diff --git a/docs/centos8.md b/docs/centos8.md index 695789a5c..ac52897c8 100644 --- a/docs/centos8.md +++ b/docs/centos8.md @@ -1,6 +1,6 @@ -# CentOS 8 +# CentOS 8 / AlmaLinux 8 -CentOS 8 ships only with iptables-nft (ie without iptables-legacy) +CentOS 8 / AlmaLinux 8 ships only with iptables-nft (ie without iptables-legacy) The only tested configuration for now is using Calico CNI You need to use K8S 1.17+ and to add `calico_iptables_backend: "NFT"` or `calico_iptables_backend: "Auto"` to your configuration diff --git a/docs/offline-environment.md b/docs/offline-environment.md index f8fc5dc88..5e86b5667 100644 --- a/docs/offline-environment.md +++ b/docs/offline-environment.md @@ -31,7 +31,7 @@ calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_versio # If using Calico with kdd calico_crds_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_version }}.tar.gz" -# CentOS/Redhat +# CentOS/Redhat/AlmaLinux ## Docker / Containerd docker_rh_repo_base_url: "{{ yum_repo }}/docker-ce/$releasever/$basearch" docker_rh_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg" diff --git a/inventory/sample/group_vars/all/offline.yml b/inventory/sample/group_vars/all/offline.yml index 901d290c1..3bdefcded 100644 --- a/inventory/sample/group_vars/all/offline.yml +++ b/inventory/sample/group_vars/all/offline.yml @@ -3,7 +3,7 @@ ### Private Container Image Registry # registry_host: "myprivateregisry.com" # files_repo: "http://myprivatehttpd" -### If using CentOS, RedHat or Fedora +### If using CentOS, RedHat, AlmaLinux or Fedora # yum_repo: "http://myinternalyumrepo" ### If using Debian # debian_repo: "http://myinternaldebianrepo" @@ -44,7 +44,7 @@ # [Optional] kata: only if you set kata_containers_enabled: true # kata_containers_download_url: "{{ files_repo }}/kata-containers/runtime/releases/download/{{ kata_containers_version }}/kata-static-{{ kata_containers_version }}-{{ ansible_architecture }}.tar.xz" -## CentOS/Redhat +## CentOS/Redhat/AlmaLinux ### For EL7, base and extras repo must be available, for EL8, baseos and appstream ### By default we enable those repo automatically # rhel_enable_repos: false diff --git a/requirements.txt b/requirements.txt index 06eacf1da..2a42e7ed5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -ansible==2.9.18 +ansible==2.9.20 cryptography==2.8 jinja2==2.11.3 netaddr==0.7.19 diff --git a/roles/bootstrap-os/README.md b/roles/bootstrap-os/README.md index c791850a0..ae14a1a00 100644 --- a/roles/bootstrap-os/README.md +++ b/roles/bootstrap-os/README.md @@ -35,7 +35,7 @@ Variables are listed with their default values, if applicable. * `coreos_locksmithd_disable: false` Whether `locksmithd` (responsible for rolling restarts) should be disabled or be left alone. -#### CentOS/RHEL +#### CentOS/RHEL/AlmaLinux * `centos_fastestmirror_enabled: false` Whether the [fastestmirror](https://wiki.centos.org/PackageManagement/Yum/FastestMirror) yum plugin should be enabled. diff --git a/roles/bootstrap-os/defaults/main.yml b/roles/bootstrap-os/defaults/main.yml index 649919b3a..e9f33b670 100644 --- a/roles/bootstrap-os/defaults/main.yml +++ b/roles/bootstrap-os/defaults/main.yml @@ -1,5 +1,5 @@ --- -## CentOS/RHEL specific variables +## CentOS/RHEL/AlmaLinux specific variables # Use the fastestmirror yum plugin centos_fastestmirror_enabled: false diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml index 7b8ffb10e..5016b96c8 100644 --- a/roles/bootstrap-os/tasks/main.yml +++ b/roles/bootstrap-os/tasks/main.yml @@ -7,7 +7,7 @@ check_mode: false - include_tasks: bootstrap-centos.yml - when: '''ID="centos"'' in os_release.stdout_lines or ''ID="ol"'' in os_release.stdout_lines' + when: '''ID="centos"'' in os_release.stdout_lines or ''ID="ol"'' in os_release.stdout_lines or ''ID="almalinux"'' in os_release.stdout_lines' - include_tasks: bootstrap-redhat.yml when: '''ID="rhel"'' in os_release.stdout_lines' diff --git a/roles/container-engine/containerd/tasks/containerd_repo.yml b/roles/container-engine/containerd/tasks/containerd_repo.yml index 4c03cf7d1..6c4a0470a 100644 --- a/roles/container-engine/containerd/tasks/containerd_repo.yml +++ b/roles/container-engine/containerd/tasks/containerd_repo.yml @@ -25,8 +25,10 @@ dest: "{{ yum_repo_dir }}/containerd.repo" when: ansible_distribution == "Fedora" -- name: Configure containerd repository on RedHat/OracleLinux/CentOS +- name: Configure containerd repository on RedHat/OracleLinux/CentOS/AlmaLinux template: src: "rh_containerd.repo.j2" dest: "{{ yum_repo_dir }}/containerd.repo" - when: ansible_distribution in ["CentOS", "OracleLinux", "RedHat"] + when: + - ansible_os_family == "RedHat" + - ansible_distribution != "Fedora" diff --git a/roles/container-engine/containerd/tasks/main.yml b/roles/container-engine/containerd/tasks/main.yml index 6aacec08d..fd6811ae5 100644 --- a/roles/container-engine/containerd/tasks/main.yml +++ b/roles/container-engine/containerd/tasks/main.yml @@ -16,7 +16,7 @@ fail: msg: "{{ ansible_distribution }} is not supported by containerd." when: - - not ansible_distribution in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora"] + - not ansible_distribution in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora", "AlmaLinux"] - name: gather os specific variables include_vars: "{{ item }}" diff --git a/roles/container-engine/docker/tasks/main.yml b/roles/container-engine/docker/tasks/main.yml index 13903e488..ee779279e 100644 --- a/roles/container-engine/docker/tasks/main.yml +++ b/roles/container-engine/docker/tasks/main.yml @@ -82,11 +82,14 @@ dest: "{{ yum_repo_dir }}/docker.repo" when: ansible_distribution == "Fedora" and not is_ostree -- name: Configure docker repository on RedHat/CentOS/Oracle Linux +- name: Configure docker repository on RedHat/CentOS/Oracle/AlmaLinux Linux template: src: "rh_docker.repo.j2" dest: "{{ yum_repo_dir }}/docker-ce.repo" - when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_ostree + when: + - ansible_os_family == "RedHat" + - ansible_distribution != "Fedora" + - not is_ostree - name: Remove dpkg hold dpkg_selections: diff --git a/roles/container-engine/docker/tasks/pre-upgrade.yml b/roles/container-engine/docker/tasks/pre-upgrade.yml index d614220f4..d344b222d 100644 --- a/roles/container-engine/docker/tasks/pre-upgrade.yml +++ b/roles/container-engine/docker/tasks/pre-upgrade.yml @@ -4,7 +4,7 @@ path: "{{ yum_repo_dir }}/docker.repo" state: absent when: - - ansible_distribution in ["CentOS","RedHat","OracleLinux"] + - ansible_os_family == 'RedHat' - not is_ostree - name: Ensure old versions of Docker are not installed. | Debian diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml index 594d7e459..5c041b8de 100644 --- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml +++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml @@ -24,8 +24,8 @@ - name: Stop if unknown OS assert: - that: ansible_os_family in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'Flatcar Container Linux by Kinvolk', 'Suse', 'ClearLinux', 'OracleLinux'] - msg: "{{ ansible_os_family }} is not a known OS" + that: ansible_distribution in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'Flatcar Container Linux by Kinvolk', 'Suse', 'ClearLinux', 'OracleLinux', 'AlmaLinux'] + msg: "{{ ansible_distribution }} is not a known OS" when: not ignore_assert_errors - name: Stop if unknown network plugin diff --git a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml index c35cc0b05..ec77ade59 100644 --- a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml +++ b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml @@ -22,7 +22,7 @@ path: "{{ yum_repo_dir }}/docker.repo" state: absent when: - - ansible_distribution in ["CentOS","RedHat","OracleLinux"] + - ansible_os_family == "RedHat" - not is_fedora_coreos - name: Install python3-dnf for latest RedHat versions @@ -39,12 +39,12 @@ tags: - bootstrap-os -- name: Install epel-release on RedHat/CentOS +- name: Install epel-release on RHEL derivatives package: name: epel-release state: present when: - - ansible_distribution in ["CentOS","RedHat"] + - ansible_os_family == "RedHat" - not is_fedora_coreos - epel_enabled|bool tags: diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 2a3418b0e..3d3451221 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -109,6 +109,6 @@ when: - not dns_late - azure_check.stat.exists - - ansible_distribution in ["CentOS","RedHat","OracleLinux"] + - ansible_os_family == "RedHat" tags: - bootstrap-os diff --git a/roles/network_plugin/macvlan/tasks/main.yml b/roles/network_plugin/macvlan/tasks/main.yml index 191df8cef..a3364935e 100644 --- a/roles/network_plugin/macvlan/tasks/main.yml +++ b/roles/network_plugin/macvlan/tasks/main.yml @@ -35,7 +35,7 @@ mode: "0755" with_fileglob: - files/* - when: ansible_os_family in ["CentOS","RedHat"] + when: ansible_os_family == "RedHat" - name: Macvlan | Install post-up script on centos copy: @@ -44,7 +44,7 @@ owner: root group: root mode: "0755" - when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway + when: ansible_os_family == "RedHat" and enable_nat_default_gateway - name: Macvlan | Install network gateway interface on centos template: @@ -55,7 +55,7 @@ - {src: centos-routes-macvlan.cfg, dst: route-mac0 } - {src: centos-postup-macvlan.cfg, dst: post-up-mac0 } notify: Macvlan | restart network - when: ansible_os_family in ["CentOS","RedHat"] + when: ansible_os_family == "RedHat" - name: Macvlan | Install service nat via gateway on Flatcar Container Linux template: