Decrease docker dependency (#7172)
This commit is contained in:
parent
e3caff833c
commit
91ee4aa542
7 changed files with 57 additions and 26 deletions
|
@ -553,15 +553,6 @@ dashboard_image_tag: "v2.1.0"
|
|||
dashboard_metrics_scraper_repo: "{{ docker_image_repo }}/kubernetesui/metrics-scraper"
|
||||
dashboard_metrics_scraper_tag: "v1.0.6"
|
||||
|
||||
image_pull_command: "{{ docker_bin_dir }}/docker pull"
|
||||
image_save_command: "{{ docker_bin_dir }}/docker save {{ image_reponame }} | gzip -{{ download_compress }} > {{ image_path_final }}"
|
||||
image_load_command: "{{ docker_bin_dir }}/docker load < {{ image_path_final }}"
|
||||
image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs {{ docker_bin_dir }}/docker inspect -f \"{{ '{{' }} if .RepoTags {{ '}}' }}{{ '{{' }} (join .RepoTags \\\",\\\") {{ '}}' }}{{ '{{' }} end {{ '}}' }}{{ '{{' }} if .RepoDigests {{ '}}' }},{{ '{{' }} (join .RepoDigests \\\",\\\") {{ '}}' }}{{ '{{' }} end {{ '}}' }}\" | tr '\n' ','"
|
||||
|
||||
image_pull_command_on_localhost: "{{ docker_bin_dir }}/docker pull"
|
||||
image_save_command_on_localhost: "{{ docker_bin_dir }}/docker save {{ image_reponame }} | gzip -{{ download_compress }} > {{ image_path_cached }}"
|
||||
image_info_command_on_localhost: "{{ docker_bin_dir }}/docker images"
|
||||
|
||||
metallb_speaker_image_repo: "{{ quay_image_repo }}/metallb/speaker"
|
||||
metallb_controller_image_repo: "{{ quay_image_repo }}/metallb/controller"
|
||||
|
||||
|
|
|
@ -1,8 +1,5 @@
|
|||
---
|
||||
# NOTE: The ampersand hell in this block is needed because docker-inspect uses go templates,
|
||||
# which uses double ampersands as delimiters, just like Jinja does. If you want to understand
|
||||
# the template, just replace all instances of {{ `{{` }} with {{ and {{ '}}' }} with }}.
|
||||
# It will output something like the following:
|
||||
# The image_info_command depends on the Container Runtime and will output something like the following:
|
||||
# nginx:1.15,gcr.io/google-containers/kube-proxy:v1.14.1,gcr.io/google-containers/kube-proxy@sha256:44af2833c6cbd9a7fc2e9d2f5244a39dfd2e31ad91bf9d4b7d810678db738ee9,gcr.io/google-containers/kube-apiserver:v1.14.1,etc...
|
||||
- name: check_pull_required | Generate a list of information about the images on a node # noqa 305 image_info_command contains a pipe, therefore requiring shell
|
||||
shell: "{{ image_info_command }}"
|
||||
|
|
|
@ -5,13 +5,27 @@
|
|||
tags:
|
||||
- facts
|
||||
|
||||
- name: prep_download | Set image info command for containerd and crio
|
||||
# The docker image_info_command might seems weird but we are using raw/endraw and `{{ `{{` }}` to manage the double jinja2 processing
|
||||
# done here and when `image_info_command` is used (first the raw/endraw allow to store the command, then the second processing replace `{{`
|
||||
- name: prep_download | Set image pull/info command for docker
|
||||
set_fact:
|
||||
image_pull_command: "{{ docker_bin_dir }}/docker pull"
|
||||
image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs -i {{ '{{' }} docker_bin_dir }}/docker inspect -f {% raw %}'{{ '{{' }} if .RepoTags }}{{ '{{' }} join .RepoTags \",\" }}{{ '{{' }} end }}{{ '{{' }} if .RepoDigests }},{{ '{{' }} join .RepoDigests \",\" }}{{ '{{' }} end }}' {% endraw %} {} | tr '\n' ','"
|
||||
when: container_manager == 'docker'
|
||||
|
||||
- name: prep_download | Set image pull/info command for containerd and crio
|
||||
set_fact:
|
||||
image_info_command: "{{ bin_dir }}/crictl images --verbose | awk -F ': ' '/RepoTags|RepoDigests/ {print $2}' | tr '\n' ','"
|
||||
image_pull_command: "{{ bin_dir }}/crictl pull"
|
||||
when: container_manager in ['crio' ,'containerd']
|
||||
|
||||
- name: prep_download | Set image info command for containerd and crio on localhost
|
||||
- name: prep_download | Set image pull/info command for docker on localhost
|
||||
set_fact:
|
||||
image_pull_command_on_localhost: "{{ docker_bin_dir }}/docker pull"
|
||||
image_info_command_on_localhost: "{{ docker_bin_dir }}/docker images"
|
||||
when: container_manager_on_localhost == 'docker'
|
||||
|
||||
- name: prep_download | Set image pull/info command for containerd and crio on localhost
|
||||
set_fact:
|
||||
image_info_command_on_localhost: "{{ bin_dir }}/crictl images --verbose | awk -F ': ' '/RepoTags|RepoDigests/ {print $2}' | tr '\n' ','"
|
||||
image_pull_command_on_localhost: "{{ bin_dir }}/crictl pull"
|
||||
|
@ -32,7 +46,7 @@
|
|||
- localhost
|
||||
- asserts
|
||||
|
||||
- name: prep_download | On localhost, check if user has access to docker without using sudo
|
||||
- name: prep_download | On localhost, check if user has access to the container runtime without using sudo
|
||||
shell: "{{ image_info_command_on_localhost }}" # noqa 305 image_info_command_on_localhost contains pipe, therefore requires shell
|
||||
delegate_to: localhost
|
||||
connection: local
|
||||
|
|
|
@ -22,6 +22,12 @@
|
|||
image_path_cached: "{{ download_cache_dir }}/images/{{ image_filename }}"
|
||||
image_path_final: "{{ local_release_dir }}/images/{{ image_filename }}"
|
||||
|
||||
- name: Set image save/load command for docker
|
||||
set_fact:
|
||||
image_save_command: "{{ docker_bin_dir }}/docker save {{ image_reponame }} | gzip -{{ download_compress }} > {{ image_path_final }}"
|
||||
image_load_command: "{{ docker_bin_dir }}/docker load < {{ image_path_final }}"
|
||||
when: container_manager == 'docker'
|
||||
|
||||
- name: Set image save/load command for containerd
|
||||
set_fact:
|
||||
image_save_command: "{{ containerd_bin_dir }}/ctr -n k8s.io image export {{ image_path_final }} {{ image_reponame }}"
|
||||
|
@ -34,6 +40,11 @@
|
|||
image_load_command: "skopeo copy docker-archive:{{ image_path_final }} containers-storage:{{ image_reponame }}"
|
||||
when: container_manager == 'crio'
|
||||
|
||||
- name: Set image save/load command for docker on localhost
|
||||
set_fact:
|
||||
image_save_command_on_localhost: "{{ docker_bin_dir }}/docker save {{ image_reponame }} | gzip -{{ download_compress }} > {{ image_path_cached }}"
|
||||
when: container_manager_on_localhost == 'docker'
|
||||
|
||||
- name: Set image save/load command for containerd on localhost
|
||||
set_fact:
|
||||
image_save_command_on_localhost: "{{ containerd_bin_dir }}/ctr -n k8s.io image export {{ image_path_cached }} {{ image_reponame }}"
|
||||
|
|
|
@ -21,8 +21,26 @@
|
|||
- upgrade
|
||||
notify: Node | restart kubelet
|
||||
|
||||
- name: install | Copy socat wrapper for Container Linux
|
||||
- name: install | Copy socat wrapper for Container Linux with Docker
|
||||
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
|
||||
args:
|
||||
creates: "{{ bin_dir }}/socat"
|
||||
when: ansible_os_family in ['Flatcar Container Linux by Kinvolk']
|
||||
when:
|
||||
- ansible_os_family in ['Flatcar Container Linux by Kinvolk']
|
||||
- container_manager == "docker"
|
||||
|
||||
- name: install | Copy socat wrapper for Container Linux with Containerd
|
||||
command: "{{ containerd_bin_dir }}/ctr run --rm --mount type=bind,src={{ bin_dir }},dst=/opt/bin,options=rbind:rw {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
|
||||
args:
|
||||
creates: "{{ bin_dir }}/socat"
|
||||
when:
|
||||
- ansible_os_family in ['Flatcar Container Linux by Kinvolk']
|
||||
- container_manager == "containerd"
|
||||
|
||||
- name: install | Copy socat wrapper for Container Linux with crio
|
||||
command: "podman run --rm --mount type=bind,source={{ bin_dir }},destination=/opt/bin,rw=true {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
|
||||
args:
|
||||
creates: "{{ bin_dir }}/socat"
|
||||
when:
|
||||
- ansible_os_family in ['Flatcar Container Linux by Kinvolk']
|
||||
- container_manager == "crio"
|
||||
|
|
|
@ -4,22 +4,22 @@
|
|||
when: calico_cni_config is defined
|
||||
notify:
|
||||
- delete 10-calico.conflist
|
||||
- docker | delete calico-node containers
|
||||
- containerd | delete calico-node containers
|
||||
- Calico | delete calico-node docker containers
|
||||
- Calico | delete calico-node crio/containerd containers
|
||||
|
||||
- name: delete 10-calico.conflist
|
||||
file:
|
||||
path: /etc/cni/net.d/10-calico.conflist
|
||||
state: absent
|
||||
|
||||
- name: docker | delete calico-node containers
|
||||
- name: Calico | delete calico-node docker containers
|
||||
shell: "{{ docker_bin_dir }}/docker ps -af name=k8s_POD_calico-node* -q | xargs --no-run-if-empty {{ docker_bin_dir }}/docker rm -f"
|
||||
register: docker_calico_node_remove
|
||||
until: docker_calico_node_remove is succeeded
|
||||
retries: 5
|
||||
when: container_manager in ["docker"]
|
||||
|
||||
- name: containerd | delete calico-node containers
|
||||
- name: Calico | delete calico-node crio/containerd containers
|
||||
shell: '{{ bin_dir }}/crictl pods --name calico-node-* -q | xargs -I% --no-run-if-empty bash -c "{{ bin_dir }}/crictl stopp % && {{ bin_dir }}/crictl rmp %"'
|
||||
register: crictl_calico_node_remove
|
||||
until: crictl_calico_node_remove is succeeded
|
||||
|
|
|
@ -2,17 +2,17 @@
|
|||
- name: reset_kube_router
|
||||
command: /bin/true
|
||||
notify:
|
||||
- docker | delete kube-router containers
|
||||
- containerd | delete kube-router containers
|
||||
- Kube-router | delete kube-router docker containers
|
||||
- Kube-router | delete kube-router crio/containerd containers
|
||||
|
||||
- name: docker | delete kube-router containers
|
||||
- name: Kube-router | delete kube-router docker containers
|
||||
shell: "{{ docker_bin_dir }}/docker ps -af name=k8s_POD_kube-router* -q | xargs --no-run-if-empty docker rm -f"
|
||||
register: docker_kube_router_remove
|
||||
until: docker_kube_router_remove is succeeded
|
||||
retries: 5
|
||||
when: container_manager in ["docker"]
|
||||
|
||||
- name: containerd | delete kube-router containers
|
||||
- name: Kube-router | delete kube-router crio/containerd containers
|
||||
shell: '{{ bin_dir }}/crictl pods --name kube-router* -q | xargs -I% --no-run-if-empty bash -c "{{ bin_dir }}/crictl stopp % && {{ bin_dir }}/crictl rmp %"'
|
||||
register: crictl_kube_router_remove
|
||||
until: crictl_kube_router_remove is succeeded
|
||||
|
|
Loading…
Reference in a new issue