You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

905 lines
36 KiB

Added file and container image caching (#4828) * File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant. * When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching. * The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache * A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost. * Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009 * Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused. * Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml * All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching. Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical. Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
5 years ago
6 years ago
7 years ago
6 years ago
6 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
6 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
6 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
  1. ---
  2. local_release_dir: /tmp/releases
  3. download_cache_dir: /tmp/kubespray_cache
  4. # do not delete remote cache files after using them
  5. # NOTE: Setting this parameter to TRUE is only really useful when developing kubespray
  6. download_keep_remote_cache: false
  7. # Only useful when download_run_once is false: Localy cached files and images are
  8. # uploaded to kubernetes nodes. Also, images downloaded on those nodes are copied
  9. # back to the ansible runner's cache, if they are not yet preset.
  10. download_force_cache: false
  11. # Used to only evaluate vars from download role
  12. skip_downloads: false
  13. # Optionally skip kubeadm images download
  14. skip_kubeadm_images: false
  15. kubeadm_images: {}
  16. # if this is set to true will only download files once. Doesn't work
  17. # on Container Linux by CoreOS unless the download_localhost is true and localhost
  18. # is running another OS type. Default compress level is 1 (fastest).
  19. download_run_once: False
  20. download_compress: 1
  21. # if this is set to true will download container
  22. download_container: True
  23. # if this is set to true, uses the localhost for download_run_once mode
  24. # (requires docker and sudo to access docker). You may want this option for
  25. # local caching of docker images or for Container Linux by CoreOS cluster nodes.
  26. # Otherwise, uses the first node in the kube-master group to store images
  27. # in the download_run_once mode.
  28. download_localhost: False
  29. # Always pull images if set to True. Otherwise check by the repo's tag/digest.
  30. download_always_pull: False
  31. # Some problems may occur when downloading files over https proxy due to ansible bug
  32. # https://github.com/ansible/ansible/issues/32750. Set this variable to False to disable
  33. # SSL validation of get_url module. Note that kubespray will still be performing checksum validation.
  34. download_validate_certs: True
  35. # Use the first kube-master if download_localhost is not set
  36. download_delegate: "{% if download_localhost %}localhost{% else %}{{ groups['kube-master'][0] }}{% endif %}"
  37. # Arch of Docker images and needed packages
  38. image_arch: "{{host_architecture | default('amd64')}}"
  39. # Versions
  40. kube_version: v1.16.3
  41. kubeadm_version: "{{ kube_version }}"
  42. etcd_version: v3.3.10
  43. # gcr and kubernetes image repo define
  44. gcr_image_repo: "gcr.io"
  45. kube_image_repo: "{{ gcr_image_repo }}/google-containers"
  46. # docker image repo define
  47. docker_image_repo: "docker.io"
  48. # quay image repo define
  49. quay_image_repo: "quay.io"
  50. # TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
  51. # after migration to container download
  52. calico_version: "v3.7.3"
  53. calico_ctl_version: "v3.7.3"
  54. calico_cni_version: "v3.7.3"
  55. calico_policy_version: "v3.7.3"
  56. calico_rr_version: "v0.6.1"
  57. calico_typha_version: "v3.7.3"
  58. typha_enabled: false
  59. flannel_version: "v0.11.0"
  60. flannel_cni_version: "v0.3.0"
  61. cni_version: "v0.8.1"
  62. weave_version: 2.5.2
  63. pod_infra_version: 3.1
  64. contiv_version: 1.2.1
  65. cilium_version: "v1.5.5"
  66. kube_ovn_version: "v0.6.0"
  67. kube_router_version: "v0.2.5"
  68. multus_version: "v3.2.1"
  69. # Get kubernetes major version (i.e. 1.15.4 => 1.15)
  70. kube_major_version: "{{ kube_version | regex_replace('^v([0-9])+\\.([0-9]+)\\.[0-9]+', 'v\\1.\\2') }}"
  71. crictl_supported_versions:
  72. v1.16: "v1.16.1"
  73. v1.15: "v1.15.0"
  74. crictl_version: "{{ crictl_supported_versions[kube_major_version] }}"
  75. # Download URLs
  76. kubelet_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubelet"
  77. kubectl_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubectl"
  78. kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/{{ image_arch }}/kubeadm"
  79. etcd_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
  80. cni_download_url: "https://github.com/containernetworking/plugins/releases/download/{{ cni_version }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
  81. calicoctl_download_url: "https://github.com/projectcalico/calicoctl/releases/download/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
  82. crictl_download_url: "https://github.com/kubernetes-sigs/cri-tools/releases/download/{{ crictl_version }}/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
  83. crictl_checksums:
  84. arm:
  85. v1.16.1: 367826f3eb06c4d923f3174d23141ddacef9ffcb0c902502bd922dbad86d08dd
  86. v1.16.0: 331c49bd9196009b8230f7a36ec272924a7bcf4c1614ecddf0eb9598c787da0e
  87. v1.15.0: f31f8c3b4791608a48d030d1aa1a694a73849ae057b23a90ce4ef17e5afde9e8
  88. arm64:
  89. v1.16.1: 62b60ab7046b788df892a1b746bd602c520a59c38232febc0580692c9805f641
  90. v1.16.0: aa118c31d6f6fd2d24bb2de4a33598a14a5952e1d01f93d5c3267c2b5334743b
  91. v1.15.0: 785c3da7e058f6fd00b0a48de24b9199eb6bae940d13f509c44ea6dd7ad9ffcd
  92. amd64:
  93. v1.16.1: 19fed421710fccfe58f5573383bb137c19438a9056355556f1a15da8d23b3ad1
  94. v1.16.0: a3eefa10a483c643ad85aee3d7832a720976ef7e80dde46b212eaaacd7d09512
  95. v1.15.0: c3b71be1f363e16078b51334967348aab4f72f46ef64a61fe7754e029779d45a
  96. # Checksums
  97. kubelet_checksums:
  98. arm:
  99. v1.17.0-rc.1: 3df7fbde53456663f807b1678cec760ab92830809f6ebb82891a5c73acf25aab
  100. v1.16.3: a64dbe966aa594fcd018de1189f2b5b453ca374978d4c175fb21ecf1b955f268
  101. v1.16.2: 3c251cd89d83bae5dbae534a7c2bfff09a8ad09e0b0eac02f93a580f471631a7
  102. v1.16.1: 605581ba04a1e971dd90f4741495ebc6051601144d03b03c63e2f22d03556b4b
  103. v1.16.0: 3158e95f4b78b12af0225b4c54c487d7926ac61c783a4646290c0f3da0dce5df
  104. v1.15.5: 86bf2fb7344eea2b75da8fdd990a2c16e07ee219a7533d50681b057ca9870a14
  105. v1.15.4: b112fa280b448e6c4f420de9744160c8a38ad8dd8d3fd6c74f15e339b13389b0
  106. v1.15.3: f041c7e1bad2e335b958ee1968e0f807e97b3995afab938f96d3286d548308c3
  107. v1.15.2: a114f4a6009b9642be26d0c0595429f521a5f270c22c6699990a8c628c0909d1
  108. v1.15.1: cb97d18c61b39f0721201fedcb0219b132e521d51a2595c1f7715700626097c6
  109. v1.15.0: 663c59fca7247ca325d4328cfc3ce77d1d4eddb251137f91ec62b8cd8823d1fc
  110. arm64:
  111. v1.17.0-rc.1: 5f265ab0c385b2c0cc7a852ec3ed7e2f5d2cc12edaf77d5af2df1b716eb2f81a
  112. v1.16.3: 0b937e729506c41d85980b97150dc89e4cd0b0e791c1d18d516c3f4784bf0255
  113. v1.16.2: c155ef87b6e73661a3f5de51d1f60feab4aebbade8f30bba6cf2e66fdc5f59b0
  114. v1.16.1: d056f403814dcbadcbb9f6be0db20295c04b7fcad6dc13c145b1a51bd1a927a4
  115. v1.16.0: 64bc4b211f05246f8ec33318db68a59ecc1ba7f1a6716eb1db7f3e0ea3495ca2
  116. v1.15.5: 5a20856d77617d78fb6e9c03c37373f7b712fd42b4324b2b41846836259fb911
  117. v1.15.4: f7085ca5bc75301c0738cccdcf54b6622b4aa2c7c5ff35eddbc34b8d52833d4b
  118. v1.15.3: c0b1c4fba9cdc324b6a882cd9e0cc2e38951928697fb4b2d62e05d687c53112a
  119. v1.15.2: 96cd4f0e8785538eec2bd1423cbf8eed5ed7d7424a843f99f87a697210f236da
  120. v1.15.1: 3032531dc8ff4ea1debafcfb7b84f6c39a83e67a452a50b64d1023ba57299100
  121. v1.15.0: a16443434eb0391991bff9a10288d83beb38be4d406954858d9fdc1063870284
  122. amd64:
  123. v1.17.0-rc.1: e4860d4ad7f51c0d7f60060722acfe0ec59706f663e31dd9f0a07025e0f92c77
  124. v1.16.3: 4e8ef215809f1b2af44408bf6039c9e57546a8a209b49720d0489e3aece66938
  125. v1.16.2: 0c24425d7cc029bffd86bfbedcb6a63cd42c21052c3248e43918ef15d3fc03ee
  126. v1.16.1: 29a66f72ce8bf4b08eec868953cc9c179e0f2319a52480d3c1259a24a24a9eb3
  127. v1.16.0: 77ac3f347497434b790aba46e6e06bb2e6e7a6e76b05af739d33b0441d39a263
  128. v1.15.5: de590308448a62982aa6209b52da6de69ee4855e449e5508c288c8d12d074ec5
  129. v1.15.4: 6f8e06b422e86ad5c3008ebd1ba2136620b1ba02a7f26b9d4305cdf5fb3f8755
  130. v1.15.3: dc08c9ad350d0046bc2ec910dcd266bd30cb6e7ef1f9170bb8df455d9d083d73
  131. v1.15.2: 5f1001608bac508ba7158704e8f762911dd52d0e16740984679f5c8263336e08
  132. v1.15.1: d9f5c09d47c448ac12b061821c1149aba32933cf79470a85e46d8b3b338aa72b
  133. v1.15.0: f13b9a2f840e0e18b4fa92a217c95977036113c74f56bb0652efd2e7bcbfba15
  134. kubectl_checksums:
  135. arm:
  136. v1.17.0-rc.1: 0e26d5cf8c4d20d650f241a590e537be09ae38945610e15fc2c07d5ab8d8bff5
  137. v1.16.3: 2cc711c92eea6ca66aeefa2dab73c553db3551a267f8ee102daa9f2fbf34ee9b
  138. v1.16.2: 3b3331502ffbdf762904395246bfd2125c12569995eb66fa8b0a08fbd969877b
  139. v1.16.1: ee975a46a67967bf008db15d70e429b62d68ce3adfc7c8ddb6ef26194d220896
  140. v1.16.0: 86c130d211144f9665a4441f43ced8151e7df54a3af7e2874d46fbff79608e2e
  141. v1.15.5: d5a125d3f67b3db0f88753f27b73eaa3213a98057ee1d8333ea4813e03626d1a
  142. v1.15.4: fb4cbcb6ea5c2f86ce6ba7cf33692fda53ee141656e533f673920a118c9e5d76
  143. v1.15.3: 36191382af50f95bb2bbedeb57b9d89ccb89d7a73600569dd3adbdfb336596f6
  144. v1.15.2: ac5027be37354aedd83a9768e467d82fd3e26a44f34fa4fabdc43ccf42b2fbb1
  145. v1.15.1: 17f1ba668d98f6d57b2494273a81b49c35aecc3d13a3de36cef390e0bad60ee0
  146. v1.15.0: 3ea07f7fa18309a630a9f317582de742befbf8efdcb22300a192941b4075c16f
  147. arm64:
  148. v1.17.0-rc.1: aaa95e122a2d215a0ed79a5ccf6a15eac82b88e4463c98adc0d7e2fb00330a65
  149. v1.16.3: ba7e98f837ba892eced9cae962c3648fe507c7fb4e9d7b1b969da8326bbc5dd9
  150. v1.16.2: d44669ee4d137ccb3375293eedb3b585ac36d69d3e875cd3d8158292454bfac1
  151. v1.16.1: 8366cd74910411dd9546117edd98b3248b6d33e8ea9b7e65de84168e0f162d47
  152. v1.16.0: bdec615287163fa53b315f9d0481da3900df4063b0a41c3a412077fe765ee6c2
  153. v1.15.5: 39fe671e945f2bd38f35eeea9207c9b6d3e035606204ea3c6c943033d3babf5d
  154. v1.15.4: 910d75b86d1e937174cfd2ccb52b12195862e69ac39c50126af076ba791e9386
  155. v1.15.3: a7a4a2c1c56d86c89a5edf3d8d78747a29cf3702d0d2df326ff940ef70048aa2
  156. v1.15.2: 5379b504028416467bbe7bdb3c5e7d013c197a55775938675c1b940941270df5
  157. v1.15.1: 1f5ad15f0522c5038ea014f4b6987a7a67d68585c1fb158349619b552c027a8c
  158. v1.15.0: db05f4c1799e019d5ebc51737f31132c191ffce13c516fa758e7137173abd855
  159. amd64:
  160. v1.17.0-rc.1: 1b24e34d0de028054ae59f7208ff5db4ae3bb16d1fe771422b4f8f3b698cac79
  161. v1.16.3: cded1b46405741575f31024b757fd967645e815bb0ab1c5f5fcd029f25cc0f2d
  162. v1.16.2: 3ff48e12f9c768ad548e4221d805281ea28dfcda5c18b3cd1797fe37aee3012e
  163. v1.16.1: 69cfb3eeaa0b77cc4923428855acdfc9ca9786544eeaff9c21913be830869d29
  164. v1.16.0: 4fc8a7024ef17b907820890f11ba7e59a6a578fa91ea593ce8e58b3260f7fb88
  165. v1.15.5: be84cf088241f29eca6221430f8fdb3788bc80eccb79b839d721c0daa6b46244
  166. v1.15.4: ada48ed9160f83bda949546fd2c7e443b97a5212c4f99148d66866c65ceb9dab
  167. v1.15.3: 6e805054a1fb2280abb53f75b57a1b92bf9c66ffe0d2cdcd46e81b079d93c322
  168. v1.15.2: a737000af13f9c8c347945bc581b819659c464eae92056424bdddae735e2e888
  169. v1.15.1: f4f4b855ab16ef295bc74f07edc77482d43e8fe81abc7cf92c476c4344788aa6
  170. v1.15.0: ecec7fe4ffa03018ff00f14e228442af5c2284e57771e4916b977c20ba4e5b39
  171. kubeadm_checksums:
  172. arm:
  173. v1.17.0-rc.1: 1f5e9dabbe08c1a28f38bc0320f686a21d5ce5e1e6d3720e632b0bd7efec8ddb
  174. v1.16.3: ff0bdab35e6ed3784db0db1022c94efcb89c5d6da314a3d6b811af3cb1bfb06e
  175. v1.16.2: cbddf79fbcdcde7046251b51ef52a16b08ed00bd9132f25cda5be9c82fa731fd
  176. v1.16.1: 38293a03064f47c3817299475b8dc950563854aff99a87d07cf31f0ebf402015
  177. v1.16.0: 6c666958e11b7d4513adecb3107c885c98bdc79f38d369c9f80eaaeae4ddfe66
  178. v1.15.5: 4a4ed964b61bbe99c4293c5ef0168cc8c2601d285e525d177b8b0d478960a8ab
  179. v1.15.4: 69984698052f1563fd44d78e1a68e140a552df7ed57ccd9c83bdfd82bc6103dd
  180. v1.15.3: 6c6fa56810908b5be83882094ea199844edc94b7e969160623c86512d9251c06
  181. v1.15.2: 4b35ad0031c08a83de7c8d9f9bbed6a30d93a5c74e16ea9e6211ad2e0e12bdd1
  182. v1.15.1: 855abd520291dcef0577a1a2ef87a70f522fd2b22603a12abcd86c2f7ec9c022
  183. v1.15.0: 9464030a1d4e101de5f47348f3514d5a9eb95cbce2e5e31f53ada1ca485cf75e
  184. arm64:
  185. v1.17.0-rc.1: 6786ce758165ceed1276c00b86193604785377ab33a78f43fc78d19042163fe6
  186. v1.16.3: e9f8e806a4f18a6970d228e0434ce1ba976f6a0fde2690c6a3b1e2d72f23eaa0
  187. v1.16.2: 4287d025a0c9743325c8891b7139ff718c79e4302e2004c5472a06b410a196b1
  188. v1.16.1: 000aaffa911d3d46dad0a4af8d59408ee56eea5b8eff5cb1b9fbee9986763165
  189. v1.16.0: 9a1d21bfb6bd15697ac010665e5917a5364b340d5b60f2f0302c179d75da0f3f
  190. v1.15.5: 26e0587398cf4b5bf4456aa65c507aa3713498025a43e3ae1654f54295f27464
  191. v1.15.4: df6747066627f8d803033c20e1161c0cd68f3e8ffd72a972f1cfc4221c67c6e9
  192. v1.15.3: 6f472bc8ab1ba3d76448bd45b200edef96741e5affde8dc1429300af3a4904d8
  193. v1.15.2: d3b6ee2048b366726ca366d2db4c46b2cacc38e8ec09cc35781d16593753d930
  194. v1.15.1: 44fbfad0f1026d249fc4f365f1e9562cd52d75360d4d1032731122ba5a4d57dc
  195. v1.15.0: fe3c79070814fe847a23209b1027672fe5c5e7e5c9611e329225058926836f96
  196. amd64:
  197. v1.17.0-rc.1: d8a0355de308201754e2a85f73d9cd5e741218f220811ee7767151109d1c6215
  198. v1.16.3: acecd15cf5471d4870959020022676e14cb6901f3c8f97019e5faee8ca956fd7
  199. v1.16.2: 9cd4a5b087088a9053ff40113ca182f0c2f959e2e51049ed2f850785c2588e04
  200. v1.16.1: 52ee74a9376b5b7d5296d9dab9bc54614b1c99d168003a78bdaea50f358a6886
  201. v1.16.0: 18f30d65fb05148c73cc07c77a83f4a2427379af493ca9f60eda42239409e7ef
  202. v1.15.5: e64bb0b2cfdcaa1f4063879bb358848c41aa1b5cc18b75c91994d11a9bf8c136
  203. v1.15.4: 3acf748ec5d69f316da85fb1e75945afb028f1e207ecb0b5986e23932c040194
  204. v1.15.3: ec56a00bc8d9ec4ac2b081a3b2127d8593daf3b2c86560cf9e6cba5ada2d5a80
  205. v1.15.2: fe2a13a1dea73249560ea44ab54c0359a9722e9c66832f6bcad86798438cba2f
  206. v1.15.1: 3d42441ae177826f1181e559cd2a729464ca8efadef196cfa0e8053a615333b5
  207. v1.15.0: fc4aa44b96dc143d7c3062124e25fed671cab884ebb8b2446edd10abb45e88c2
  208. etcd_binary_checksums:
  209. # Etcd does not have arm32 builds at the moment, having some dummy value is
  210. # required to avoid "no attribute" error
  211. arm: 0
  212. arm64: 5ec97b0b872adce275b8130d19db314f7f2b803aeb24c4aae17a19e2d66853c4
  213. amd64: 1620a59150ec0a0124a65540e23891243feb2d9a628092fb1edcc23974724a45
  214. cni_binary_checksums:
  215. arm: ae6ddbd87c05a79aceb92e1c8c32d11e302f6fc55045f87f6a3ea7e0268b2fda
  216. arm64: acde854e3def3c776c532ae521c19d8784534918cc56449ff16945a2909bff6d
  217. amd64: e9bfc78acd3ae71be77eb8f3e890cc9078a33cc3797703b8ff2fc3077a232252
  218. calicoctl_binary_checksums:
  219. arm:
  220. v3.6.1: 0
  221. v3.5.4: 0
  222. v3.4.4: 0
  223. v3.7.3: 0
  224. amd64:
  225. v3.6.1: 3b01336de37550e020343d62a38c96c4605d33a3ed7ddba2fe38bc172a5b42b5
  226. v3.5.4: 197194b838cc2a9a7455c2ebd5505a5e24f8f3d994eb75c17f5dd568944100b8
  227. v3.4.4: 93bd084e053cf1bf3b7fef369677bd6767c30fe7135e2c7e044e31693422ef61
  228. v3.7.3: 932f68e893e80e95e10f064f1e7745e438d456f41a6ff12d11bb16ca0cab735c
  229. arm64:
  230. v3.6.1: 60fbaeb257061647bdf12b5ede7a0d4298a5ee216f6472e5a92bb14ef5c2a5d3
  231. v3.5.4: a4481178665658658a73e4ceca9a1dff5cccded4179615c91d1c3e49fd96f237
  232. v3.4.4: ff35d9e8b5c00e9fe47d05e8f5123ec98fd641370f8cd93f4fbb3d913da77ab6
  233. v3.7.3: 7cfaab25c287f7ef93b2682d060b55bf39f76b668540de50376b5ed174209832
  234. etcd_binary_checksum: "{{ etcd_binary_checksums[image_arch] }}"
  235. cni_binary_checksum: "{{ cni_binary_checksums[image_arch] }}"
  236. kubelet_binary_checksum: "{{ kubelet_checksums[image_arch][kube_version] }}"
  237. kubectl_binary_checksum: "{{ kubectl_checksums[image_arch][kube_version] }}"
  238. kubeadm_binary_checksum: "{{ kubeadm_checksums[image_arch][kubeadm_version] }}"
  239. calicoctl_binary_checksum: "{{ calicoctl_binary_checksums[image_arch][calico_ctl_version] }}"
  240. crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}"
  241. # Containers
  242. # In some cases, we need a way to set --registry-mirror or --insecure-registry for docker,
  243. # it helps a lot for local private development or bare metal environment.
  244. # So you need define --registry-mirror or --insecure-registry, and modify the following url address.
  245. # example:
  246. # You need to deploy kubernetes cluster on local private development.
  247. # Also provide the address of your own private registry.
  248. # And use --insecure-registry options for docker
  249. kube_proxy_image_repo: "{{ kube_image_repo }}/kube-proxy"
  250. etcd_image_repo: "{{ quay_image_repo }}/coreos/etcd"
  251. etcd_image_tag: "{{ etcd_version }}{%- if image_arch != 'amd64' -%}-{{ image_arch }}{%- endif -%}"
  252. flannel_image_repo: "{{ quay_image_repo }}/coreos/flannel"
  253. flannel_image_tag: "{{ flannel_version }}"
  254. flannel_cni_image_repo: "{{ quay_image_repo }}/coreos/flannel-cni"
  255. flannel_cni_image_tag: "{{ flannel_cni_version }}"
  256. calico_node_image_repo: "{{ docker_image_repo }}/calico/node"
  257. calico_node_image_tag: "{{ calico_version }}"
  258. calico_cni_image_repo: "{{ docker_image_repo }}/calico/cni"
  259. calico_cni_image_tag: "{{ calico_cni_version }}"
  260. calico_policy_image_repo: "{{ docker_image_repo }}/calico/kube-controllers"
  261. calico_policy_image_tag: "{{ calico_policy_version }}"
  262. calico_rr_image_repo: "{{ docker_image_repo }}/calico/routereflector"
  263. calico_rr_image_tag: "{{ calico_rr_version }}"
  264. calico_typha_image_repo: "{{ docker_image_repo }}/calico/typha"
  265. calico_typha_image_tag: "{{ calico_typha_version }}"
  266. pod_infra_image_repo: "{{ gcr_image_repo }}/google_containers/pause-{{ image_arch }}"
  267. pod_infra_image_tag: "{{ pod_infra_version }}"
  268. install_socat_image_repo: "{{ docker_image_repo }}/xueshanf/install-socat"
  269. install_socat_image_tag: "latest"
  270. netcheck_version: "v1.0"
  271. netcheck_agent_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-agent"
  272. netcheck_agent_image_tag: "{{ netcheck_version }}"
  273. netcheck_server_image_repo: "{{ quay_image_repo }}/l23network/k8s-netchecker-server"
  274. netcheck_server_image_tag: "{{ netcheck_version }}"
  275. weave_kube_image_repo: "{{ docker_image_repo }}/weaveworks/weave-kube"
  276. weave_kube_image_tag: "{{ weave_version }}"
  277. weave_npc_image_repo: "{{ docker_image_repo }}/weaveworks/weave-npc"
  278. weave_npc_image_tag: "{{ weave_version }}"
  279. contiv_image_repo: "{{ docker_image_repo }}/contiv/netplugin"
  280. contiv_image_tag: "{{ contiv_version }}"
  281. contiv_init_image_repo: "{{ docker_image_repo }}/contiv/netplugin-init"
  282. contiv_init_image_tag: "latest"
  283. contiv_auth_proxy_image_repo: "{{ docker_image_repo }}/contiv/auth_proxy"
  284. contiv_auth_proxy_image_tag: "{{ contiv_version }}"
  285. contiv_etcd_init_image_repo: "{{ docker_image_repo }}/ferest/etcd-initer"
  286. contiv_etcd_init_image_tag: latest
  287. contiv_ovs_image_repo: "{{ docker_image_repo }}/contiv/ovs"
  288. contiv_ovs_image_tag: "latest"
  289. cilium_image_repo: "{{ docker_image_repo }}/cilium/cilium"
  290. cilium_image_tag: "{{ cilium_version }}"
  291. cilium_init_image_repo: "{{ docker_image_repo }}/cilium/cilium-init"
  292. cilium_init_image_tag: "2019-04-05"
  293. cilium_operator_image_repo: "{{ docker_image_repo }}/cilium/operator"
  294. cilium_operator_image_tag: "{{ cilium_version }}"
  295. kube_ovn_db_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn-db"
  296. kube_ovn_node_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn-node"
  297. kube_ovn_cni_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn-cni"
  298. kube_ovn_controller_image_repo: "{{ docker_image_repo }}/kubeovn/kube-ovn-controller"
  299. kube_ovn_db_image_tag: "{{ kube_ovn_version }}"
  300. kube_ovn_node_image_tag: "{{ kube_ovn_version }}"
  301. kube_ovn_controller_image_tag: "{{ kube_ovn_version }}"
  302. kube_ovn_cni_image_tag: "{{ kube_ovn_version }}"
  303. kube_router_image_repo: "{{ docker_image_repo }}/cloudnativelabs/kube-router"
  304. kube_router_image_tag: "{{ kube_router_version }}"
  305. multus_image_repo: "{{ docker_image_repo }}/nfvpe/multus"
  306. multus_image_tag: "{{ multus_version }}"
  307. nginx_image_repo: "{{ docker_image_repo }}/library/nginx"
  308. nginx_image_tag: 1.17
  309. haproxy_image_repo: "{{ docker_image_repo }}/library/haproxy"
  310. haproxy_image_tag: 1.9
  311. coredns_version: "1.6.0"
  312. coredns_image_repo: "{{ docker_image_repo }}/coredns/coredns"
  313. coredns_image_tag: "{{ coredns_version }}"
  314. nodelocaldns_version: "1.15.5"
  315. nodelocaldns_image_repo: "{{ kube_image_repo }}/k8s-dns-node-cache"
  316. nodelocaldns_image_tag: "{{ nodelocaldns_version }}"
  317. dnsautoscaler_version: 1.6.0
  318. dnsautoscaler_image_repo: "{{ kube_image_repo }}/cluster-proportional-autoscaler-{{ image_arch }}"
  319. dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
  320. test_image_repo: "{{ docker_image_repo }}/library/busybox"
  321. test_image_tag: latest
  322. busybox_image_repo: "{{ docker_image_repo }}/library/busybox"
  323. busybox_image_tag: 1.29.2
  324. helm_version: "v2.16.0"
  325. helm_image_repo: "{{ docker_image_repo }}/lachlanevenson/k8s-helm"
  326. helm_image_tag: "{{ helm_version }}"
  327. tiller_image_repo: "{{ gcr_image_repo }}/kubernetes-helm/tiller"
  328. tiller_image_tag: "{{ helm_version }}"
  329. registry_image_repo: "{{ docker_image_repo }}/library/registry"
  330. registry_image_tag: "2.6"
  331. registry_proxy_image_repo: "{{ gcr_image_repo }}/google_containers/kube-registry-proxy"
  332. registry_proxy_image_tag: "0.4"
  333. metrics_server_version: "v0.3.3"
  334. metrics_server_image_repo: "{{ gcr_image_repo }}/google_containers/metrics-server-amd64"
  335. metrics_server_image_tag: "{{ metrics_server_version }}"
  336. local_volume_provisioner_image_repo: "{{ quay_image_repo }}/external_storage/local-volume-provisioner"
  337. local_volume_provisioner_image_tag: "v2.3.2"
  338. cephfs_provisioner_image_repo: "{{ quay_image_repo }}/external_storage/cephfs-provisioner"
  339. cephfs_provisioner_image_tag: "v2.1.0-k8s1.11"
  340. rbd_provisioner_image_repo: "{{ quay_image_repo }}/external_storage/rbd-provisioner"
  341. rbd_provisioner_image_tag: "v2.1.1-k8s1.11"
  342. local_path_provisioner_image_repo: "{{ docker_image_repo }}/rancher/local-path-provisioner"
  343. local_path_provisioner_image_tag: "v0.0.2"
  344. ingress_nginx_controller_image_repo: "{{ quay_image_repo }}/kubernetes-ingress-controller/nginx-ingress-controller"
  345. ingress_nginx_controller_image_tag: "0.26.1"
  346. cert_manager_version: "v0.11.0"
  347. cert_manager_controller_image_repo: "{{ quay_image_repo }}/jetstack/cert-manager-controller"
  348. cert_manager_controller_image_tag: "{{ cert_manager_version }}"
  349. addon_resizer_version: "1.8.3"
  350. addon_resizer_image_repo: "{{ kube_image_repo }}/addon-resizer"
  351. addon_resizer_image_tag: "{{ addon_resizer_version }}"
  352. dashboard_image_repo: "{{ gcr_image_repo }}/google_containers/kubernetes-dashboard-{{ image_arch }}"
  353. dashboard_image_tag: "v1.10.1"
  354. image_pull_command: "{{ docker_bin_dir }}/docker pull"
  355. image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs {{ docker_bin_dir }}/docker inspect -f \"{{ '{{' }} if .RepoTags {{ '}}' }}{{ '{{' }} (index .RepoTags 0) {{ '}}' }}{{ '{{' }} end {{ '}}' }}{{ '{{' }} if .RepoDigests {{ '}}' }},{{ '{{' }} (index .RepoDigests 0) {{ '}}' }}{{ '{{' }} end {{ '}}' }}\" | tr '\n' ','"
  356. downloads:
  357. netcheck_server:
  358. enabled: "{{ deploy_netchecker }}"
  359. container: true
  360. repo: "{{ netcheck_server_image_repo }}"
  361. tag: "{{ netcheck_server_image_tag }}"
  362. sha256: "{{ netcheck_server_digest_checksum|default(None) }}"
  363. groups:
  364. - k8s-cluster
  365. netcheck_agent:
  366. enabled: "{{ deploy_netchecker }}"
  367. container: true
  368. repo: "{{ netcheck_agent_image_repo }}"
  369. tag: "{{ netcheck_agent_image_tag }}"
  370. sha256: "{{ netcheck_agent_digest_checksum|default(None) }}"
  371. groups:
  372. - k8s-cluster
  373. etcd:
  374. container: "{{ etcd_deployment_type != 'host' }}"
  375. file: "{{ etcd_deployment_type == 'host' or etcd_kubeadm_enabled }}"
  376. enabled: true
  377. version: "{{ etcd_version }}"
  378. dest: "{{local_release_dir}}/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
  379. repo: "{{ etcd_image_repo }}"
  380. tag: "{{ etcd_image_tag }}"
  381. sha256: >-
  382. {{ etcd_binary_checksum if (etcd_deployment_type == 'host' or etcd_kubeadm_enabled)
  383. else etcd_digest_checksum|d(None) }}
  384. url: "{{ etcd_download_url }}"
  385. unarchive: true
  386. owner: "root"
  387. mode: "0755"
  388. groups:
  389. - etcd
  390. cni:
  391. enabled: true
  392. file: true
  393. version: "{{ cni_version }}"
  394. dest: "{{local_release_dir}}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
  395. sha256: "{{ cni_binary_checksum }}"
  396. url: "{{ cni_download_url }}"
  397. unarchive: false
  398. owner: "root"
  399. mode: "0755"
  400. groups:
  401. - k8s-cluster
  402. kubeadm:
  403. enabled: true
  404. file: true
  405. version: "{{ kubeadm_version }}"
  406. dest: "{{ local_release_dir }}/kubeadm-{{ kubeadm_version }}-{{ image_arch }}"
  407. sha256: "{{ kubeadm_binary_checksum }}"
  408. url: "{{ kubeadm_download_url }}"
  409. unarchive: false
  410. owner: "root"
  411. mode: "0755"
  412. groups:
  413. - k8s-cluster
  414. kubelet:
  415. enabled: true
  416. file: true
  417. version: "{{ kube_version }}"
  418. dest: "{{ local_release_dir }}/kubelet-{{ kube_version }}-{{ image_arch }}"
  419. sha256: "{{ kubelet_binary_checksum }}"
  420. url: "{{ kubelet_download_url }}"
  421. unarchive: false
  422. owner: "root"
  423. mode: "0755"
  424. groups:
  425. - k8s-cluster
  426. kubectl:
  427. enabled: true
  428. file: true
  429. version: "{{ kube_version }}"
  430. dest: "{{ local_release_dir }}/kubectl-{{ kube_version }}-{{ image_arch }}"
  431. sha256: "{{ kubectl_binary_checksum }}"
  432. url: "{{ kubectl_download_url }}"
  433. unarchive: false
  434. owner: "root"
  435. mode: "0755"
  436. groups:
  437. - kube-master
  438. crictl:
  439. file: true
  440. enabled: "{{ container_manager in ['crio', 'cri', 'containerd'] }}"
  441. version: "{{ crictl_version }}"
  442. dest: "{{local_release_dir}}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz"
  443. sha256: "{{ crictl_binary_checksum }}"
  444. url: "{{ crictl_download_url }}"
  445. unarchive: true
  446. owner: "root"
  447. mode: "0755"
  448. groups:
  449. - k8s-cluster
  450. cilium:
  451. enabled: "{{ kube_network_plugin == 'cilium' }}"
  452. container: true
  453. repo: "{{ cilium_image_repo }}"
  454. tag: "{{ cilium_image_tag }}"
  455. sha256: "{{ cilium_digest_checksum|default(None) }}"
  456. groups:
  457. - k8s-cluster
  458. cilium_init:
  459. enabled: "{{ kube_network_plugin == 'cilium' }}"
  460. container: true
  461. repo: "{{ cilium_init_image_repo }}"
  462. tag: "{{ cilium_init_image_tag }}"
  463. sha256: "{{ cilium_init_digest_checksum|default(None) }}"
  464. groups:
  465. - k8s-cluster
  466. cilium_operator:
  467. enabled: "{{ kube_network_plugin == 'cilium' }}"
  468. container: true
  469. repo: "{{ cilium_operator_image_repo }}"
  470. tag: "{{ cilium_operator_image_tag }}"
  471. sha256: "{{ cilium_operator_digest_checksum|default(None) }}"
  472. groups:
  473. - k8s-cluster
  474. multus:
  475. enabled: "{{ kube_network_plugin_multus }}"
  476. container: true
  477. repo: "{{ multus_image_repo }}"
  478. tag: "{{ multus_image_tag }}"
  479. sha256: "{{ multus_digest_checksum|default(None) }}"
  480. groups:
  481. - k8s-cluster
  482. flannel:
  483. enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
  484. container: true
  485. repo: "{{ flannel_image_repo }}"
  486. tag: "{{ flannel_image_tag }}"
  487. sha256: "{{ flannel_digest_checksum|default(None) }}"
  488. groups:
  489. - k8s-cluster
  490. flannel_cni:
  491. enabled: "{{ kube_network_plugin == 'flannel' }}"
  492. container: true
  493. repo: "{{ flannel_cni_image_repo }}"
  494. tag: "{{ flannel_cni_image_tag }}"
  495. sha256: "{{ flannel_cni_digest_checksum|default(None) }}"
  496. groups:
  497. - k8s-cluster
  498. calicoctl:
  499. enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
  500. file: true
  501. version: "{{ calico_ctl_version }}"
  502. dest: "{{local_release_dir}}/calicoctl"
  503. sha256: "{{ calicoctl_binary_checksum }}"
  504. url: "{{ calicoctl_download_url }}"
  505. unarchive: false
  506. owner: "root"
  507. mode: "0755"
  508. groups:
  509. - k8s-cluster
  510. calico_node:
  511. enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
  512. container: true
  513. repo: "{{ calico_node_image_repo }}"
  514. tag: "{{ calico_node_image_tag }}"
  515. sha256: "{{ calico_node_digest_checksum|default(None) }}"
  516. groups:
  517. - k8s-cluster
  518. calico_cni:
  519. enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
  520. container: true
  521. repo: "{{ calico_cni_image_repo }}"
  522. tag: "{{ calico_cni_image_tag }}"
  523. sha256: "{{ calico_cni_digest_checksum|default(None) }}"
  524. groups:
  525. - k8s-cluster
  526. calico_policy:
  527. enabled: "{{ enable_network_policy or kube_network_plugin == 'canal' }}"
  528. container: true
  529. repo: "{{ calico_policy_image_repo }}"
  530. tag: "{{ calico_policy_image_tag }}"
  531. sha256: "{{ calico_policy_digest_checksum|default(None) }}"
  532. groups:
  533. - k8s-cluster
  534. calico_rr:
  535. enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr and kube_network_plugin == 'calico' }}"
  536. container: true
  537. repo: "{{ calico_rr_image_repo }}"
  538. tag: "{{ calico_rr_image_tag }}"
  539. sha256: "{{ calico_rr_digest_checksum|default(None) }}"
  540. groups:
  541. - calico-rr
  542. calico_typha:
  543. enabled: "{{ typha_enabled }}"
  544. container: true
  545. repo: "{{ calico_typha_image_repo }}"
  546. tag: "{{ calico_typha_image_tag }}"
  547. sha256: "{{ calico_typha_digest_checksum|default(None) }}"
  548. groups:
  549. - k8s-cluster
  550. weave_kube:
  551. enabled: "{{ kube_network_plugin == 'weave' }}"
  552. container: true
  553. repo: "{{ weave_kube_image_repo }}"
  554. tag: "{{ weave_kube_image_tag }}"
  555. sha256: "{{ weave_kube_digest_checksum|default(None) }}"
  556. groups:
  557. - k8s-cluster
  558. weave_npc:
  559. enabled: "{{ kube_network_plugin == 'weave' }}"
  560. container: true
  561. repo: "{{ weave_npc_image_repo }}"
  562. tag: "{{ weave_npc_image_tag }}"
  563. sha256: "{{ weave_npc_digest_checksum|default(None) }}"
  564. groups:
  565. - k8s-cluster
  566. contiv:
  567. enabled: "{{ kube_network_plugin == 'contiv' }}"
  568. container: true
  569. repo: "{{ contiv_image_repo }}"
  570. tag: "{{ contiv_image_tag }}"
  571. sha256: "{{ contiv_digest_checksum|default(None) }}"
  572. groups:
  573. - k8s-cluster
  574. contiv_auth_proxy:
  575. enabled: "{{ kube_network_plugin == 'contiv' }}"
  576. container: true
  577. repo: "{{ contiv_auth_proxy_image_repo }}"
  578. tag: "{{ contiv_auth_proxy_image_tag }}"
  579. sha256: "{{ contiv_auth_proxy_digest_checksum|default(None) }}"
  580. groups:
  581. - k8s-cluster
  582. contiv_etcd_init:
  583. enabled: "{{ kube_network_plugin == 'contiv' }}"
  584. container: true
  585. repo: "{{ contiv_etcd_init_image_repo }}"
  586. tag: "{{ contiv_etcd_init_image_tag }}"
  587. sha256: "{{ contiv_etcd_init_digest_checksum|default(None) }}"
  588. groups:
  589. - k8s-cluster
  590. kube_ovn_db:
  591. enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
  592. container: true
  593. repo: "{{ kube_ovn_db_image_repo }}"
  594. tag: "{{ kube_ovn_db_image_tag }}"
  595. sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
  596. groups:
  597. - k8s-cluster
  598. kube_ovn_node:
  599. enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
  600. container: true
  601. repo: "{{ kube_ovn_node_image_repo }}"
  602. tag: "{{ kube_ovn_node_image_tag }}"
  603. sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
  604. groups:
  605. - k8s-cluster
  606. kube_ovn_controller:
  607. enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
  608. container: true
  609. repo: "{{ kube_ovn_controller_image_repo }}"
  610. tag: "{{ kube_ovn_controller_image_tag }}"
  611. sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
  612. groups:
  613. - k8s-cluster
  614. kube_ovn_cni:
  615. enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
  616. container: true
  617. repo: "{{ kube_ovn_cni_image_repo }}"
  618. tag: "{{ kube_ovn_cni_image_tag }}"
  619. sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
  620. groups:
  621. - k8s-cluster
  622. kube_router:
  623. enabled: "{{ kube_network_plugin == 'kube-router' }}"
  624. container: true
  625. repo: "{{ kube_router_image_repo }}"
  626. tag: "{{ kube_router_image_tag }}"
  627. sha256: "{{ kube_router_digest_checksum|default(None) }}"
  628. groups:
  629. - k8s-cluster
  630. pod_infra:
  631. enabled: true
  632. container: true
  633. repo: "{{ pod_infra_image_repo }}"
  634. tag: "{{ pod_infra_image_tag }}"
  635. sha256: "{{ pod_infra_digest_checksum|default(None) }}"
  636. groups:
  637. - k8s-cluster
  638. install_socat:
  639. enabled: "{{ ansible_os_family in ['CoreOS', 'Container Linux by CoreOS'] }}"
  640. container: true
  641. repo: "{{ install_socat_image_repo }}"
  642. tag: "{{ install_socat_image_tag }}"
  643. sha256: "{{ install_socat_digest_checksum|default(None) }}"
  644. groups:
  645. - k8s-cluster
  646. nginx:
  647. enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'nginx' }}"
  648. container: true
  649. repo: "{{ nginx_image_repo }}"
  650. tag: "{{ nginx_image_tag }}"
  651. sha256: "{{ nginx_digest_checksum|default(None) }}"
  652. groups:
  653. - kube-node
  654. haproxy:
  655. enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'haproxy' }}"
  656. container: true
  657. repo: "{{ haproxy_image_repo }}"
  658. tag: "{{ haproxy_image_tag }}"
  659. sha256: "{{ haproxy_digest_checksum|default(None) }}"
  660. groups:
  661. - kube-node
  662. coredns:
  663. enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
  664. container: true
  665. repo: "{{ coredns_image_repo }}"
  666. tag: "{{ coredns_image_tag }}"
  667. sha256: "{{ coredns_digest_checksum|default(None) }}"
  668. groups:
  669. - kube-master
  670. nodelocaldns:
  671. enabled: "{{ enable_nodelocaldns }}"
  672. container: true
  673. repo: "{{ nodelocaldns_image_repo }}"
  674. tag: "{{ nodelocaldns_image_tag }}"
  675. sha256: "{{ nodelocaldns_digest_checksum|default(None) }}"
  676. groups:
  677. - k8s-cluster
  678. dnsautoscaler:
  679. enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
  680. container: true
  681. repo: "{{ dnsautoscaler_image_repo }}"
  682. tag: "{{ dnsautoscaler_image_tag }}"
  683. sha256: "{{ dnsautoscaler_digest_checksum|default(None) }}"
  684. groups:
  685. - kube-master
  686. busybox:
  687. enabled: "{{ kube_network_plugin in ['kube-router'] }}"
  688. container: true
  689. repo: "{{ busybox_image_repo }}"
  690. tag: "{{ busybox_image_tag }}"
  691. sha256: "{{ busybox_digest_checksum|default(None) }}"
  692. groups:
  693. - k8s-cluster
  694. testbox:
  695. enabled: false
  696. container: true
  697. repo: "{{ test_image_repo }}"
  698. tag: "{{ test_image_tag }}"
  699. sha256: "{{ testbox_digest_checksum|default(None) }}"
  700. helm:
  701. enabled: "{{ helm_enabled }}"
  702. container: true
  703. repo: "{{ helm_image_repo }}"
  704. tag: "{{ helm_image_tag }}"
  705. sha256: "{{ helm_digest_checksum|default(None) }}"
  706. groups:
  707. - kube-node
  708. tiller:
  709. enabled: "{{ helm_enabled }}"
  710. container: true
  711. repo: "{{ tiller_image_repo }}"
  712. tag: "{{ tiller_image_tag }}"
  713. sha256: "{{ tiller_digest_checksum|default(None) }}"
  714. groups:
  715. - kube-node
  716. registry:
  717. enabled: "{{ registry_enabled }}"
  718. container: true
  719. repo: "{{ registry_image_repo }}"
  720. tag: "{{ registry_image_tag }}"
  721. sha256: "{{ registry_digest_checksum|default(None) }}"
  722. groups:
  723. - kube-node
  724. registry_proxy:
  725. enabled: "{{ registry_enabled }}"
  726. container: true
  727. repo: "{{ registry_proxy_image_repo }}"
  728. tag: "{{ registry_proxy_image_tag }}"
  729. sha256: "{{ registry_proxy_digest_checksum|default(None) }}"
  730. groups:
  731. - kube-node
  732. metrics_server:
  733. enabled: "{{ metrics_server_enabled }}"
  734. container: true
  735. repo: "{{ metrics_server_image_repo }}"
  736. tag: "{{ metrics_server_image_tag }}"
  737. sha256: "{{ metrics_server_digest_checksum|default(None) }}"
  738. groups:
  739. - kube-master
  740. addon_resizer:
  741. # Currently addon_resizer is only used by metrics server
  742. enabled: "{{ metrics_server_enabled }}"
  743. container: true
  744. repo: "{{ addon_resizer_image_repo }}"
  745. tag: "{{ addon_resizer_image_tag }}"
  746. sha256: "{{ addon_resizer_digest_checksum|default(None) }}"
  747. groups:
  748. - kube-master
  749. local_volume_provisioner:
  750. enabled: "{{ local_volume_provisioner_enabled }}"
  751. container: true
  752. repo: "{{ local_volume_provisioner_image_repo }}"
  753. tag: "{{ local_volume_provisioner_image_tag }}"
  754. sha256: "{{ local_volume_provisioner_digest_checksum|default(None) }}"
  755. groups:
  756. - kube-node
  757. cephfs_provisioner:
  758. enabled: "{{ cephfs_provisioner_enabled }}"
  759. container: true
  760. repo: "{{ cephfs_provisioner_image_repo }}"
  761. tag: "{{ cephfs_provisioner_image_tag }}"
  762. sha256: "{{ cephfs_provisioner_digest_checksum|default(None) }}"
  763. groups:
  764. - kube-node
  765. rbd_provisioner:
  766. enabled: "{{ rbd_provisioner_enabled }}"
  767. container: true
  768. repo: "{{ rbd_provisioner_image_repo }}"
  769. tag: "{{ rbd_provisioner_image_tag }}"
  770. sha256: "{{ rbd_provisioner_digest_checksum|default(None) }}"
  771. groups:
  772. - kube-node
  773. local_path_provisioner:
  774. enabled: "{{ local_volume_provisioner_enabled }}"
  775. container: true
  776. repo: "{{ local_path_provisioner_image_repo }}"
  777. tag: "{{ local_path_provisioner_image_tag }}"
  778. sha256: "{{ local_path_provisioner_digest_checksum|default(None) }}"
  779. groups:
  780. - kube-node
  781. ingress_nginx_controller:
  782. enabled: "{{ ingress_nginx_enabled }}"
  783. container: true
  784. repo: "{{ ingress_nginx_controller_image_repo }}"
  785. tag: "{{ ingress_nginx_controller_image_tag }}"
  786. sha256: "{{ ingress_nginx_controller_digest_checksum|default(None) }}"
  787. groups:
  788. - kube-node
  789. cert_manager_controller:
  790. enabled: "{{ cert_manager_enabled }}"
  791. container: true
  792. repo: "{{ cert_manager_controller_image_repo }}"
  793. tag: "{{ cert_manager_controller_image_tag }}"
  794. sha256: "{{ cert_manager_controller_digest_checksum|default(None) }}"
  795. groups:
  796. - kube-node
  797. dashboard:
  798. enabled: "{{ dashboard_enabled }}"
  799. container: true
  800. repo: "{{ dashboard_image_repo }}"
  801. tag: "{{ dashboard_image_tag }}"
  802. sha256: "{{ dashboard_digest_checksum|default(None) }}"
  803. groups:
  804. - kube-master
  805. download_defaults:
  806. container: false
  807. file: false
  808. repo: None
  809. tag: None
  810. enabled: false
  811. dest: None
  812. version: None
  813. url: None
  814. unarchive: false
  815. owner: kube
  816. mode: None