From 417b638ad6a6b3effc6bb4661a98a80622495e02 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 16 Feb 2019 10:39:00 -0600 Subject: [PATCH 01/26] Bump Kubernetes RHEL package to 1.13.3. --- README.md | 2 +- defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c6d1c5f..b935890 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. kubernetes_version: '1.13' - kubernetes_version_rhel_package: '1.13.1' + kubernetes_version_rhel_package: '1.13.3' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index 5745080..f357417 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -10,7 +10,7 @@ kubernetes_packages: state: present kubernetes_version: '1.13' -kubernetes_version_rhel_package: '1.13.1' +kubernetes_version_rhel_package: '1.13.3' kubernetes_role: master From 68fc2d8ab31f017a0ba8c7f573ea05b2d865e839 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 27 Mar 2019 10:49:23 -0500 Subject: [PATCH 02/26] Fix ansible-lint issue - ignore rule 306. --- .ansible-lint | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .ansible-lint diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..4778564 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,2 @@ +skip_list: + - '306' From 96ee854aedfb6b1ee704fec1e8e8fea6351705fb Mon Sep 17 00:00:00 2001 From: Shkiv Date: Fri, 19 Apr 2019 22:11:09 +0300 Subject: [PATCH 03/26] Update kubelet-setup.yml https://github.com/geerlingguy/ansible-role-kubernetes/issues/42 --- tasks/kubelet-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/kubelet-setup.yml b/tasks/kubelet-setup.yml index 939046e..05a4622 100644 --- a/tasks/kubelet-setup.yml +++ b/tasks/kubelet-setup.yml @@ -15,7 +15,7 @@ set_fact: kubelet_args_path: '/etc/systemd/system/kubelet.service.d/10-kubeadm.conf' kubelet_args_line: "{{ 'Environment=\"KUBELET_EXTRA_ARGS=' + kubernetes_kubelet_extra_args + '\"' }}" - kubelet_args_regexp: '^Environment=' + kubelet_args_regexp: '^Environment="KUBELET_EXTRA_ARGS=' when: not kubelet_environment_file.stat.exists - name: Configure KUBELET_EXTRA_ARGS. From 7eea163f817f354f2e451d30029f156c4246553e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 19 Apr 2019 16:09:09 -0500 Subject: [PATCH 04/26] Use same options for all tests and default to Ansible IP correctly. --- molecule/default/playbook.yml | 7 +------ tasks/master-setup.yml | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index 19ae391..f93c7d7 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -5,7 +5,7 @@ vars: # Allow swap in test environments (hard to control in some Docker envs). - kubernetes_kubelet_extra_args: "--fail-swap-on=false" + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" docker_install_compose: false pre_tasks: @@ -24,11 +24,6 @@ - name: Gather facts. action: setup - - name: Use cgroupfs cgroup driver instead of systemd (RedHat). - set_fact: - kubernetes_kubelet_extra_args: '"--fail-swap-on=false --cgroup-driver=cgroupfs"' - when: ansible_os_family == 'RedHat' - roles: - role: geerlingguy.docker - role: geerlingguy.kubernetes diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 7db6767..c6631c7 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -3,7 +3,7 @@ command: > kubeadm init --pod-network-cidr={{ kubernetes_pod_network_cidr }} - --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address) }} + --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} From ae8f596e8fa31a1124c67d576c68cbc76d157446 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 16 May 2019 22:15:34 -0500 Subject: [PATCH 05/26] Remove unused tests. --- molecule/default/tests/test_default.py | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 molecule/default/tests/test_default.py diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py deleted file mode 100644 index eedd64a..0000000 --- a/molecule/default/tests/test_default.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_hosts_file(host): - f = host.file('/etc/hosts') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' From 8b1ce9dcc5563dad67444925a80dce99521484aa Mon Sep 17 00:00:00 2001 From: Ravi Palankar Date: Thu, 20 Jun 2019 00:18:23 +0530 Subject: [PATCH 06/26] calico cni choice --- defaults/main.yml | 10 +++++++++- tasks/master-setup.yml | 15 ++++++++++++--- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index f357417..1080144 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -21,7 +21,12 @@ kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml -kubernetes_pod_network_cidr: '10.244.0.0/16' +kubernetes_cni: 'calico' +kubernetes_pod_network: + - name: 'flannel' + cidr: '10.244.0.0/16' + - name: 'calico' + cidr: '192.168.0.0/16' kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' @@ -36,3 +41,6 @@ kubernetes_yum_arch: x86_64 # Flannel config files. kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml + +# Calico config files +kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.7/manifests/calico.yaml diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index c6631c7..0c4ffda 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -2,15 +2,15 @@ - name: Initialize Kubernetes master with kubeadm init. command: > kubeadm init - --pod-network-cidr={{ kubernetes_pod_network_cidr }} + --pod-network-cidr={{ item.cidr }} --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} - + with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false - when: not kubernetes_init_stat.stat.exists + when: not kubernetes_init_stat.stat.exists and item.name == kubernetes_cni - name: Print the init output to screen. debug: @@ -36,6 +36,15 @@ - kubectl apply -f {{ kubernetes_flannel_manifest_file }} register: flannel_result changed_when: "'created' in flannel_result.stdout" + when: kubernetes_cni == 'flannel' + +- name: Configure Calico networking. + command: "{{ item }}" + with_items: + - kubectl apply -f {{ kubernetes_calico_manifest_file }} + register: calico_result + changed_when: "'created' in calico_result.stdout" + when: kubernetes_cni == 'calico' # TODO: Check if taint exists with something like `kubectl describe nodes` # instead of using kubernetes_init_stat.stat.exists check. From dab2f769e79b6fdadaea65a0042676c47e6b0a1c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 6 Jul 2019 15:50:59 -0500 Subject: [PATCH 07/26] Fixes #54: Update to Kubernetes 1.15. --- README.md | 4 ++-- defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b935890..c878573 100644 --- a/README.md +++ b/README.md @@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. - kubernetes_version: '1.13' - kubernetes_version_rhel_package: '1.13.3' + kubernetes_version: '1.15' + kubernetes_version_rhel_package: '1.15.0' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index f357417..9df09fc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.13' -kubernetes_version_rhel_package: '1.13.3' +kubernetes_version: '1.15' +kubernetes_version_rhel_package: '1.15.0' kubernetes_role: master From 4de5e1941acd296900364013be17f64486a1b6b9 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 7 Jul 2019 22:29:37 -0500 Subject: [PATCH 08/26] Fixes #55: Support and test Debian 10 Buster. --- .ansible-lint | 1 + .travis.yml | 1 + README.md | 4 ++-- meta/main.yml | 2 ++ tasks/master-setup.yml | 6 +++--- 5 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 4778564..cb73159 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,2 +1,3 @@ skip_list: - '306' + - '405' diff --git a/.travis.yml b/.travis.yml index e408915..1bb8486 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ env: - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_DISTRO: debian9 + - MOLECULE_DISTRO: debian10 install: # Install test dependencies. diff --git a/README.md b/README.md index c878573..2537ea7 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ None. - hosts: all vars: - kubernetes_allow_pods_on_master: True + kubernetes_allow_pods_on_master: true roles: - geerlingguy.docker @@ -112,7 +112,7 @@ Playbook: - hosts: all vars: - kubernetes_allow_pods_on_master: True + kubernetes_allow_pods_on_master: true roles: - geerlingguy.docker diff --git a/meta/main.yml b/meta/main.yml index 992eac3..d216375 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -11,9 +11,11 @@ galaxy_info: - name: EL versions: - 7 + - 8 - name: Debian versions: - stretch + - buster - name: Ubuntu versions: - xenial diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index c6631c7..306acda 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -42,7 +42,7 @@ - name: Allow pods on master node (if configured). command: "kubectl taint nodes --all node-role.kubernetes.io/master-" when: - - kubernetes_allow_pods_on_master + - kubernetes_allow_pods_on_master | bool - not kubernetes_init_stat.stat.exists - name: Check if Kubernetes Dashboard UI service already exists. @@ -50,10 +50,10 @@ changed_when: false failed_when: false register: kubernetes_dashboard_service - when: kubernetes_enable_web_ui + when: kubernetes_enable_web_ui | bool - name: Enable the Kubernetes Web Dashboard UI (if configured). command: "kubectl create -f {{ kubernetes_web_ui_manifest_file }}" when: - - kubernetes_enable_web_ui + - kubernetes_enable_web_ui | bool - kubernetes_dashboard_service is failed From c95b3ce9db676f71c68e38329c1bdf028df1ccb6 Mon Sep 17 00:00:00 2001 From: Felipe Lopes Date: Fri, 12 Jul 2019 11:01:16 +0100 Subject: [PATCH 09/26] Update main.yml --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9df09fc..6e78ce2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -19,7 +19,7 @@ kubernetes_kubeadm_init_extra_opts: "" kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true -kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml +kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml kubernetes_pod_network_cidr: '10.244.0.0/16' kubernetes_apiserver_advertise_address: '' From 6e05cefbcaee42e58ca751ad63d9a51ce41e812c Mon Sep 17 00:00:00 2001 From: Maxime GASTON Date: Fri, 9 Aug 2019 16:41:13 +0200 Subject: [PATCH 10/26] Fix typo referenced in #49 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2537ea7..47c449f 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ Whether to enable the Kubernetes web dashboard UI (only accessible on the master kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' -Options passed to `kubeadm init` when initializing the Kubernetes master. The `apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty. +Options passed to `kubeadm init` when initializing the Kubernetes master. The `kubernetes_apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty. kubernetes_apt_release_channel: main kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" From 1396945c0d6c127cd8be39be8789264d48c57c5a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 11 Dec 2019 09:52:37 -0600 Subject: [PATCH 11/26] Create FUNDING.yml --- .github/FUNDING.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .github/FUNDING.yml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..af7a1e0 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,4 @@ +# These are supported funding model platforms + +github: geerlingguy +patreon: geerlingguy From b65d92d899f5bbd2e0a0f7b7298b5836e1695160 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 11 Dec 2019 10:51:05 -0600 Subject: [PATCH 12/26] YAML syntax fix. --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index af7a1e0..96b4938 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,4 +1,4 @@ # These are supported funding model platforms - +--- github: geerlingguy patreon: geerlingguy From 5ad16aad1a1f50d41ecc3757044a4642a14b32da Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 19:50:57 -0600 Subject: [PATCH 13/26] Add kubernetes_join_command_extra_opts variable. --- README.md | 4 ++++ defaults/main.yml | 1 + tasks/main.yml | 4 +++- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 47c449f..dfdaa9b 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,10 @@ Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start Extra args to pass to `kubeadm init` during K8s control plane initialization. E.g. to specify extra Subject Alternative Names for API server certificate, set this to: `"--apiserver-cert-extra-sans my-custom.host"` + kubernetes_join_command_extra_opts: "" + +Extra args to pass to the generated `kubeadm join` command during K8s node initialization. E.g. to ignore certain preflight errors like swap being enabled, set this to: `--ignore-preflight-errors=Swap` + kubernetes_allow_pods_on_master: true Whether to remove the taint that denies pods from being deployed to the Kubernetes master. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes master which doesn't run any other pods. diff --git a/defaults/main.yml b/defaults/main.yml index 6e78ce2..a336b31 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -16,6 +16,7 @@ kubernetes_role: master kubernetes_kubelet_extra_args: "" kubernetes_kubeadm_init_extra_opts: "" +kubernetes_join_command_extra_opts: "" kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true diff --git a/tasks/main.yml b/tasks/main.yml index fe6d999..e90420a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -44,7 +44,9 @@ - name: Set the kubeadm join command globally. set_fact: - kubernetes_join_command: "{{ kubernetes_join_command_result.stdout }}" + kubernetes_join_command: > + {{ kubernetes_join_command_result.stdout }} + {{ kubernetes_join_command_extra_opts }} when: kubernetes_join_command_result.stdout is defined delegate_to: "{{ item }}" delegate_facts: true From 825d6f5e3716b8a801961db514b206a9223fd127 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 19:57:24 -0600 Subject: [PATCH 14/26] PR #53 follow-up: Requested changes for simplicity. --- README.md | 11 ++++++++++- defaults/main.yml | 12 +++++++----- tasks/master-setup.yml | 6 +++--- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index dfdaa9b..cfe58fb 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,16 @@ Whether to remove the taint that denies pods from being deployed to the Kubernet Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied), and the file containing the web dashboard UI manifest. - kubernetes_pod_network_cidr: '10.244.0.0/16' +kubernetes_pod_network: + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' + +This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. + kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' diff --git a/defaults/main.yml b/defaults/main.yml index 701bb08..cf48888 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -22,12 +22,14 @@ kubernetes_allow_pods_on_master: true kubernetes_enable_web_ui: true kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml -kubernetes_cni: 'calico' kubernetes_pod_network: - - name: 'flannel' - cidr: '10.244.0.0/16' - - name: 'calico' - cidr: '192.168.0.0/16' + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' + kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index a91ff24..99c1af1 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -2,7 +2,7 @@ - name: Initialize Kubernetes master with kubeadm init. command: > kubeadm init - --pod-network-cidr={{ item.cidr }} + --pod-network-cidr={{ kubernetes_pod_network.cidr }} --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }} --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} @@ -36,7 +36,7 @@ - kubectl apply -f {{ kubernetes_flannel_manifest_file }} register: flannel_result changed_when: "'created' in flannel_result.stdout" - when: kubernetes_cni == 'flannel' + when: kubernetes_pod_network.cni == 'flannel' - name: Configure Calico networking. command: "{{ item }}" @@ -44,7 +44,7 @@ - kubectl apply -f {{ kubernetes_calico_manifest_file }} register: calico_result changed_when: "'created' in calico_result.stdout" - when: kubernetes_cni == 'calico' + when: kubernetes_pod_network.cni == 'calico' # TODO: Check if taint exists with something like `kubectl describe nodes` # instead of using kubernetes_init_stat.stat.exists check. From fba51bcc466696d4e744013400a7321b38badf66 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:00:37 -0600 Subject: [PATCH 15/26] PR #53 follow-up: Add test for calico networking. --- .travis.yml | 4 ++- molecule/default/playbook-calico.yml | 50 ++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 molecule/default/playbook-calico.yml diff --git a/.travis.yml b/.travis.yml index 1bb8486..2fadd33 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,9 +8,11 @@ env: matrix: - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: debian9 - MOLECULE_DISTRO: debian10 + - MOLECULE_DISTRO: debian10 + MOLECULE_PLAYBOOK: playbook-calico.yml + install: # Install test dependencies. - pip install molecule docker diff --git a/molecule/default/playbook-calico.yml b/molecule/default/playbook-calico.yml new file mode 100644 index 0000000..2e2258e --- /dev/null +++ b/molecule/default/playbook-calico.yml @@ -0,0 +1,50 @@ +--- +- name: Converge + hosts: all + become: true + + vars: + kubernetes_pod_network: + cni: 'calico' + cidr: '192.168.0.0/16' + + # Allow swap in test environments (hard to control in some Docker envs). + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" + docker_install_compose: false + + pre_tasks: + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' + + - name: Ensure test dependencies are installed (RedHat). + package: name=iproute state=present + when: ansible_os_family == 'RedHat' + + - name: Ensure test dependencies are installed (Debian). + package: name=iproute2 state=present + when: ansible_os_family == 'Debian' + + - name: Gather facts. + action: setup + + roles: + - role: geerlingguy.docker + - role: geerlingguy.kubernetes + + post_tasks: + - name: Get cluster info. + command: kubectl cluster-info + changed_when: false + register: kubernetes_info + + - name: Print cluster info. + debug: var=kubernetes_info.stdout + + - name: Get all running pods. + command: kubectl get pods --all-namespaces + changed_when: false + register: kubernetes_pods + + - name: Print list of running pods. + debug: var=kubernetes_pods.stdout From b82ffca47ec797539fe63f915758a88efa3c57cc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:10:41 -0600 Subject: [PATCH 16/26] PR #53 follow-up: Remove extra conditional. --- tasks/master-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 99c1af1..9979720 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -10,7 +10,7 @@ with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false - when: not kubernetes_init_stat.stat.exists and item.name == kubernetes_cni + when: not kubernetes_init_stat.stat.exists - name: Print the init output to screen. debug: From ea962e1792388437ab1dd884af46466d2808ca17 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:23:47 -0600 Subject: [PATCH 17/26] Bump to Kubernetes 1.16. --- README.md | 4 ++-- defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index cfe58fb..8550592 100644 --- a/README.md +++ b/README.md @@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc. - kubernetes_version: '1.15' - kubernetes_version_rhel_package: '1.15.0' + kubernetes_version: '1.16' + kubernetes_version_rhel_package: '1.16.4' The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers. diff --git a/defaults/main.yml b/defaults/main.yml index cf48888..43b30be 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,8 +9,8 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_version: '1.15' -kubernetes_version_rhel_package: '1.15.0' +kubernetes_version: '1.16' +kubernetes_version_rhel_package: '1.16.4' kubernetes_role: master From 26bc01ad6b6bd4ce77f53768b4e8eb5d4f7b6991 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 20:48:36 -0600 Subject: [PATCH 18/26] Default to calico 3.10 manifest. --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 43b30be..30ec1f2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -46,4 +46,4 @@ kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/ kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml # Calico config files -kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.7/manifests/calico.yaml +kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.10/manifests/calico.yaml From ae196c82ff39344113ca179890fdcb8a98d3863f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 14 Dec 2019 21:31:54 -0600 Subject: [PATCH 19/26] PR #53 follow-up: Remove extra unneccessary loop. --- tasks/master-setup.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml index 9979720..b9d1994 100644 --- a/tasks/master-setup.yml +++ b/tasks/master-setup.yml @@ -7,7 +7,6 @@ --kubernetes-version {{ kubernetes_version_kubeadm }} --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }} {{ kubernetes_kubeadm_init_extra_opts }} - with_items: "{{ kubernetes_pod_network }}" register: kubeadmin_init failed_when: false when: not kubernetes_init_stat.stat.exists From 5d8574e871cd3de9d49359d80e63427396ff684d Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 17 Dec 2019 17:19:24 -0600 Subject: [PATCH 20/26] Fix README formatting. --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 8550592..ee4af9d 100644 --- a/README.md +++ b/README.md @@ -55,13 +55,13 @@ Whether to remove the taint that denies pods from being deployed to the Kubernet Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied), and the file containing the web dashboard UI manifest. -kubernetes_pod_network: - # Flannel CNI. - cni: 'flannel' - cidr: '10.244.0.0/16' - # Calico CNI. - # cni: 'calico' - # cidr: '192.168.0.0/16' + kubernetes_pod_network: + # Flannel CNI. + cni: 'flannel' + cidr: '10.244.0.0/16' + # Calico CNI. + # cni: 'calico' + # cidr: '192.168.0.0/16' This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role. From f912a393b5d64b48ff18da595bc36aa91c2dff6f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 17 Dec 2019 20:01:47 -0600 Subject: [PATCH 21/26] Add a test for CentOS 8. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 2fadd33..a2f0a70 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,6 +6,7 @@ env: global: - ROLE_NAME: kubernetes matrix: + - MOLECULE_DISTRO: centos8 - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_DISTRO: debian10 From 02d22805e23788e73298bd32214a8db85deeb2bd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 14:22:22 -0600 Subject: [PATCH 22/26] Update molecule configuration to work with 3.0. --- .travis.yml | 2 +- molecule/default/molecule.yml | 13 +++------- molecule/default/playbook.yml | 46 ---------------------------------- molecule/default/yaml-lint.yml | 6 ----- 4 files changed, 4 insertions(+), 63 deletions(-) delete mode 100644 molecule/default/playbook.yml delete mode 100644 molecule/default/yaml-lint.yml diff --git a/.travis.yml b/.travis.yml index a2f0a70..0a9af7a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ env: install: # Install test dependencies. - - pip install molecule docker + - pip install molecule yamllint ansible-lint docker before_script: # Use actual Ansible Galaxy role name for the project directory. diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index b6989c4..4938579 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,9 +4,8 @@ dependency: driver: name: docker lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml + yamllint . + ansible-lint platforms: - name: instance image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" @@ -18,13 +17,7 @@ platforms: pre_build_image: true provisioner: name: ansible - lint: - name: ansible-lint playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} + converge: ${MOLECULE_PLAYBOOK:-converge.yml} scenario: name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml deleted file mode 100644 index f93c7d7..0000000 --- a/molecule/default/playbook.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - # Allow swap in test environments (hard to control in some Docker envs). - kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" - docker_install_compose: false - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - - - name: Ensure test dependencies are installed (RedHat). - package: name=iproute state=present - when: ansible_os_family == 'RedHat' - - - name: Ensure test dependencies are installed (Debian). - package: name=iproute2 state=present - when: ansible_os_family == 'Debian' - - - name: Gather facts. - action: setup - - roles: - - role: geerlingguy.docker - - role: geerlingguy.kubernetes - - post_tasks: - - name: Get cluster info. - command: kubectl cluster-info - changed_when: false - register: kubernetes_info - - - name: Print cluster info. - debug: var=kubernetes_info.stdout - - - name: Get all running pods. - command: kubectl get pods --all-namespaces - changed_when: false - register: kubernetes_pods - - - name: Print list of running pods. - debug: var=kubernetes_pods.stdout diff --git a/molecule/default/yaml-lint.yml b/molecule/default/yaml-lint.yml deleted file mode 100644 index c9aab08..0000000 --- a/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 150 - level: warning From c4f7e35ce389f2a3696fbbca389335c4da4c3124 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 14:28:24 -0600 Subject: [PATCH 23/26] Update molecule configuration to work with 3.0. --- .yamllint | 6 +++++ molecule/default/converge.yml | 46 +++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 .yamllint create mode 100644 molecule/default/converge.yml diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..c9aab08 --- /dev/null +++ b/.yamllint @@ -0,0 +1,6 @@ +--- +extends: default +rules: + line-length: + max: 150 + level: warning diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml new file mode 100644 index 0000000..f93c7d7 --- /dev/null +++ b/molecule/default/converge.yml @@ -0,0 +1,46 @@ +--- +- name: Converge + hosts: all + become: true + + vars: + # Allow swap in test environments (hard to control in some Docker envs). + kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs" + docker_install_compose: false + + pre_tasks: + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' + + - name: Ensure test dependencies are installed (RedHat). + package: name=iproute state=present + when: ansible_os_family == 'RedHat' + + - name: Ensure test dependencies are installed (Debian). + package: name=iproute2 state=present + when: ansible_os_family == 'Debian' + + - name: Gather facts. + action: setup + + roles: + - role: geerlingguy.docker + - role: geerlingguy.kubernetes + + post_tasks: + - name: Get cluster info. + command: kubectl cluster-info + changed_when: false + register: kubernetes_info + + - name: Print cluster info. + debug: var=kubernetes_info.stdout + + - name: Get all running pods. + command: kubectl get pods --all-namespaces + changed_when: false + register: kubernetes_pods + + - name: Print list of running pods. + debug: var=kubernetes_pods.stdout From 514769b9ce6d28b3a9eb490420a3b43ca35c02bc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 20 Feb 2020 15:54:17 -0600 Subject: [PATCH 24/26] Update molecule configuration to work with 3.0. --- molecule/default/molecule.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 4938579..c5f67d1 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -3,7 +3,7 @@ dependency: name: galaxy driver: name: docker -lint: +lint: | yamllint . ansible-lint platforms: @@ -19,5 +19,3 @@ provisioner: name: ansible playbooks: converge: ${MOLECULE_PLAYBOOK:-converge.yml} -scenario: - name: default From dabfb595bdc3bcb13d88d78fbab7ce9421390fc7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 24 Feb 2020 09:44:29 -0600 Subject: [PATCH 25/26] Make sure molecule lint script has set -e option. --- molecule/default/molecule.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index c5f67d1..67fe288 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,6 +4,7 @@ dependency: driver: name: docker lint: | + set -e yamllint . ansible-lint platforms: From 9fde307b1e6325adb9767e1c1e5e61ab4c18ebd7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 5 Mar 2020 10:43:51 -0600 Subject: [PATCH 26/26] Add probot/stale configuration to repository for stale issues. --- .github/stale.yml | 56 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 .github/stale.yml diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 0000000..c7ff127 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,56 @@ +# Configuration for probot-stale - https://github.com/probot/stale + +# Number of days of inactivity before an Issue or Pull Request becomes stale +daysUntilStale: 90 + +# Number of days of inactivity before an Issue or Pull Request with the stale label is closed. +# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale. +daysUntilClose: 30 + +# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled) +onlyLabels: [] + +# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable +exemptLabels: + - pinned + - security + - planned + +# Set to true to ignore issues in a project (defaults to false) +exemptProjects: false + +# Set to true to ignore issues in a milestone (defaults to false) +exemptMilestones: false + +# Set to true to ignore issues with an assignee (defaults to false) +exemptAssignees: false + +# Label to use when marking as stale +staleLabel: stale + +# Limit the number of actions per hour, from 1-30. Default is 30 +limitPerRun: 30 + +pulls: + markComment: |- + This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark pull requests as stale. + + unmarkComment: >- + This pull request is no longer marked for closure. + + closeComment: >- + This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details. + +issues: + markComment: |- + This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale. + + unmarkComment: >- + This issue is no longer marked for closure. + + closeComment: >- + This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.