Use role to copy CNI bin (#5953)

2020-04-16 19:06:45 +02:00 · 2020-04-16 19:06:45 +02:00 · 0924c2510c
parent 065292f8a4
commit 0924c2510c
17 changed files with 22 additions and 136 deletions
--- a/roles/kubernetes-apps/network_plugin/cni/tasks/main.yml
+++ b/roles/kubernetes-apps/network_plugin/cni/tasks/main.yml
@ -1,14 +0,0 @@
---
- name: CNI | make sure /opt/cni/bin exists
-  file:
-    path: /opt/cni/bin
-    state: directory
-    mode: 0755
-    owner: root
-    group: root
- name: CNI | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
--- a/roles/kubernetes-apps/network_plugin/meta/main.yml
+++ b/roles/kubernetes-apps/network_plugin/meta/main.yml
@ -25,11 +25,6 @@ dependencies:
    tags:
      - contiv

-  - role: kubernetes-apps/network_plugin/cni
-    when: kube_network_plugin == 'cni'
-    tags:
-      - cni
-
  - role: kubernetes-apps/network_plugin/kube-ovn
    when: kube_network_plugin == 'kube-ovn'
    tags:
--- a/roles/network_plugin/cilium/meta/main.yml
+++ b/roles/network_plugin/cilium/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/cilium/tasks/main.yml
+++ b/roles/network_plugin/cilium/tasks/main.yml
@ -40,23 +40,6 @@
  when:
    - inventory_hostname in groups['kube-master']

- name: Cilium | Set CNI directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-  register: cni_bin_dir
-
- name: Cilium | Copy CNI plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
-  when: cilium_enable_portmap
-
 - name: Cilium | Enable portmap addon
  template:
    src: 000-cilium-portmap.conflist.j2
--- a/roles/network_plugin/cloud/tasks/main.yml
+++ b/roles/network_plugin/cloud/tasks/main.yml
@ -1,15 +0,0 @@
---
- name: Cloud | Set cni directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: "u=rwX,g-rwx,o-rwx"
-
- name: Canal | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
--- a/roles/network_plugin/cni/tasks/main.yml
+++ b/roles/network_plugin/cni/tasks/main.yml
@ -4,8 +4,9 @@
    path: /opt/cni/bin
    state: directory
    mode: 0755
-    owner: root
-    group: root
+    owner: kube
+    recurse: true
+
 - name: CNI | Copy cni plugins
  unarchive:
    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
--- a/roles/network_plugin/contiv/meta/main.yml
+++ b/roles/network_plugin/contiv/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/contiv/tasks/main.yml
+++ b/roles/network_plugin/contiv/tasks/main.yml
@ -144,21 +144,6 @@
    - contiv_enable_api_proxy
    - contiv_generate_certificate

- name: Contiv | Set cni directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-
- name: Contiv | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
-
 - name: Contiv | Copy netctl binary from docker container
  command: sh -c "{{ docker_bin_dir }}/docker rm -f netctl-binarycopy;
           {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
--- a/roles/network_plugin/flannel/meta/main.yml
+++ b/roles/network_plugin/flannel/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/flannel/tasks/main.yml
+++ b/roles/network_plugin/flannel/tasks/main.yml
@ -9,19 +9,3 @@
  register: flannel_node_manifests
  when:
    - inventory_hostname in groups['kube-master']
-
- name: Flannel | Set CNI directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-  register: cni_bin_dir
-
- name: Flannel | Copy CNI plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
--- a/roles/network_plugin/kube-router/meta/main.yml
+++ b/roles/network_plugin/kube-router/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/kube-router/tasks/main.yml
+++ b/roles/network_plugin/kube-router/tasks/main.yml
@ -3,22 +3,6 @@
  include: annotate.yml
  tags: annotate

- name: kube-router | Set cni directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-
- name: kube-router | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    owner: kube
-    remote_src: yes
-
 - name: kube-router | Create config directory
  file:
    path: /var/lib/kube-router
--- a/roles/network_plugin/macvlan/meta/main.yml
+++ b/roles/network_plugin/macvlan/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/macvlan/tasks/main.yml
+++ b/roles/network_plugin/macvlan/tasks/main.yml
@ -1,20 +1,4 @@
 ---
-
- name: Macvlan | Set cni directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-
- name: Macvlan | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
-
 - name: Macvlan | Retrieve Pod Cidr
  command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
  register: node_pod_cidr_cmd
--- a/roles/network_plugin/meta/main.yml
+++ b/roles/network_plugin/meta/main.yml
@ -26,7 +26,7 @@ dependencies:
      - canal

  - role: network_plugin/cni
-    when: kube_network_plugin == 'cni'
+    when: kube_network_plugin in ['cni', 'cloud']
    tags:
      - cni

@ -50,9 +50,6 @@ dependencies:
    tags:
      - kube-router

-  - role: network_plugin/cloud
-    when: kube_network_plugin == 'cloud'
-
  - role: network_plugin/multus
    when: kube_network_plugin_multus
    tags:
--- a/roles/network_plugin/weave/meta/main.yml
+++ b/roles/network_plugin/weave/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: network_plugin/cni
--- a/roles/network_plugin/weave/tasks/main.yml
+++ b/roles/network_plugin/weave/tasks/main.yml
@ -1,20 +1,4 @@
 ---
-
- name: Weave | Set cni directory permissions
-  file:
-    path: /opt/cni/bin
-    state: directory
-    owner: kube
-    recurse: true
-    mode: 0755
-
- name: Weave | Copy cni plugins
-  unarchive:
-    src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-    dest: "/opt/cni/bin"
-    mode: 0755
-    remote_src: yes
-
 - name: Weave | Create manifest
  template:
    src: weave-net.yml.j2