From 68118c2653c7b779fde76633ee89802d1a90ce28 Mon Sep 17 00:00:00 2001 From: Florent Monbillard Date: Tue, 22 Sep 2020 10:14:48 -0400 Subject: [PATCH] Expose offline install overrides in inventory (#6728) * Expose offline install overrides in inventory * Remove not recommended warning --- docs/offline-environment.md | 16 ++++- .../group_vars/k8s-cluster/k8s-cluster.yml | 3 - .../sample/group_vars/k8s-cluster/offline.yml | 71 +++++++++++++++++++ 3 files changed, 86 insertions(+), 4 deletions(-) create mode 100644 inventory/sample/group_vars/k8s-cluster/offline.yml diff --git a/docs/offline-environment.md b/docs/offline-environment.md index 787f2ab61..2d67df6da 100644 --- a/docs/offline-environment.md +++ b/docs/offline-environment.md @@ -10,10 +10,11 @@ In case your servers don't have access to internet (for example when deploying o ## Configure Inventory -Once all artifacts are accessible from your internal network, **adjust** the following variables in your inventory to match your environment: +Once all artifacts are accessible from your internal network, **adjust** the following variables in [your inventory](/inventory/sample/group_vars/k8s-cluster/offline.yml) to match your environment: ```yaml # Registry overrides +kube_image_repo: "{{ registry_host }}" gcr_image_repo: "{{ registry_host }}" docker_image_repo: "{{ registry_host }}" quay_image_repo: "{{ registry_host }}" @@ -76,6 +77,13 @@ If you use the settings like the one above, you'll need to define in your invent ## Install Kubespray Python Packages +### Recommended way: Kubespray Container Image + +The easiest way is to use [kubespray container image](quay.io/kubespray/kubespray) as all the required packages are baked in the image. +Just copy the container image in your private container image registry and you are all set! + +### Manual installation + Look at the `requirements.txt` file and check if your OS provides all packages out-of-the-box (Using the OS package manager). For those missing, you need to either use a proxy that has Internet access (typically from a DMZ) or setup a PyPi server in your network that will host these packages. If you're using a HTTP(S) proxy to download your python packages: @@ -102,4 +110,10 @@ Once all artifacts are in place and your inventory properly set up, you can run ansible-playbook -i inventory/my_airgap_cluster/hosts.yaml -b cluster.yml ``` +If you use [Kubespray Container Image](#recommended-way:-kubespray-container-image), you can mount your inventory inside the container: + +```bash +docker run --rm -it -v path_to_inventory/my_airgap_cluster:inventory/my_airgap_cluster myprivateregisry.com/kubespray/kubespray:v2.14.0 ansible-playbook -i inventory/my_airgap_cluster/hosts.yaml -b cluster.yml +``` + ## Please Note: Offline installation doesn't support CRI-O container runtime at the moment (see [this issue](https://github.com/kubernetes-sigs/kubespray/issues/6233)) diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml index b2b15ce5b..c80b29684 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml @@ -19,9 +19,6 @@ kube_api_anonymous_auth: true ## Change this to use another Kubernetes version, e.g. a current beta release kube_version: v1.19.2 -# kubernetes image repo define -kube_image_repo: "k8s.gcr.io" - # Where the binaries will be downloaded. # Note: ensure that you've enough disk space (about 1G) local_release_dir: "/tmp/releases" diff --git a/inventory/sample/group_vars/k8s-cluster/offline.yml b/inventory/sample/group_vars/k8s-cluster/offline.yml new file mode 100644 index 000000000..65a85c91a --- /dev/null +++ b/inventory/sample/group_vars/k8s-cluster/offline.yml @@ -0,0 +1,71 @@ +--- +## Global Offline settings +### Private Container Image Registry +# registry_host: "myprivateregisry.com" +# files_repo: "http://myprivatehttpd" +### If using CentOS, RedHat or Fedora +# yum_repo: "http://myinternalyumrepo" +### If using Debian +# debian_repo: "http://myinternaldebianrepo" +### If using Ubuntu +# ubuntu_repo: "http://myinternalubunturepo" + +## Container Registry overrides +# kube_image_repo: "{{ registry_host }}" +# gcr_image_repo: "{{ registry_host }}" +# docker_image_repo: "{{ registry_host }}" +# quay_image_repo: "{{ registry_host }}" + +## Kubernetes components +# kubeadm_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubeadm" +# kubectl_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubectl" +# kubelet_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubelet" + +## CNI Plugins +# cni_download_url: "{{ files_repo }}/kubernetes/cni/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz" + +## cri-tools +# crictl_download_url: "{{ files_repo }}/kubernetes/cri-tools/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz" + +## [Optional] etcd: only if you **DON'T** use etcd_deployment=host +# etcd_download_url: "{{ files_repo }}/kubernetes/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz" + +# [Optional] Calico: If using Calico network plugin +# calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}" + +## CentOS/Redhat +### Docker +# docker_rh_repo_base_url: "{{ yum_repo }}/docker-ce/$releasever/$basearch" +# docker_rh_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg" +### Containerd +# extras_rh_repo_base_url: "{{ yum_repo }}/centos/$releasever/extras/$basearch" +# extras_rh_repo_gpgkey: "{{ yum_repo }}/containerd/gpg" + +## Fedora +### Docker +# docker_fedora_repo_base_url: "{{ yum_repo }}/docker-ce/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}" +# docker_fedora_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg" +### Containerd +# containerd_fedora_repo_base_url: "{{ yum_repo }}/containerd" +# containerd_fedora_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg" + +## Debian +### Docker +# docker_debian_repo_base_url: "{{ debian_repo }}/docker-ce" +# docker_debian_repo_gpgkey: "{{ debian_repo }}/docker-ce/gpg" +### Containerd +# containerd_debian_repo_base_url: "{{ ubuntu_repo }}/containerd" +# containerd_debian_repo_gpgkey: "{{ ubuntu_repo }}/containerd/gpg" +# containerd_debian_repo_repokey: 'YOURREPOKEY' + +## Ubuntu +### Docker +# docker_ubuntu_repo_base_url: "{{ ubuntu_repo }}/docker-ce" +# docker_ubuntu_repo_gpgkey: "{{ ubuntu_repo }}/docker-ce/gpg" +### Containerd +# containerd_ubuntu_repo_base_url: "{{ ubuntu_repo }}/containerd" +# containerd_ubuntu_repo_gpgkey: "{{ ubuntu_repo }}/containerd/gpg" +# containerd_ubuntu_repo_repokey: 'YOURREPOKEY' + +# [Optiona] Helm: if helm_enabled: true in addons.yml +# helm_stable_repo_url: "{{ helm_registry }}" \ No newline at end of file