From 12873f916b7d7a1154af957aa008b651fd987f3e Mon Sep 17 00:00:00 2001 From: Samuel Liu Date: Tue, 23 Mar 2021 16:39:36 +0800 Subject: [PATCH] download_file for kata (#7393) --- .../kata-containers/defaults/main.yml | 3 -- .../kata-containers/tasks/main.yml | 19 ++++++++----- roles/download/defaults/main.yml | 28 +++++++++++++++++-- 3 files changed, 38 insertions(+), 12 deletions(-) diff --git a/roles/container-engine/kata-containers/defaults/main.yml b/roles/container-engine/kata-containers/defaults/main.yml index f75dd6b57..fc909caf8 100644 --- a/roles/container-engine/kata-containers/defaults/main.yml +++ b/roles/container-engine/kata-containers/defaults/main.yml @@ -1,7 +1,4 @@ --- - -kata_containers_version: 1.11.3 -kata_containers_release_url: https://github.com/kata-containers/runtime/releases/download/{{ kata_containers_version }}/kata-static-{{ kata_containers_version }}-{{ ansible_architecture }}.tar.xz kata_containers_dir: /opt/kata kata_containers_config_dir: /etc/kata-containers kata_containers_containerd_bin_dir: /usr/local/bin diff --git a/roles/container-engine/kata-containers/tasks/main.yml b/roles/container-engine/kata-containers/tasks/main.yml index 8a8ac96f0..3e4bce907 100644 --- a/roles/container-engine/kata-containers/tasks/main.yml +++ b/roles/container-engine/kata-containers/tasks/main.yml @@ -1,24 +1,29 @@ --- +- name: kata-containers | Download kata binary + include_tasks: "../../../download/tasks/download_file.yml" + vars: + download: "{{ download_defaults | combine(downloads.kata_containers) }}" -- name: Download artifacts +- name: kata-containers | Copy kata-containers binary unarchive: - src: "{{ kata_containers_release_url }}" - dest: / - remote_src: true + src: "{{ local_release_dir }}/kata-static-{{ kata_containers_version }}-{{ image_arch }}.tar.xz" + dest: "/" + mode: 0755 + remote_src: yes -- name: Create config directory +- name: kata-containers | Create config directory file: path: "{{ kata_containers_config_dir }}" state: directory -- name: Set configuration +- name: kata-containers | Set configuration template: src: "{{ item }}.j2" dest: "{{ kata_containers_config_dir }}/{{ item }}" with_items: - configuration-qemu.toml -- name: Set containerd bin +- name: kata-containers | Set containerd bin vars: shim: "{{ item }}" template: diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index a450baf49..e35711459 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -52,6 +52,7 @@ image_arch: "{{host_architecture | default('amd64')}}" kubeadm_version: "{{ kube_version }}" etcd_version: v3.4.13 crun_version: 0.18 +kata_containers_version: 1.11.3 # gcr and kubernetes image repo define gcr_image_repo: "gcr.io" @@ -103,6 +104,7 @@ calico_crds_download_url: "https://github.com/projectcalico/calico/archive/{{ ca crictl_download_url: "https://github.com/kubernetes-sigs/cri-tools/releases/download/{{ crictl_version }}/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz" helm_download_url: "https://get.helm.sh/helm-{{ helm_version }}-linux-{{ image_arch }}.tar.gz" crun_download_url: "https://github.com/containers/crun/releases/download/{{ crun_version }}/crun-{{ crun_version }}-linux-{{ image_arch }}" +kata_containers_download_url: "https://github.com/kata-containers/runtime/releases/download/{{ kata_containers_version }}/kata-static-{{ kata_containers_version }}-{{ ansible_architecture }}.tar.xz" crictl_checksums: arm: @@ -473,6 +475,14 @@ crun_checksums: 0.17: 0 0.18: e580157bc8f87114a2f1d8ac28f8a7c4a588dfa21969fc99f78919cb9bf3ed0a +kata_containers_binary_checksums: + arm: + 1.11.3: 0 + amd64: + 1.11.3: edbee010e913de980ab104958d7a6fc8394ea069038ad8c6210db36620284364 + arm64: + 1.11.3: 0 + etcd_binary_checksum: "{{ etcd_binary_checksums[image_arch] }}" cni_binary_checksum: "{{ cni_binary_checksums[image_arch] }}" kubelet_binary_checksum: "{{ kubelet_checksums[image_arch][kube_version] }}" @@ -483,6 +493,7 @@ calico_crds_archive_checksum: "{{ calico_crds_archive_checksums[calico_version] crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}" helm_archive_checksum: "{{ helm_archive_checksums[image_arch][helm_version] }}" crun_binary_checksum: "{{ crun_checksums[image_arch][crun_version] }}" +kata_containers_binary_checksum: "{{ kata_containers_binary_checksums[image_arch][kata_containers_version] }}" # Containers # In some cases, we need a way to set --registry-mirror or --insecure-registry for docker, @@ -676,7 +687,7 @@ downloads: enabled: true file: true version: "{{ cni_version }}" - dest: "{{local_release_dir}}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz" + dest: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz" sha256: "{{ cni_binary_checksum }}" url: "{{ cni_download_url }}" unarchive: false @@ -728,7 +739,7 @@ downloads: file: true enabled: "{{ container_manager in ['crio', 'cri', 'containerd'] }}" version: "{{ crictl_version }}" - dest: "{{local_release_dir}}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz" + dest: "{{ local_release_dir }}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz" sha256: "{{ crictl_binary_checksum }}" url: "{{ crictl_download_url }}" unarchive: true @@ -750,6 +761,19 @@ downloads: groups: - k8s-cluster + kata_containers: + enabled: "{{ kata_containers_enabled }}" + file: true + version: "{{ kata_containers_version }}" + dest: "{{ local_release_dir }}/kata-static-{{ kata_containers_version }}-{{ image_arch }}.tar.xz" + sha256: "{{ kata_containers_binary_checksum }}" + url: "{{ kata_containers_download_url }}" + unarchive: false + owner: "root" + mode: "0755" + groups: + - k8s-cluster + cilium: enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}" container: true