From 3b9097240a1a978f60828dae37767f95ff43879b Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 3 Aug 2016 12:35:12 +0200 Subject: [PATCH] Setup httpredir/tor mirrors for Debian Jessie By default use only httpredir mirrors. Make tor transport configurable as well. W/a apt cache update issues Signed-off-by: Bogdan Dobrelya --- roles/kubernetes/preinstall/tasks/main.yml | 8 +++++++- .../preinstall/tasks/setup_jessie_mirrors.yaml | 9 +++++++++ .../preinstall/tasks/update_apt_cache.yaml | 5 +++++ roles/kubernetes/preinstall/templates/apt-repos.j2 | 12 ++++++++++++ roles/kubernetes/preinstall/vars/debian.yml | 9 +++++++++ 5 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 roles/kubernetes/preinstall/tasks/setup_jessie_mirrors.yaml create mode 100644 roles/kubernetes/preinstall/tasks/update_apt_cache.yaml create mode 100644 roles/kubernetes/preinstall/templates/apt-repos.j2 diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 442fadfd7..7d834a6c6 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -69,12 +69,18 @@ - "/opt/cni/bin" when: kube_network_plugin in ["calico", "weave"] and "{{ inventory_hostname in groups['k8s-cluster'] }}" +- include: setup_jessie_mirrors.yaml + when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie" + +- include: update_apt_cache.yaml + when: ansible_pkg_mgr == 'apt' + - name: Update package management cache (YUM) yum: update_cache=yes name='*' when: ansible_pkg_mgr == 'yum' - name: Install latest version of python-apt for Debian distribs - apt: name=python-apt state=latest update_cache=yes cache_valid_time=3600 + apt: name=python-apt state=latest when: ansible_os_family == "Debian" - name: Install python-dnf for latest RedHat versions diff --git a/roles/kubernetes/preinstall/tasks/setup_jessie_mirrors.yaml b/roles/kubernetes/preinstall/tasks/setup_jessie_mirrors.yaml new file mode 100644 index 000000000..7afd09a60 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/setup_jessie_mirrors.yaml @@ -0,0 +1,9 @@ +--- + - name: install tor transport + apt: name=apt-transport-tor + when: use_apt_tor + + - name: switch mirrors + template: + src: apt-repos.j2 + dest: /etc/apt/sources.list diff --git a/roles/kubernetes/preinstall/tasks/update_apt_cache.yaml b/roles/kubernetes/preinstall/tasks/update_apt_cache.yaml new file mode 100644 index 000000000..d0e107d0b --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/update_apt_cache.yaml @@ -0,0 +1,5 @@ +--- +# w/a https://github.com/ansible/ansible-modules-core/issues/2951 + - name: Update apt cache + become: true + shell: apt-get update diff --git a/roles/kubernetes/preinstall/templates/apt-repos.j2 b/roles/kubernetes/preinstall/templates/apt-repos.j2 new file mode 100644 index 000000000..9791ccb32 --- /dev/null +++ b/roles/kubernetes/preinstall/templates/apt-repos.j2 @@ -0,0 +1,12 @@ +# {{ ansible_managed }} +{% if use_apt_tor %} +deb tor+http://{{onion_main}}/debian jessie main +deb tor+http://{{onion_updates}}/debian jessie-updates main +deb tor+http://{{onion_updates2}}/debian-security jessie/updates main +{% if use_backports %}deb tor+http://{{onion_backports}}/debian jessie-backports main{% endif %} +{% else %} +deb http://httpredir.debian.org/debian jessie main +deb http://httpredir.debian.org/debian jessie-updates main +{% if use_backports %}deb http://httpredir.debian.org/debian jessie-backports main{% endif %} +deb http://security.debian.org jessie/updates main +{% endif %} diff --git a/roles/kubernetes/preinstall/vars/debian.yml b/roles/kubernetes/preinstall/vars/debian.yml index 596d2ac8b..6d4e05e6f 100644 --- a/roles/kubernetes/preinstall/vars/debian.yml +++ b/roles/kubernetes/preinstall/vars/debian.yml @@ -3,3 +3,12 @@ required_pkgs: - aufs-tools - apt-transport-https - software-properties-common + +use_backports: false + +# See https://onion.debian.org and https://onion.torproject.org +use_apt_tor: false +onion_main: vwakviie2ienjx6t.onion +onion_updates: vwakviie2ienjx6t.onion +onion_updates2: sgvtcaew4bxjd7ln.onion +onion_backports: vwakviie2ienjx6t.onion