Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix containerd install, add checks for ubuntu version #84

Merged
merged 9 commits into from
Jan 25, 2021
Merged

fix containerd install, add checks for ubuntu version #84

merged 9 commits into from
Jan 25, 2021

Conversation

rkage
Copy link
Member

@rkage rkage commented Jan 12, 2021

Signed-off-by: Nick M 4718+rkage@users.noreply.github.com

Description

This PR updates the containers installation - rather than check for Debian, checks for ubuntu version.

Checklist

  • All commits are signed off. See the section Developer’s Certificate of Origin
  • Provide a title or release-note blurb suitable for the release notes.
  • All commits contain a well written commit description including a title, description and a Fixes: #XXX line if the commit addresses a particular GitHub issue.
  • All workflow validation and compliance checks are passing.

@rkage
fix containerd install, add checks for ubuntu version
aaa3fa9 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage rkage marked this pull request as draft January 12, 2021 14:13
@rkage
refactor debian-ubuntu installation block
9ab2594 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage
refactor cri role, add molecule, add crictl installation
a9b4e23 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage
fix generation of the default config file
f71c3d9 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
xunholy
xunholy reviewed Jan 24, 2021
View reviewed changes
ansible/roles/cri/defaults/main.yml Outdated Show resolved Hide resolved
ansible/roles/cri/defaults/main.yml Outdated Show resolved Hide resolved
ansible/roles/cri/tasks/containerd.yml Show resolved Hide resolved
@rkage
address some PR comments, tested against debian and ubuntu
f524940 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage
remove unused containerd.conf module file
10d87cc 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage
clean up remaining comments
335bf9a 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage rkage marked this pull request as ready for review January 25, 2021 01:16
xunholy
xunholy reviewed Jan 25, 2021
View reviewed changes
ansible/roles/cri/tasks/containerd.yml Outdated Show resolved Hide resolved
ansible/roles/cri/tasks/main.yml Outdated Show resolved Hide resolved
@rkage
use ansible command rather than shell in this usage
3604081 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
@rkage
clean up language, rename module file name
45c0bfa 
Signed-off-by: Nick M <4718+rkage@users.noreply.github.com>
anthr76
anthr76 approved these changes Jan 25, 2021
View reviewed changes
Copy link
Member

@anthr76 anthr76 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would strongly prefer to have crictl managed through package management.

Otherwise great work @rkage :)

@xunholy xunholy merged commit a117c7e into raspbernetes:main Jan 25, 2021
@rkage rkage deleted the update-containerd-install branch January 25, 2021 04:49
anthr76 added a commit to carpenike/k8s-cluster-installation that referenced this pull request Jan 25, 2021
@anthr76
Remove old packages from Kubernetes role
904cbae 
This was dropped due to the latest merge and made it into the working
tree

raspbernetes#84

Signed-off-by: anthr76 <hello@anthonyrabbito.com>
xunholy added a commit that referenced this pull request Jan 30, 2021
@carpenike @xunholy @anthr76
enable cilium CNI option (#72)
d162e72 
* enable cilium CNI option

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* fix some variables

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* change variable name

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* set permissions on manifests folder and ignore curl warning

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* should have been inside args

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* add some creates pieces to commands

* add some creates pieces to commands

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* args needed to nest creates

Signed-off-by: Ryan Holt <ryan@ryanholt.net>

* add another pipefail option

* Updating variable role prefix and addressing some feedback

Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>

* fix ansible lint issues

Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>

* update helm values to be from a j2 template

Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>

* Testing cilium on Kubic

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Add multi-arch envoyproxy/envoy

Opt to use newer offical image rather then 3rd party source.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Add quotes for endpoint routes

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Type check on inventory side

Need to read more about this

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Revised Values

* Moved masquerade into bpf block
* Trying tunnel
* Updated comments

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Disable tunnel

* Begin adding helm ansible galaxy module

Cilium is incomplete.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Revise cilium role to further use k8s modules

* Added check for kuberouter

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Set hostname to inventory hostname if not already set.

This will prevent haproxy from failing.

HA Proxy Daemon will fail to start if the hostnames are all the same.

```
fatal: [node-03]: FAILED! => changed=false
  msg: |-
    Unable to restart service haproxy: Job for haproxy.service failed because the control process exited with error code.
    See "systemctl status haproxy.service" and "journalctl -xe" for details.
```

Instead of depending on the user setting the hostnames in cloudinit or
alike instead add a check.

This may have issues with SUSE. See
(ansible/ansible#42726)

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Add default pod subnet

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Try adding quotes on version.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* CNI Role Improvements

* Add meta for Ansible Kubernetes Collections
* Change `include_tasks` to `import_tasks` for ansible 2.7+
compatibility.
 [1] (ansible/ansible#46177)
 [2] (kubernetes-sigs/kubespray#3815)

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Change back to a include task

https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse.html

Aligns better with our current setup.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Began adding automating to some of cilium values.

Currently debugging URL split

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Use regex from `cluster_controlplane_endpoint`

To template values for Cilium.

1. Update Cilium values
2. Point K8s to right config
3. Add tests

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Bump tag values and template enovy version.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Drop cri_plugin for now

Also update inventory source and delegate to localhost.. also for now.

Change galaxy collection to new name.

https://github.com/ansible-collections/community.kubernetes/issues/221

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Install helm as a kubernete dependency

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Add openshift module as a dependency

This is required to leverage Kubernetes modules from ansible. Hopefully
this changes in the future.

According to git issues a .deb is planned. A RPM is available. There is
a package in the AUR though opted to install with PIP instead because I
would trust it better without testing.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Remove hostname

Set in a more elegant multi-os manner later.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Add community.general.modprobe as a requirement

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Drop FQCN, and test kubelt j2 logic

https://docs.cilium.io/en/v1.6/kubernetes/requirements/#enable-automatic-node-cidr-allocation-recommended

ansible/ansible#71824

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Enable automatic node CIDR allocation

https://docs.cilium.io/en/v1.6/kubernetes/requirements/#enable-automatic-node-cidr-allocation-recommended

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* allocate-node-cidrs is enabled by default

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Disable envoy version check

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Template out some variable values and disable BPF by default

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Remove old packages from Kubernetes role

This was dropped due to the latest merge and made it into the working
tree

#84

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Kube-Proxy revisions

Disable kube-proxy by default for cilium. Revise var handling.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Revise eBPF mount

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Change default variables

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* fix docker restart handler

https://github.com/raspbernetes/k8s-cluster-installation/pull/92/files

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Begin adding sysctl fix and enable hubble by default

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Some polishes

* Revise requirements to correctly point to modules.
* Disable hubble by default. Users can, and probably should do this on
their
[own](https://docs.cilium.io/en/v1.9/gettingstarted/k8s-install-kubeadm/#enable-hubble-for-cluster-wide-visibility)
in the meantime we'll not support but leave the option there.
* Add sysctl's for present systemd bug - cilium/cilium#10645

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Scope out cilium variables to examples.

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Small cleanups

* Added var twice
* `---`

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

Co-authored-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>
Co-authored-by: anthr76 <hello@anthonyrabbito.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crutonjohn crutonjohn crutonjohn left review comments

@xunholy xunholy xunholy left review comments

@anthr76 anthr76 anthr76 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rkage @crutonjohn @xunholy @anthr76