From 42702dc1a3c46946cf8bcef9ae1f3bdbf1aa8f4b Mon Sep 17 00:00:00 2001 From: Etienne Champetier Date: Mon, 9 Dec 2019 01:37:10 -0800 Subject: [PATCH] Fixes for CentOS 8 (#5213) * Fix python3-libselinux installation for RHEL/CentOS 8 In bootstrap-centos.yml we haven't gathered the facts, so #5127 couldn't work Minimum ansible version to run kubespray is 2.7.8, so ansible_distribution_major_version is defined an there is no need to default it Signed-off-by: Etienne Champetier * Restart NetworkManager for RHEL/CentOS 8 network.service doesn't exist anymore # systemctl status network Unit network.service could not be found. Signed-off-by: Etienne Champetier * Add module_hotfixes=True to docker / containerd yum repo config https://bugzilla.redhat.com/show_bug.cgi?id=1734081 https://bugzilla.redhat.com/show_bug.cgi?id=1756473 Without this setting you end up with the following error: # yum install docker-ce Failed to set locale, defaulting to C Last metadata expiration check: 0:03:21 ago on Thu Sep 26 22:00:05 2019. Error: Problem: package docker-ce-3:19.03.2-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed - cannot install the best candidate for the job - package containerd.io-1.2.2-3.3.el7.x86_64 is excluded - package containerd.io-1.2.2-3.el7.x86_64 is excluded - package containerd.io-1.2.4-3.1.el7.x86_64 is excluded - package containerd.io-1.2.5-3.1.el7.x86_64 is excluded - package containerd.io-1.2.6-3.3.el7.x86_64 is excluded (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) Signed-off-by: Etienne Champetier --- roles/bootstrap-os/tasks/bootstrap-centos.yml | 7 ++++++- .../containerd/templates/rh_containerd.repo.j2 | 2 ++ roles/container-engine/docker/templates/rh_docker.repo.j2 | 2 ++ roles/kubernetes/preinstall/vars/centos.yml | 2 +- roles/kubernetes/preinstall/vars/redhat.yml | 2 +- roles/reset/tasks/main.yml | 4 ++++ 6 files changed, 16 insertions(+), 3 deletions(-) diff --git a/roles/bootstrap-os/tasks/bootstrap-centos.yml b/roles/bootstrap-os/tasks/bootstrap-centos.yml index 057231a07..1b5224f34 100644 --- a/roles/bootstrap-os/tasks/bootstrap-centos.yml +++ b/roles/bootstrap-os/tasks/bootstrap-centos.yml @@ -37,11 +37,16 @@ when: - http_proxy is defined +- name: Gather host facts to get ansible_distribution_major_version + setup: + gather_subset: '!all' + filter: ansible_distribution_major_version + # libselinux-python is required on SELinux enabled hosts # See https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#managed-node-requirements - name: Install libselinux python package package: - name: "{{ ( (ansible_facts.distribution_major_version | default(0) | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" + name: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" state: present become: true when: diff --git a/roles/container-engine/containerd/templates/rh_containerd.repo.j2 b/roles/container-engine/containerd/templates/rh_containerd.repo.j2 index 98936a66a..6c63239a3 100644 --- a/roles/container-engine/containerd/templates/rh_containerd.repo.j2 +++ b/roles/container-engine/containerd/templates/rh_containerd.repo.j2 @@ -6,6 +6,7 @@ gpgcheck=1 keepcache={{ docker_rpm_keepcache | default('1') }} gpgkey={{ docker_rh_repo_gpgkey }} {% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} [docker-engine] name=Docker-Engine Repository @@ -15,3 +16,4 @@ gpgcheck=1 keepcache={{ docker_rpm_keepcache | default('1') }} gpgkey={{ dockerproject_rh_repo_gpgkey }} {% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} diff --git a/roles/container-engine/docker/templates/rh_docker.repo.j2 b/roles/container-engine/docker/templates/rh_docker.repo.j2 index 98936a66a..6c63239a3 100644 --- a/roles/container-engine/docker/templates/rh_docker.repo.j2 +++ b/roles/container-engine/docker/templates/rh_docker.repo.j2 @@ -6,6 +6,7 @@ gpgcheck=1 keepcache={{ docker_rpm_keepcache | default('1') }} gpgkey={{ docker_rh_repo_gpgkey }} {% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} [docker-engine] name=Docker-Engine Repository @@ -15,3 +16,4 @@ gpgcheck=1 keepcache={{ docker_rpm_keepcache | default('1') }} gpgkey={{ dockerproject_rh_repo_gpgkey }} {% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} diff --git a/roles/kubernetes/preinstall/vars/centos.yml b/roles/kubernetes/preinstall/vars/centos.yml index 68406d61d..2b35e2e16 100644 --- a/roles/kubernetes/preinstall/vars/centos.yml +++ b/roles/kubernetes/preinstall/vars/centos.yml @@ -1,6 +1,6 @@ --- required_pkgs: - - "{{ ( (ansible_facts.distribution_major_version | default(0) | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" + - "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" - device-mapper-libs - ebtables - nss diff --git a/roles/kubernetes/preinstall/vars/redhat.yml b/roles/kubernetes/preinstall/vars/redhat.yml index 68406d61d..2b35e2e16 100644 --- a/roles/kubernetes/preinstall/vars/redhat.yml +++ b/roles/kubernetes/preinstall/vars/redhat.yml @@ -1,6 +1,6 @@ --- required_pkgs: - - "{{ ( (ansible_facts.distribution_major_version | default(0) | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" + - "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" - device-mapper-libs - ebtables - nss diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index b11d6137a..8c516a597 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -290,7 +290,11 @@ service: name: >- {% if ansible_os_family == "RedHat" -%} + {%- if ansible_distribution_major_version|int == 8 -%} + NetworkManager + {%- else -%} network + {%- endif -%} {%- elif ansible_distribution == "Ubuntu" and ansible_distribution_release == "bionic" -%} systemd-networkd {%- elif ansible_os_family == "Debian" -%}