From 7abcf6e0b94ebf37844c9efd25c14fc0b3fa7e90 Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Fri, 9 Dec 2016 10:38:45 +0100 Subject: [PATCH 1/5] Remove requiretty from sudoers to actually make pipelining work Some systems (e.g. CentOS on Azure) have requiretty in sudoers which makes pipelining fail. --- cluster.yml | 2 ++ roles/bootstrap-os/tasks/main.yml | 4 +++- roles/bootstrap-os/tasks/setup-pipelining.yml | 6 ++++++ 3 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 roles/bootstrap-os/tasks/setup-pipelining.yml diff --git a/cluster.yml b/cluster.yml index 9bb149fd2..863f0669b 100644 --- a/cluster.yml +++ b/cluster.yml @@ -2,6 +2,8 @@ - hosts: all any_errors_fatal: true gather_facts: false + vars: + ansible_ssh_pipelining: false roles: - bootstrap-os tags: diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml index 5d084ec74..a3ebeb8f2 100644 --- a/roles/bootstrap-os/tasks/main.yml +++ b/roles/bootstrap-os/tasks/main.yml @@ -3,4 +3,6 @@ when: bootstrap_os == "ubuntu" - include: bootstrap-coreos.yml - when: bootstrap_os == "coreos" \ No newline at end of file + when: bootstrap_os == "coreos" + +- include: setup-pipelining.yml diff --git a/roles/bootstrap-os/tasks/setup-pipelining.yml b/roles/bootstrap-os/tasks/setup-pipelining.yml new file mode 100644 index 000000000..ca216cc3b --- /dev/null +++ b/roles/bootstrap-os/tasks/setup-pipelining.yml @@ -0,0 +1,6 @@ +--- +# Remove requiretty to make ssh pipelining work + +- name: Remove require tty + lineinfile: regexp="^\w+\s+requiretty" dest=/etc/sudoers state=absent + From 4e34803b1ed2bdb2b2d3cc4f03b4a3763624c1fc Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Wed, 7 Dec 2016 17:16:06 +0100 Subject: [PATCH 2/5] Disable fastestmirror on CentOS It actually slows down things dramatically when used in combination with Ansible. --- inventory/group_vars/all.yml | 2 +- roles/bootstrap-os/tasks/bootstrap-centos.yml | 14 ++++++++++++++ roles/bootstrap-os/tasks/main.yml | 5 ++++- 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 roles/bootstrap-os/tasks/bootstrap-centos.yml diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 06561e78f..65b65fe39 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,4 +1,4 @@ -# Valid bootstrap options (required): ubuntu, coreos, none +# Valid bootstrap options (required): ubuntu, coreos, centos, none bootstrap_os: none # Directory where the binaries will be installed diff --git a/roles/bootstrap-os/tasks/bootstrap-centos.yml b/roles/bootstrap-os/tasks/bootstrap-centos.yml new file mode 100644 index 000000000..9c41ae84c --- /dev/null +++ b/roles/bootstrap-os/tasks/bootstrap-centos.yml @@ -0,0 +1,14 @@ +--- + +- name: Check presence of fastestmirror.conf + stat: path=/etc/yum/pluginconf.d/fastestmirror.conf + register: fastestmirror + +# fastestmirror plugin actually slows down Ansible deployments +- name: Disable fastestmirror plugin + lineinfile: + dest: /etc/yum/pluginconf.d/fastestmirror.conf + regexp: "^enabled=.*" + line: "enabled=0" + state: present + when: fastestmirror.stat.exists diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml index a3ebeb8f2..7f1355577 100644 --- a/roles/bootstrap-os/tasks/main.yml +++ b/roles/bootstrap-os/tasks/main.yml @@ -5,4 +5,7 @@ - include: bootstrap-coreos.yml when: bootstrap_os == "coreos" -- include: setup-pipelining.yml +- include: bootstrap-centos.yml + when: bootstrap_os == "centos" + +- include: setup-pipelining.yml \ No newline at end of file From 9fd14cb6ea081eb3e561446c724f7606d4e2c2cb Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Fri, 9 Dec 2016 13:27:50 +0100 Subject: [PATCH 3/5] Add growpart role to allow growing the root partition on CentOS At least the OS images from Azure do not grow the root FS automatically. --- .../preinstall/tasks/growpart-centos-7.yml | 23 +++++++++++++++++++ roles/kubernetes/preinstall/tasks/main.yml | 6 +++++ 2 files changed, 29 insertions(+) create mode 100644 roles/kubernetes/preinstall/tasks/growpart-centos-7.yml diff --git a/roles/kubernetes/preinstall/tasks/growpart-centos-7.yml b/roles/kubernetes/preinstall/tasks/growpart-centos-7.yml new file mode 100644 index 000000000..506589760 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/growpart-centos-7.yml @@ -0,0 +1,23 @@ +--- + +- name: install growpart + package: name=cloud-utils-growpart state=latest + +- name: check if growpart needs to be run + command: growpart -N /dev/sda 1 + failed_when: False + changed_when: "'NOCHANGE:' not in growpart_needed.stdout" + register: growpart_needed + +- name: check fs type + command: file -Ls /dev/sda1 + changed_when: False + register: fs_type + +- name: run growpart + command: growpart /dev/sda 1 + when: growpart_needed.changed + +- name: run xfs_growfs + command: xfs_growfs /dev/sda1 + when: growpart_needed.changed and 'XFS' in fs_type.stdout \ No newline at end of file diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index fd8a808a3..5f2662339 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -180,3 +180,9 @@ - include: resolvconf.yml tags: [bootstrap-os, resolvconf] + +- include: growpart-centos-7.yml + when: ansible_distribution in ["CentOS","RedHat"] and + ansible_distribution_major_version >= 7 + tags: bootstrap-os + From 42ea4d2cfd7f98379476d0473caf97dc60bcbb7e Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Fri, 9 Dec 2016 11:04:42 +0100 Subject: [PATCH 4/5] Add comment about why ansible_ssh_pipelining is set to false in bootstrap-os --- cluster.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cluster.yml b/cluster.yml index 863f0669b..6f8e63505 100644 --- a/cluster.yml +++ b/cluster.yml @@ -3,6 +3,8 @@ any_errors_fatal: true gather_facts: false vars: + # Need to disable pipelining for bootstrap-os as some systems have requiretty in sudoers set, which makes pipelining + # fail. bootstrap-os fixes this on these systems, so in later plays it can be enabled. ansible_ssh_pipelining: false roles: - bootstrap-os From 5176e5c96814231b853e1570cd730f4aed32b7e2 Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Mon, 12 Dec 2016 14:14:22 +0100 Subject: [PATCH 5/5] Make growpart only run on Azure --- ...owpart-centos-7.yml => growpart-azure-centos-7.yml} | 2 ++ roles/kubernetes/preinstall/tasks/main.yml | 10 ++++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) rename roles/kubernetes/preinstall/tasks/{growpart-centos-7.yml => growpart-azure-centos-7.yml} (75%) diff --git a/roles/kubernetes/preinstall/tasks/growpart-centos-7.yml b/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml similarity index 75% rename from roles/kubernetes/preinstall/tasks/growpart-centos-7.yml rename to roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml index 506589760..afd5ff229 100644 --- a/roles/kubernetes/preinstall/tasks/growpart-centos-7.yml +++ b/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml @@ -1,5 +1,7 @@ --- +# Running growpart seems to be only required on Azure, as other Cloud Providers do this at boot time + - name: install growpart package: name=cloud-utils-growpart state=latest diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 5f2662339..3c1e3692b 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -181,8 +181,14 @@ - include: resolvconf.yml tags: [bootstrap-os, resolvconf] -- include: growpart-centos-7.yml - when: ansible_distribution in ["CentOS","RedHat"] and +- name: Check if we are running inside a Azure VM + stat: path=/var/lib/waagent/ + register: azure_check + tags: bootstrap-os + +- include: growpart-azure-centos-7.yml + when: azure_check.stat.exists and + ansible_distribution in ["CentOS","RedHat"] and ansible_distribution_major_version >= 7 tags: bootstrap-os