epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-13 21:34:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

Move package install to bootstrap-os

Browse Source
This commit is contained in:
Max Gautier
2025-05-02 14:21:05 +02:00
parent 34d64d4d04
commit 1e79c7b3cb
10 changed files with 94 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/bootstrap-os/defaults/main.yml
View File

@@ -9,6 +9,9 @@ rh_subscription_check_timeout: 180
# Disable locksmithd or leave it in its current state # Disable locksmithd or leave it in its current state
coreos_locksmithd_disable: false coreos_locksmithd_disable: false
# Install epel repo on Centos/RHEL
epel_enabled: false
## Oracle Linux specific variables ## Oracle Linux specific variables
# Install public repo on Oracle Linux # Install public repo on Oracle Linux
use_oracle_public_repo: true use_oracle_public_repo: true

5
roles/bootstrap-os/tasks/main.yml
View File

@@ -31,6 +31,11 @@
loop_control: loop_control:
loop_var: included_tasks_file loop_var: included_tasks_file
- name: Install system packages
import_role:
name: system_packages
tags:
- system-packages
- name: Create remote_tmp for it is used by another module - name: Create remote_tmp for it is used by another module
file: file:

6
roles/kubernetes/preinstall/defaults/main.yml
View File

@@ -6,7 +6,6 @@ leave_etc_backup_files: true
nameservers: [] nameservers: []
cloud_resolver: [] cloud_resolver: []
disable_host_nameservers: false disable_host_nameservers: false
epel_enabled: false
# Kubespray sets this to true after clusterDNS is running to apply changes to the host resolv.conf # Kubespray sets this to true after clusterDNS is running to apply changes to the host resolv.conf
dns_late: false dns_late: false
@@ -55,11 +54,6 @@ etc_hosts_localhost_entries:
minimal_node_memory_mb: 1024 minimal_node_memory_mb: 1024
minimal_master_memory_mb: 1500 minimal_master_memory_mb: 1500
yum_repo_dir: /etc/yum.repos.d
# number of times package install task should be retried
pkg_install_retries: 4
# Check if access_ip responds to ping. Set false if your firewall blocks ICMP. # Check if access_ip responds to ping. Set false if your firewall blocks ICMP.
ping_access_ip: true ping_access_ip: true

8
roles/kubernetes/preinstall/tasks/main.yml
View File

@@ -62,14 +62,6 @@
- bootstrap-os - bootstrap-os
- resolvconf - resolvconf
- name: Install required system packages
import_tasks: 0070-system-packages.yml
when:
- not dns_late
tags:
- bootstrap-os
- system-packages
- name: Apply system configurations - name: Apply system configurations
import_tasks: 0080-system-configurations.yml import_tasks: 0080-system-configurations.yml
when: when:

75
roles/kubernetes/preinstall/vars/main.yml
View File

@@ -1,79 +1,4 @@
--- ---
pkgs:
apparmor:
- "{{ ansible_os_family == 'Debian' }}"
apt-transport-https:
- "{{ ansible_os_family == 'Debian' }}"
aufs-tools:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version == '10' }}"
- "{{ 'k8s_cluster' in group_names }}"
bash-completion: []
conntrack:
- "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
- "{{ ansible_distribution != 'openEuler' }}"
- "{{ 'k8s_cluster' in group_names }}"
conntrack-tools:
- "{{ ansible_os_family == 'Suse' or ansible_distribution in ['Amazon', 'openEuler'] }}"
- "{{ 'k8s_cluster' in group_names }}"
container-selinux:
- "{{ ansible_os_family == 'RedHat' }}"
- "{{ 'k8s_cluster' in group_names }}"
curl: []
device-mapper:
- "{{ ansible_os_family == 'Suse' or ansible_distribution == 'openEuler' }}"
- "{{ 'k8s_cluster' in group_names }}"
device-mapper-libs:
- "{{ ansible_os_family == 'RedHat' }}"
- "{{ ansible_distribution != 'openEuler' }}"
e2fsprogs: []
ebtables: []
gnupg:
- "{{ ansible_distribution == 'Debian' }}"
- "{{ ansible_distribution_major_version in ['11', '12'] }}"
- "{{ 'k8s_cluster' in group_names }}"
ipset:
- "{{ kube_proxy_mode != 'ipvs' }}"
- "{{ 'k8s_cluster' in group_names }}"
iptables:
- "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
ipvsadm:
- "{{ kube_proxy_mode == 'ipvs' }}"
- "{{ 'k8s_cluster' in group_names }}"
libseccomp:
- "{{ ansible_os_family == 'RedHat' }}"
libseccomp2:
- "{{ ansible_os_family in ['Debian', 'Suse'] }}"
- "{{ 'k8s_cluster' in group_names }}"
libselinux-python: # TODO: Handle rehat_family + major < 8
- "{{ ansible_distribution == 'Amazon' }}"
libselinux-python3:
- "{{ ansible_distribution == 'Fedora' }}"
mergerfs:
- "{{ ansible_distribution == 'Debian' }}"
- "{{ ansible_distribution_major_version == '12' }}"
nftables:
- "{{ kube_proxy_mode == 'nftables' }}"
- "{{ 'k8s_cluster' in group_names }}"
nss:
- "{{ ansible_os_family == 'RedHat' }}"
openssl: []
python-apt:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version == '10' }}"
python3-apt:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version != '10' }}"
python3-libselinux:
- "{{ ansible_distribution in ['RedHat', 'CentOS'] }}"
rsync: []
socat: []
software-properties-common:
- "{{ ansible_os_family == 'Debian' }}"
tar: []
unzip: []
xfsprogs: []
coredns_server_by_mode: coredns_server_by_mode:
coredns: "{{ [skydns_server] }}" coredns: "{{ [skydns_server] }}"
coredns_dual: "{{ [skydns_server, skydns_server_secondary] }}" coredns_dual: "{{ [skydns_server, skydns_server_secondary] }}"

3
roles/kubespray-defaults/defaults/main/main.yml
View File

@@ -101,9 +101,6 @@ local_release_dir: "/tmp/releases"
# Random shifts for retrying failed ops like pushing/downloading # Random shifts for retrying failed ops like pushing/downloading
retry_stagger: 5 retry_stagger: 5
# Install epel repo on Centos/RHEL
epel_enabled: false
# DNS configuration. # DNS configuration.
# Kubernetes cluster name, also will be used as DNS domain # Kubernetes cluster name, also will be used as DNS domain
cluster_name: cluster.local cluster_name: cluster.local

4
roles/system_packages/defaults/main.yml Normal file
View File

@@ -0,0 +1,4 @@
---
# number of times package install task should be retried
pkg_install_retries: 4
yum_repo_dir: /etc/yum.repos.d

6
roles/kubernetes/preinstall/tasks/0070-system-packages.yml → roles/system_packages/tasks/main.yml
View File

@@ -1,4 +1,10 @@
--- ---
- name: Gather OS information
setup:
gather_subset:
- distribution
- pkg_mgr
- name: Update package management cache (zypper) - SUSE - name: Update package management cache (zypper) - SUSE
command: zypper -n --gpg-auto-import-keys ref command: zypper -n --gpg-auto-import-keys ref
register: make_cache_output register: make_cache_output

75
roles/system_packages/vars/main.yml Normal file
View File

@@ -0,0 +1,75 @@
---
pkgs:
apparmor:
- "{{ ansible_os_family == 'Debian' }}"
apt-transport-https:
- "{{ ansible_os_family == 'Debian' }}"
aufs-tools:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version == '10' }}"
- "{{ 'k8s_cluster' in group_names }}"
bash-completion: []
conntrack:
- "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
- "{{ ansible_distribution != 'openEuler' }}"
- "{{ 'k8s_cluster' in group_names }}"
conntrack-tools:
- "{{ ansible_os_family == 'Suse' or ansible_distribution in ['Amazon', 'openEuler'] }}"
- "{{ 'k8s_cluster' in group_names }}"
container-selinux:
- "{{ ansible_os_family == 'RedHat' }}"
- "{{ 'k8s_cluster' in group_names }}"
curl: []
device-mapper:
- "{{ ansible_os_family == 'Suse' or ansible_distribution == 'openEuler' }}"
- "{{ 'k8s_cluster' in group_names }}"
device-mapper-libs:
- "{{ ansible_os_family == 'RedHat' }}"
- "{{ ansible_distribution != 'openEuler' }}"
e2fsprogs: []
ebtables: []
gnupg:
- "{{ ansible_distribution == 'Debian' }}"
- "{{ ansible_distribution_major_version in ['11', '12'] }}"
- "{{ 'k8s_cluster' in group_names }}"
ipset:
- "{{ kube_proxy_mode != 'ipvs' }}"
- "{{ 'k8s_cluster' in group_names }}"
iptables:
- "{{ ansible_os_family in ['Debian', 'RedHat'] }}"
ipvsadm:
- "{{ kube_proxy_mode == 'ipvs' }}"
- "{{ 'k8s_cluster' in group_names }}"
libseccomp:
- "{{ ansible_os_family == 'RedHat' }}"
libseccomp2:
- "{{ ansible_os_family in ['Debian', 'Suse'] }}"
- "{{ 'k8s_cluster' in group_names }}"
libselinux-python: # TODO: Handle rehat_family + major < 8
- "{{ ansible_distribution == 'Amazon' }}"
libselinux-python3:
- "{{ ansible_distribution == 'Fedora' }}"
mergerfs:
- "{{ ansible_distribution == 'Debian' }}"
- "{{ ansible_distribution_major_version == '12' }}"
nftables:
- "{{ kube_proxy_mode == 'nftables' }}"
- "{{ 'k8s_cluster' in group_names }}"
nss:
- "{{ ansible_os_family == 'RedHat' }}"
openssl: []
python-apt:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version == '10' }}"
python3-apt:
- "{{ ansible_os_family == 'Debian' }}"
- "{{ ansible_distribution_major_version != '10' }}"
python3-libselinux:
- "{{ ansible_distribution in ['RedHat', 'CentOS'] }}"
rsync: []
socat: []
software-properties-common:
- "{{ ansible_os_family == 'Debian' }}"
tar: []
unzip: []
xfsprogs: []

2
scripts/assert-sorted-checksums.yml
View File

@@ -37,7 +37,7 @@
(item.1.value | dict2items)[0].value is number (item.1.value | dict2items)[0].value is number
# only do list, the others are checksums with a different structure # only do list, the others are checksums with a different structure
- name: Include the packages list variable - name: Include the packages list variable
include_vars: ../roles/kubernetes/preinstall/vars/main.yml include_vars: ../roles/system_packages/vars/main.yml
- name: Verify that the packages list is sorted - name: Verify that the packages list is sorted
vars: vars: