From 6d47a11de44ed5cc5c17e66fd243fccf8fc3cf23 Mon Sep 17 00:00:00 2001 From: Marc Bihlmaier Date: Wed, 2 Jan 2019 14:52:15 +0100 Subject: [PATCH 01/52] fail when kubeadm init fails --- tasks/master-setup.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 7db6767..8c792b7 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -8,14 +8,6 @@ --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} - register: kubeadmin_init - failed_when: false - when: not kubernetes_init_stat.stat.exists - -- name: Print the init output to screen. - debug: - var: kubeadmin_init.stdout - verbosity: 2 when: not kubernetes_init_stat.stat.exists - name: Ensure .kube directory exists. From 417b638ad6a6b3effc6bb4661a98a80622495e02 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 16 Feb 2019 10:39:00 -0600 Subject: [PATCH 02/52] Bump Kubernetes RHEL package to 1.13.3. --- README.md | 2 +- defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c6d1c5f..b935890 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. kubernetes_version: '1.13' - kubernetes_version_rhel_package: '1.13.1' + kubernetes_version_rhel_package: '1.13.3' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index 5745080..f357417 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -10,7 +10,7 @@ kubernetes_packages: state: present kubernetes_version: '1.13' -kubernetes_version_rhel_package: '1.13.1' +kubernetes_version_rhel_package: '1.13.3' kubernetes_role: master From 68fc2d8ab31f017a0ba8c7f573ea05b2d865e839 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 27 Mar 2019 10:49:23 -0500 Subject: [PATCH 03/52] Fix ansible-lint issue - ignore rule 306. --- .ansible-lint | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .ansible-lint diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..4778564 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,2 @@ +skip_list: + - '306' From 96ee854aedfb6b1ee704fec1e8e8fea6351705fb Mon Sep 17 00:00:00 2001 From: Shkiv Date: Fri, 19 Apr 2019 22:11:09 +0300 Subject: [PATCH 04/52] Update kubelet-setup.yml https://github.com/geerlingguy/ansible-role-kubernetes/issues/42 --- tasks/kubelet-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/kubelet-setup.yml b/tasks/kubelet-setup.yml index 939046e..05a4622 100644 --- a/tasks/kubelet-setup.yml +++ b/tasks/kubelet-setup.yml @@ -15,7 +15,7 @@ set_fact: kubelet_args_path: '/etc/systemd/system/kubelet.service.d/10-kubeadm.conf' kubelet_args_line: "{{ 'Environment=\"KUBELET_EXTRA_ARGS=' + kubernetes_kubelet_extra_args + '\"' }}" - kubelet_args_regexp: '^Environment=' + kubelet_args_regexp: '^Environment="KUBELET_EXTRA_ARGS=' when: not kubelet_environment_file.stat.exists - name: Configure KUBELET_EXTRA_ARGS. From 7eea163f817f354f2e451d30029f156c4246553e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 19 Apr 2019 16:09:09 -0500 Subject: [PATCH 05/52] Use same options for all tests and default to Ansible IP correctly. --- molecule/default/playbook.yml | 7 +------ tasks/master-setup.yml | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index 19ae391..f93c7d7 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -5,7 +5,7 @@ vars: # Allow swap in test environments (hard to control in some Docker envs). - kubernetes_kubelet_extra_args: "--fail-swap-on=false" + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" docker_install_compose: false pre_tasks: @@ -24,11 +24,6 @@ - name: Gather facts. action: setup - - name: Use cgroupfs cgroup driver instead of systemd (RedHat). - set_fact: - kubernetes_kubelet_extra_args: '"--fail-swap-on=false --cgroup-driver=cgroupfs"' - when: ansible_os_family == 'RedHat' - roles: - role: geerlingguy.docker - role: geerlingguy.kubernetes diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 7db6767..c6631c7 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -3,7 +3,7 @@ command: > kubeadm init --pod-network-cidr={{ kubernetes_pod_network_cidr }} - --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address) }} + --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} From ae8f596e8fa31a1124c67d576c68cbc76d157446 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 16 May 2019 22:15:34 -0500 Subject: [PATCH 06/52] Remove unused tests. --- molecule/default/tests/test_default.py | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 molecule/default/tests/test_default.py diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py deleted file mode 100644 index eedd64a..0000000 --- a/molecule/default/tests/test_default.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_hosts_file(host): - f = host.file('/etc/hosts') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' From 8b1ce9dcc5563dad67444925a80dce99521484aa Mon Sep 17 00:00:00 2001 From: Ravi Palankar Date: Thu, 20 Jun 2019 00:18:23 +0530 Subject: [PATCH 07/52] calico cni choice --- defaults/main.yml | 10 +++++++++- tasks/master-setup.yml | 15 ++++++++++++--- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index f357417..1080144 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -21,7 +21,12 @@ kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml -kubernetes_pod_network_cidr: '10.244.0.0/16' +kubernetes_cni: 'calico' +kubernetes_pod_network: + - name: 'flannel' + cidr: '10.244.0.0/16' + - name: 'calico' + cidr: '192.168.0.0/16' kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' @@ -36,3 +41,6 @@ kubernetes_yum_arch: x86_64 # Flannel config files. kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml + +# Calico config files +kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.7/manifests/calico.yaml diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index c6631c7..0c4ffda 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -2,15 +2,15 @@ - name: Initialize Kubernetes master with kubeadm init. command: > kubeadm init - --pod-network-cidr={{ kubernetes_pod_network_cidr }} + --pod-network-cidr={{ item.cidr }} --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} - + with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false - when: not kubernetes_init_stat.stat.exists + when: not kubernetes_init_stat.stat.exists and item.name == kubernetes_cni - name: Print the init output to screen. debug: @@ -36,6 +36,15 @@ - kubectl apply -f {{ kubernetes_flannel_manifest_file }} register: flannel_result changed_when: "'created' in flannel_result.stdout" + when: kubernetes_cni == 'flannel' + +- name: Configure Calico networking. + command: "{{ item }}" + with_items: + - kubectl apply -f {{ kubernetes_calico_manifest_file }} + register: calico_result + changed_when: "'created' in calico_result.stdout" + when: kubernetes_cni == 'calico' # TODO: Check if taint exists with something like `kubectl describe nodes` # instead of using kubernetes_init_stat.stat.exists check. From dab2f769e79b6fdadaea65a0042676c47e6b0a1c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 6 Jul 2019 15:50:59 -0500 Subject: [PATCH 08/52] Fixes #54: Update to Kubernetes 1.15. --- README.md | 4 ++-- defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b935890..c878573 100644 --- a/README.md +++ b/README.md @@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. - kubernetes_version: '1.13' - kubernetes_version_rhel_package: '1.13.3' + kubernetes_version: '1.15' + kubernetes_version_rhel_package: '1.15.0' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index f357417..9df09fc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.13' -kubernetes_version_rhel_package: '1.13.3' +kubernetes_version: '1.15' +kubernetes_version_rhel_package: '1.15.0' kubernetes_role: master From 4de5e1941acd296900364013be17f64486a1b6b9 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 7 Jul 2019 22:29:37 -0500 Subject: [PATCH 09/52] Fixes #55: Support and test Debian 10 Buster. --- .ansible-lint | 1 + .travis.yml | 1 + README.md | 4 ++-- meta/main.yml | 2 ++ tasks/master-setup.yml | 6 +++--- 5 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 4778564..cb73159 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,2 +1,3 @@ skip_list: - '306' + - '405' diff --git a/.travis.yml b/.travis.yml index e408915..1bb8486 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ env: - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_DISTRO: debian9 + - MOLECULE_DISTRO: debian10 install: # Install test dependencies. diff --git a/README.md b/README.md index c878573..2537ea7 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ None. - hosts: all vars: - kubernetes_allow_pods_on_master: True + kubernetes_allow_pods_on_master: true roles: - geerlingguy.docker @@ -112,7 +112,7 @@ Playbook: - hosts: all vars: - kubernetes_allow_pods_on_master: True + kubernetes_allow_pods_on_master: true roles: - geerlingguy.docker diff --git a/meta/main.yml b/meta/main.yml index 992eac3..d216375 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -11,9 +11,11 @@ galaxy_info: - name: EL versions: - 7 + - 8 - name: Debian versions: - stretch + - buster - name: Ubuntu versions: - xenial diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index c6631c7..306acda 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -42,7 +42,7 @@ - name: Allow pods on master node (if configured). command: "kubectl taint nodes --all node-role.kubernetes.io/master-" when: - - kubernetes_allow_pods_on_master + - kubernetes_allow_pods_on_master | bool - not kubernetes_init_stat.stat.exists - name: Check if Kubernetes Dashboard UI service already exists. @@ -50,10 +50,10 @@ changed_when: false failed_when: false register: kubernetes_dashboard_service - when: kubernetes_enable_web_ui + when: kubernetes_enable_web_ui | bool - name: Enable the Kubernetes Web Dashboard UI (if configured). command: "kubectl create -f {{ kubernetes_web_ui_manifest_file }}" when: - - kubernetes_enable_web_ui + - kubernetes_enable_web_ui | bool - kubernetes_dashboard_service is failed From c95b3ce9db676f71c68e38329c1bdf028df1ccb6 Mon Sep 17 00:00:00 2001 From: Felipe Lopes Date: Fri, 12 Jul 2019 11:01:16 +0100 Subject: [PATCH 10/52] Update main.yml --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9df09fc..6e78ce2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -19,7 +19,7 @@ kubernetes_kubeadm_init_extra_opts: "" kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true -kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml +kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml kubernetes_pod_network_cidr: '10.244.0.0/16' kubernetes_apiserver_advertise_address: '' From 6e05cefbcaee42e58ca751ad63d9a51ce41e812c Mon Sep 17 00:00:00 2001 From: Maxime GASTON Date: Fri, 9 Aug 2019 16:41:13 +0200 Subject: [PATCH 11/52] Fix typo referenced in #49 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2537ea7..47c449f 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ Whether to enable the Kubernetes web dashboard UI (only accessible on the master kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' -Options passed to `kubeadm init` when initializing the Kubernetes master. The `apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty. +Options passed to `kubeadm init` when initializing the Kubernetes master. The `kubernetes_apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty. kubernetes_apt_release_channel: main kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" From 1396945c0d6c127cd8be39be8789264d48c57c5a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 11 Dec 2019 09:52:37 -0600 Subject: [PATCH 12/52] Create FUNDING.yml --- .github/FUNDING.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .github/FUNDING.yml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..af7a1e0 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,4 @@ +# These are supported funding model platforms + +github: geerlingguy +patreon: geerlingguy From b65d92d899f5bbd2e0a0f7b7298b5836e1695160 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 11 Dec 2019 10:51:05 -0600 Subject: [PATCH 13/52] YAML syntax fix. --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index af7a1e0..96b4938 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,4 +1,4 @@ # These are supported funding model platforms - +--- github: geerlingguy patreon: geerlingguy From 5ad16aad1a1f50d41ecc3757044a4642a14b32da Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 19:50:57 -0600 Subject: [PATCH 14/52] Add kubernetes_join_command_extra_opts variable. --- README.md | 4 ++++ defaults/main.yml | 1 + tasks/main.yml | 4 +++- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 47c449f..dfdaa9b 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,10 @@ Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start Extra args to pass to `kubeadm init` during K8s control plane initialization. E.g. to specify extra Subject Alternative Names for API server certificate, set this to: `"--apiserver-cert-extra-sans my-custom.host"` + kubernetes_join_command_extra_opts: "" + +Extra args to pass to the generated `kubeadm join` command during K8s node initialization. E.g. to ignore certain preflight errors like swap being enabled, set this to: `--ignore-preflight-errors=Swap` + kubernetes_allow_pods_on_master: true Whether to remove the taint that denies pods from being deployed to the Kubernetes master. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes master which doesn't run any other pods. diff --git a/defaults/main.yml b/defaults/main.yml index 6e78ce2..a336b31 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -16,6 +16,7 @@ kubernetes_role: master kubernetes_kubelet_extra_args: "" kubernetes_kubeadm_init_extra_opts: "" +kubernetes_join_command_extra_opts: "" kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true diff --git a/tasks/main.yml b/tasks/main.yml index fe6d999..e90420a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -44,7 +44,9 @@ - name: Set the kubeadm join command globally. set_fact: - kubernetes_join_command: "{{ kubernetes_join_command_result.stdout }}" + kubernetes_join_command: > + {{ kubernetes_join_command_result.stdout }} + {{ kubernetes_join_command_extra_opts }} when: kubernetes_join_command_result.stdout is defined delegate_to: "{{ item }}" delegate_facts: true From 825d6f5e3716b8a801961db514b206a9223fd127 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 19:57:24 -0600 Subject: [PATCH 15/52] PR #53 follow-up: Requested changes for simplicity. --- README.md | 11 ++++++++++- defaults/main.yml | 12 +++++++----- tasks/master-setup.yml | 6 +++--- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index dfdaa9b..cfe58fb 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,16 @@ Whether to remove the taint that denies pods from being deployed to the Kubernet Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied), and the file containing the web dashboard UI manifest. - kubernetes_pod_network_cidr: '10.244.0.0/16' +kubernetes_pod_network: + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' + +This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. + kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' diff --git a/defaults/main.yml b/defaults/main.yml index 701bb08..cf48888 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -22,12 +22,14 @@ kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml -kubernetes_cni: 'calico' kubernetes_pod_network: - - name: 'flannel' - cidr: '10.244.0.0/16' - - name: 'calico' - cidr: '192.168.0.0/16' + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' + kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index a91ff24..99c1af1 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -2,7 +2,7 @@ - name: Initialize Kubernetes master with kubeadm init. command: > kubeadm init - --pod-network-cidr={{ item.cidr }} + --pod-network-cidr={{ kubernetes_pod_network.cidr }} --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} @@ -36,7 +36,7 @@ - kubectl apply -f {{ kubernetes_flannel_manifest_file }} register: flannel_result changed_when: "'created' in flannel_result.stdout" - when: kubernetes_cni == 'flannel' + when: kubernetes_pod_network.cni == 'flannel' - name: Configure Calico networking. command: "{{ item }}" @@ -44,7 +44,7 @@ - kubectl apply -f {{ kubernetes_calico_manifest_file }} register: calico_result changed_when: "'created' in calico_result.stdout" - when: kubernetes_cni == 'calico' + when: kubernetes_pod_network.cni == 'calico' # TODO: Check if taint exists with something like `kubectl describe nodes` # instead of using kubernetes_init_stat.stat.exists check. From fba51bcc466696d4e744013400a7321b38badf66 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:00:37 -0600 Subject: [PATCH 16/52] PR #53 follow-up: Add test for calico networking. --- .travis.yml | 4 ++- molecule/default/playbook-calico.yml | 50 ++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 molecule/default/playbook-calico.yml diff --git a/.travis.yml b/.travis.yml index 1bb8486..2fadd33 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,9 +8,11 @@ env: matrix: - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: debian9 - MOLECULE_DISTRO: debian10 + - MOLECULE_DISTRO: debian10 + MOLECULE_PLAYBOOK: playbook-calico.yml + install: # Install test dependencies. - pip install molecule docker diff --git a/molecule/default/playbook-calico.yml b/molecule/default/playbook-calico.yml new file mode 100644 index 0000000..2e2258e --- /dev/null +++ b/molecule/default/playbook-calico.yml @@ -0,0 +1,50 @@ +--- +- name: Converge + hosts: all + become: true + + vars: + kubernetes_pod_network: + cni: 'calico' + cidr: '192.168.0.0/16' + + # Allow swap in test environments (hard to control in some Docker envs). + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" + docker_install_compose: false + + pre_tasks: + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' + + - name: Ensure test dependencies are installed (RedHat). + package: name=iproute state=present + when: ansible_os_family == 'RedHat' + + - name: Ensure test dependencies are installed (Debian). + package: name=iproute2 state=present + when: ansible_os_family == 'Debian' + + - name: Gather facts. + action: setup + + roles: + - role: geerlingguy.docker + - role: geerlingguy.kubernetes + + post_tasks: + - name: Get cluster info. + command: kubectl cluster-info + changed_when: false + register: kubernetes_info + + - name: Print cluster info. + debug: var=kubernetes_info.stdout + + - name: Get all running pods. + command: kubectl get pods --all-namespaces + changed_when: false + register: kubernetes_pods + + - name: Print list of running pods. + debug: var=kubernetes_pods.stdout From b82ffca47ec797539fe63f915758a88efa3c57cc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:10:41 -0600 Subject: [PATCH 17/52] PR #53 follow-up: Remove extra conditional. --- tasks/master-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 99c1af1..9979720 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -10,7 +10,7 @@ with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false - when: not kubernetes_init_stat.stat.exists and item.name == kubernetes_cni + when: not kubernetes_init_stat.stat.exists - name: Print the init output to screen. debug: From ea962e1792388437ab1dd884af46466d2808ca17 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:23:47 -0600 Subject: [PATCH 18/52] Bump to Kubernetes 1.16. --- README.md | 4 ++-- defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index cfe58fb..8550592 100644 --- a/README.md +++ b/README.md @@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. - kubernetes_version: '1.15' - kubernetes_version_rhel_package: '1.15.0' + kubernetes_version: '1.16' + kubernetes_version_rhel_package: '1.16.4' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index cf48888..43b30be 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.15' -kubernetes_version_rhel_package: '1.15.0' +kubernetes_version: '1.16' +kubernetes_version_rhel_package: '1.16.4' kubernetes_role: master From 26bc01ad6b6bd4ce77f53768b4e8eb5d4f7b6991 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:48:36 -0600 Subject: [PATCH 19/52] Default to calico 3.10 manifest. --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 43b30be..30ec1f2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -46,4 +46,4 @@ kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/ kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml # Calico config files -kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.7/manifests/calico.yaml +kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.10/manifests/calico.yaml From ae196c82ff39344113ca179890fdcb8a98d3863f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 21:31:54 -0600 Subject: [PATCH 20/52] PR #53 follow-up: Remove extra unneccessary loop. --- tasks/master-setup.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 9979720..b9d1994 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -7,7 +7,6 @@ --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} - with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false when: not kubernetes_init_stat.stat.exists From 5d8574e871cd3de9d49359d80e63427396ff684d Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 17 Dec 2019 17:19:24 -0600 Subject: [PATCH 21/52] Fix README formatting. --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 8550592..ee4af9d 100644 --- a/README.md +++ b/README.md @@ -55,13 +55,13 @@ Whether to remove the taint that denies pods from being deployed to the Kubernet Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied), and the file containing the web dashboard UI manifest. -kubernetes_pod_network: - # Flannel CNI. - cni: 'flannel' - cidr: '10.244.0.0/16' - # Calico CNI. - # cni: 'calico' - # cidr: '192.168.0.0/16' + kubernetes_pod_network: + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. From f912a393b5d64b48ff18da595bc36aa91c2dff6f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 17 Dec 2019 20:01:47 -0600 Subject: [PATCH 22/52] Add a test for CentOS 8. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 2fadd33..a2f0a70 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,6 +6,7 @@ env: global: - ROLE_NAME: kubernetes matrix: + - MOLECULE_DISTRO: centos8 - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_DISTRO: debian10 From b91e92b0b7fcb9b911e849f0c4680ac86a57b993 Mon Sep 17 00:00:00 2001 From: Mehdi El Kouhen Date: Tue, 31 Dec 2019 09:23:40 +0100 Subject: [PATCH 23/52] install weave network --- tasks/master-setup.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index b9d1994..2986ffc 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -45,6 +45,22 @@ changed_when: "'created' in calico_result.stdout" when: kubernetes_pod_network.cni == 'calico' +# LINT-ERROR +- name: "Get K8s version" + shell: | + set -o pipefail + kubectl version | base64 | tr -d '\n' + register: k8_version + when: kubernetes_pod_network.cni == 'weave' + +- name: Configure Weave networking. + command: "{{ item }}" + with_items: + - "kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version={{ k8_version.stdout_lines[0] }}" + register: weave_result + changed_when: "'created' in weave_result.stdout" + when: kubernetes_pod_network.cni == 'weave' + # TODO: Check if taint exists with something like `kubectl describe nodes` # instead of using kubernetes_init_stat.stat.exists check. - name: Allow pods on master node (if configured). From c49661ba06cd3d6b773db51b4b60e600c2572ad2 Mon Sep 17 00:00:00 2001 From: Mehdi El Kouhen Date: Tue, 31 Dec 2019 09:24:26 +0100 Subject: [PATCH 24/52] install weave network --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ee4af9d..df74619 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,10 @@ Whether to enable the Kubernetes web dashboard UI (only accessible on the master # Calico CNI. # cni: 'calico' # cidr: '192.168.0.0/16' - + # Weave CNI. + # cni: 'weave' + # cidr: '192.168.0.0/16' + This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. kubernetes_apiserver_advertise_address: '' From 4b7f0f1e5106b038733312273b1f7321d17df776 Mon Sep 17 00:00:00 2001 From: EL KOUHEN Mehdi Date: Tue, 31 Dec 2019 09:48:07 +0100 Subject: [PATCH 25/52] Remove Lint Error Comment --- tasks/master-setup.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 2986ffc..b0b231d 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -45,7 +45,6 @@ changed_when: "'created' in calico_result.stdout" when: kubernetes_pod_network.cni == 'calico' -# LINT-ERROR - name: "Get K8s version" shell: | set -o pipefail From f149d3b35866f7155c624c2d8903fba7af8bd1d9 Mon Sep 17 00:00:00 2001 From: EL KOUHEN Mehdi Date: Tue, 31 Dec 2019 10:01:23 +0100 Subject: [PATCH 26/52] Remove option pipefail --- tasks/master-setup.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index b0b231d..b27b8cd 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -46,9 +46,7 @@ when: kubernetes_pod_network.cni == 'calico' - name: "Get K8s version" - shell: | - set -o pipefail - kubectl version | base64 | tr -d '\n' + shell: kubectl version | base64 | tr -d '\n' register: k8_version when: kubernetes_pod_network.cni == 'weave' From 0d0f8e8192a7dfb800f53d672cb1922e4096d9a7 Mon Sep 17 00:00:00 2001 From: EL KOUHEN Mehdi Date: Mon, 6 Jan 2020 11:00:34 +0100 Subject: [PATCH 27/52] update documentation --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index df74619..9b15997 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ Whether to enable the Kubernetes web dashboard UI (only accessible on the master # cni: 'weave' # cidr: '192.168.0.0/16' -This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. +This role currently supports `flannel` (default), `calico` or `weave` for cluster pod networking. Choose one or the other for your cluster; converting between the three is not done automatically and could result in broken networking, and should be done outside of this role. kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' From 02d22805e23788e73298bd32214a8db85deeb2bd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 14:22:22 -0600 Subject: [PATCH 28/52] Update molecule configuration to work with 3.0. --- .travis.yml | 2 +- molecule/default/molecule.yml | 13 +++------- molecule/default/playbook.yml | 46 ---------------------------------- molecule/default/yaml-lint.yml | 6 ----- 4 files changed, 4 insertions(+), 63 deletions(-) delete mode 100644 molecule/default/playbook.yml delete mode 100644 molecule/default/yaml-lint.yml diff --git a/.travis.yml b/.travis.yml index a2f0a70..0a9af7a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ env: install: # Install test dependencies. - - pip install molecule docker + - pip install molecule yamllint ansible-lint docker before_script: # Use actual Ansible Galaxy role name for the project directory. diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index b6989c4..4938579 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,9 +4,8 @@ dependency: driver: name: docker lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml + yamllint . + ansible-lint platforms: - name: instance image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" @@ -18,13 +17,7 @@ platforms: pre_build_image: true provisioner: name: ansible - lint: - name: ansible-lint playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} + converge: ${MOLECULE_PLAYBOOK:-converge.yml} scenario: name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml deleted file mode 100644 index f93c7d7..0000000 --- a/molecule/default/playbook.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - # Allow swap in test environments (hard to control in some Docker envs). - kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" - docker_install_compose: false - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - - - name: Ensure test dependencies are installed (RedHat). - package: name=iproute state=present - when: ansible_os_family == 'RedHat' - - - name: Ensure test dependencies are installed (Debian). - package: name=iproute2 state=present - when: ansible_os_family == 'Debian' - - - name: Gather facts. - action: setup - - roles: - - role: geerlingguy.docker - - role: geerlingguy.kubernetes - - post_tasks: - - name: Get cluster info. - command: kubectl cluster-info - changed_when: false - register: kubernetes_info - - - name: Print cluster info. - debug: var=kubernetes_info.stdout - - - name: Get all running pods. - command: kubectl get pods --all-namespaces - changed_when: false - register: kubernetes_pods - - - name: Print list of running pods. - debug: var=kubernetes_pods.stdout diff --git a/molecule/default/yaml-lint.yml b/molecule/default/yaml-lint.yml deleted file mode 100644 index c9aab08..0000000 --- a/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 150 - level: warning From c4f7e35ce389f2a3696fbbca389335c4da4c3124 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 14:28:24 -0600 Subject: [PATCH 29/52] Update molecule configuration to work with 3.0. --- .yamllint | 6 +++++ molecule/default/converge.yml | 46 +++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 .yamllint create mode 100644 molecule/default/converge.yml diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..c9aab08 --- /dev/null +++ b/.yamllint @@ -0,0 +1,6 @@ +--- +extends: default +rules: + line-length: + max: 150 + level: warning diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml new file mode 100644 index 0000000..f93c7d7 --- /dev/null +++ b/molecule/default/converge.yml @@ -0,0 +1,46 @@ +--- +- name: Converge + hosts: all + become: true + + vars: + # Allow swap in test environments (hard to control in some Docker envs). + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" + docker_install_compose: false + + pre_tasks: + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' + + - name: Ensure test dependencies are installed (RedHat). + package: name=iproute state=present + when: ansible_os_family == 'RedHat' + + - name: Ensure test dependencies are installed (Debian). + package: name=iproute2 state=present + when: ansible_os_family == 'Debian' + + - name: Gather facts. + action: setup + + roles: + - role: geerlingguy.docker + - role: geerlingguy.kubernetes + + post_tasks: + - name: Get cluster info. + command: kubectl cluster-info + changed_when: false + register: kubernetes_info + + - name: Print cluster info. + debug: var=kubernetes_info.stdout + + - name: Get all running pods. + command: kubectl get pods --all-namespaces + changed_when: false + register: kubernetes_pods + + - name: Print list of running pods. + debug: var=kubernetes_pods.stdout From 514769b9ce6d28b3a9eb490420a3b43ca35c02bc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 15:54:17 -0600 Subject: [PATCH 30/52] Update molecule configuration to work with 3.0. --- molecule/default/molecule.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 4938579..c5f67d1 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -3,7 +3,7 @@ dependency: name: galaxy driver: name: docker -lint: +lint: | yamllint . ansible-lint platforms: @@ -19,5 +19,3 @@ provisioner: name: ansible playbooks: converge: ${MOLECULE_PLAYBOOK:-converge.yml} -scenario: - name: default From dabfb595bdc3bcb13d88d78fbab7ce9421390fc7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 24 Feb 2020 09:44:29 -0600 Subject: [PATCH 31/52] Make sure molecule lint script has set -e option. --- molecule/default/molecule.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index c5f67d1..67fe288 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,6 +4,7 @@ dependency: driver: name: docker lint: | + set -e yamllint . ansible-lint platforms: From 9fde307b1e6325adb9767e1c1e5e61ab4c18ebd7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 5 Mar 2020 10:43:51 -0600 Subject: [PATCH 32/52] Add probot/stale configuration to repository for stale issues. --- .github/stale.yml | 56 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 .github/stale.yml diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 0000000..c7ff127 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,56 @@ +# Configuration for probot-stale - https://github.com/probot/stale + +# Number of days of inactivity before an Issue or Pull Request becomes stale +daysUntilStale: 90 + +# Number of days of inactivity before an Issue or Pull Request with the stale label is closed. +# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale. +daysUntilClose: 30 + +# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled) +onlyLabels: [] + +# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable +exemptLabels: + - pinned + - security + - planned + +# Set to true to ignore issues in a project (defaults to false) +exemptProjects: false + +# Set to true to ignore issues in a milestone (defaults to false) +exemptMilestones: false + +# Set to true to ignore issues with an assignee (defaults to false) +exemptAssignees: false + +# Label to use when marking as stale +staleLabel: stale + +# Limit the number of actions per hour, from 1-30. Default is 30 +limitPerRun: 30 + +pulls: + markComment: |- + This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark pull requests as stale. + + unmarkComment: >- + This pull request is no longer marked for closure. + + closeComment: >- + This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details. + +issues: + markComment: |- + This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale. + + unmarkComment: >- + This issue is no longer marked for closure. + + closeComment: >- + This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. From 07aa887e99040ec1eaf49232df6722312bd78ed7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 23 Mar 2020 10:48:47 -0500 Subject: [PATCH 33/52] PR #65 follow-up: Clean up formatting slightly. --- README.md | 6 ++++-- tasks/master-setup.yml | 7 ++++--- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9b15997..b5d33f7 100644 --- a/README.md +++ b/README.md @@ -59,14 +59,16 @@ Whether to enable the Kubernetes web dashboard UI (only accessible on the master # Flannel CNI. cni: 'flannel' cidr: '10.244.0.0/16' + # # Calico CNI. # cni: 'calico' # cidr: '192.168.0.0/16' + # # Weave CNI. # cni: 'weave' # cidr: '192.168.0.0/16' - -This role currently supports `flannel` (default), `calico` or `weave` for cluster pod networking. Choose one or the other for your cluster; converting between the three is not done automatically and could result in broken networking, and should be done outside of this role. + +This role currently supports `flannel` (default), `calico` or `weave` for cluster pod networking. Choose only one for your cluster; converting between them is not done automatically and could result in broken networking; if you need to switch from one to another, it should be done outside of this role. kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index ce1d7c5..fd7666d 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -44,15 +44,16 @@ changed_when: "'created' in calico_result.stdout" when: kubernetes_pod_network.cni == 'calico' -- name: "Get K8s version" +- name: Get Kubernetes version for Weave installation. shell: kubectl version | base64 | tr -d '\n' - register: k8_version + changed_when: false + register: kubectl_version when: kubernetes_pod_network.cni == 'weave' - name: Configure Weave networking. command: "{{ item }}" with_items: - - "kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version={{ k8_version.stdout_lines[0] }}" + - "kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version={{ kubectl_version.stdout_lines[0] }}" register: weave_result changed_when: "'created' in weave_result.stdout" when: kubernetes_pod_network.cni == 'weave' From 4a9f29670af1c208b80060146ff5fb9203c8bcfa Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 23 Mar 2020 11:01:01 -0500 Subject: [PATCH 34/52] Issue #73: Bump Kubernetes version to 1.17.2 latest. --- README.md | 4 ++-- defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b5d33f7..eac8a76 100644 --- a/README.md +++ b/README.md @@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. - kubernetes_version: '1.16' - kubernetes_version_rhel_package: '1.16.4' + kubernetes_version: '1.17' + kubernetes_version_rhel_package: '1.17.2' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index 30ec1f2..417f9c3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.16' -kubernetes_version_rhel_package: '1.16.4' +kubernetes_version: '1.17' +kubernetes_version_rhel_package: '1.17.2' kubernetes_role: master From f105b362449d3318c12bbdebf59a78e279bbe913 Mon Sep 17 00:00:00 2001 From: Jason Williams Date: Wed, 20 May 2020 13:57:47 -0400 Subject: [PATCH 35/52] Adding settings to sysctl for briding --- tasks/main.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index e90420a..f96d989 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -18,6 +18,20 @@ notify: restart kubelet with_items: "{{ kubernetes_packages }}" +# per the install doc, +# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ +- name: Set sysctl for IPv4 bridges + sysctl: + name: net.bridge.bridge-nf-call-iptables + value: 1 + state: present + +- name: Set sysctl for IPv6 bridges + sysctl: + name: net.bridge.bridge-nf-call-ip6tables + value: 1 + state: present + - include_tasks: kubelet-setup.yml - name: Ensure kubelet is started and enabled at boot. From 426167cf3bc20f493e8500a1d652f71833668800 Mon Sep 17 00:00:00 2001 From: Jason Williams Date: Wed, 20 May 2020 14:05:45 -0400 Subject: [PATCH 36/52] Make sure to quote the values. --- tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index f96d989..0c3443c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -23,13 +23,13 @@ - name: Set sysctl for IPv4 bridges sysctl: name: net.bridge.bridge-nf-call-iptables - value: 1 + value: '1' state: present - name: Set sysctl for IPv6 bridges sysctl: name: net.bridge.bridge-nf-call-ip6tables - value: 1 + value: '1' state: present - include_tasks: kubelet-setup.yml From c27454aefc71985d048fc52f6e03dcf11715d7ad Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 26 May 2020 09:45:29 -0500 Subject: [PATCH 37/52] Ensure galaxy meta information is consistent on all my roles. --- meta/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/main.yml b/meta/main.yml index d216375..f7a195c 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -2,6 +2,7 @@ dependencies: [] galaxy_info: + role_name: kubernetes author: geerlingguy description: Kubernetes for Linux. company: "Midwestern Mac, LLC" @@ -20,6 +21,7 @@ galaxy_info: versions: - xenial - bionic + - focal galaxy_tags: - system - containers From 69db957c4b9f175d06bab6f22402e8bd6c3f8e61 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 12 Aug 2020 14:54:51 -0500 Subject: [PATCH 38/52] Upgrade Travis CI docker version to fix Molecule tests. --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index 0a9af7a..26e7afa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,6 +14,10 @@ env: - MOLECULE_DISTRO: debian10 MOLECULE_PLAYBOOK: playbook-calico.yml +before_install: + # Upgrade Docker to work with docker-py. + - curl https://gist.githubusercontent.com/geerlingguy/ce883ad4aec6a5f1187ef93bd338511e/raw/36612d28981d92863f839c5aefe5b7dd7193d6c6/travis-ci-docker-upgrade.sh | sudo bash + install: # Install test dependencies. - pip install molecule yamllint ansible-lint docker From 2273824910075834f9a8824939bdbe5bd7fba139 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Aug 2020 12:23:45 -0500 Subject: [PATCH 39/52] Fix linting issues. --- .yamllint | 5 +++++ tasks/kubelet-setup.yml | 1 + tasks/master-setup.yml | 2 ++ tasks/setup-Debian.yml | 1 + 4 files changed, 9 insertions(+) diff --git a/.yamllint b/.yamllint index c9aab08..3a49cd8 100644 --- a/.yamllint +++ b/.yamllint @@ -1,6 +1,11 @@ --- extends: default + rules: line-length: max: 150 level: warning + +ignore: | + .github/stale.yml + .travis.yml diff --git a/tasks/kubelet-setup.yml b/tasks/kubelet-setup.yml index 05a4622..be6f57e 100644 --- a/tasks/kubelet-setup.yml +++ b/tasks/kubelet-setup.yml @@ -24,6 +24,7 @@ line: '{{ kubelet_args_line }}' regexp: '{{ kubelet_args_regexp }}' state: present + mode: 0644 register: kubelet_config_file - name: Reload systemd unit if args were changed. diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index fd7666d..fffcd39 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -20,12 +20,14 @@ file: path: ~/.kube state: directory + mode: 0755 - name: Symlink the kubectl admin.conf to ~/.kube/conf. file: src: /etc/kubernetes/admin.conf dest: ~/.kube/config state: link + mode: 0644 - name: Configure Flannel networking. command: "{{ item }}" diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 2d07fa5..4a83a58 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -23,3 +23,4 @@ template: src: apt-preferences-kubernetes.j2 dest: /etc/apt/preferences.d/kubernetes + mode: 0644 From ce49c9dd8278c7a7167f24bee1ae14e88e83adf6 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Aug 2020 19:21:46 -0500 Subject: [PATCH 40/52] Ignore the tyranny of ansible-lint rule 106. --- .ansible-lint | 1 + 1 file changed, 1 insertion(+) diff --git a/.ansible-lint b/.ansible-lint index cb73159..e1543ed 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,3 +1,4 @@ skip_list: - '306' - '405' + - '106' From 0df9c3670a768fa8e365fe0f4d74e7ba4d2b7a69 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 Sep 2020 11:12:42 -0500 Subject: [PATCH 41/52] Fixes #82: Update to Kubernetes 1.19 by default. --- defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 417f9c3..99b7750 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.17' -kubernetes_version_rhel_package: '1.17.2' +kubernetes_version: '1.19' +kubernetes_version_rhel_package: '1.19.0' kubernetes_role: master From 749d2869afec3f4fdaf0917f317c6016676feecd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 Sep 2020 11:30:53 -0500 Subject: [PATCH 42/52] PR #75 follow-up: Move sysctl setup into separate task file. --- tasks/main.yml | 14 +------------- tasks/sysctl-setup.yml | 13 +++++++++++++ 2 files changed, 14 insertions(+), 13 deletions(-) create mode 100644 tasks/sysctl-setup.yml diff --git a/tasks/main.yml b/tasks/main.yml index 0c3443c..1227585 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -18,19 +18,7 @@ notify: restart kubelet with_items: "{{ kubernetes_packages }}" -# per the install doc, -# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ -- name: Set sysctl for IPv4 bridges - sysctl: - name: net.bridge.bridge-nf-call-iptables - value: '1' - state: present - -- name: Set sysctl for IPv6 bridges - sysctl: - name: net.bridge.bridge-nf-call-ip6tables - value: '1' - state: present +- include_tasks: sysctl-setup.yml - include_tasks: kubelet-setup.yml diff --git a/tasks/sysctl-setup.yml b/tasks/sysctl-setup.yml new file mode 100644 index 0000000..f6332fd --- /dev/null +++ b/tasks/sysctl-setup.yml @@ -0,0 +1,13 @@ +--- +# See: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic +- name: Set sysctl for IPv4 bridges + sysctl: + name: net.bridge.bridge-nf-call-iptables + value: '1' + state: present + +- name: Set sysctl for IPv6 bridges + sysctl: + name: net.bridge.bridge-nf-call-ip6tables + value: '1' + state: present From 690166af9a538026c596b92e0d9516d0a89e24cc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 Sep 2020 12:22:54 -0500 Subject: [PATCH 43/52] PR #75 follow-up: Make sure proper package is present and only run on older Debian and other OSes. --- tasks/sysctl-setup.yml | 22 +++++++++++++++------- vars/Debian.yml | 1 + vars/RedHat.yml | 1 + 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/tasks/sysctl-setup.yml b/tasks/sysctl-setup.yml index f6332fd..174ebca 100644 --- a/tasks/sysctl-setup.yml +++ b/tasks/sysctl-setup.yml @@ -1,13 +1,21 @@ --- -# See: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic -- name: Set sysctl for IPv4 bridges - sysctl: - name: net.bridge.bridge-nf-call-iptables - value: '1' +- name: Ensure procps is installed. + package: + name: "{{ procps_package }}" state: present + when: > + ansible_distribution != 'Debian' + or ansible_distribution_major_version | int < 10 -- name: Set sysctl for IPv6 bridges +# See: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic +- name: Let iptables see bridged traffic. sysctl: - name: net.bridge.bridge-nf-call-ip6tables + name: "{{ item }}" value: '1' state: present + loop: + - net.bridge.bridge-nf-call-iptables + - net.bridge.bridge-nf-call-ip6tables + when: > + ansible_distribution != 'Debian' + or ansible_distribution_major_version | int < 10 diff --git a/vars/Debian.yml b/vars/Debian.yml index 67f5eae..8b8d1a2 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,2 +1,3 @@ --- +procps_package: procps kubelet_environment_file_path: /etc/default/kubelet diff --git a/vars/RedHat.yml b/vars/RedHat.yml index db8b7ac..e156651 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,4 +1,5 @@ --- +procps_package: procps-ng kubelet_environment_file_path: /etc/sysconfig/kubelet kubernetes_packages: - name: kubelet-{{ kubernetes_version_rhel_package }}-0 From f5c993eb8400e1240e028d6c4eec2962d5437120 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 15 Oct 2020 17:04:13 -0500 Subject: [PATCH 44/52] Make sure docker driver is installed with molecule. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 26e7afa..61c6b8e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ before_install: install: # Install test dependencies. - - pip install molecule yamllint ansible-lint docker + - pip install molecule[docker] yamllint ansible-lint docker before_script: # Use actual Ansible Galaxy role name for the project directory. From 24062aa430151effeb8c443267d68e504e155e47 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 26 Oct 2020 20:10:25 -0500 Subject: [PATCH 45/52] Switch to travis-ci.com. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index eac8a76..133acf2 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Ansible Role: Kubernetes -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-kubernetes.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-kubernetes) +[![Build Status](https://travis-ci.com/geerlingguy/ansible-role-kubernetes.svg?branch=master)](https://travis-ci.com/geerlingguy/ansible-role-kubernetes) An Ansible Role that installs [Kubernetes](https://kubernetes.io) on Linux. From 8d36527c6d57af78ba3e470d5de89c36672dae3c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 5 Nov 2020 12:48:22 -0600 Subject: [PATCH 46/52] Dump Travis CI and move to GitHub Actions. --- .github/workflows/ci.yml | 77 +++++++++++++++++++ .github/workflows/release.yml | 38 +++++++++ README.md | 2 +- .../{playbook-calico.yml => calico.yml} | 0 molecule/default/molecule.yml | 4 - 5 files changed, 116 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/release.yml rename molecule/default/{playbook-calico.yml => calico.yml} (100%) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..ffbd329 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,77 @@ +--- +name: CI +'on': + pull_request: + push: + branches: + - master + schedule: + - cron: "0 4 * * 3" + +defaults: + run: + working-directory: 'geerlingguy.kubernetes' + +jobs: + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.kubernetes' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install yamllint ansible-lint + + - name: Lint code. + run: | + yamllint . + ansible-lint + + molecule: + name: Molecule + runs-on: ubuntu-latest + strategy: + matrix: + distro: + - distro: centos8 + playbook: converge.yml + - distro: centos7 + playbook: converge.yml + - distro: ubuntu1804 + playbook: converge.yml + - distro: debian10 + playbook: converge.yml + + - distro: debian10 + playbook: calico.yml + + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.kubernetes' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install ansible molecule[docker] docker + + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} + MOLECULE_PLAYBOOK: ${{ matrix.playbook }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..df3f1f0 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,38 @@ +--- +# This workflow requires a GALAXY_API_KEY secret present in the GitHub +# repository or organization. +# +# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy +# See: https://github.com/ansible/galaxy/issues/46 + +name: Release +'on': + push: + tags: + - '*' + +defaults: + run: + working-directory: 'geerlingguy.kubernetes' + +jobs: + + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.kubernetes' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install Ansible. + run: pip3 install ansible-base + + - name: Trigger a new import on Galaxy. + run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) diff --git a/README.md b/README.md index 133acf2..7a10400 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Ansible Role: Kubernetes -[![Build Status](https://travis-ci.com/geerlingguy/ansible-role-kubernetes.svg?branch=master)](https://travis-ci.com/geerlingguy/ansible-role-kubernetes) +[![CI](https://github.com/geerlingguy/ansible-role-kubernetes/workflows/CI/badge.svg?event=push)](https://github.com/geerlingguy/ansible-role-kubernetes/actions?query=workflow%3ACI) An Ansible Role that installs [Kubernetes](https://kubernetes.io) on Linux. diff --git a/molecule/default/playbook-calico.yml b/molecule/default/calico.yml similarity index 100% rename from molecule/default/playbook-calico.yml rename to molecule/default/calico.yml diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 67fe288..46f4cc6 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -3,10 +3,6 @@ dependency: name: galaxy driver: name: docker -lint: | - set -e - yamllint . - ansible-lint platforms: - name: instance image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" From 2f4fc8f39de864988d880bfd010884a3188a1a0e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 5 Nov 2020 12:49:32 -0600 Subject: [PATCH 47/52] Fix CI workflow syntax. --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ffbd329..583bfef 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,7 +41,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - distro: + include: - distro: centos8 playbook: converge.yml - distro: centos7 From a3714d8b79c4c2a706df5a6c04259cec860f4e69 Mon Sep 17 00:00:00 2001 From: Feng Ye Date: Wed, 18 Nov 2020 11:51:21 +0800 Subject: [PATCH 48/52] Make YUM baseurl and gpgkey configurable --- README.md | 6 +++++- defaults/main.yml | 4 ++++ tasks/setup-RedHat.yml | 10 +++------- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 7a10400..4d540c4 100644 --- a/README.md +++ b/README.md @@ -83,8 +83,12 @@ Options passed to `kubeadm init` when initializing the Kubernetes master. The `k Apt repository options for Kubernetes installation. kubernetes_yum_arch: x86_64 + kubernetes_yum_base_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}" + kubernetes_yum_gpg_key: + - https://packages.cloud.google.com/yum/doc/yum-key.gpg + - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg -Yum repository options for Kubernetes installation. +Yum repository options for Kubernetes installation. You can change `kubernete_yum_gpg_key` to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing `kubernetes_yum_base_url` as well. kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml diff --git a/defaults/main.yml b/defaults/main.yml index 99b7750..5bb912d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -40,6 +40,10 @@ kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ k kubernetes_apt_ignore_key_error: false kubernetes_yum_arch: x86_64 +kubernetes_yum_base_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}" +kubernetes_yum_gpg_key: + - https://packages.cloud.google.com/yum/doc/yum-key.gpg + - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg # Flannel config files. kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 83335d9..99a7098 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -6,19 +6,15 @@ enabled: true gpgcheck: true repo_gpgcheck: true - baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }} - gpgkey: - - https://packages.cloud.google.com/yum/doc/yum-key.gpg - - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg + baseurl: "{{ kubernetes_yum_base_url }}" + gpgkey: "{{ kubernetes_yum_gpg_key }}" - name: Add Kubernetes GPG keys. rpm_key: key: "{{ item }}" state: present register: kubernetes_rpm_key - with_items: - - https://packages.cloud.google.com/yum/doc/yum-key.gpg - - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg + with_items: "{{ kubernetes_yum_gpg_key }}" - name: Make cache if Kubernetes GPG key changed. command: "yum -q makecache -y --disablerepo='*' --enablerepo='kubernetes'" From e4e5c6f3a07668868b4b195a1aa4bdb2b93efaaa Mon Sep 17 00:00:00 2001 From: An Qiuyu Date: Wed, 20 Jan 2021 11:02:50 +0800 Subject: [PATCH 49/52] fix the condition to enable Kubernetes Dashboard --- tasks/master-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index fffcd39..80aa346 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -79,4 +79,4 @@ command: "kubectl create -f {{ kubernetes_web_ui_manifest_file }}" when: - kubernetes_enable_web_ui | bool - - kubernetes_dashboard_service is failed + - kubernetes_dashboard_service.rc != 0 From 1ccae81a7fcf34b4de180292dce48df9c2e24932 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 22 Feb 2021 16:14:45 -0600 Subject: [PATCH 50/52] Make ansible-lint work again. --- .ansible-lint | 6 +++--- .github/workflows/ci.yml | 2 +- .gitignore | 2 ++ 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index e1543ed..2cd8c9f 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,4 +1,4 @@ skip_list: - - '306' - - '405' - - '106' + - 'yaml' + - 'risky-shell-pipe' + - 'role-name' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 583bfef..6a2ba1a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,7 +29,7 @@ jobs: python-version: '3.x' - name: Install test dependencies. - run: pip3 install yamllint ansible-lint + run: pip3 install yamllint ansible ansible-lint - name: Lint code. run: | diff --git a/.gitignore b/.gitignore index f56f5b5..8840c8f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ *.retry */__pycache__ *.pyc +.cache + From a721d30f558c24a9c0af41e9b54aa417598179e7 Mon Sep 17 00:00:00 2001 From: Feng Ye Date: Fri, 12 Mar 2021 11:56:10 +0800 Subject: [PATCH 51/52] Change default yum arch to '$basearch' --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 5bb912d..67816a9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -39,7 +39,7 @@ kubernetes_apt_release_channel: main kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" kubernetes_apt_ignore_key_error: false -kubernetes_yum_arch: x86_64 +kubernetes_yum_arch: '$basearch' kubernetes_yum_base_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}" kubernetes_yum_gpg_key: - https://packages.cloud.google.com/yum/doc/yum-key.gpg From 3443efe8db43407157d23c4e11a2119e991bf27e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 15 Mar 2021 09:28:11 -0500 Subject: [PATCH 52/52] Remove ansible-lint from roles. --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6a2ba1a..4f05d17 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,12 +29,11 @@ jobs: python-version: '3.x' - name: Install test dependencies. - run: pip3 install yamllint ansible ansible-lint + run: pip3 install yamllint - name: Lint code. run: | yamllint . - ansible-lint molecule: name: Molecule