diff --git a/cluster.yml b/cluster.yml index 14a4a6d37..4fc852d97 100644 --- a/cluster.yml +++ b/cluster.yml @@ -33,8 +33,8 @@ roles: - { role: kubespray-defaults} - { role: kubernetes/preinstall, tags: preinstall } - - { role: docker, tags: docker, when: manage_docker|default(true) } - - { role: cri-o, tags: crio, when: manage_crio } + - { role: docker, tags: docker, when: container_manager == 'docker' } + - { role: cri-o, tags: crio, when: container_manager == 'crio' } - role: rkt tags: rkt when: "'rkt' in [etcd_deployment_type, kubelet_deployment_type, vault_deployment_type]" diff --git a/docs/cri-o.md b/docs/cri-o.md index ef37d7a7f..796b7513a 100644 --- a/docs/cri-o.md +++ b/docs/cri-o.md @@ -26,7 +26,6 @@ skip_downloads: false ``` etcd_deployment_type: host kubelet_deployment_type: host -manage_docker: false -manage_crio: true +container_manager: crio ``` diff --git a/inventory/sample/group_vars/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster.yml index 627b92e72..eb1d01cb9 100644 --- a/inventory/sample/group_vars/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster.yml @@ -135,13 +135,9 @@ skydns_server_secondary: "{{ kube_service_addresses|ipaddr('net')|ipaddr(4)|ipad dnsmasq_dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(2)|ipaddr('address') }}" dns_domain: "{{ cluster_name }}" -# Use docker as container runtime -# If you set manage_crio true, set manage_docker false. -manage_docker: true - -# Use cri-o as container runtime -# If you set manage_docker true, set manage_crio false. -manage_crio: false +# Container runtime +# docker for docker and crio for cri-o. +container_manager: docker # Path used to store Docker data docker_daemon_graph: "/var/lib/docker" diff --git a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2 b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2 index 1b0ab9c40..35ed7a3e6 100644 --- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2 +++ b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2 @@ -15,6 +15,6 @@ discoveryTokenAPIServers: discoveryTokenUnsafeSkipCAVerification: true nodeRegistration: name: {{ inventory_hostname }} -{% if manage_crio %} +{% if container_manager == 'crio' %} criSocket: /var/run/crio/crio.sock {% endif %} diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 index 4ee15a181..3f123b24d 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha2.yaml.j2 @@ -138,6 +138,6 @@ nodeRegistration: taints: - effect: NoSchedule key: node-role.kubernetes.io/master -{% if manage_crio %} +{% if container_manager == 'crio' %} criSocket: /var/run/crio/crio.sock {% endif %} diff --git a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 index b2a27d58c..7597fd9ae 100644 --- a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 +++ b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 @@ -34,10 +34,10 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}" --node-status-update-frequency={{ kubelet_status_update_frequency }} \ --cgroup-driver={{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }} \ --max-pods={{ kubelet_max_pods }} \ -{% if manage_docker %} +{% if container_manager == 'docker' %} --docker-disable-shared-pid={{ kubelet_disable_shared_pid }} \ {% endif %} -{% if manage_crio %} +{% if container_manager == 'crio' %} --container-runtime=remote \ --container-runtime-endpoint=/var/run/crio/crio.sock \ {% endif %} diff --git a/roles/kubernetes/node/templates/kubelet.standard.env.j2 b/roles/kubernetes/node/templates/kubelet.standard.env.j2 index 0c5dd0122..ae4654424 100644 --- a/roles/kubernetes/node/templates/kubelet.standard.env.j2 +++ b/roles/kubernetes/node/templates/kubelet.standard.env.j2 @@ -15,7 +15,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}" --cadvisor-port={{ kube_cadvisor_port }} \ --pod-infra-container-image={{ pod_infra_image_repo }}:{{ pod_infra_image_tag }} \ --node-status-update-frequency={{ kubelet_status_update_frequency }} \ -{% if manage_docker %} +{% if container_manager == 'docker' %} --docker-disable-shared-pid={{ kubelet_disable_shared_pid }} \ {% endif %} --client-ca-file={{ kube_cert_dir }}/ca.pem \ @@ -28,7 +28,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}" {% if kube_version | version_compare('v1.7', '<') %} --enable-cri={{ kubelet_enable_cri }} \ {% endif %} -{% if manage_crio %} +{% if container_manager == 'crio' %} --container-runtime=remote \ --container-runtime-endpoint=/var/run/crio/crio.sock \ {% endif %} diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index c676598bc..54986fe25 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -131,13 +131,8 @@ kube_apiserver_insecure_port: 8080 # Aggregator kube_api_aggregator_routing: false -# Docker options -# Optionally do not run docker role -manage_docker: true - -# cri-o options -# Optionally run cri-o role -manage_crio: false +# Container for runtime +container_manager: docker # Path used to store Docker data docker_daemon_graph: "/var/lib/docker" diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index 9c0d994f5..88dec8d7a 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -68,7 +68,7 @@ delay: 5 tags: - crio - when: manage_crio + when: container_manager == 'crio' - name: reset | gather mounted kubelet dirs shell: mount | grep /var/lib/kubelet/ | awk '{print $3}' | tac diff --git a/scale.yml b/scale.yml index ff027d6c0..c4cd117f0 100644 --- a/scale.yml +++ b/scale.yml @@ -35,8 +35,9 @@ roles: - { role: kubespray-defaults} - { role: kubernetes/preinstall, tags: preinstall } - - { role: docker, tags: docker, when: manage_docker|default(true) } - - { role: cri-o, tags: crio, when: manage_crio } + + - { role: docker, tags: docker, when: container_manager == 'docker' } + - { role: cri-o, tags: crio, when: container_manager == 'crio' } - role: rkt tags: rkt when: "'rkt' in [etcd_deployment_type, kubelet_deployment_type, vault_deployment_type]" diff --git a/upgrade-cluster.yml b/upgrade-cluster.yml index 4e4cfb654..7d8534d78 100644 --- a/upgrade-cluster.yml +++ b/upgrade-cluster.yml @@ -34,8 +34,8 @@ roles: - { role: kubespray-defaults} - { role: kubernetes/preinstall, tags: preinstall } - - { role: docker, tags: docker, when: manage_docker|default(true) } - - { role: cri-o, tags: crio, when: manage_crio } + - { role: docker, tags: docker, when: container_manager == 'docker' } + - { role: cri-o, tags: crio, when: container_manager == 'crio' } - role: rkt tags: rkt when: "'rkt' in [etcd_deployment_type, kubelet_deployment_type, vault_deployment_type]"