Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/stable/zed / . / roles / openvswitch / tasks / main.yml
blob: bcc78ead518f596ed0abef42633515198aea8481 [file] [log] [blame]
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]1# Copyright (c) 2022 VEXXHOST, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
Oleksandr Kozachenko316f6a72023-03-01 14:14:40 +0100[diff] [blame]15# NOTE(mnaser): Open vSwitch will refuse to start if `LimitMEMLOCK` is
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]16# not set to `infinity` in `/etc/systemd/system.conf`, so we run
17# this task to ensure that it is set.
Oleksandr Kozachenkoe5588952023-03-01 10:20:35 +0100[diff] [blame]18- name: Verify that LimitMEMLOCK is configured for containerd
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]19 block:
Oleksandr Kozachenkoe5588952023-03-01 10:20:35 +0100[diff] [blame]20 - name: Get the current status of all systemd values for containerd
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]21 changed_when: false
Oleksandr Kozachenko316f6a72023-03-01 14:14:40 +0100[diff] [blame]22 ansible.builtin.command: systemctl show containerd --property LimitMEMLOCK # noqa: command-instead-of-module
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]23 register: _openvswitch_memlock_value
24
Oleksandr Kozachenkoe5588952023-03-01 10:20:35 +0100[diff] [blame]25 - name: Assert that LimitMEMLOCK is set to infinity
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]26 ansible.builtin.assert:
27 that:
Oleksandr Kozachenkoe5588952023-03-01 10:20:35 +0100[diff] [blame]28 - "'LimitMEMLOCK=infinity' in _openvswitch_memlock_value.stdout"
Mohammed Naser179bf0d2023-02-17 23:03:23 +0000[diff] [blame]29
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]30- name: Uninstall the legacy HelmRelease
31 run_once: true
Mohammed Naser1cec1072023-02-25 04:43:38 +0000[diff] [blame]32 delegate_to: "{{ groups['controllers'][0] }}"
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]33 block:
34 - name: Suspend the existing HelmRelease
Mohammed Naserf0314a82023-04-11 18:53:30 +0000[diff] [blame]35 failed_when: false
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]36 kubernetes.core.k8s:
37 state: patched
38 api_version: helm.toolkit.fluxcd.io/v2beta1
39 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]40 name: "{{ openvswitch_helm_release_name }}"
41 namespace: "{{ openvswitch_helm_release_namespace }}"
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]42 definition:
43 spec:
44 suspend: true
45
46 - name: Remove the existing HelmRelease
Mohammed Naserf0314a82023-04-11 18:53:30 +0000[diff] [blame]47 failed_when: false
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]48 kubernetes.core.k8s:
49 state: absent
50 api_version: helm.toolkit.fluxcd.io/v2beta1
51 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]52 name: "{{ openvswitch_helm_release_name }}"
53 namespace: "{{ openvswitch_helm_release_namespace }}"
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]54
55- name: Deploy Helm chart
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]56 run_once: true
Mohammed Naser1cec1072023-02-25 04:43:38 +0000[diff] [blame]57 delegate_to: "{{ groups['controllers'][0] }}"
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]58 kubernetes.core.helm:
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]59 name: "{{ openvswitch_helm_release_name }}"
60 chart_ref: "{{ openvswitch_helm_chart_ref }}"
61 release_namespace: "{{ openvswitch_helm_release_namespace }}"
guilhermesteinmuller6cfbdff2023-01-24 19:52:34 +0000[diff] [blame]62 create_namespace: true
63 kubeconfig: /etc/kubernetes/admin.conf
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]64 values: "{{ _openvswitch_helm_values | combine(openvswitch_helm_values, recursive=True) }}"