{{ cilium_cli_version }}"
dest: "{{ local_release_dir }}/cilium-{{ cilium_cli_version }}-{{ image_arch }}.tar.gz"
sha256: "{{ ciliumcli_binary_checksum }}"
url: "{{ ciliumcli_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- k8s_cluster
multus:
enabled: "{{ kube_network_plugin_multus }}"
container: true
repo: "{{ multus_image_repo }}"
tag: "{{ multus_image_tag }}"
sha256: "{{ multus_digest_checksum | default(None) }}"
groups:
- k8s_cluster
flannel:
enabled: "{{ kube_network_plugin == 'flannel' }}"
container: true
repo: "{{ flannel_image_repo }}"
tag: "{{ flannel_image_tag }}"
sha256: "{{ flannel_digest_checksum | default(None) }}"
groups:
- k8s_cluster
flannel_init:
enabled: "{{ kube_network_plugin == 'flannel' }}"
container: true
repo: "{{ flannel_init_image_repo }}"
tag: "{{ flannel_init_image_tag }}"
sha256: "{{ flannel_init_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calicoctl:
enabled: "{{ kube_network_plugin == 'calico' }}"
file: true
version: "{{ calico_ctl_version }}"
dest: "{{ local_release_dir }}/calicoctl-{{ calico_ctl_version }}-{{ image_arch }}"
sha256: "{{ calicoctl_binary_checksum }}"
url: "{{ calicoctl_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- k8s_cluster
calico_node:
enabled: "{{ kube_network_plugin == 'calico' }}"
container: true
repo: "{{ calico_node_image_repo }}"
tag: "{{ calico_node_image_tag }}"
sha256: "{{ calico_node_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_cni:
enabled: "{{ kube_network_plugin == 'calico' }}"
container: true
repo: "{{ calico_cni_image_repo }}"
tag: "{{ calico_cni_image_tag }}"
sha256: "{{ calico_cni_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_flexvol:
enabled: "{{ kube_network_plugin == 'calico' }}"
container: true
repo: "{{ calico_flexvol_image_repo }}"
tag: "{{ calico_flexvol_image_tag }}"
sha256: "{{ calico_flexvol_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_policy:
enabled: "{{ enable_network_policy and kube_network_plugin in ['calico'] }}"
container: true
repo: "{{ calico_policy_image_repo }}"
tag: "{{ calico_policy_image_tag }}"
sha256: "{{ calico_policy_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_typha:
enabled: "{{ typha_enabled }}"
container: true
repo: "{{ calico_typha_image_repo }}"
tag: "{{ calico_typha_image_tag }}"
sha256: "{{ calico_typha_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_apiserver:
enabled: "{{ calico_apiserver_enabled }}"
container: true
repo: "{{ calico_apiserver_image_repo }}"
tag: "{{ calico_apiserver_image_tag }}"
sha256: "{{ calico_apiserver_digest_checksum | default(None) }}"
groups:
- k8s_cluster
calico_crds:
file: true
enabled: "{{ kube_network_plugin == 'calico' and calico_datastore == 'kdd' }}"
version: "{{ calico_version }}"
dest: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds/{{ calico_version }}.tar.gz"
sha256: "{{ calico_crds_archive_checksum }}"
url: "{{ calico_crds_download_url }}"
unarchive: true
unarchive_extra_opts:
- "{{ '--strip=6' if (calico_version is version('v3.22.3', '<')) else '--strip=3' }}"
- "--wildcards"
- "{{ '*/_includes/charts/calico/crds/kdd/' if (calico_version is version('v3.22.3', '<')) else '*/libcalico-go/config/crd/' }}"
owner: "root"
mode: "0755"
groups:
- kube_control_plane
weave_kube:
enabled: "{{ kube_network_plugin == 'weave' }}"
container: true
repo: "{{ weave_kube_image_repo }}"
tag: "{{ weave_kube_image_tag }}"
sha256: "{{ weave_kube_digest_checksum | default(None) }}"
groups:
- k8s_cluster
weave_npc:
enabled: "{{ kube_network_plugin == 'weave' }}"
container: true
repo: "{{ weave_npc_image_repo }}"
tag: "{{ weave_npc_image_tag }}"
sha256: "{{ weave_npc_digest_checksum | default(None) }}"
groups:
- k8s_cluster
kube_ovn:
enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
container: true
repo: "{{ kube_ovn_container_image_repo }}"
tag: "{{ kube_ovn_container_image_tag }}"
sha256: "{{ kube_ovn_digest_checksum | default(None) }}"
groups:
- k8s_cluster
kube_router:
enabled: "{{ kube_network_plugin == 'kube-router' }}"
container: true
repo: "{{ kube_router_image_repo }}"
tag: "{{ kube_router_image_tag }}"
sha256: "{{ kube_router_digest_checksum | default(None) }}"
groups:
- k8s_cluster
pod_infra:
enabled: true
container: true
repo: "{{ pod_infra_image_repo }}"
tag: "{{ pod_infra_image_tag }}"
sha256: "{{ pod_infra_digest_checksum | default(None) }}"
groups:
- k8s_cluster
kube-vip:
enabled: "{{ kube_vip_enabled }}"
container: true
repo: "{{ kube_vip_image_repo }}"
tag: "{{ kube_vip_image_tag }}"
sha256: "{{ kube_vip_digest_checksum | default(None) }}"
groups:
- kube_control_plane
nginx:
enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'nginx' }}"
container: true
repo: "{{ nginx_image_repo }}"
tag: "{{ nginx_image_tag }}"
sha256: "{{ nginx_digest_checksum | default(None) }}"
groups:
- kube_node
haproxy:
enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'haproxy' }}"
container: true
repo: "{{ haproxy_image_repo }}"
tag: "{{ haproxy_image_tag }}"
sha256: "{{ haproxy_digest_checksum | default(None) }}"
groups:
- kube_node
coredns:
enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
container: true
repo: "{{ coredns_image_repo }}"
tag: "{{ coredns_image_tag }}"
sha256: "{{ coredns_digest_checksum | default(None) }}"
groups:
- k8s_cluster
nodelocaldns:
enabled: "{{ enable_nodelocaldns }}"
container: true
repo: "{{ nodelocaldns_image_repo }}"
tag: "{{ nodelocaldns_image_tag }}"
sha256: "{{ nodelocaldns_digest_checksum | default(None) }}"
groups:
- k8s_cluster
dnsautoscaler:
enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
container: true
repo: "{{ dnsautoscaler_image_repo }}"
tag: "{{ dnsautoscaler_image_tag }}"
sha256: "{{ dnsautoscaler_digest_checksum | default(None) }}"
groups:
- kube_control_plane
helm:
enabled: "{{ helm_enabled }}"
file: true
version: "{{ helm_version }}"
dest: "{{ local_release_dir }}/helm-{{ helm_version }}/helm-{{ helm_version }}-linux-{{ image_arch }}.tar.gz"
sha256: "{{ helm_archive_checksum }}"
url: "{{ helm_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- kube_control_plane
krew:
enabled: "{{ krew_enabled }}"
file: true
version: "{{ krew_version }}"
dest: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz"
sha256: "{{ krew_archive_checksum }}"
url: "{{ krew_download_url }}"
unarchive: true
owner: "root"
mode: "0755"
groups:
- kube_control_plane
registry:
enabled: "{{ registry_enabled }}"
container: true
repo: "{{ registry_image_repo }}"
tag: "{{ registry_image_tag }}"
sha256: "{{ registry_digest_checksum | default(None) }}"
groups:
- kube_node
metrics_server:
enabled: "{{ metrics_server_enabled }}"
container: true
repo: "{{ metrics_server_image_repo }}"
tag: "{{ metrics_server_image_tag }}"
sha256: "{{ metrics_server_digest_checksum | default(None) }}"
groups:
- kube_control_plane
local_volume_provisioner:
enabled: "{{ local_volume_provisioner_enabled }}"
container: true
repo: "{{ local_volume_provisioner_image_repo }}"
tag: "{{ local_volume_provisioner_image_tag }}"
sha256: "{{ local_volume_provisioner_digest_checksum | default(None) }}"
groups:
- kube_node
cephfs_provisioner:
enabled: "{{ cephfs_provisioner_enabled }}"
container: true
repo: "{{ cephfs_provisioner_image_repo }}"
tag: "{{ cephfs_provisioner_image_tag }}"
sha256: "{{ cephfs_provisioner_digest_checksum | default(None) }}"
groups:
- kube_node
rbd_provisioner:
enabled: "{{ rbd_provisioner_enabled }}"
container: true
repo: "{{ rbd_provisioner_image_repo }}"
tag: "{{ rbd_provisioner_image_tag }}"
sha256: "{{ rbd_provisioner_digest_checksum | default(None) }}"
groups:
- kube_node
local_path_provisioner:
enabled: "{{ local_path_provisioner_enabled }}"
container: true
repo: "{{ local_path_provisioner_image_repo }}"
tag: "{{ local_path_provisioner_image_tag }}"
sha256: "{{ local_path_provisioner_digest_checksum | default(None) }}"
groups:
- kube_node
ingress_nginx_controller:
enabled: "{{ ingress_nginx_enabled }}"
container: true
repo: "{{ ingress_nginx_controller_image_repo }}"
tag: "{{ ingress_nginx_controller_image_tag }}"
sha256: "{{ ingress_nginx_controller_digest_checksum | default(None) }}"
groups:
- kube_node
ingress_alb_controller:
enabled: "{{ ingress_alb_enabled }}"
container: true
repo: "{{ alb_ingress_image_repo }}"
tag: "{{ alb_ingress_image_tag }}"
sha256: "{{ ingress_alb_controller_digest_checksum | default(None) }}"
groups:
- kube_node
cert_manager_controller:
enabled: "{{ cert_manager_enabled }}"
container: true
repo: "{{ cert_manager_controller_image_repo }}"
tag: "{{ cert_manager_controller_image_tag }}"
sha256: "{{ cert_manager_controller_digest_checksum | default(None) }}"
groups:
- kube_node
cert_manager_cainjector:
enabled: "{{ cert_manager_enabled }}"
container: true
repo: "{{ cert_manager_cainjector_image_repo }}"
tag: "{{ cert_manager_cainjector_image_tag }}"
sha256: "{{ cert_manager_cainjector_digest_checksum | default(None) }}"
groups:
- kube_node
cert_manager_webhook:
enabled: "{{ cert_manager_enabled }}"
container: true
repo: "{{ cert_manager_webhook_image_repo }}"
tag: "{{ cert_manager_webhook_image_tag }}"
sha256: "{{ cert_manager_webhook_digest_checksum | default(None) }}"
groups:
- kube_node
csi_attacher:
enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
container: true
repo: "{{ csi_attacher_image_repo }}"
tag: "{{ csi_attacher_image_tag }}"
sha256: "{{ csi_attacher_digest_checksum | default(None) }}"
groups:
- kube_node
csi_provisioner:
enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
container: true
repo: "{{ csi_provisioner_image_repo }}"
tag: "{{ csi_provisioner_image_tag }}"
sha256: "{{ csi_provisioner_digest_checksum | default(None) }}"
groups:
- kube_node
csi_snapshotter:
enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
container: true
repo: "{{ csi_snapshotter_image_repo }}"
tag: "{{ csi_snapshotter_image_tag }}"
sha256: "{{ csi_snapshotter_digest_checksum | default(None) }}"
groups:
- kube_node
snapshot_controller:
enabled: "{{ csi_snapshot_controller_enabled }}"
container: true
repo: "{{ snapshot_controller_image_repo }}"
tag: "{{ snapshot_controller_image_tag }}"
sha256: "{{ snapshot_controller_digest_checksum | default(None) }}"
groups:
- kube_node
csi_resizer:
enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
container: true
repo: "{{ csi_resizer_image_repo }}"
tag: "{{ csi_resizer_image_tag }}"
sha256: "{{ csi_resizer_digest_checksum | default(None) }}"
groups:
- kube_node
csi_node_driver_registrar:
enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
container: true
repo: "{{ csi_node_driver_registrar_image_repo }}"
tag: "{{ csi_node_driver_registrar_image_tag }}"
sha256: "{{ csi_node_driver_registrar_digest_checksum | default(None) }}"
groups:
- kube_node
cinder_csi_plugin:
enabled: "{{ cinder_csi_enabled }}"
container: true
repo: "{{ cinder_csi_plugin_image_repo }}"
tag: "{{ cinder_csi_plugin_image_tag }}"
sha256: "{{ cinder_csi_plugin_digest_checksum | default(None) }}"
groups:
- kube_node
aws_ebs_csi_plugin:
enabled: "{{ aws_ebs_csi_enabled }}"
container: true
repo: "{{ aws_ebs_csi_plugin_image_repo }}"
tag: "{{ aws_ebs_csi_plugin_image_tag }}"
sha256: "{{ aws_ebs_csi_plugin_digest_checksum | default(None) }}"
groups:
- kube_node
dashboard:
enabled: "{{ dashboard_enabled }}"
container: true
repo: "{{ dashboard_image_repo }}"
tag: "{{ dashboard_image_tag }}"
sha256: "{{ dashboard_digest_checksum | default(None) }}"
groups:
- kube_control_plane
dashboard_metrics_scrapper:
enabled: "{{ dashboard_enabled }}"
container: true
repo: "{{ dashboard_metrics_scraper_repo }}"
tag: "{{ dashboard_metrics_scraper_tag }}"
sha256: "{{ dashboard_digest_checksum | default(None) }}"
groups:
- kube_control_plane
metallb_speaker:
enabled: "{{ metallb_speaker_enabled }}"
container: true
repo: "{{ metallb_speaker_image_repo }}"
tag: "{{ metallb_version }}"
sha256: "{{ metallb_speaker_digest_checksum | default(None) }}"
groups:
- kube_control_plane
metallb_controller:
enabled: "{{ metallb_enabled }}"
container: true
repo: "{{ metallb_controller_image_repo }}"
tag: "{{ metallb_version }}"
sha256: "{{ metallb_controller_digest_checksum | default(None) }}"
groups:
- kube_control_plane
yq:
enabled: "{{ argocd_enabled }}"
file: true
version: "{{ yq_version }}"
dest: "{{ local_release_dir }}/yq-{{ yq_version }}-{{ image_arch }}"
sha256: "{{ yq_binary_checksum | default(None) }}"
url: "{{ yq_download_url }}"
unarchive: false
owner: "root"
mode: "0755"
groups:
- kube_control_plane
download_defaults:
container: false
file: false
repo: None
tag: None
enabled: false
dest: None
version: None
url: None
unarchive: false
owner: "{{ kube_owner }}"
mode: None
|
