Merge branch 'master' into master

2024-11-18 19:10:39 +01:00 · 2018-09-28 11:00:02 +03:00 · 2018-09-28 11:00:02 +03:00 · a256d2cf6e
commit a256d2cf6e
parent 192e4cb431 0379cc47db
19 changed files with 199 additions and 99 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 *.retry
-tests/test.sh
+*/__pycache__
 *.pyc
--- a/.travis.yml
+++ b/.travis.yml
@ -1,25 +1,31 @@
 ---
 language: python
 services: docker
 env:
-  - distro: centos7
+  global:
-  - distro: ubuntu1604
+    - ROLE_NAME: kubernetes
-  - distro: debian9
+  matrix:
    - MOLECULE_DISTRO: centos7
      MOLECULE_DOCKER_COMMAND: /usr/lib/systemd/systemd
    - MOLECULE_DISTRO: ubuntu1604
      MOLECULE_DOCKER_COMMAND: /lib/systemd/systemd
    - MOLECULE_DISTRO: debian9
      MOLECULE_DOCKER_COMMAND: /lib/systemd/systemd
 install:
  # Install test dependencies.
  - pip install molecule docker
 before_script:
  # Use actual Ansible Galaxy role name for the project directory.
  - cd ../
  - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
  - cd geerlingguy.$ROLE_NAME
 script:
  # Configure test script so we can run extra tests after playbook is run.
  - export container_id=$(date +%s)
  - export cleanup=false
  # Download test shim.
  - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
  - chmod +x ${PWD}/tests/test.sh
  # Run tests.
-  - ${PWD}/tests/test.sh
+  - molecule test
  # Test whether Kubernetes is running correctly.
  # - docker exec --tty ${container_id} command-goes-here
 notifications:
  webhooks: https://galaxy.ansible.com/api/v1/notifications/
--- a/README.md
+++ b/README.md
@ -15,6 +15,8 @@ Available variables are listed below, along with default values (see `defaults/m
    kubernetes_packages:
      - name: kubelet
        state: present
      - name: kubectl
        state: present
      - name: kubeadm
        state: present
      - name: kubernetes-cni
@ -22,6 +24,11 @@ Available variables are listed below, along with default values (see `defaults/m
 Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc.
    kubernetes_version: '1.11'
    kubernetes_version_rhel_package: '1.11.3'
 The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers.
    kubernetes_role: master
 Whether the particular server will serve as a Kubernetes `master` (default) or `node`. The master will have `kubeadm init` run on it to intialize the entire K8s control plane, while `node`s will have `kubeadm join` run on them to join them to the `master`.
@ -35,28 +42,28 @@ Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start
 Extra args to pass to `kubeadm init` during K8s control plane initialization. E.g. to specify extra Subject Alternative Names for API server certificate, set this to: `"--apiserver-cert-extra-sans my-custom.host"`
-    kubernetes_allow_pods_on_master: True
+    kubernetes_allow_pods_on_master: true
 Whether to remove the taint that denies pods from being deployed to the Kubernetes master. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes master which doesn't run any other pods.
-    kubernetes_enable_web_ui: False
+    kubernetes_enable_web_ui: false
 Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied).
-    kuberenetes_debug: False
+    kuberenetes_debug: false
 Whether to show extra debug info in Ansible's logs (e.g. the output of the `kubeadm init` command).
-    kubernetes_pod_network_cidr: '10.0.1.0/16'
+    kubernetes_pod_network_cidr: '10.244.0.0/16'
    kubernetes_apiserver_advertise_address: ''
-    kubernetes_version: 'stable-1.11'
+    kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}'
    kubernetes_ignore_preflight_errors: 'all'
 Options passed to `kubeadm init` when initializing the Kubernetes master. The `apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty.
    kubernetes_apt_release_channel: main
    kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}"
-    kubernetes_apt_ignore_key_error: False
+    kubernetes_apt_ignore_key_error: false
 Apt repository options for Kubernetes installation.
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -2,31 +2,34 @@
 kubernetes_packages:
  - name: kubelet
    state: present
  - name: kubeadm
    state: present
  - name: kubectl
    state: present
  - name: kubeadm
    state: present
  - name: kubernetes-cni
    state: present
 kubernetes_version: '1.11'
 kubernetes_version_rhel_package: '1.11.3'
 kubernetes_role: master
 kubernetes_kubelet_extra_args: ""
 kubernetes_kubeadm_init_extra_opts: ""
-kubernetes_allow_pods_on_master: True
+kubernetes_allow_pods_on_master: true
-kubernetes_enable_web_ui: True
+kubernetes_enable_web_ui: true
-kuberenetes_debug: False
+kuberenetes_debug: false
-kubernetes_pod_network_cidr: '10.0.1.0/16'
+kubernetes_pod_network_cidr: '10.244.0.0/16'
 kubernetes_apiserver_advertise_address: ''
-kubernetes_version: 'stable-1.11'
+kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}'
 kubernetes_ignore_preflight_errors: 'all'
 kubernetes_apt_release_channel: main
 # Note that xenial repo is used for all Debian derivatives at this time.
 kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}"
-kubernetes_apt_ignore_key_error: False
+kubernetes_apt_ignore_key_error: false
 kubernetes_yum_arch: x86_64
--- a/meta/main.yml
+++ b/meta/main.yml
@ -8,16 +8,16 @@ galaxy_info:
  license: "license (BSD, MIT)"
  min_ansible_version: 2.4
  platforms:
-  - name: EL
+    - name: EL
-    versions:
+      versions:
-    - 7
+        - 7
-  - name: Debian
+    - name: Debian
-    versions:
+      versions:
-    - stretch
+        - stretch
-  - name: Ubuntu
+    - name: Ubuntu
-    versions:
+      versions:
-    - xenial
+        - xenial
-    - bionic
+        - bionic
  galaxy_tags:
    - system
    - containers
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -0,0 +1,30 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 lint:
  name: yamllint
  options:
    config-file: molecule/default/yaml-lint.yml
 platforms:
  - name: instance
    image: geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible
    command: ${MOLECULE_DOCKER_COMMAND:-"sleep infinity"}
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
      - /var/lib/docker
    privileged: true
    pre_build_image: true
 provisioner:
  name: ansible
  lint:
    name: ansible-lint
  playbooks:
    converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
 scenario:
  name: default
 verifier:
  name: testinfra
  lint:
    name: flake8
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@ -0,0 +1,46 @@
 ---
 - name: Converge
  hosts: all
  become: true
  vars:
    # Allow swap in test environments (hard to control in some Docker envs).
    kubernetes_kubelet_extra_args: "--fail-swap-on=false"
    docker_install_compose: false
  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=true cache_valid_time=600
      when: ansible_os_family == 'Debian'
    - name: Ensure test dependencies are installed.
      package: name=iproute state=present
    - name: Gather facts.
      action: setup
    - name: Use cgroupfs cgroup driver instead of systemd (Red Hat).
      set_fact:
        kubernetes_kubelet_extra_args: '"--fail-swap-on=false --cgroup-driver=cgroupfs"'
      when: ansible_os_family == 'RedHat'
  roles:
    - role: geerlingguy.docker
    - role: geerlingguy.kubernetes
  post_tasks:
    - name: Get cluster info.
      command: kubectl cluster-info
      changed_when: false
      register: kubernetes_info
    - name: Print cluster info.
      debug: var=kubernetes_info.stdout
    - name: Get all running pods.
      command: kubectl get pods --all-namespaces
      changed_when: false
      register: kubernetes_pods
    - name: Print list of running pods.
      debug: var=kubernetes_pods.stdout
--- a/molecule/default/requirements.yml
+++ b/molecule/default/requirements.yml
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@ -0,0 +1,14 @@
 import os
 import testinfra.utils.ansible_runner
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 def test_hosts_file(host):
    f = host.file('/etc/hosts')
    assert f.exists
    assert f.user == 'root'
    assert f.group == 'root'
--- a/molecule/default/yaml-lint.yml
+++ b/molecule/default/yaml-lint.yml
@ -0,0 +1,6 @@
 ---
 extends: default
 rules:
  line-length:
    max: 150
    level: warning
--- a/tasks/kubelet-setup.yml
+++ b/tasks/kubelet-setup.yml
@ -16,7 +16,7 @@
    kubelet_args_path: '/etc/systemd/system/kubelet.service.d/10-kubeadm.conf'
    kubelet_args_line: "{{ 'Environment=\"KUBELET_EXTRA_ARGS=' + kubernetes_kubelet_extra_args + '\"' }}"
    kubelet_args_regexp: '^Environment='
-  when: kubelet_environment_file.stat.exists == False
+  when: kubelet_environment_file.stat.exists == false
 - name: Configure KUBELET_EXTRA_ARGS.
  lineinfile:
@ -29,6 +29,6 @@
 - name: Reload systemd unit if args were changed.
  systemd:
    state: restarted
-    daemon_reload: yes
+    daemon_reload: true
    name: kubelet
  when: kubelet_config_file is changed
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -24,7 +24,7 @@
  service:
    name: kubelet
    state: started
-    enabled: yes
+    enabled: true
 - name: Check if Kubernetes has already been initialized.
  stat:
@ -37,8 +37,8 @@
 # Set up nodes.
 - name: Get the kubeadm join command from the Kubernetes master.
-  shell: kubeadm token create --print-join-command
+  command: kubeadm token create --print-join-command
-  changed_when: False
+  changed_when: false
  when: kubernetes_role == 'master'
  register: kubernetes_join_command_result
@ -47,7 +47,7 @@
    kubernetes_join_command: "{{ kubernetes_join_command_result.stdout }}"
  when: kubernetes_join_command_result.stdout is defined
  delegate_to: "{{ item }}"
-  delegate_facts: True
+  delegate_facts: true
  with_items: "{{ groups['all'] }}"
 - include_tasks: node-setup.yml
--- a/tasks/master-setup.yml
+++ b/tasks/master-setup.yml
@ -4,19 +4,19 @@
    kubeadm init
    --pod-network-cidr={{ kubernetes_pod_network_cidr }}
    --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address) }}
-    --kubernetes-version {{ kubernetes_version }}
+    --kubernetes-version {{ kubernetes_version_kubeadm }}
    --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
    {{ kubeadm_init_opts }}
  register: kubeadmin_init
-  failed_when: False
+  failed_when: false
-  when: kubernetes_init_stat.stat.exists == False
+  when: kubernetes_init_stat.stat.exists == false
 - name: Print the init output to screen.
  debug: var=kubeadmin_init.stdout
  when:
    - kuberenetes_debug
-    - kubernetes_init_stat.stat.exists == False
+    - kubernetes_init_stat.stat.exists == false
 - name: Ensure .kube directory exists.
  file:
@ -43,12 +43,12 @@
  command: "kubectl taint nodes --all node-role.kubernetes.io/master-"
  when:
    - kubernetes_allow_pods_on_master
-    - kubernetes_init_stat.stat.exists == False
+    - kubernetes_init_stat.stat.exists == false
 - name: Check if Kubernetes Dashboard UI service already exists.
  shell: kubectl get services --namespace kube-system | grep -q kubernetes-dashboard
-  changed_when: False
+  changed_when: false
-  failed_when: False
+  failed_when: false
  register: kubernetes_dashboard_service
  when: kubernetes_enable_web_ui
--- a/tasks/setup-Debian.yml
+++ b/tasks/setup-Debian.yml
@ -1,11 +1,10 @@
 ---
 - name: Ensure dependencies are installed.
  apt:
-    name: "{{ item }}"
+    name:
      - apt-transport-https
      - ca-certificates
    state: present
  with_items:
    - apt-transport-https
    - ca-certificates
 - name: Add Kubernetes apt key.
  apt_key:
@ -18,4 +17,9 @@
  apt_repository:
    repo: "{{ kubernetes_apt_repository }}"
    state: present
-    update_cache: yes
+    update_cache: true
 - name: Add Kubernetes apt preferences file to pin a version.
  template:
    src: apt-preferences-kubernetes.j2
    dest: /etc/apt/preferences.d/kubernetes
--- a/tasks/setup-RedHat.yml
+++ b/tasks/setup-RedHat.yml
@ -3,9 +3,9 @@
  yum_repository:
    name: kubernetes
    description: Kubernetes
-    enabled: yes
+    enabled: true
-    gpgcheck: yes
+    gpgcheck: true
-    repo_gpgcheck: yes
+    repo_gpgcheck: true
    baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}
    gpgkey:
      - https://packages.cloud.google.com/yum/doc/yum-key.gpg
@ -24,4 +24,4 @@
  command: "yum -q makecache -y --disablerepo='*' --enablerepo='kubernetes'"
  when: kubernetes_rpm_key is changed
  args:
-    warn: no
+    warn: false
--- a/templates/apt-preferences-kubernetes.j2
+++ b/templates/apt-preferences-kubernetes.j2
@ -0,0 +1,11 @@
 Package: kubectl
 Pin: version {{ kubernetes_version }}.*
 Pin-Priority: 1000
 Package: kubeadm
 Pin: version {{ kubernetes_version }}.*
 Pin-Priority: 1000
 Package: kubelet
 Pin: version {{ kubernetes_version }}.*
 Pin-Priority: 1000
--- a/tests/README.md
+++ b/tests/README.md
@ -1,11 +0,0 @@
 # Ansible Role tests
 To run the test playbook(s) in this directory:
  1. Install and start Docker.
  1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
    - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
  1. Make the test shim executable: `chmod +x tests/test.sh`.
  1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
 If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`
--- a/tests/test.yml
+++ b/tests/test.yml
@ -1,26 +0,0 @@
 ---
 - hosts: all
  vars:
    # Allow swap in test environments (hard to control in some Docker envs).
    kubernetes_kubelet_extra_args: "--fail-swap-on=false"
    docker_install_compose: False
  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=yes cache_valid_time=600
      when: ansible_os_family == 'Debian'
    - name: Ensure test dependencies are installed.
      package: name=iproute state=present
    - action: setup
    - name: Use cgroupfs cgroup driver instead of systemd (Red Hat).
      set_fact:
        kubernetes_kubelet_extra_args: '"--fail-swap-on=false --cgroup-driver=cgroupfs"'
      when: ansible_os_family == 'RedHat'
  roles:
    - geerlingguy.docker
    - role_under_test
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@ -1,2 +1,11 @@
 ---
 kubelet_environment_file_path: /etc/sysconfig/kubelet
 kubernetes_packages:
  - name: kubelet-{{ kubernetes_version_rhel_package }}-0
    state: present
  - name: kubectl-{{ kubernetes_version_rhel_package }}-0
    state: present
  - name: kubeadm-{{ kubernetes_version_rhel_package }}-0
    state: present
  - name: kubernetes-cni
    state: present