From 48c0c8d854b52b22c2b54f21588709e64328d8a0 Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 16:51:52 +0200 Subject: [PATCH 01/10] Update dir list --- .../tasks/{swapoff.yml => 0010-swapoff.yml} | 0 ...-settings.yml => 0020-verify-settings.yml} | 12 + .../{pre_upgrade.yml => 0030-pre_upgrade.yml} | 0 ...et_resolv_facts.yml => 0040-set_facts.yml} | 33 +++ .../tasks/0050-create_directories.yml | 58 ++++ .../{resolvconf.yml => 0060-resolvconf.yml} | 0 .../preinstall/tasks/0070-system-packages.yml | 94 +++++++ .../tasks/0080-system-configurations.yml | 53 ++++ .../tasks/{etchosts.yml => 0090-etchosts.yml} | 0 ...ient-hooks.yml => 0100-dhclient-hooks.yml} | 0 ...-undo.yml => 0110-dhclient-hooks-undo.yml} | 0 ...7.yml => 0120-growpart-azure-centos-7.yml} | 0 roles/kubernetes/preinstall/tasks/main.yml | 266 +----------------- .../kubernetes/preinstall/tasks/set_facts.yml | 17 -- 14 files changed, 263 insertions(+), 270 deletions(-) rename roles/kubernetes/preinstall/tasks/{swapoff.yml => 0010-swapoff.yml} (100%) rename roles/kubernetes/preinstall/tasks/{verify-settings.yml => 0020-verify-settings.yml} (91%) rename roles/kubernetes/preinstall/tasks/{pre_upgrade.yml => 0030-pre_upgrade.yml} (100%) rename roles/kubernetes/preinstall/tasks/{set_resolv_facts.yml => 0040-set_facts.yml} (80%) create mode 100644 roles/kubernetes/preinstall/tasks/0050-create_directories.yml rename roles/kubernetes/preinstall/tasks/{resolvconf.yml => 0060-resolvconf.yml} (100%) create mode 100644 roles/kubernetes/preinstall/tasks/0070-system-packages.yml create mode 100644 roles/kubernetes/preinstall/tasks/0080-system-configurations.yml rename roles/kubernetes/preinstall/tasks/{etchosts.yml => 0090-etchosts.yml} (100%) rename roles/kubernetes/preinstall/tasks/{dhclient-hooks.yml => 0100-dhclient-hooks.yml} (100%) rename roles/kubernetes/preinstall/tasks/{dhclient-hooks-undo.yml => 0110-dhclient-hooks-undo.yml} (100%) rename roles/kubernetes/preinstall/tasks/{growpart-azure-centos-7.yml => 0120-growpart-azure-centos-7.yml} (100%) delete mode 100644 roles/kubernetes/preinstall/tasks/set_facts.yml diff --git a/roles/kubernetes/preinstall/tasks/swapoff.yml b/roles/kubernetes/preinstall/tasks/0010-swapoff.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/swapoff.yml rename to roles/kubernetes/preinstall/tasks/0010-swapoff.yml diff --git a/roles/kubernetes/preinstall/tasks/verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml similarity index 91% rename from roles/kubernetes/preinstall/tasks/verify-settings.yml rename to roles/kubernetes/preinstall/tasks/0020-verify-settings.yml index 003f33cf2..5e5e675af 100644 --- a/roles/kubernetes/preinstall/tasks/verify-settings.yml +++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml @@ -115,3 +115,15 @@ that: inventory_hostname | match("[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$") msg: "Hostname must consist of lower case alphanumeric characters, '.' or '-', and must start and end with an alphanumeric character" ignore_errors: "{{ ignore_assert_errors }}" + +- name: check cloud_provider value + assert: + that: cloud_provider in ['generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'oci', 'external'] + msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', or external" + when: + - cloud_provider is defined + + ignore_errors: "{{ ignore_assert_errors }}" + tags: + - cloud-provider + - facts diff --git a/roles/kubernetes/preinstall/tasks/pre_upgrade.yml b/roles/kubernetes/preinstall/tasks/0030-pre_upgrade.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/pre_upgrade.yml rename to roles/kubernetes/preinstall/tasks/0030-pre_upgrade.yml diff --git a/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml similarity index 80% rename from roles/kubernetes/preinstall/tasks/set_resolv_facts.yml rename to roles/kubernetes/preinstall/tasks/0040-set_facts.yml index 4e535fb0f..d2bb46937 100644 --- a/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml +++ b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml @@ -1,4 +1,23 @@ --- +- name: Force binaries directory for Container Linux by CoreOS + set_fact: + bin_dir: "/opt/bin" + when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] + tags: + - facts + +- name: check if atomic host + stat: + path: /run/ostree-booted + register: ostree + +- set_fact: + is_atomic: "{{ ostree.stat.exists }}" + +- set_fact: + kube_cert_group: "kube" + when: is_atomic + - name: check resolvconf shell: which resolvconf register: resolvconf @@ -111,3 +130,17 @@ nameserver {{( dnsmasq_server + nameservers|d([]) + cloud_resolver|d([])) | join(',nameserver ')}} supersede_nameserver: supersede domain-name-servers {{( dnsmasq_server + nameservers|d([]) + cloud_resolver|d([])) | join(', ') }}; + +- name: gather os specific variables + include_vars: "{{ item }}" + with_first_found: + - files: + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml" + - "{{ ansible_distribution|lower }}.yml" + - "{{ ansible_os_family|lower }}.yml" + - defaults.yml + paths: + - ../vars + skip: true diff --git a/roles/kubernetes/preinstall/tasks/0050-create_directories.yml b/roles/kubernetes/preinstall/tasks/0050-create_directories.yml new file mode 100644 index 000000000..a91f81eb0 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/0050-create_directories.yml @@ -0,0 +1,58 @@ +- name: Create kubernetes directories + file: + path: "{{ item }}" + state: directory + owner: kube + when: inventory_hostname in groups['k8s-cluster'] + become: true + tags: + - kubelet + - k8s-secrets + - kube-controller-manager + - kube-apiserver + - bootstrap-os + - apps + - network + - master + - node + with_items: + - "{{bin_dir}}" + - "{{ kube_config_dir }}" + - "{{ kube_config_dir }}/ssl" + - "{{ kube_manifest_dir }}" + - "{{ kube_script_dir }}" + +- name: Create cni directories + file: + path: "{{ item }}" + state: directory + owner: kube + with_items: + - "/etc/cni/net.d" + - "/opt/cni/bin" + - "/var/lib/calico" + when: + - kube_network_plugin in ["calico", "weave", "canal", "flannel", "contiv", "cilium"] + - inventory_hostname in groups['k8s-cluster'] + tags: + - network + - cilium + - calico + - weave + - canal + - contiv + - bootstrap-os + +- name: Create local volume provisioner directories + file: + path: "{{ item }}" + state: directory + owner: kube + with_items: + - "{{ local_volume_provisioner_base_dir }}" + - "{{ local_volume_provisioner_mount_dir }}" + when: + - inventory_hostname in groups['k8s-cluster'] + - local_volume_provisioner_enabled + tags: + - persistent_volumes diff --git a/roles/kubernetes/preinstall/tasks/resolvconf.yml b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/resolvconf.yml rename to roles/kubernetes/preinstall/tasks/0060-resolvconf.yml diff --git a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml new file mode 100644 index 000000000..2df3a0025 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml @@ -0,0 +1,94 @@ +- name: Update package management cache (YUM) + yum: + update_cache: yes + name: '*' + register: yum_task_result + until: yum_task_result|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + when: + - ansible_pkg_mgr == 'yum' + - ansible_distribution != 'RedHat' + - not is_atomic + +- name: Expire management cache (YUM) for Updation - Redhat + shell: yum clean expire-cache + register: expire_cache_output + until: expire_cache_output|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + when: + - ansible_pkg_mgr == 'yum' + - ansible_distribution == 'RedHat' + - not is_atomic + tags: bootstrap-os + +- name: Update package management cache (YUM) - Redhat + shell: yum makecache + register: make_cache_output + until: make_cache_output|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + when: + - ansible_pkg_mgr == 'yum' + - ansible_distribution == 'RedHat' + - expire_cache_output.rc == 0 + - not is_atomic + tags: bootstrap-os + +- name: Update package management cache (zypper) - SUSE + shell: zypper -n --gpg-auto-import-keys ref + register: make_cache_output + until: make_cache_output|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + when: + - ansible_pkg_mgr == 'zypper' + tags: bootstrap-os + +- name: Update package management cache (APT) + apt: + update_cache: yes + cache_valid_time: 3600 + when: ansible_os_family == "Debian" + tags: + - bootstrap-os + +- name: Install python-dnf for latest RedHat versions + command: dnf install -y python-dnf yum + register: dnf_task_result + until: dnf_task_result|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + when: + - ansible_distribution == "Fedora" + - ansible_distribution_major_version|int > 21 + - not is_atomic + changed_when: False + tags: + - bootstrap-os + +- name: Install epel-release on RedHat/CentOS + yum: + name: epel-release + state: present + when: + - ansible_distribution in ["CentOS","RedHat"] + - not is_atomic + - epel_enabled|bool + tags: + - bootstrap-os + +- name: Install packages requirements + action: + module: "{{ ansible_pkg_mgr }}" + name: "{{ item }}" + state: latest + register: pkgs_task_result + until: pkgs_task_result|succeeded + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}" + when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic) + tags: + - bootstrap-os diff --git a/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml b/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml new file mode 100644 index 000000000..76944cb61 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml @@ -0,0 +1,53 @@ +# Todo : selinux configuration +- name: Confirm selinux deployed + stat: + path: /etc/selinux/config + when: ansible_os_family == "RedHat" + register: slc + +- name: Set selinux policy + selinux: + policy: targeted + state: "{{ preinstall_selinux_state }}" + when: + - ansible_os_family == "RedHat" + - slc.stat.exists == True + changed_when: False + tags: + - bootstrap-os + +- name: Disable IPv6 DNS lookup + lineinfile: + dest: /etc/gai.conf + line: "precedence ::ffff:0:0/96 100" + state: present + backup: yes + when: + - disable_ipv6_dns + - not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] + tags: + - bootstrap-os + +- name: Stat sysctl file configuration + stat: + path: "{{sysctl_file_path}}" + register: sysctl_file_stat + tags: + - bootstrap-os + +- name: Change sysctl file path to link source if linked + set_fact: + sysctl_file_path: "{{sysctl_file_stat.stat.lnk_source}}" + when: + - sysctl_file_stat.stat.islnk is defined + - sysctl_file_stat.stat.islnk + tags: + - bootstrap-os + +- name: Enable ip forwarding + sysctl: + sysctl_file: "{{sysctl_file_path}}" + name: net.ipv4.ip_forward + value: 1 + state: present + reload: yes diff --git a/roles/kubernetes/preinstall/tasks/etchosts.yml b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/etchosts.yml rename to roles/kubernetes/preinstall/tasks/0090-etchosts.yml diff --git a/roles/kubernetes/preinstall/tasks/dhclient-hooks.yml b/roles/kubernetes/preinstall/tasks/0100-dhclient-hooks.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/dhclient-hooks.yml rename to roles/kubernetes/preinstall/tasks/0100-dhclient-hooks.yml diff --git a/roles/kubernetes/preinstall/tasks/dhclient-hooks-undo.yml b/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/dhclient-hooks-undo.yml rename to roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml diff --git a/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml b/roles/kubernetes/preinstall/tasks/0120-growpart-azure-centos-7.yml similarity index 100% rename from roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml rename to roles/kubernetes/preinstall/tasks/0120-growpart-azure-centos-7.yml diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 505a6f829..d749a941f 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -1,122 +1,26 @@ --- # Disable swap -- import_tasks: swapoff.yml +- import_tasks: 0010-swapoff.yml when: disable_swap -- import_tasks: verify-settings.yml +- import_tasks: 0020-verify-settings.yml tags: - asserts # This is run before bin_dir is pinned because these tasks are run on localhost -- import_tasks: pre_upgrade.yml +- import_tasks: 0030-pre_upgrade.yml run_once: true tags: - upgrade -- name: Force binaries directory for Container Linux by CoreOS - set_fact: - bin_dir: "/opt/bin" - when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] +- import_tasks: 0040-set_facts.yml tags: + - resolvconf - facts -- name: check bin dir exists - file: - path: "{{bin_dir}}" - state: directory - owner: root - become: true - tags: - - bootstrap-os - -- import_tasks: set_facts.yml - tags: - - facts - -- name: gather os specific variables - include_vars: "{{ item }}" - with_first_found: - - files: - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml" - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml" - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml" - - "{{ ansible_distribution|lower }}.yml" - - "{{ ansible_os_family|lower }}.yml" - - defaults.yml - paths: - - ../vars - skip: true - tags: - - facts - -- name: Create kubernetes directories - file: - path: "{{ item }}" - state: directory - owner: kube - when: inventory_hostname in groups['k8s-cluster'] - tags: - - kubelet - - k8s-secrets - - kube-controller-manager - - kube-apiserver - - bootstrap-os - - apps - - network - - master - - node - with_items: - - "{{ kube_config_dir }}" - - "{{ kube_config_dir }}/ssl" - - "{{ kube_manifest_dir }}" - - "{{ kube_script_dir }}" - -- name: check cloud_provider value - fail: - msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'oci', or external" - when: - - cloud_provider is defined - - cloud_provider not in ['generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'oci', 'external'] - tags: - - cloud-provider - - facts - -- name: Create cni directories - file: - path: "{{ item }}" - state: directory - owner: kube - with_items: - - "/etc/cni/net.d" - - "/opt/cni/bin" - - "/var/lib/calico" - when: - - kube_network_plugin in ["calico", "weave", "canal", "flannel", "contiv", "cilium"] - - inventory_hostname in groups['k8s-cluster'] - tags: - - network - - cilium - - calico - - weave - - canal - - contiv - - bootstrap-os - -- name: Create local volume provisioner directories - file: - path: "{{ item }}" - state: directory - owner: kube - with_items: - - "{{ local_volume_provisioner_base_dir }}" - - "{{ local_volume_provisioner_mount_dir }}" - when: - - inventory_hostname in groups['k8s-cluster'] - - local_volume_provisioner_enabled - tags: - - persistent_volumes +- import_tasks: 0050-create_directories.yml -- import_tasks: resolvconf.yml +- import_tasks: 0060-resolvconf.yml when: - dns_mode != 'none' - resolvconf_mode == 'host_resolvconf' @@ -124,164 +28,20 @@ - bootstrap-os - resolvconf -- name: Update package management cache (YUM) - yum: - update_cache: yes - name: '*' - register: yum_task_result - until: yum_task_result|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - when: - - ansible_pkg_mgr == 'yum' - - ansible_distribution != 'RedHat' - - not is_atomic - tags: bootstrap-os - -- name: Expire management cache (YUM) for Updation - Redhat - shell: yum clean expire-cache - register: expire_cache_output - until: expire_cache_output|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - when: - - ansible_pkg_mgr == 'yum' - - ansible_distribution == 'RedHat' - - not is_atomic - tags: bootstrap-os - -- name: Update package management cache (YUM) - Redhat - shell: yum makecache - register: make_cache_output - until: make_cache_output|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - when: - - ansible_pkg_mgr == 'yum' - - ansible_distribution == 'RedHat' - - expire_cache_output.rc == 0 - - not is_atomic - tags: bootstrap-os - -- name: Update package management cache (zypper) - SUSE - shell: zypper -n --gpg-auto-import-keys ref - register: make_cache_output - until: make_cache_output|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - when: - - ansible_pkg_mgr == 'zypper' - tags: bootstrap-os - -- name: Update package management cache (APT) - apt: - update_cache: yes - cache_valid_time: 3600 - when: ansible_os_family == "Debian" - tags: - - bootstrap-os - -- name: Install python-dnf for latest RedHat versions - command: dnf install -y python-dnf yum - register: dnf_task_result - until: dnf_task_result|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - when: - - ansible_distribution == "Fedora" - - ansible_distribution_major_version|int > 21 - - not is_atomic - changed_when: False - tags: - - bootstrap-os - -- name: Install epel-release on RedHat/CentOS - yum: - name: epel-release - state: present - when: - - ansible_distribution in ["CentOS","RedHat"] - - not is_atomic - - epel_enabled|bool - tags: - - bootstrap-os - -- name: Install packages requirements - action: - module: "{{ ansible_pkg_mgr }}" - name: "{{ item }}" - state: latest - register: pkgs_task_result - until: pkgs_task_result|succeeded - retries: 4 - delay: "{{ retry_stagger | random + 3 }}" - with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}" - when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic) - tags: - - bootstrap-os - -# Todo : selinux configuration -- name: Confirm selinux deployed - stat: - path: /etc/selinux/config - when: ansible_os_family == "RedHat" - register: slc - -- name: Set selinux policy - selinux: - policy: targeted - state: "{{ preinstall_selinux_state }}" - when: - - ansible_os_family == "RedHat" - - slc.stat.exists == True - changed_when: False - tags: - - bootstrap-os - -- name: Disable IPv6 DNS lookup - lineinfile: - dest: /etc/gai.conf - line: "precedence ::ffff:0:0/96 100" - state: present - backup: yes - when: - - disable_ipv6_dns - - not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] - tags: - - bootstrap-os - -- name: Stat sysctl file configuration - stat: - path: "{{sysctl_file_path}}" - register: sysctl_file_stat - tags: - - bootstrap-os - -- name: Change sysctl file path to link source if linked - set_fact: - sysctl_file_path: "{{sysctl_file_stat.stat.lnk_source}}" - when: - - sysctl_file_stat.stat.islnk is defined - - sysctl_file_stat.stat.islnk +- import_tasks: 0070-system-packages.yml tags: - bootstrap-os -- name: Enable ip forwarding - sysctl: - sysctl_file: "{{sysctl_file_path}}" - name: net.ipv4.ip_forward - value: 1 - state: present - reload: yes +- import_tasks: 0080-system-configurations.yml tags: - bootstrap-os -- import_tasks: etchosts.yml +- import_tasks: 0090-etchosts.yml tags: - bootstrap-os - etchosts -- import_tasks: dhclient-hooks.yml +- import_tasks: 0100-dhclient-hooks.yml when: - dns_mode != 'none' - resolvconf_mode == 'host_resolvconf' @@ -290,7 +50,7 @@ - bootstrap-os - resolvconf -- import_tasks: dhclient-hooks-undo.yml +- import_tasks: 0110-dhclient-hooks-undo.yml when: - dns_mode != 'none' - resolvconf_mode != 'host_resolvconf' @@ -306,7 +66,7 @@ tags: - bootstrap-os -- import_tasks: growpart-azure-centos-7.yml +- import_tasks: 0120-growpart-azure-centos-7.yml when: - azure_check.stat.exists - ansible_distribution in ["CentOS","RedHat"] diff --git a/roles/kubernetes/preinstall/tasks/set_facts.yml b/roles/kubernetes/preinstall/tasks/set_facts.yml deleted file mode 100644 index a514aa079..000000000 --- a/roles/kubernetes/preinstall/tasks/set_facts.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: check if atomic host - stat: - path: /run/ostree-booted - register: ostree - -- set_fact: - is_atomic: "{{ ostree.stat.exists }}" - -- set_fact: - kube_cert_group: "kube" - when: is_atomic - -- import_tasks: set_resolv_facts.yml - tags: - - resolvconf - - facts From 9c2098b8faeea890c2e0a93751c1f2bef4cdd2e0 Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Mon, 20 Aug 2018 15:19:50 +0200 Subject: [PATCH 02/10] fix kubelet_max_pod assert --- roles/kubernetes/preinstall/tasks/0020-verify-settings.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml index 5e5e675af..8c3cec92e 100644 --- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml +++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml @@ -68,7 +68,7 @@ # NOTICE: the check blatantly ignores the inet6-case - name: Guarantee that enough network address space is available for all pods assert: - that: "{{ kubelet_max_pods <= (2 ** (32 - kube_network_node_prefix)) - 2 }}" + that: "{{ kubelet_max_pods | default(110) <= (2 ** (32 - kube_network_node_prefix)) - 2 }}" msg: "Do not schedule more pods on a node than inet addresses are available." ignore_errors: "{{ ignore_assert_errors }}" when: From 247b9e83d8d30c8d0cd68b4095e1ad577645c36a Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Mon, 20 Aug 2018 16:07:27 +0200 Subject: [PATCH 03/10] etcd arch-image --- roles/download/defaults/main.yml | 4 ++-- roles/download/tasks/main.yml | 4 ---- .../kubernetes/preinstall/tasks/0040-set_facts.yml | 14 ++++++++++++++ 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index d673c72b5..2a1d71193 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -27,7 +27,7 @@ download_always_pull: False download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube-master'][0]}}{% endif %}" # Arch of Docker images and needed packages -image_arch: amd64 +image_arch: "{{host_architecture | default('amd64')}}" # Versions kube_version: v1.11.2 @@ -62,7 +62,7 @@ vault_binary_checksum: 3c4d70ba71619a43229e65c67830e30e050eab7a81ac6b28325ff707e # Containers etcd_image_repo: "quay.io/coreos/etcd" -etcd_image_tag: "{{ etcd_version }}" +etcd_image_tag: "{{ etcd_version }}{%- if image_arch != 'amd64' -%}-{{ image_arch }}{%- endif -%}" flannel_image_repo: "quay.io/coreos/flannel" flannel_image_tag: "{{ flannel_version }}" flannel_cni_image_repo: "quay.io/coreos/flannel-cni" diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml index 1984f626d..397689968 100644 --- a/roles/download/tasks/main.yml +++ b/roles/download/tasks/main.yml @@ -1,8 +1,4 @@ --- -- include_tasks: download_prep.yml - when: - - not skip_downloads|default(false) - - name: "Download items" include_tasks: "download_{% if download.container %}container{% else %}file{% endif %}.yml" vars: diff --git a/roles/kubernetes/preinstall/tasks/0040-set_facts.yml b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml index d2bb46937..1fddb7de5 100644 --- a/roles/kubernetes/preinstall/tasks/0040-set_facts.yml +++ b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml @@ -1,4 +1,18 @@ --- +- set_fact: + architecture_groups: + x86_64: amd64 + aarch64: arm64 + +- name: ansible_architecture_rename + set_fact: + host_architecture: >- + {%- if ansible_architecture in architecture_groups -%} + {{architecture_groups[ansible_architecture]}} + {%- else -%} + {{ansible_architecture}} + {% endif %} + - name: Force binaries directory for Container Linux by CoreOS set_fact: bin_dir: "/opt/bin" From f67933d2ac0b4c02d8f8411b890aae5550b36bcf Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Mon, 20 Aug 2018 16:15:33 +0200 Subject: [PATCH 04/10] add ETCD_UNSUPPORTED_ARCH=arm64 flag --- roles/etcd/templates/etcd.j2 | 3 +++ 1 file changed, 3 insertions(+) mode change 100644 => 100755 roles/etcd/templates/etcd.j2 diff --git a/roles/etcd/templates/etcd.j2 b/roles/etcd/templates/etcd.j2 old mode 100644 new mode 100755 index a6628d8fb..bd830e403 --- a/roles/etcd/templates/etcd.j2 +++ b/roles/etcd/templates/etcd.j2 @@ -3,6 +3,9 @@ --restart=on-failure:5 \ --env-file=/etc/etcd.env \ --net=host \ + {% if ansible_architecture == "aarch64" -%} + -e ETCD_UNSUPPORTED_ARCH=arm64 \ + {%- endif %} -v /etc/ssl/certs:/etc/ssl/certs:ro \ -v {{ etcd_cert_dir }}:{{ etcd_cert_dir }}:ro \ -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:rw \ From 19268ded234099e340d04b6b9376c7a5e37f0d50 Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Tue, 21 Aug 2018 17:53:23 +0200 Subject: [PATCH 05/10] Fix some arm64 errors --- roles/dnsmasq/defaults/main.yml | 3 -- roles/docker/tasks/main.yml | 3 +- roles/docker/vars/ubuntu.yml | 47 ------------------------- roles/download/defaults/main.yml | 9 +++-- roles/etcd/templates/etcd-events.env.j2 | 4 +++ roles/etcd/templates/etcd.env.j2 | 4 +++ roles/etcd/templates/etcd.j2 | 3 -- 7 files changed, 16 insertions(+), 57 deletions(-) delete mode 100644 roles/docker/vars/ubuntu.yml diff --git a/roles/dnsmasq/defaults/main.yml b/roles/dnsmasq/defaults/main.yml index e3013f4ea..15fb7f169 100644 --- a/roles/dnsmasq/defaults/main.yml +++ b/roles/dnsmasq/defaults/main.yml @@ -33,6 +33,3 @@ dnsmasq_min_replicas: 1 # Custom name servers dnsmasq_upstream_dns_servers: [] - -# Arch of Docker images and needed packages -image_arch: amd64 diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 70e98b53f..0eb0102d9 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -6,8 +6,9 @@ - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml" - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml" - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml" + - "{{ ansible_distribution|lower }}-{{ host_architecture }}.yml" - "{{ ansible_distribution|lower }}.yml" - - "{{ ansible_os_family|lower }}-{{ ansible_architecture }}.yml" + - "{{ ansible_os_family|lower }}-{{ host_architecture }}.yml" - "{{ ansible_os_family|lower }}.yml" - defaults.yml paths: diff --git a/roles/docker/vars/ubuntu.yml b/roles/docker/vars/ubuntu.yml deleted file mode 100644 index cab1c0824..000000000 --- a/roles/docker/vars/ubuntu.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -docker_kernel_min_version: '3.10' - -# https://download.docker.com/linux/ubuntu/ -docker_versioned_pkg: - 'latest': docker-ce - '1.11': docker-engine=1.11.2-0~{{ ansible_distribution_release|lower }} - '1.12': docker-engine=1.12.6-0~ubuntu-{{ ansible_distribution_release|lower }} - '1.13': docker-engine=1.13.1-0~ubuntu-{{ ansible_distribution_release|lower }} - '17.03': docker-ce=17.03.2~ce-0~ubuntu-{{ ansible_distribution_release|lower }} - '17.09': docker-ce=17.09.0~ce-0~ubuntu-{{ ansible_distribution_release|lower }} - 'stable': docker-ce=17.03.2~ce-0~ubuntu-{{ ansible_distribution_release|lower }} - 'edge': docker-ce=17.12.1~ce-0~ubuntu-{{ ansible_distribution_release|lower }} - -docker_package_info: - pkg_mgr: apt - pkgs: - - name: "{{ docker_versioned_pkg[docker_version | string] }}" - force: yes - -docker_repo_key_info: - pkg_key: apt_key - url: '{{ docker_ubuntu_repo_gpgkey }}' - repo_keys: - - 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 - -docker_repo_info: - pkg_repo: apt_repository - repos: - - > - deb {{ docker_ubuntu_repo_base_url }} - {{ ansible_distribution_release|lower }} - stable - -dockerproject_repo_key_info: - pkg_key: apt_key - url: '{{ dockerproject_apt_repo_gpgkey }}' - repo_keys: - - 58118E89F3A912897C070ADBF76221572C52609D - -dockerproject_repo_info: - pkg_repo: apt_repository - repos: - - > - deb {{ dockerproject_apt_repo_base_url }} - {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} - main diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index 2a1d71193..c84392352 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -108,9 +108,12 @@ dnsmasq_image_tag: "{{ dnsmasq_version }}" kubedns_version: 1.14.10 kubedns_image_repo: "gcr.io/google_containers/k8s-dns-kube-dns-{{ image_arch }}" kubedns_image_tag: "{{ kubedns_version }}" -coredns_version: 1.2.0 -coredns_image_repo: "docker.io/coredns/coredns" -coredns_image_tag: "{{ coredns_version }}" + +coredns_version: "{%- if image_arch != 'amd64' -%}1.1.3{%- else -%}1.2.0{%- endif %}" +coredns_image_repo: "gcr.io/google-containers/coredns" +coredns_image_tag: "{{ coredns_version }}{%- if image_arch != 'amd64' -%}__{{ image_arch}}_linux{%- endif %}" + + dnsmasq_nanny_image_repo: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-{{ image_arch }}" dnsmasq_nanny_image_tag: "{{ kubedns_version }}" dnsmasq_sidecar_image_repo: "gcr.io/google_containers/k8s-dns-sidecar-{{ image_arch }}" diff --git a/roles/etcd/templates/etcd-events.env.j2 b/roles/etcd/templates/etcd-events.env.j2 index 525ce86c3..111329d05 100644 --- a/roles/etcd/templates/etcd-events.env.j2 +++ b/roles/etcd/templates/etcd-events.env.j2 @@ -30,3 +30,7 @@ ETCD_PEER_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem ETCD_PEER_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem ETCD_PEER_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem ETCD_PEER_CLIENT_CERT_AUTH={{ etcd_peer_client_auth }} + +{% if ansible_architecture == "aarch64" -%} +ETCD_UNSUPPORTED_ARCH=arm64 +{%- endif %} diff --git a/roles/etcd/templates/etcd.env.j2 b/roles/etcd/templates/etcd.env.j2 index c302b0285..6ef0cfa8c 100644 --- a/roles/etcd/templates/etcd.env.j2 +++ b/roles/etcd/templates/etcd.env.j2 @@ -35,3 +35,7 @@ ETCD_PEER_CLIENT_CERT_AUTH={{ etcd_peer_client_auth }} {% for key, value in etcd_extra_vars.items() %} {{ key }}={{ value }} {% endfor %} + +{% if ansible_architecture == "aarch64" -%} +ETCD_UNSUPPORTED_ARCH=arm64 +{%- endif %} diff --git a/roles/etcd/templates/etcd.j2 b/roles/etcd/templates/etcd.j2 index bd830e403..a6628d8fb 100755 --- a/roles/etcd/templates/etcd.j2 +++ b/roles/etcd/templates/etcd.j2 @@ -3,9 +3,6 @@ --restart=on-failure:5 \ --env-file=/etc/etcd.env \ --net=host \ - {% if ansible_architecture == "aarch64" -%} - -e ETCD_UNSUPPORTED_ARCH=arm64 \ - {%- endif %} -v /etc/ssl/certs:/etc/ssl/certs:ro \ -v {{ etcd_cert_dir }}:{{ etcd_cert_dir }}:ro \ -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:rw \ From 2f1fe447620519d16933d33cbe7124aaa835641c Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 16:47:18 +0200 Subject: [PATCH 06/10] update images to use arch --- roles/download/defaults/main.yml | 12 ++++++------ roles/kubernetes-apps/ansible/defaults/main.yml | 3 ++- roles/network_plugin/calico/tasks/check.yml | 2 +- roles/vault/defaults/main.yml | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index c84392352..9b56dbf13 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -68,13 +68,13 @@ flannel_image_tag: "{{ flannel_version }}" flannel_cni_image_repo: "quay.io/coreos/flannel-cni" flannel_cni_image_tag: "{{ flannel_cni_version }}" calicoctl_image_repo: "quay.io/calico/ctl" -calicoctl_image_tag: "{{ calico_ctl_version }}" +calicoctl_image_tag: "{{ calico_ctl_version }}-{{ image_arch }}" calico_node_image_repo: "quay.io/calico/node" -calico_node_image_tag: "{{ calico_version }}" +calico_node_image_tag: "{{ calico_version }}-{{ image_arch }}" calico_cni_image_repo: "quay.io/calico/cni" -calico_cni_image_tag: "{{ calico_cni_version }}" +calico_cni_image_tag: "{{ calico_cni_version }}-{{ image_arch }}" calico_policy_image_repo: "quay.io/calico/kube-controllers" -calico_policy_image_tag: "{{ calico_policy_version }}" +calico_policy_image_tag: "{{ calico_policy_version }}-{{ image_arch }}" calico_rr_image_repo: "quay.io/calico/routereflector" calico_rr_image_tag: "{{ calico_rr_version }}" hyperkube_image_repo: "gcr.io/google-containers/hyperkube-{{ image_arch }}" @@ -109,9 +109,9 @@ kubedns_version: 1.14.10 kubedns_image_repo: "gcr.io/google_containers/k8s-dns-kube-dns-{{ image_arch }}" kubedns_image_tag: "{{ kubedns_version }}" -coredns_version: "{%- if image_arch != 'amd64' -%}1.1.3{%- else -%}1.2.0{%- endif %}" +coredns_version: "{%- if image_arch != 'amd64' -%}1.1.3{%- else -%}1.2.0{%- endif -%}" coredns_image_repo: "gcr.io/google-containers/coredns" -coredns_image_tag: "{{ coredns_version }}{%- if image_arch != 'amd64' -%}__{{ image_arch}}_linux{%- endif %}" +coredns_image_tag: "{{ coredns_version }}{%- if image_arch != 'amd64' -%}__{{ image_arch}}_linux{%- endif -%}" dnsmasq_nanny_image_repo: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-{{ image_arch }}" diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml index ef17c57b9..6a60e09d8 100644 --- a/roles/kubernetes-apps/ansible/defaults/main.yml +++ b/roles/kubernetes-apps/ansible/defaults/main.yml @@ -14,7 +14,8 @@ kubedns_nodes_per_replica: 10 coredns_replicas: 2 # Images -image_arch: amd64 +image_arch: "{{host_architecture}}" + kubedns_image_repo: "gcr.io/google_containers/k8s-dns-kube-dns-{{ image_arch }}" kubedns_image_tag: "{{ kubedns_version }}" dnsmasq_nanny_image_repo: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-{{ image_arch }}" diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml index 4eca9cc65..cfacf12a1 100644 --- a/roles/network_plugin/calico/tasks/check.yml +++ b/roles/network_plugin/calico/tasks/check.yml @@ -34,4 +34,4 @@ - 'calico_version_on_server.stdout is defined' - 'calico_version_on_server.stdout != ""' - inventory_hostname == groups['kube-master'][0] - run_once: yes \ No newline at end of file + run_once: yes diff --git a/roles/vault/defaults/main.yml b/roles/vault/defaults/main.yml index 1051ca8d6..1d05cfefc 100644 --- a/roles/vault/defaults/main.yml +++ b/roles/vault/defaults/main.yml @@ -24,7 +24,7 @@ vault_binary_checksum: 66f0f1b0b221d664dd5913f8697409d7401df4bb2a19c7277e8fbad15 vault_download_url: "https://releases.hashicorp.com/vault/{{ vault_version }}/vault_{{ vault_version }}_linux_{{ image_arch }}.zip" # Arch of Docker images and needed packages -image_arch: amd64 +image_arch: "{{host_architecture}}" vault_download_vars: container: "{{ vault_deployment_type != 'host' }}" From da06c8e5a95cac711a59ef30f9447a363e3d77b6 Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 17:06:00 +0200 Subject: [PATCH 07/10] etcd UNSUPPORTED for all arch --- roles/docker/vars/ubuntu-amd64.yml | 47 +++++++++++++++++++++++++ roles/docker/vars/ubuntu-arm64.yml | 43 ++++++++++++++++++++++ roles/download/tasks/main.yml | 4 +++ roles/etcd/templates/etcd-events.env.j2 | 4 +-- roles/etcd/templates/etcd.env.j2 | 4 +-- 5 files changed, 98 insertions(+), 4 deletions(-) create mode 100644 roles/docker/vars/ubuntu-amd64.yml create mode 100644 roles/docker/vars/ubuntu-arm64.yml diff --git a/roles/docker/vars/ubuntu-amd64.yml b/roles/docker/vars/ubuntu-amd64.yml new file mode 100644 index 000000000..cab1c0824 --- /dev/null +++ b/roles/docker/vars/ubuntu-amd64.yml @@ -0,0 +1,47 @@ +--- +docker_kernel_min_version: '3.10' + +# https://download.docker.com/linux/ubuntu/ +docker_versioned_pkg: + 'latest': docker-ce + '1.11': docker-engine=1.11.2-0~{{ ansible_distribution_release|lower }} + '1.12': docker-engine=1.12.6-0~ubuntu-{{ ansible_distribution_release|lower }} + '1.13': docker-engine=1.13.1-0~ubuntu-{{ ansible_distribution_release|lower }} + '17.03': docker-ce=17.03.2~ce-0~ubuntu-{{ ansible_distribution_release|lower }} + '17.09': docker-ce=17.09.0~ce-0~ubuntu-{{ ansible_distribution_release|lower }} + 'stable': docker-ce=17.03.2~ce-0~ubuntu-{{ ansible_distribution_release|lower }} + 'edge': docker-ce=17.12.1~ce-0~ubuntu-{{ ansible_distribution_release|lower }} + +docker_package_info: + pkg_mgr: apt + pkgs: + - name: "{{ docker_versioned_pkg[docker_version | string] }}" + force: yes + +docker_repo_key_info: + pkg_key: apt_key + url: '{{ docker_ubuntu_repo_gpgkey }}' + repo_keys: + - 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + +docker_repo_info: + pkg_repo: apt_repository + repos: + - > + deb {{ docker_ubuntu_repo_base_url }} + {{ ansible_distribution_release|lower }} + stable + +dockerproject_repo_key_info: + pkg_key: apt_key + url: '{{ dockerproject_apt_repo_gpgkey }}' + repo_keys: + - 58118E89F3A912897C070ADBF76221572C52609D + +dockerproject_repo_info: + pkg_repo: apt_repository + repos: + - > + deb {{ dockerproject_apt_repo_base_url }} + {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} + main diff --git a/roles/docker/vars/ubuntu-arm64.yml b/roles/docker/vars/ubuntu-arm64.yml new file mode 100644 index 000000000..3dbb1a0e4 --- /dev/null +++ b/roles/docker/vars/ubuntu-arm64.yml @@ -0,0 +1,43 @@ +--- +docker_kernel_min_version: '3.10' +docker_version: 17.09 +# https://download.docker.com/linux/ubuntu/ +docker_versioned_pkg: + 'latest': docker-ce + '17.09': docker-ce=17.09.1~ce-0~ubuntu + 'stable': docker-ce=17.09.1~ce-0~ubuntu + 'edge': docker-ce=17.12.1~ce-0~ubuntu + +docker_package_info: + pkg_mgr: apt + pkgs: + - name: "{{ docker_versioned_pkg[docker_version | string] }}" + force: yes + +docker_repo_key_info: + pkg_key: apt_key + url: '{{ docker_ubuntu_repo_gpgkey }}' + repo_keys: + - 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + +docker_repo_info: + pkg_repo: apt_repository + repos: + - > + deb {{ docker_ubuntu_repo_base_url }} + {{ ansible_distribution_release|lower }} + stable + +dockerproject_repo_key_info: + pkg_key: apt_key + url: '{{ dockerproject_apt_repo_gpgkey }}' + repo_keys: + - 58118E89F3A912897C070ADBF76221572C52609D + +dockerproject_repo_info: + pkg_repo: apt_repository + repos: + - > + deb {{ dockerproject_apt_repo_base_url }} + {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} + main diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml index 397689968..1984f626d 100644 --- a/roles/download/tasks/main.yml +++ b/roles/download/tasks/main.yml @@ -1,4 +1,8 @@ --- +- include_tasks: download_prep.yml + when: + - not skip_downloads|default(false) + - name: "Download items" include_tasks: "download_{% if download.container %}container{% else %}file{% endif %}.yml" vars: diff --git a/roles/etcd/templates/etcd-events.env.j2 b/roles/etcd/templates/etcd-events.env.j2 index 111329d05..6caeb1cf9 100644 --- a/roles/etcd/templates/etcd-events.env.j2 +++ b/roles/etcd/templates/etcd-events.env.j2 @@ -31,6 +31,6 @@ ETCD_PEER_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem ETCD_PEER_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem ETCD_PEER_CLIENT_CERT_AUTH={{ etcd_peer_client_auth }} -{% if ansible_architecture == "aarch64" -%} -ETCD_UNSUPPORTED_ARCH=arm64 +{% if host_architecture != "amd64" -%} +ETCD_UNSUPPORTED_ARCH={{host_architecture}} {%- endif %} diff --git a/roles/etcd/templates/etcd.env.j2 b/roles/etcd/templates/etcd.env.j2 index 6ef0cfa8c..a682f1f71 100644 --- a/roles/etcd/templates/etcd.env.j2 +++ b/roles/etcd/templates/etcd.env.j2 @@ -36,6 +36,6 @@ ETCD_PEER_CLIENT_CERT_AUTH={{ etcd_peer_client_auth }} {{ key }}={{ value }} {% endfor %} -{% if ansible_architecture == "aarch64" -%} -ETCD_UNSUPPORTED_ARCH=arm64 +{% if host_architecture != "amd64" -%} +ETCD_UNSUPPORTED_ARCH={{host_architecture}} {%- endif %} From f2f0cdd0fff76093492ebf391157767e5611714e Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 17:11:07 +0200 Subject: [PATCH 08/10] add arch vars for docker --- roles/docker/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 0eb0102d9..d2426769f 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -4,7 +4,8 @@ with_first_found: - files: - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml" - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}-{{ host_architecture }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml" - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml" - "{{ ansible_distribution|lower }}-{{ host_architecture }}.yml" - "{{ ansible_distribution|lower }}.yml" From 1704d699c451b458ac0ff63a4d7902166f0319b3 Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 17:18:46 +0200 Subject: [PATCH 09/10] CI: switch ubuntu18 to manual job --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index af898ebe9..d70a479f8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -343,7 +343,7 @@ gce_ubuntu18-flannel-aio: variables: <<: *ubuntu18_flannel_aio_variables <<: *gce_variables - when: on_success + when: manual except: ['triggers'] only: [/^pr-.*$/] From 22f911463058c70ea1f07c5133844bbbb7e690fd Mon Sep 17 00:00:00 2001 From: Antoine Legrand <2t.antoine@gmail.com> Date: Thu, 23 Aug 2018 17:45:59 +0200 Subject: [PATCH 10/10] update calico to 3.2.0 --- roles/download/defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index 9b56dbf13..a21881758 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -35,10 +35,10 @@ kubeadm_version: "{{ kube_version }}" etcd_version: v3.2.18 # TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults # after migration to container download -calico_version: "v3.1.3" -calico_ctl_version: "v3.1.3" -calico_cni_version: "v3.1.3" -calico_policy_version: "v3.1.3" +calico_version: "v3.2.0" +calico_ctl_version: "v3.2.0" +calico_cni_version: "v3.2.0" +calico_policy_version: "v3.2.0" calico_rr_version: "v0.6.1" flannel_version: "v0.10.0" flannel_cni_version: "v0.3.0"