Skip to content

Commit

Permalink
chore: updates for k8s distro to work with all guest os
Browse files Browse the repository at this point in the history
Signed-off-by: Glenn Marcy <[email protected]>
  • Loading branch information
gmarcy committed Jul 30, 2024
1 parent ffcf6c1 commit f71b640
Show file tree
Hide file tree
Showing 10 changed files with 147 additions and 140 deletions.
10 changes: 5 additions & 5 deletions kubeinit/galaxy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ tags:
- origin
dependencies:
ansible.posix: '==1.5.4'
ansible.utils: '==2.10.3'
community.crypto: '==2.13.1'
community.general: '==7.0.1'
community.libvirt: '==1.2.0'
containers.podman: '==1.10.2'
ansible.utils: '==5.0.0'
community.crypto: '==2.21.1'
community.general: '==9.2.0'
community.libvirt: '==1.3.0'
containers.podman: '==1.15.4'
openvswitch.openvswitch: '==2.1.1'

repository: 'https://github.com/kubeinit/kubeinit'
Expand Down
2 changes: 1 addition & 1 deletion kubeinit/group_vars/kubeinit_defaults.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ cluster_node_configurations_docsplaceholder: 'we should have a cluster_node_conf

cluster_node_default_distro:
k8s:
os: centos
os: debian
ocp:
os: coreos
okd:
Expand Down
10 changes: 5 additions & 5 deletions kubeinit/requirements.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ collections:
- name: ansible.posix
version: '1.5.4'
- name: ansible.utils
version: '2.10.3'
version: '5.0.0'
- name: community.crypto
version: '2.13.1'
version: '2.21.1'
- name: community.general
version: '7.0.1'
version: '9.2.0'
- name: community.libvirt
version: '1.2.0'
version: '1.3.0'
- name: containers.podman
version: '1.10.2'
version: '1.15.4'
- name: openvswitch.openvswitch
version: '2.1.1'
2 changes: 1 addition & 1 deletion kubeinit/roles/kubeinit_k8s/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@

- name: Label compute nodes
ansible.builtin.command: |
kubectl label node {{ hostvars[compute_node].fqdn }} node-role.kubernetes.io/worker=
kubectl label node {{ compute_node }} node-role.kubernetes.io/worker=
register: _result
changed_when: "_result.rc == 0"
loop: "{{ groups['all_compute_nodes'] | default([]) }}"
Expand Down
117 changes: 13 additions & 104 deletions kubeinit/roles/kubeinit_k8s/tasks/prepare_cluster.yml
Original file line number Diff line number Diff line change
Expand Up @@ -58,130 +58,39 @@
register: _result
changed_when: "_result.rc == 0"

#### Debian-based distributions
###
#### These instructions are for Kubernetes v1.30.
###
#### Update the apt package index and install packages needed to use the Kubernetes apt repository:
###
### sudo apt-get update
### # apt-transport-https may be a dummy package; if so, you can skip that package
### sudo apt-get install -y apt-transport-https ca-certificates curl gpg
###
#### Download the public signing key for the Kubernetes package repositories. The same signing key is used for all repositories so you can disregard the version in the URL:
###
### # If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
### # sudo mkdir -p -m 755 /etc/apt/keyrings
### curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
###
#### Note:
#### In releases older than Debian 12 and Ubuntu 22.04, directory /etc/apt/keyrings does not exist by default, and it should be created before the curl command.
###
#### Add the appropriate Kubernetes apt repository. Please note that this repository have packages only for Kubernetes 1.30; for other Kubernetes minor versions, you need to change the Kubernetes minor version in the URL to match your desired minor version (you should also check that you are reading the documentation for the version of Kubernetes that you plan to install).
###
### # This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
### echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
###
#### Update the apt package index, install kubelet, kubeadm and kubectl, and pin their version:
###
### sudo apt-get update
### sudo apt-get install -y kubelet kubeadm kubectl
### sudo apt-mark hold kubelet kubeadm kubectl
###
#### (Optional) Enable the kubelet service before running kubeadm:
###
### sudo systemctl enable --now kubelet
###
####
#### END
####
#### Distributions using deb packages
###
#### Install the dependencies for adding repositories
### apt-get update
### apt-get install -y software-properties-common curl
###
#### Add the Kubernetes repository
### curl -fsSL https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/Release.key |
### gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
###
### echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/ /" |
### tee /etc/apt/sources.list.d/kubernetes.list
###
#### Add the CRI-O repository
### curl -fsSL https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/deb/Release.key |
### gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
###
### echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/deb/ /" |
### tee /etc/apt/sources.list.d/cri-o.list
###
#### Install the packages
### apt-get update
### apt-get install -y cri-o kubelet kubeadm kubectl
###
#### Start CRI-O
### systemctl start crio.service
###
#### Bootstrap a cluster
### swapoff -a
### modprobe br_netfilter
### sysctl -w net.ipv4.ip_forward=1
###
### kubeadm init
####
#### END
####
- when: hostvars[kubeinit_provision_service_node].os != 'centos'
- when: hostvars[kubeinit_provision_service_node].os == 'debian'
block:

- name: Add kubernetes repo for latest kubectl (Debian)
ansible.builtin.shell: |
set -eo pipefail
apt-get install -y apt-transport-https ca-certificates curl gpg
mkdir -p /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
apt-get update
apt-get install -y software-properties-common curl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key |
gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /" |
tee /etc/apt/sources.list.d/kubernetes.list
curl -fsSL https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/Release.key |
gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/ /" |
tee /etc/apt/sources.list.d/cri-o.list
apt-get update
apt-get install -y cri-o kubelet kubeadm kubectl
systemctl start crio.service
apt-get install -y kubectl
apt-mark hold kubectl
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

###
# The Project's prerelease:/main prefix at the CRI-O's package path, can be replaced with stable:/v1.28, stable:/v1.29, prerelease:/v1.28 or prerelease:/v1.29 if another stream package is used.
###
- when: hostvars[kubeinit_provision_service_node].os == 'ubuntu'
block:

- name: Add kubernetes repo for latest kubectl (Ubuntu)
ansible.builtin.shell: |
set -eo pipefail
apt-get install -y apt-transport-https ca-certificates curl gnupg
apt-get install -y apt-transport-https ca-certificates curl gpg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg # allow unprivileged APT programs to read this keyring
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
chmod 644 /etc/apt/sources.list.d/kubernetes.list # helps tools such as command-not-found to work correctly
apt-get update --allow-insecure-repositories
apt-get update
apt-get install -y kubectl
apt-mark hold kubectl
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Install services requirements
ansible.builtin.package:
name:
- kubectl
state: present
use: apt

delegate_to: "{{ kubeinit_provision_service_node }}"
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,7 @@
kubeinit_deployment_node_name: "{{ item[0] }}"
service_name: "{{ kubeinit_cluster_name }}-{{ item[1] }}"
delegate_to: "{{ kubeinit_deployment_node_name }}"
when: false

- name: Remove any previous services podman pods
containers.podman.podman_pod:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@
state: touch
mode: '0644'

- name: Adding repository details in Kubernetes repo file.
- name: Adding repository details in CRI-O repo file.
ansible.builtin.blockinfile:
path: /etc/yum.repos.d/cri-o.repo
block: |
Expand Down
69 changes: 62 additions & 7 deletions kubeinit/roles/kubeinit_libvirt/tasks/deploy_debian_guest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,15 @@
- name: Configure common requirements in Debian guests
block:

- name: Update packages
ansible.builtin.command: apt update

- name: Install resolvconf
ansible.builtin.package:
name: resolvconf
state: present
use: apt

- name: Make sure base file exists
ansible.builtin.copy:
content: ""
Expand Down Expand Up @@ -172,18 +181,11 @@
- name: Force apt-get update
ansible.builtin.shell: |
apt-get update
apt-get install -y gnupg
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Update packages
ansible.builtin.package:
name: "*"
state: latest
use: apt

- name: Disable SWAP
ansible.builtin.shell: |
swapoff -a
Expand Down Expand Up @@ -211,6 +213,59 @@
register: _result
changed_when: "_result.rc == 0"

- name: Enable kernel modules and IP forward
ansible.builtin.shell: |
modprobe br_netfilter
echo br_netfilter > /etc/modules-load.d/br_netfilter.conf
#modprobe overlay
#echo overlay > /etc/modules-load.d/overlay.conf
sysctl -w net.ipv4.ip_forward=1
#sysctl -w net.bridge.bridge-nf-call-iptables=1
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Add kubernetes repo for latest kubectl (Ubuntu)
ansible.builtin.shell: |
set -eo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get install -y apt-transport-https ca-certificates curl gpg
mkdir -p /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
curl -fsSL https://pkgs.k8s.io/addons:/cri-o:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/ /" | tee /etc/apt/sources.list.d/cri-o.list
apt-get update
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Install requirements
ansible.builtin.shell: |
apt-get install -y cri-o={{ kubeinit_k8s_kubernetes_version }}.* kubelet={{ kubeinit_k8s_kubernetes_version }}.* kubeadm={{ kubeinit_k8s_kubernetes_version }}.* kubectl={{ kubeinit_k8s_kubernetes_version }}.*
apt-mark hold cri-o kubelet kubeadm kubectl
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Enable/start/status cri-o
ansible.builtin.shell: |
systemctl enable crio
systemctl start crio
systemctl status crio
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Enable kubelet
ansible.builtin.systemd:
name: kubelet
enabled: yes

- name: Update packages
ansible.builtin.package:
name: "*"
Expand Down
68 changes: 55 additions & 13 deletions kubeinit/roles/kubeinit_libvirt/tasks/deploy_ubuntu_guest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -116,19 +116,8 @@
- name: Configure common requirements in Ubuntu guests
block:

- name: Add kubernetes repo for latest kubectl (Ubuntu)
ansible.builtin.shell: |
set -eo pipefail
apt-get install -y apt-transport-https ca-certificates curl gnupg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg # allow unprivileged APT programs to read this keyring
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
chmod 644 /etc/apt/sources.list.d/kubernetes.list # helps tools such as command-not-found to work correctly
apt-get update --allow-insecure-repositories
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"
- name: Update packages
ansible.builtin.command: apt update

- name: Install resolvconf
ansible.builtin.package:
Expand Down Expand Up @@ -223,6 +212,59 @@
register: _result
changed_when: "_result.rc == 0"

- name: Enable kernel modules and IP forward
ansible.builtin.shell: |
modprobe br_netfilter
echo br_netfilter > /etc/modules-load.d/br_netfilter.conf
#modprobe overlay
#echo overlay > /etc/modules-load.d/overlay.conf
sysctl -w net.ipv4.ip_forward=1
#sysctl -w net.bridge.bridge-nf-call-iptables=1
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Add kubernetes repo for latest kubectl (Ubuntu)
ansible.builtin.shell: |
set -eo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get install -y apt-transport-https ca-certificates curl gpg
mkdir -p /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
curl -fsSL https://pkgs.k8s.io/addons:/cri-o:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/stable:/v{{ kubeinit_k8s_kubernetes_version }}/deb/ /" | tee /etc/apt/sources.list.d/cri-o.list
apt-get update
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Install requirements
ansible.builtin.shell: |
apt-get install -y cri-o={{ kubeinit_k8s_kubernetes_version }}.* kubelet={{ kubeinit_k8s_kubernetes_version }}.* kubeadm={{ kubeinit_k8s_kubernetes_version }}.* kubectl={{ kubeinit_k8s_kubernetes_version }}.*
apt-mark hold cri-o kubelet kubeadm kubectl
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Enable/start/status cri-o
ansible.builtin.shell: |
systemctl enable crio
systemctl start crio
systemctl status crio
args:
executable: /bin/bash
register: _result
changed_when: "_result.rc == 0"

- name: Enable kubelet
ansible.builtin.systemd:
name: kubelet
enabled: yes

- name: Update packages
ansible.builtin.package:
name: "*"
Expand Down
Loading

0 comments on commit f71b640

Please sign in to comment.