Allowing etcd to run via rkt
This commit is contained in:
parent
a8f2af0503
commit
8dc19374cc
8 changed files with 71 additions and 24 deletions
|
@ -28,7 +28,7 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: kubernetes/preinstall, tags: preinstall }
|
- { role: kubernetes/preinstall, tags: preinstall }
|
||||||
- { role: docker, tags: docker }
|
- { role: docker, tags: docker }
|
||||||
- { role: rkt, tags: rkt }
|
- { role: rkt, tags: rkt, when: "'rkt' in [ etcd_deployment_type, kubelet_deployment_type ]" }
|
||||||
|
|
||||||
- hosts: etcd:!k8s-cluster
|
- hosts: etcd:!k8s-cluster
|
||||||
any_errors_fatal: true
|
any_errors_fatal: true
|
||||||
|
|
|
@ -199,5 +199,5 @@ kpm_packages: []
|
||||||
# - name: kube-system/grafana
|
# - name: kube-system/grafana
|
||||||
|
|
||||||
rkt_version: 1.21.0
|
rkt_version: 1.21.0
|
||||||
etcd_deployment_type: rkt
|
etcd_deployment_type: docker
|
||||||
kubelet_deployment_type: docker
|
kubelet_deployment_type: docker
|
||||||
|
|
|
@ -1,17 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: Install | Copy etcd binary from downloaddir
|
|
||||||
command: rsync -piu "{{ etcd_bin_dir }}/etcd" "{{ bin_dir }}/etcd"
|
|
||||||
when: etcd_deployment_type == "host"
|
|
||||||
register: etcd_copy
|
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
- name: Install | Copy etcdctl binary from downloaddir
|
|
||||||
command: rsync -piu "{{ etcd_bin_dir }}/etcdctl" "{{ bin_dir }}/etcdctl"
|
|
||||||
when: etcd_deployment_type == "host"
|
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
#Plan A: no docker-py deps
|
#Plan A: no docker-py deps
|
||||||
- name: Install | Copy etcdctl binary from container
|
- name: Install | Copy etcdctl binary from docker container
|
||||||
command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy;
|
command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy;
|
||||||
{{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
|
{{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
|
||||||
{{ docker_bin_dir }}/docker cp etcdctl-binarycopy:{{ etcd_container_bin_dir }}etcdctl {{ bin_dir }}/etcdctl &&
|
{{ docker_bin_dir }}/docker cp etcdctl-binarycopy:{{ etcd_container_bin_dir }}etcdctl {{ bin_dir }}/etcdctl &&
|
9
roles/etcd/tasks/install_host.yml
Normal file
9
roles/etcd/tasks/install_host.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
---
|
||||||
|
- name: Install | Copy etcd binary from downloaddir
|
||||||
|
command: rsync -piu "{{ etcd_bin_dir }}/etcd" "{{ bin_dir }}/etcd"
|
||||||
|
register: etcd_copy
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: Install | Copy etcdctl binary from downloaddir
|
||||||
|
command: rsync -piu "{{ etcd_bin_dir }}/etcdctl" "{{ bin_dir }}/etcdctl"
|
||||||
|
changed_when: false
|
26
roles/etcd/tasks/install_rkt.yml
Normal file
26
roles/etcd/tasks/install_rkt.yml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
- name: Trust etcd container
|
||||||
|
command: >-
|
||||||
|
/usr/bin/rkt trust
|
||||||
|
--skip-fingerprint-review
|
||||||
|
--root
|
||||||
|
https://quay.io/aci-signing-key
|
||||||
|
register: etcd_rkt_trust_result
|
||||||
|
until: etcd_rkt_trust_result.rc == 0
|
||||||
|
retries: 4
|
||||||
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: Install | Copy etcdctl binary from rkt container
|
||||||
|
command: >-
|
||||||
|
/usr/bin/rkt run
|
||||||
|
--volume=bin-dir,kind=host,source={{ bin_dir}},readOnly=false
|
||||||
|
--mount=volume=bin-dir,target=/host/bin
|
||||||
|
{{ etcd_image_repo }}:{{ etcd_image_tag }}
|
||||||
|
--name=etcdctl-binarycopy
|
||||||
|
--exec=/bin/cp -- {{ etcd_container_bin_dir }}/etcdctl /host/bin/etcdctl
|
||||||
|
register: etcd_task_result
|
||||||
|
until: etcd_task_result.rc == 0
|
||||||
|
retries: 4
|
||||||
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
|
changed_when: false
|
|
@ -5,7 +5,7 @@
|
||||||
tags: [etcd-secrets, facts]
|
tags: [etcd-secrets, facts]
|
||||||
- include: gen_certs.yml
|
- include: gen_certs.yml
|
||||||
tags: etcd-secrets
|
tags: etcd-secrets
|
||||||
- include: install.yml
|
- include: "install_{{ etcd_deployment_type }}.yml"
|
||||||
when: is_etcd_master
|
when: is_etcd_master
|
||||||
tags: upgrade
|
tags: upgrade
|
||||||
- include: set_cluster_health.yml
|
- include: set_cluster_health.yml
|
||||||
|
|
29
roles/etcd/templates/etcd-rkt.service.j2
Normal file
29
roles/etcd/templates/etcd-rkt.service.j2
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
[Unit]
|
||||||
|
Description=etcd rkt wrapper
|
||||||
|
Documentation=https://github.com/coreos/etcd
|
||||||
|
Wants=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Restart=on-failure
|
||||||
|
RestartSec=10s
|
||||||
|
TimeoutStartSec=0
|
||||||
|
LimitNOFILE=40000
|
||||||
|
|
||||||
|
ExecStart={{ rkt_bin_dir | default("/usr/bin") }}/rkt run \
|
||||||
|
--uuid-file-save=/var/run/etcd.uuid \
|
||||||
|
--volume=etc-ssl-certs,kind=host,source=/etc/ssl/certs,readOnly=true \
|
||||||
|
--mount=volume=etc-ssl-certs,target=/etc/ssl/certs \
|
||||||
|
--volume=etcd-cert-dir,kind=host,source={{ etcd_cert_dir }},readOnly=true \
|
||||||
|
--mount=volume=etcd-cert-dir,target={{ etcd_cert_dir }} \
|
||||||
|
--volume=var-lib-etcd,kind=host,source=/var/lib/etcd,readOnly=false \
|
||||||
|
--mount=volume=var-lib-etcd,target=/var/lib/etcd \
|
||||||
|
--set-env-file=/etc/etcd.env \
|
||||||
|
--stage1-from-dir=stage1-fly.aci \
|
||||||
|
{{ etcd_image_repo }}:{{ etcd_image_tag }} \
|
||||||
|
--name={{ etcd_member_name | default("etcd") }}
|
||||||
|
|
||||||
|
ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/run/etcd.uuid
|
||||||
|
ExecStop=-/usr/bin/rkt stop --uuid-file=/var/run/etcd.uuid
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -14,12 +14,6 @@
|
||||||
skip: true
|
skip: true
|
||||||
tags: facts
|
tags: facts
|
||||||
|
|
||||||
#- name: download rkt pkg
|
|
||||||
# get_url:
|
|
||||||
# url: "{{ rkt_download_url }}/{{rkt_pkg_name}}"
|
|
||||||
# dest: "{{ local_release_dir }}"
|
|
||||||
# when: (ansible_os_family != "CoreOS") and "rkt" in [ etcd_deployment_type, kubelet_deployment_type ]
|
|
||||||
|
|
||||||
- name: install rkt pkg on ubuntu
|
- name: install rkt pkg on ubuntu
|
||||||
apt:
|
apt:
|
||||||
deb: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
|
deb: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
|
||||||
|
@ -28,9 +22,9 @@
|
||||||
until: rkt_task_result|success
|
until: rkt_task_result|success
|
||||||
retries: 4
|
retries: 4
|
||||||
delay: "{{ retry_stagger | random + 3 }}"
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
when: ansible_os_family == "Debian" and "rkt" in [ etcd_deployment_type, kubelet_deployment_type ]
|
when: ansible_os_family == "Debian"
|
||||||
|
|
||||||
- name: "install rkt pkg on centos"
|
- name: install rkt pkg on centos
|
||||||
yum:
|
yum:
|
||||||
pkg: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
|
pkg: "{{ rkt_download_url }}/{{ rkt_pkg_name }}"
|
||||||
state: present
|
state: present
|
||||||
|
@ -38,4 +32,4 @@
|
||||||
until: rkt_task_result|success
|
until: rkt_task_result|success
|
||||||
retries: 4
|
retries: 4
|
||||||
delay: "{{ retry_stagger | random + 3 }}"
|
delay: "{{ retry_stagger | random + 3 }}"
|
||||||
when: ansible_os_family == "RedHat" and "rkt" in [ etcd_deployment_type, kubelet_deployment_type ]
|
when: ansible_os_family == "RedHat"
|
||||||
|
|
Loading…
Reference in a new issue