Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
---
|
|
|
|
- name: prep_download | Set a few facts
|
|
|
|
set_fact:
|
|
|
|
download_force_cache: "{{ true if download_run_once else download_force_cache }}"
|
|
|
|
tags:
|
|
|
|
- facts
|
|
|
|
|
2021-01-18 09:41:44 +00:00
|
|
|
# The docker image_info_command might seems weird but we are using raw/endraw and `{{ `{{` }}` to manage the double jinja2 processing
|
|
|
|
# done here and when `image_info_command` is used (first the raw/endraw allow to store the command, then the second processing replace `{{`
|
|
|
|
- name: prep_download | Set image pull/info command for docker
|
|
|
|
set_fact:
|
|
|
|
image_pull_command: "{{ docker_bin_dir }}/docker pull"
|
|
|
|
image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs -i {{ '{{' }} docker_bin_dir }}/docker inspect -f {% raw %}'{{ '{{' }} if .RepoTags }}{{ '{{' }} join .RepoTags \",\" }}{{ '{{' }} end }}{{ '{{' }} if .RepoDigests }},{{ '{{' }} join .RepoDigests \",\" }}{{ '{{' }} end }}' {% endraw %} {} | tr '\n' ','"
|
|
|
|
when: container_manager == 'docker'
|
|
|
|
|
|
|
|
- name: prep_download | Set image pull/info command for containerd and crio
|
2019-07-11 06:46:54 +00:00
|
|
|
set_fact:
|
2019-07-12 10:29:07 +00:00
|
|
|
image_info_command: "{{ bin_dir }}/crictl images --verbose | awk -F ': ' '/RepoTags|RepoDigests/ {print $2}' | tr '\n' ','"
|
2020-03-05 15:31:39 +00:00
|
|
|
image_pull_command: "{{ bin_dir }}/crictl pull"
|
|
|
|
when: container_manager in ['crio' ,'containerd']
|
2019-07-11 06:46:54 +00:00
|
|
|
|
2021-01-18 09:41:44 +00:00
|
|
|
- name: prep_download | Set image pull/info command for docker on localhost
|
|
|
|
set_fact:
|
|
|
|
image_pull_command_on_localhost: "{{ docker_bin_dir }}/docker pull"
|
|
|
|
image_info_command_on_localhost: "{{ docker_bin_dir }}/docker images"
|
|
|
|
when: container_manager_on_localhost == 'docker'
|
|
|
|
|
|
|
|
- name: prep_download | Set image pull/info command for containerd and crio on localhost
|
2020-03-05 15:31:39 +00:00
|
|
|
set_fact:
|
|
|
|
image_info_command_on_localhost: "{{ bin_dir }}/crictl images --verbose | awk -F ': ' '/RepoTags|RepoDigests/ {print $2}' | tr '\n' ','"
|
|
|
|
image_pull_command_on_localhost: "{{ bin_dir }}/crictl pull"
|
|
|
|
when: container_manager_on_localhost in ['crio' ,'containerd']
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
|
|
|
|
- name: prep_download | On localhost, check if passwordless root is possible
|
|
|
|
command: "true"
|
|
|
|
delegate_to: localhost
|
2020-06-25 15:14:38 +00:00
|
|
|
connection: local
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
run_once: true
|
|
|
|
register: test_become
|
|
|
|
changed_when: false
|
2021-07-12 07:00:47 +00:00
|
|
|
ignore_errors: true # noqa ignore-errors
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
become: true
|
|
|
|
when:
|
|
|
|
- download_localhost
|
|
|
|
tags:
|
|
|
|
- localhost
|
|
|
|
- asserts
|
|
|
|
|
2021-01-18 09:41:44 +00:00
|
|
|
- name: prep_download | On localhost, check if user has access to the container runtime without using sudo
|
2020-07-28 08:39:08 +00:00
|
|
|
shell: "{{ image_info_command_on_localhost }}" # noqa 305 image_info_command_on_localhost contains pipe, therefore requires shell
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
delegate_to: localhost
|
2020-06-25 15:14:38 +00:00
|
|
|
connection: local
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
run_once: true
|
|
|
|
register: test_docker
|
|
|
|
changed_when: false
|
2021-07-12 07:00:47 +00:00
|
|
|
ignore_errors: true # noqa ignore-errors
|
2020-03-18 20:30:44 +00:00
|
|
|
become: false
|
Added file and container image caching (#4828)
* File and container image downloads are now cached localy, so that repeated vagrant up/down runs do not trigger downloading of those files. This is especially useful on laptops with kubernetes runnig locally on vm's. The total size of the cache, after an ansible run, is currently around 800MB, so bandwidth (=time) savings can be quite significant.
* When download_run_once is false, the default is still not to cache, but setting download_force_cache will still enable caching.
* The local cache location can be set with download_cache_dir and defaults to /tmp/kubernetes_cache
* A local docker instance is no longer required to cache docker images; Images are cached to file. A local docker instance is still required, though, if you wish to download images on localhost.
* Fixed a FIXME, wher the argument was that delegate_to doesn't play nice with omit. That is a correct observation and the fix is to use default(inventory_host) instead of default(omit). See ansible/ansible#26009
* Removed "Register docker images info" task from download_container and set_docker_image_facts because it was faulty and unused.
* Removed redundant when:download.{container,enabled,run_once} conditions from {sync,download}_container.yml
* All features of commit d6fd0d2acaec9f53e75d82db30411f96a5bf2cc9 by Timoses <timosesu@gmail.com>, merged May 1st 2019, are included in this patch. Not all code was included verbatim, but each feature of that commit was checked to be working in this patch. One notable change: The actual downloading of the kubeadm images was moved to {download,sync)_container, to enable caching.
Note 1: I considered splitting this patch, but most changes that are not directly related to caching, are a pleasant by-product of implementing the caching code, so splitting would be impractical.
Note 2: I have my doubts about the usefulness of the upload, download and upgrade tags in the download role. Must they remain or can they be removed? If anybody knows, then please speak up.
2019-06-10 18:21:07 +00:00
|
|
|
when:
|
|
|
|
- download_localhost
|
|
|
|
tags:
|
|
|
|
- localhost
|
|
|
|
- asserts
|
|
|
|
|
|
|
|
- name: prep_download | Parse the outputs of the previous commands
|
|
|
|
set_fact:
|
|
|
|
user_in_docker_group: "{{ not test_docker.failed }}"
|
|
|
|
user_can_become_root: "{{ not test_become.failed }}"
|
|
|
|
when:
|
|
|
|
- download_localhost
|
|
|
|
tags:
|
|
|
|
- localhost
|
|
|
|
- asserts
|
|
|
|
|
|
|
|
- name: prep_download | Check that local user is in group or can become root
|
|
|
|
assert:
|
|
|
|
that: "user_in_docker_group or user_can_become_root"
|
|
|
|
msg: >-
|
|
|
|
Error: User is not in docker group and cannot become root. When download_localhost is true, at least one of these two conditions must be met.
|
|
|
|
when:
|
|
|
|
- download_localhost
|
|
|
|
tags:
|
|
|
|
- localhost
|
|
|
|
- asserts
|
2020-03-05 15:31:39 +00:00
|
|
|
|
2020-07-28 08:39:08 +00:00
|
|
|
- name: prep_download | Register docker images info
|
|
|
|
shell: "{{ image_info_command }}" # noqa 305 image_info_command contains pipe therefore requires shell
|
2020-03-05 15:31:39 +00:00
|
|
|
no_log: true
|
|
|
|
register: docker_images
|
|
|
|
failed_when: false
|
|
|
|
changed_when: false
|
|
|
|
check_mode: no
|
|
|
|
when: download_container
|
|
|
|
|
|
|
|
- name: prep_download | Create staging directory on remote node
|
|
|
|
file:
|
|
|
|
path: "{{ local_release_dir }}/images"
|
|
|
|
state: directory
|
|
|
|
recurse: yes
|
|
|
|
mode: 0755
|
|
|
|
owner: "{{ ansible_ssh_user | default(ansible_user_id) }}"
|
|
|
|
when:
|
2021-11-19 15:58:51 +00:00
|
|
|
- ansible_os_family not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
|
2020-03-05 15:31:39 +00:00
|
|
|
|
|
|
|
- name: prep_download | Create local cache for files and images on control node
|
|
|
|
file:
|
|
|
|
path: "{{ download_cache_dir }}/images"
|
|
|
|
state: directory
|
|
|
|
recurse: yes
|
|
|
|
mode: 0755
|
|
|
|
delegate_to: localhost
|
2020-06-25 15:14:38 +00:00
|
|
|
connection: local
|
2020-03-05 15:31:39 +00:00
|
|
|
delegate_facts: no
|
|
|
|
run_once: true
|
|
|
|
become: false
|
|
|
|
when:
|
|
|
|
- download_force_cache
|
|
|
|
tags:
|
|
|
|
- localhost
|