Browse Source
Convert OS specific packages to new format
Uses the logic introduced in the previous patch to convert all
kubernetes/preinstall/vars/* os specific files to the `pkgs`
dictionary.
Some niceties for devs:
- always validate the `pkgs` variable to catch mistakes in CI.
- ensure that `pkgs` is always sorted. This makes it easier to find the
packages you're looking for.
Max Gautier
1 year ago
12 changed files with
100 additions and
88 deletions
roles/kubernetes/preinstall/tasks/0020-set_facts.yml
roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
roles/kubernetes/preinstall/vars/amazon.yml
roles/kubernetes/preinstall/vars/centos.yml
roles/kubernetes/preinstall/vars/debian-11.yml
roles/kubernetes/preinstall/vars/debian-12.yml
roles/kubernetes/preinstall/vars/debian.yml
roles/kubernetes/preinstall/vars/fedora.yml
roles/kubernetes/preinstall/vars/main.yml
roles/kubernetes/preinstall/vars/redhat.yml
roles/kubernetes/preinstall/vars/suse.yml
roles/kubernetes/preinstall/vars/ubuntu.yml
@ -199,20 +199,6 @@
supersede domain-name-servers {{ (nameservers | d([]) + cloud_resolver | d([])) | unique | join(', ') }}; supersede domain-name-servers {{ (nameservers | d([]) + cloud_resolver | d([])) | unique | join(', ') }};
when : dns_early and not dns_late when : dns_early and not dns_late
- name : Gather os specific variables
include_vars : "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower | replace('/', '_') }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower | replace('/', '_') }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}.yml"
- defaults.yml
paths:
- ../vars
skip : true
- name : Set etcd vars if using kubeadm mode - name : Set etcd vars if using kubeadm mode
set_fact: set_fact:
etcd_cert_dir : "{{ kube_cert_dir }}" etcd_cert_dir : "{{ kube_cert_dir }}"
@ -316,3 +316,15 @@
when: when:
- kube_apiserver_enable_admission_plugins is defined - kube_apiserver_enable_admission_plugins is defined
- kube_apiserver_enable_admission_plugins | length > 0 - kube_apiserver_enable_admission_plugins | length > 0
- name : Verify that the packages list structure is valid
ansible.utils.validate:
criteria : "{{ lookup('file', 'pkgs-schema.json') }}"
data : "{{ pkgs }}"
- name : Verify that the packages list is sorted
vars:
pkgs_lists : "{{ pkgs.keys() | list }}"
assert:
that : "pkgs_lists | sort == pkgs_lists"
fail_msg : "pkgs is not sorted: {{ pkgs_lists | ansible.utils.fact_diff(pkgs_lists | sort) }}"
@ -1,7 +0,0 @@
---
required_pkgs:
- libselinux-python
- device-mapper-libs
- nss
- conntrack-tools
- libseccomp
@ -1,8 +0,0 @@
---
required_pkgs:
- "{{ ((ansible_distribution_major_version | int) < 8) | ternary('libselinux-python', 'python3-libselinux') }}"
- device-mapper-libs
- nss
- conntrack
- container-selinux
- libseccomp
@ -1,10 +0,0 @@
---
required_pkgs:
- python3-apt
- gnupg
- apt-transport-https
- software-properties-common
- conntrack
- iptables
- apparmor
- libseccomp2
@ -1,11 +0,0 @@
---
required_pkgs:
- python3-apt
- gnupg
- apt-transport-https
- software-properties-common
- conntrack
- iptables
- apparmor
- libseccomp2
- mergerfs
@ -1,9 +0,0 @@
---
required_pkgs:
- python-apt
- aufs-tools
- apt-transport-https
- software-properties-common
- conntrack
- apparmor
- libseccomp2
@ -1,8 +0,0 @@
---
required_pkgs:
- iptables
- libselinux-python3
- device-mapper-libs
- conntrack
- container-selinux
- libseccomp
@ -0,0 +1,88 @@
---
pkgs:
apparmor : &debian_family_base
os:
families:
- Debian
apt-transport-https : *debian_family_base
aufs-tools : &deb_10
groups:
- k8s_cluster
os:
distributions:
Debian:
major_versions:
- "10"
conntrack : &deb_redhat
groups:
- k8s_cluster
os:
families:
- Debian
- RedHat
conntrack-tools:
groups:
- k8s_cluster
os:
families:
- Suse
distributions:
Amazon : {}
container-selinux : &redhat_family
groups:
- k8s_cluster
os:
families:
- RedHat
device-mapper:
groups:
- k8s_cluster
os:
families:
- Suse
device-mapper-libs : *redhat_family
gnupg : &debian
groups:
- k8s_cluster
os:
distributions:
Debian:
major_versions:
- "11"
- "12"
iptables : *deb_redhat
libseccomp : *redhat_family
libseccomp2:
groups:
- k8s_cluster
os:
families:
- Suse
- Debian
libselinux-python: # TODO : Handle rehat_family + major < 8
os:
distributions:
Amazon : {}
libselinux-python3:
os:
distributions:
Fedora : {}
mergerfs:
os:
distributions:
Debian:
major_versions:
- "12"
nss : *redhat_family
python-apt : *deb_10
# TODO: not for debian 10
python3-apt : *debian_family_base
python3-libselinux:
os:
distributions:
RedHat : &major_redhat_like
major_versions:
- "8"
- "9"
Centos : *major_redhat_like
software-properties-common : *debian_family_base
@ -1,8 +0,0 @@
---
required_pkgs:
- "{{ ((ansible_distribution_major_version | int) < 8) | ternary('libselinux-python', 'python3-libselinux') }}"
- device-mapper-libs
- nss
- conntrack
- container-selinux
- libseccomp
@ -1,5 +0,0 @@
---
required_pkgs:
- device-mapper
- conntrack-tools
- libseccomp2
@ -1,8 +0,0 @@
---
required_pkgs:
- python3-apt
- apt-transport-https
- software-properties-common
- conntrack
- apparmor
- libseccomp2
Max Gautier
1 year ago