feat: switch to binary runc and containerd install (#333)
* feat: switch to binary runc and containerd install
* fix: always download directly to dst node
* feat: add crictl role
* ci: add tests for binary downloads
* ci: rename scenario and add matrix
* ci: move to using prepare
* ci: stop using anchors
* chore: refactor to download_artifact
* chore: add jammy to containerd+runc
* chore: bump ansible-lint
* chore: add more platforms for cri
* fix: ensure tar command exists
* chore: drop amznlinux2
---------
Co-authored-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/roles/kubernetes/tasks/bootstrap-cluster.yml b/roles/kubernetes/tasks/bootstrap-cluster.yml
index 4696b42..c3981d9 100644
--- a/roles/kubernetes/tasks/bootstrap-cluster.yml
+++ b/roles/kubernetes/tasks/bootstrap-cluster.yml
@@ -42,7 +42,7 @@
dest: /etc/kubernetes/kubeadm.yaml
owner: root
group: root
- mode: 0640
+ mode: "0640"
when: inventory_hostname == _kubernetes_bootstrap_node
- name: Initialize cluster
diff --git a/roles/kubernetes/tasks/control-plane.yml b/roles/kubernetes/tasks/control-plane.yml
index 9d444d7..10f45b0 100644
--- a/roles/kubernetes/tasks/control-plane.yml
+++ b/roles/kubernetes/tasks/control-plane.yml
@@ -21,26 +21,26 @@
state: directory
owner: root
group: root
- mode: 0755
+ mode: "0755"
- name: Upload configuration
ansible.builtin.template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
owner: root
group: root
- mode: 0644
+ mode: "0644"
- name: Upload health check
ansible.builtin.template:
src: check_apiserver.sh.j2
dest: /etc/keepalived/check_apiserver.sh
- mode: 0755
+ mode: "0755"
- name: Upload Kubernetes manifest
ansible.builtin.template:
src: keepalived.yaml.j2
dest: /etc/kubernetes/manifests/keepalived.yaml
owner: root
group: root
- mode: 0644
+ mode: "0644"
- name: Upload configuration for HAproxy
when: kubernetes_keepalived_interface is defined
@@ -51,32 +51,32 @@
state: directory
owner: root
group: root
- mode: 0755
+ mode: "0755"
- name: Upload configuration
ansible.builtin.template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
owner: root
group: root
- mode: 0644
+ mode: "0644"
- name: Upload Kubernetes manifest
ansible.builtin.template:
src: haproxy.yaml.j2
dest: /etc/kubernetes/manifests/haproxy.yaml
owner: root
group: root
- mode: 0644
+ mode: "0644"
- name: Bootstrap cluster
ansible.builtin.include_tasks: bootstrap-cluster.yml
-- name: create folder for admin configuration
+- name: Create folder for admin configuration
ansible.builtin.file:
path: /root/.kube
state: directory
owner: root
group: root
- mode: 0750
+ mode: "0750"
- name: Creating a symlink for admin configuration file
ansible.builtin.file:
@@ -85,18 +85,18 @@
state: link
force: true
-- name: add bash autocomplete for kubectl
+- name: Add bash autocomplete for kubectl
ansible.builtin.lineinfile:
path: /root/.bashrc
line: 'source <(kubectl completion bash)'
insertbefore: EOF
-- name: install pip
+- name: Install PIP
ansible.builtin.apt:
name: python3-pip
install_recommends: false
-- name: install kubernetes python package
+- name: Install Kubernetes python package
ansible.builtin.pip:
name: kubernetes
diff --git a/roles/kubernetes/tasks/join-cluster.yml b/roles/kubernetes/tasks/join-cluster.yml
index 1b3e6dc..8b29c39 100644
--- a/roles/kubernetes/tasks/join-cluster.yml
+++ b/roles/kubernetes/tasks/join-cluster.yml
@@ -39,6 +39,7 @@
- name: Generate token for joining cluster
run_once: true
delegate_to: "{{ _kubernetes_bootstrap_node | default(groups[kubernetes_control_plane_group][0]) }}"
+ changed_when: true
ansible.builtin.shell: |
kubeadm token create
register: _kubeadm_token_create
@@ -51,7 +52,7 @@
dest: /etc/kubernetes/kubeadm.yaml
owner: root
group: root
- mode: 0640
+ mode: "0640"
when:
- not _stat_etc_kubernetes_kubelet_conf.stat.exists
diff --git a/roles/kubernetes/tasks/main.yml b/roles/kubernetes/tasks/main.yml
index 8051d13..b9d55f5 100644
--- a/roles/kubernetes/tasks/main.yml
+++ b/roles/kubernetes/tasks/main.yml
@@ -18,7 +18,7 @@
dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg
owner: root
group: root
- mode: 0644
+ mode: "0644"
when:
- kubernetes_repo_url == _kubernetes_upstream_apt_repository
@@ -36,7 +36,7 @@
ansible.builtin.template:
src: apt-preferences.j2
dest: /etc/apt/preferences.d/kubernetes
- mode: 0644
+ mode: "0644"
- name: Install packages
ansible.builtin.apt:
@@ -52,7 +52,7 @@
src: crictl.yaml.j2
dest: /etc/crictl.yaml
owner: root
- mode: 0644
+ mode: "0644"
- name: Enable kernel modules on-boot
ansible.builtin.template:
@@ -60,7 +60,7 @@
dest: /etc/modules-load.d/k8s.conf
owner: root
group: root
- mode: 0644
+ mode: "0644"
- name: Enable kernel modules in runtime
community.general.modprobe:
@@ -82,6 +82,7 @@
- name: Disable swap
ansible.builtin.command: /sbin/swapoff -a
+ changed_when: true
ignore_errors: "{{ ansible_check_mode }}"
when:
- _swapon.stdout
@@ -101,7 +102,7 @@
dest: /etc/systemd/system/noswap.service
owner: root
group: root
- mode: 0644
+ mode: "0644"
notify: Enable noswap service
- name: Configure short hostname