Playbook #1

/root/kubeinit/ci/builds/6mbKNrxD/0/kubeinit/kubeinit/kubeinit-aux/kubeinit/playbook.yml
Report Status CLI Date Duration Controller User Versions Hosts Plays Tasks Results Files Records
26 Oct 2023 19:36:23 +0000 00:45:02.10 nyctea root Ansible 2.15.2 ara 1.6.1 (client), 1.6.1 (server) Python 3.11.4 8 9 1048 1048 53 1
remote_user:root check:False tags:all

File: /root/.ansible/collections/ansible_collections/kubeinit/kubeinit/roles/kubeinit_eks/tasks/post_configure_guest.yml

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
---
# Copyright kubeinit contributors
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

#
# Install additional packages
#

- name: Install common requirements
  ansible.builtin.package:
    name: "{{ kubeinit_eks_common_dependencies }}"
    state: present
  when: kubeinit_eks_common_dependencies is defined

#
# cri-o repos
#

- name: Download cri-o (kubeinit) repos
  ansible.builtin.shell: |
    curl -L -o /etc/yum.repos.d/home:kubeinit.repo https://download.opensuse.org/repositories/home:/kubeinit/CentOS_9_Stream/home:kubeinit.repo
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

#
# cri-o config
#

- name: Install the latest version of cri-o
  ansible.builtin.package:
    name: cri-o
    state: present

- name: Install the latest version of crun
  ansible.builtin.package:
    name: crun
    state: present

- name: Make sure cri-o binary is reachable and the configuration is correct
  ansible.builtin.shell: |
    yum install -y jq
    # Make sure crio binary is reachable
    ln -s /usr/bin/crio /usr/local/bin/crio
    tmp=$(mktemp)
    crioconf=$(ls /etc/cni/net.d/87-crio-bridge* | xargs realpath)
    jq '.plugins[0].ipam.ranges[0][0].subnet = "{{ kubeinit_eks_pod_network }}/{{ kubeinit_eks_pod_subnet_len }}"' "$crioconf" > "$tmp" && mv -f "$tmp" "$crioconf"
    # jq '.type = "flannel"' /etc/cni/net.d/87-crio-bridge.conf > "$tmp" && mv -f "$tmp" /etc/cni/net.d/87-crio-bridge.conf
    # rm -rf /etc/cni/net.d/87-crio-bridge.conf
    # echo '{"name": "crio","type": "flannel"}' > /etc/cni/net.d/10-crio.conf
    cp /etc/crio/crio.conf /etc/crio/crio.conf.backup
    sed -i s/^.*default_runtime\ =\ .*$/default_runtime\ =\ \"crun\"/g /etc/crio/crio.conf

    # There is no example config for crun anymore
    #sed -i "s/^\#\[crio\.runtime\.runtimes\.crun.*\]/[crio.runtime.runtimes.crun]/g" /etc/crio/crio.conf
    cat << EOF >> /etc/crio/crio.conf
    [crio.runtime.runtimes.crun]
    runtime_path = "/usr/bin/crun"
    runtime_type = "oci"
    runtime_root = "/run/crun"
    EOF
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Add insecure registry
  ansible.builtin.blockinfile:
    path: /etc/containers/registries.conf
    block: |
      [[registry]]
      location = "{{ kubeinit_registry_uri }}"
      insecure = true
  when: "'registry' in kubeinit_cluster_hostvars.services"

- name: Enable/start/status cri-o
  ansible.builtin.shell: |
    systemctl enable crio
    systemctl start crio
    systemctl status crio
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

#
# kubernetes repos
#

- name: Remove repo before adding it
  ansible.builtin.file:
    path: /etc/yum.repos.d/kubernetes.repo
    state: absent

- name: Creating a repository file for Kubernetes
  ansible.builtin.file:
    path: /etc/yum.repos.d/kubernetes.repo
    state: touch
    mode: '0644'

- name: Adding repository details in Kubernetes repo file.
  ansible.builtin.blockinfile:
    path: /etc/yum.repos.d/kubernetes.repo
    block: |
      [kubernetes]
      name=Kubernetes
      baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
      enabled=1
      gpgcheck=1
      repo_gpgcheck=1
      gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
      exclude=kubelet kubeadm kubectl

#
# Kubernetes config
#

- name: Install requirements
  ansible.builtin.package:
    name:
      - device-mapper-persistent-data
      - lvm2
    state: present

- name: Install requirements
  ansible.builtin.command: dnf install -y kubelet-{{ kubeinit_eks_kubernetes_version_full }} kubeadm-{{ kubeinit_eks_kubernetes_version_full }} kubectl-{{ kubeinit_eks_kubernetes_version_full }} --disableexcludes=kubernetes
  register: _result
  changed_when: "_result.rc == 0"

- name: Install YQ
  ansible.builtin.shell: |
    set -eo pipefail
    python3 -m pip install yq
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Install (replace) kubectl
  ansible.builtin.shell: |
    set -eo pipefail

    # kubectl
    kubectl_bin=$( curl -s https://distro.eks.amazonaws.com/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}-eks-{{ kubeinit_eks_revision }}.yaml | \
      yq '.status.components | map(select(.name == "kubernetes")) | .[0].assets | map(select(.name == "bin/linux/amd64/kubectl")) | .[0].archive.uri' | tr -d '"')
    wget -q $kubectl_bin
    chmod +x kubectl
    mv ./kubectl $(which kubectl)
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Install (replace) kubeadm
  ansible.builtin.shell: |
    set -eo pipefail

    # kubeadm
    kubeadm_bin=$( curl -s https://distro.eks.amazonaws.com/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}-eks-{{ kubeinit_eks_revision }}.yaml | \
      yq '.status.components | map(select(.name == "kubernetes")) | .[0].assets | map(select(.name == "bin/linux/amd64/kubeadm")) | .[0].archive.uri' | tr -d '"')
    wget -q $kubeadm_bin
    chmod +x kubeadm
    mv ./kubeadm $(which kubeadm)
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Install (replace) kubelet
  ansible.builtin.shell: |
    set -eo pipefail

    # kubelet
    kubelet_bin=$( curl -s https://distro.eks.amazonaws.com/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}/kubernetes-{{ kubeinit_eks_kubernetes_major_minor }}-eks-{{ kubeinit_eks_revision }}.yaml | \
      yq '.status.components | map(select(.name == "kubernetes")) | .[0].assets | map(select(.name == "bin/linux/amd64/kubelet")) | .[0].archive.uri' | tr -d '"')
    wget -q $kubelet_bin
    chmod +x kubelet
    mv ./kubelet $(which kubelet)
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Enable kubelet
  ansible.builtin.systemd:
    state: restarted
    name: kubelet
    enabled: yes