openstack
/
openstack-helm-infra
Code Issues Proposed changes
openstack-helm-infra/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/tasks/kubelet.yaml

218 lines
6.2 KiB
YAML
Raw Blame History

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: ubuntu or debian | installing kubelet support packages
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
apt:
name: "{{item}}"
state: installed
with_items:
- ebtables
- ethtool
- iproute2
- iptables
- libmnl0
- libnfnetlink0
- libwrap0
- socat
- name: ubuntu xenial | installing kubelet support packages
when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial'
apt:
name: "{{item}}"
state: installed
with_items:
- libxtables11
- name: debian and ubuntu bionic | installing kubelet support packages
when: ansible_distribution == 'Debian' or ( ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'bionic' )
apt:
name: "{{item}}"
state: installed
with_items:
- libxtables12
- name: centos | installing kubelet support packages
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
yum:
name: "{{item}}"
state: installed
with_items:
- ebtables
- ethtool
- tcp_wrappers-libs
- libmnl
- socat
- name: fedora | installing kubelet support packages
when: ansible_distribution == 'Fedora'
dnf:
name: "{{item}}"
state: installed
with_items:
- ebtables
- ethtool
- tcp_wrappers-libs
- libmnl
- socat
- name: getting docker cgroup driver info
when: kubelet.container_runtime == 'docker'
block:
- name: docker | getting cgroup driver info
shell: docker info | awk '/^Cgroup Driver:/ { print $NF }'
register: docker_cgroup_driver
args:
executable: /bin/bash
- name: setting kublet cgroup driver
set_fact:
kubelet_cgroup_driver: "{{ docker_cgroup_driver.stdout }}"
- name: setting kublet cgroup driver for CRI-O
when: kubelet.container_runtime == 'crio'
set_fact:
kubelet_cgroup_driver: "systemd"
- name: setting node hostname fact
set_fact:
kubelet_node_hostname: "{% if ansible_domain is defined %}{{ ansible_fqdn }}{% else %}{{ ansible_hostname }}.node.{{ k8s.networking.dnsDomain }}{% endif %}"
- name: base kubelet deploy
block:
- file:
path: "{{ item }}"
state: directory
with_items:
- /etc/kubernetes/
- /etc/systemd/system/kubelet.service.d/
- /var/lib/kubelet/
- name: copying kubelet binary to host
copy:
src: /opt/assets/usr/bin/kubelet
dest: /usr/bin/kubelet
owner: root
group: root
mode: 365
- name: copying base systemd unit to host
template:
src: kubelet.service.j2
dest: /etc/systemd/system/kubelet.service
mode: 416
- name: copying kubeadm drop-in systemd unit to host
template:
src: 10-kubeadm.conf.j2
dest: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
mode: 416
- name: copying kubelet DNS config to host
template:
src: kubelet-resolv.conf.j2
dest: /etc/kubernetes/kubelet-resolv.conf
mode: 416
- name: base cni support
block:
- file:
path: "{{ item }}"
state: directory
with_items:
- /etc/cni/net.d
- /opt/cni/bin
- name: copy cni binaries into place
copy:
src: /opt/assets/opt/cni/bin/{{ item }}
dest: /opt/cni/bin/{{ item }}
owner: root
group: root
mode: 365
with_items:
- flannel
- ptp
- host-local
- portmap
- tuning
- vlan
# NOTE(aostapenko) absent with v0.8.5 cni
# - sample
- dhcp
- ipvlan
- macvlan
- loopback
- bridge
- name: CRI-O runtime config
when: kubelet.container_runtime == 'crio'
block:
- name: copying CRI-O drop-in systemd unit to host
template:
src: 0-crio.conf.j2
dest: /etc/systemd/system/kubelet.service.d/0-crio.conf
mode: 416
- name: CRI-O | ensure service is restarted and enabled
systemd:
name: crio
state: restarted
enabled: yes
masked: no
- name: Setup DNS redirector for fqdn testing
# NOTE(portdirect): This must be done before the K8S DNS pods attempt to
# start, so they use the dnsmasq instance to resolve upstream hostnames
when: gate.fqdn_testing|bool == true
block:
- name: Setup DNS redirector | Remove std kubelet resolv.conf
file:
path: "/etc/kubernetes/kubelet-resolv.conf"
state: absent
- name: Setup DNS redirector | Populating new kubelet resolv.conf
copy:
dest: "/etc/kubernetes/kubelet-resolv.conf"
mode: 416
content: |
nameserver 172.17.0.1
- name: Setup DNS redirector | Ensuring static manifests dir exists
file:
path: "/etc/kubernetes/manifests/"
state: directory
- name: Setup DNS redirector | check if an resolv-upstream.conf exists
stat:
path: /etc/resolv-upstream.conf
register: resolv_upstream_conf
- name: Setup DNS redirector | Placing pod manifest on host
when: resolv_upstream_conf.stat.exists == False
template:
src: resolv-upstream.conf.j2
dest: /etc/resolv-upstream.conf
mode: 436
- name: Setup DNS redirector | Placing pod manifest on host
template:
src: osh-dns-redirector.yaml.j2
dest: /etc/kubernetes/manifests/osh-dns-redirector.yaml
mode: 416
- name: docker | ensure service is started and enabled
when: kubelet.container_runtime == 'docker'
systemd:
name: docker
state: started
enabled: yes
masked: no
- name: ensure service is restarted and enabled
systemd:
name: kubelet
state: restarted
daemon_reload: yes
enabled: yes
masked: no
...
View Git Blame Copy Permalink