Move package install to bootstrap-os

roles/kubernetes/preinstall/defaults/main.yml

@@ -6,7 +6,6 @@ leave_etc_backup_files: true
 nameservers: []
 cloud_resolver: []
 disable_host_nameservers: false
-epel_enabled: false
 # Kubespray sets this to true after clusterDNS is running to apply changes to the host resolv.conf
 dns_late: false
 
@@ -55,11 +54,6 @@ etc_hosts_localhost_entries:
 minimal_node_memory_mb: 1024
 minimal_master_memory_mb: 1500
 
-yum_repo_dir: /etc/yum.repos.d
-
-# number of times package install task should be retried
-pkg_install_retries: 4
-
 # Check if access_ip responds to ping. Set false if your firewall blocks ICMP.
 ping_access_ip: true
 

roles/kubernetes/preinstall/tasks/0070-system-packages.yml

@@ -1,72 +0,0 @@
----
-- name: Update package management cache (zypper) - SUSE
-  command: zypper -n --gpg-auto-import-keys ref
-  register: make_cache_output
-  until: make_cache_output is succeeded
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  when:
-    - ansible_pkg_mgr == 'zypper'
-  tags: bootstrap-os
-
-- name: Add debian 10 required repos
-  when:
-    - ansible_distribution == "Debian"
-    - ansible_distribution_version == "10"
-  tags:
-    - bootstrap-os
-  block:
-    - name: Add Debian Backports apt repo
-      apt_repository:
-        repo: "deb http://deb.debian.org/debian {{ ansible_distribution_release }}-backports main"
-        state: present
-        filename: debian-backports
-
-    - name: Set libseccomp2 pin priority to apt_preferences on Debian buster
-      copy:
-        content: |
-          Package: libseccomp2
-          Pin: release a={{ ansible_distribution_release }}-backports
-          Pin-Priority: 1001
-        dest: "/etc/apt/preferences.d/libseccomp2"
-        owner: "root"
-        mode: "0644"
-
-- name: Update package management cache (APT)
-  apt:
-    update_cache: true
-    cache_valid_time: 3600
-  when: ansible_os_family == "Debian"
-  tags:
-    - bootstrap-os
-
-- name: Remove legacy docker repo file
-  file:
-    path: "{{ yum_repo_dir }}/docker.repo"
-    state: absent
-  when:
-    - ansible_os_family == "RedHat"
-    - not is_fedora_coreos
-
-- name: Install epel-release on RHEL derivatives
-  package:
-    name: epel-release
-    state: present
-  when:
-    - ansible_os_family == "RedHat"
-    - not is_fedora_coreos
-    - epel_enabled | bool
-  tags:
-    - bootstrap-os
-
-- name: Install packages requirements
-  package:
-    name: "{{ pkgs | dict2items | selectattr('value', 'ansible.builtin.all') | map(attribute='key') }}"
-    state: present
-  register: pkgs_task_result
-  until: pkgs_task_result is succeeded
-  retries: "{{ pkg_install_retries }}"
-  delay: "{{ retry_stagger | random + 3 }}"
-  when: not (ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos)
-  tags:
-    - bootstrap-os

roles/kubernetes/preinstall/tasks/main.yml

@@ -62,14 +62,6 @@
     - bootstrap-os
     - resolvconf
 
-- name: Install required system packages
-  import_tasks: 0070-system-packages.yml
-  when:
-    - not dns_late
-  tags:
-    - bootstrap-os
-    - system-packages
-
 - name: Apply system configurations
   import_tasks: 0080-system-configurations.yml
   when:

roles/kubernetes/preinstall/vars/main.yml

@@ -1,79 +1,4 @@
 ---
-pkgs:
-  apparmor:
-    - "{{ ansible_os_family == 'Debian' }}"
-  apt-transport-https:
-    - "{{ ansible_os_family == 'Debian' }}"
-  aufs-tools:
-    - "{{ ansible_os_family == 'Debian' }}"
-    - "{{ ansible_distribution_major_version == '10' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  bash-completion: []
-  conntrack:
-    - "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
-    - "{{ ansible_distribution != 'openEuler' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  conntrack-tools:
-    - "{{ ansible_os_family == 'Suse' or ansible_distribution in ['Amazon', 'openEuler'] }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  container-selinux:
-    - "{{ ansible_os_family == 'RedHat' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  curl: []
-  device-mapper:
-    - "{{ ansible_os_family == 'Suse' or ansible_distribution == 'openEuler' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  device-mapper-libs:
-    - "{{ ansible_os_family == 'RedHat' }}"
-    - "{{ ansible_distribution != 'openEuler' }}"
-  e2fsprogs: []
-  ebtables: []
-  gnupg:
-    - "{{ ansible_distribution == 'Debian' }}"
-    - "{{ ansible_distribution_major_version in ['11', '12'] }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  ipset:
-    - "{{ kube_proxy_mode != 'ipvs' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  iptables:
-    - "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
-  ipvsadm:
-    - "{{ kube_proxy_mode == 'ipvs' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  libseccomp:
-    - "{{ ansible_os_family == 'RedHat' }}"
-  libseccomp2:
-    - "{{ ansible_os_family in ['Debian', 'Suse'] }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  libselinux-python:  # TODO: Handle rehat_family + major < 8
-    - "{{ ansible_distribution == 'Amazon' }}"
-  libselinux-python3:
-    - "{{ ansible_distribution == 'Fedora' }}"
-  mergerfs:
-    - "{{ ansible_distribution == 'Debian' }}"
-    - "{{ ansible_distribution_major_version == '12' }}"
-  nftables:
-    - "{{ kube_proxy_mode == 'nftables' }}"
-    - "{{ 'k8s_cluster' in group_names }}"
-  nss:
-    - "{{ ansible_os_family == 'RedHat' }}"
-  openssl: []
-  python-apt:
-    - "{{ ansible_os_family == 'Debian' }}"
-    - "{{ ansible_distribution_major_version == '10' }}"
-  python3-apt:
-    - "{{ ansible_os_family == 'Debian' }}"
-    - "{{ ansible_distribution_major_version != '10' }}"
-  python3-libselinux:
-    - "{{ ansible_distribution in ['RedHat', 'CentOS'] }}"
-  rsync: []
-  socat: []
-  software-properties-common:
-    - "{{ ansible_os_family == 'Debian' }}"
-  tar: []
-  unzip: []
-  xfsprogs: []
-
 coredns_server_by_mode:
   coredns: "{{ [skydns_server] }}"
   coredns_dual: "{{ [skydns_server, skydns_server_secondary] }}"