Merge pull request #861 from bogdando/rename_coreos

Rename CoreOS fact
This commit is contained in:
Bogdan Dobrelya 2017-01-05 14:53:06 +01:00 committed by GitHub
commit e36781132f
22 changed files with 61 additions and 57 deletions

View file

@ -36,7 +36,7 @@ Ensure your OpenStack credentials are loaded in environment variables. This can
$ source ~/.stackrc
```
You will need two networks before installing, an internal network and
You will need two networks before installing, an internal network and
an external (floating IP Pool) network. The internet network can be shared as
we use security groups to provide network segregation. Due to the many
differences between OpenStack installs the Terraform does not attempt to create
@ -97,7 +97,7 @@ gfs_volume_size_in_gb = "50"
ssh_user_gfs = "ubuntu"
```
If these variables are provided, this will give rise to a new ansible group called `gfs-cluster`, for which we have added ansible roles to execute in the ansible provisioning step. If you are using CoreOS, these GlusterFS VM necessarily need to be either Debian or RedHat based VMs, CoreOS cannot serve GlusterFS, but can connect to it through binaries available on hyperkube v1.4.3_coreos.0 or higher.
If these variables are provided, this will give rise to a new ansible group called `gfs-cluster`, for which we have added ansible roles to execute in the ansible provisioning step. If you are using Container Linux by CoreOS, these GlusterFS VM necessarily need to be either Debian or RedHat based VMs, Container Linux by CoreOS cannot serve GlusterFS, but can connect to it through binaries available on hyperkube v1.4.3_coreos.0 or higher.
# Provision a Kubernetes Cluster on OpenStack
@ -133,20 +133,20 @@ Make sure you can connect to the hosts:
```
$ ansible -i contrib/terraform/openstack/hosts -m ping all
example-k8s_node-1 | SUCCESS => {
"changed": false,
"changed": false,
"ping": "pong"
}
example-etcd-1 | SUCCESS => {
"changed": false,
"changed": false,
"ping": "pong"
}
example-k8s-master-1 | SUCCESS => {
"changed": false,
"changed": false,
"ping": "pong"
}
```
if you are deploying a system that needs bootstrapping, like CoreOS, these might have a state `FAILED` due to CoreOS not having python. As long as the state is not `UNREACHABLE`, this is fine.
if you are deploying a system that needs bootstrapping, like Container Linux by CoreOS, these might have a state `FAILED` due to Container Linux by CoreOS not having python. As long as the state is not `UNREACHABLE`, this is fine.
if it fails try to connect manually via SSH ... it could be somthing as simple as a stale host key.

View file

@ -10,7 +10,7 @@ local_release_dir: "/tmp/releases"
# Random shifts for retrying failed ops like pushing/downloading
retry_stagger: 5
# Uncomment this line for CoreOS only.
# Uncomment this line for Container Linux by CoreOS only.
# Directory where python binary is installed
# ansible_python_interpreter: "/opt/bin/python"

View file

@ -15,7 +15,7 @@
service:
name: docker.socket
state: restarted
when: ansible_os_family == 'CoreOS'
when: ansible_os_family == 'Container Linux by CoreOS'
- name: Docker | reload docker
service:

View file

@ -20,7 +20,7 @@
docker requires a minimum kernel version of
{{ docker_kernel_min_version }} on
{{ ansible_distribution }}-{{ ansible_distribution_version }}
when: (ansible_os_family != "CoreOS") and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
when: (ansible_os_family != "Container Linux by CoreOS") and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
tags: facts
- name: ensure docker repository public key is installed
@ -34,7 +34,7 @@
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{ docker_repo_key_info.repo_keys }}"
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: ensure docker repository is enabled
action: "{{ docker_repo_info.pkg_repo }}"
@ -42,7 +42,7 @@
repo: "{{item}}"
state: present
with_items: "{{ docker_repo_info.repos }}"
when: (ansible_os_family != "CoreOS") and (docker_repo_info.repos|length > 0)
when: (ansible_os_family != "Container Linux by CoreOS") and (docker_repo_info.repos|length > 0)
- name: Configure docker repository on RedHat/CentOS
copy:
@ -61,7 +61,7 @@
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{ docker_package_info.pkgs }}"
when: (ansible_os_family != "CoreOS") and (docker_package_info.pkgs|length > 0)
when: (ansible_os_family != "Container Linux by CoreOS") and (docker_package_info.pkgs|length > 0)
- name: Set docker systemd config
include: systemd.yml

View file

@ -13,7 +13,7 @@
src: docker.service.j2
dest: /etc/systemd/system/docker.service
register: docker_service_file
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: Write docker options systemd drop-in
template:

View file

@ -2,14 +2,14 @@
local_release_dir: /tmp
# if this is set to true will only download files once. Doesn't work
# on CoreOS unless the download_localhost is true and localhost
# on Container Linux by CoreOS unless the download_localhost is true and localhost
# is running another OS type. Default compress level is 9 (best).
download_run_once: False
download_compress: 9
# if this is set to true, uses the localhost for download_run_once mode
# (requires docker and sudo to access docker). You may want this option for
# local caching of docker images or for CoreOS cluster nodes.
# local caching of docker images or for Container Linux by CoreOS cluster nodes.
# Otherwise, uses the first node in the kube-master group to store images
# in the download_run_once mode.
download_localhost: False

View file

@ -48,7 +48,7 @@
when: "{{ download.enabled|bool and download.container|bool }}"
tags: bootstrap-os
# This is required for the download_localhost delegate to work smooth with CoreOS cluster nodes
# This is required for the download_localhost delegate to work smooth with Container Linux by CoreOS cluster nodes
- name: Hack python binary path for localhost
raw: sh -c "mkdir -p /opt/bin; ln -sf /usr/bin/python /opt/bin/python"
when: "{{ download_delegate == 'localhost' }}"
@ -119,7 +119,7 @@
delegate_to: "{{ download_delegate }}"
register: saved
run_once: true
when: (ansible_os_family != "CoreOS" or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool and (container_changed|bool or not img.stat.exists)
when: (ansible_os_family != "Container Linux by CoreOS" or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool and (container_changed|bool or not img.stat.exists)
- name: Download | copy container images to ansible host
synchronize:
@ -128,7 +128,7 @@
mode: pull
delegate_to: localhost
become: false
when: ansible_os_family != "CoreOS" and inventory_hostname == groups['kube-master'][0] and download_delegate != "localhost" and download_run_once|bool and download.enabled|bool and download.container|bool and saved.changed
when: ansible_os_family != "Container Linux by CoreOS" and inventory_hostname == groups['kube-master'][0] and download_delegate != "localhost" and download_run_once|bool and download.enabled|bool and download.container|bool and saved.changed
- name: Download | upload container images to nodes
synchronize:
@ -141,10 +141,10 @@
until: get_task|success
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
when: (ansible_os_family != "CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
when: (ansible_os_family != "Container Linux by CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
tags: [upload, upgrade]
- name: Download | load container images
shell: "{{ docker_bin_dir }}/docker load < {{ fname }}"
when: (ansible_os_family != "CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
when: (ansible_os_family != "Container Linux by CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
tags: [upload, upgrade]

View file

@ -2,7 +2,7 @@
dependencies:
- role: adduser
user: "{{ addusers.etcd }}"
when: ansible_os_family != 'CoreOS'
when: ansible_os_family != 'Container Linux by CoreOS'
- role: download
file: "{{ downloads.etcd }}"
tags: download

View file

@ -129,7 +129,7 @@
/usr/local/share/ca-certificates/etcd-ca.crt
{%- elif ansible_os_family == "RedHat" -%}
/etc/pki/ca-trust/source/anchors/etcd-ca.crt
{%- elif ansible_os_family == "CoreOS" -%}
{%- elif ansible_os_family == "Container Linux by CoreOS" -%}
/etc/ssl/certs/etcd-ca.pem
{%- endif %}
tags: facts
@ -141,9 +141,9 @@
remote_src: true
register: etcd_ca_cert
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/CoreOS)
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
command: update-ca-certificates
when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"]
when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
- name: Gen_certs | update ca-certificates (RedHat)
command: update-ca-trust extract

View file

@ -29,6 +29,6 @@ openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID') }}"
# All clients access each node individually, instead of using a load balancer.
etcd_multiaccess: true
# CoreOS cloud init config file to define /etc/resolv.conf content
# Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content
# for hostnet pods and infra needs
resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf

View file

@ -3,7 +3,7 @@
notify:
- Preinstall | reload network
- Preinstall | reload kubelet
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
# FIXME(bogdando) https://github.com/projectcalico/felix/issues/1185
- name: Preinstall | reload network
@ -15,18 +15,18 @@
networking
{%- endif %}
state: restarted
when: ansible_os_family != "CoreOS" and kube_network_plugin not in ['canal', 'calico']
when: ansible_os_family != "Container Linux by CoreOS" and kube_network_plugin not in ['canal', 'calico']
- name: Preinstall | update resolvconf for CoreOS
- name: Preinstall | update resolvconf for Container Linux by CoreOS
command: /bin/true
notify:
- Preinstall | apply resolvconf cloud-init
- Preinstall | reload kubelet
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- name: Preinstall | apply resolvconf cloud-init
command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- name: Preinstall | reload kubelet
service:

View file

@ -2,10 +2,10 @@
- include: pre-upgrade.yml
tags: [upgrade, bootstrap-os]
- name: Force binaries directory for CoreOS
- name: Force binaries directory for Container Linux by CoreOS
set_fact:
bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
tags: facts
- name: check bin dir exists
@ -131,7 +131,7 @@
retries: 4
delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}"
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
tags: bootstrap-os
- name: Disable IPv6 DNS lookup
@ -140,7 +140,7 @@
line: "precedence ::ffff:0:0/96 100"
state: present
backup: yes
when: disable_ipv6_dns and ansible_os_family != "CoreOS"
when: disable_ipv6_dns and ansible_os_family != "Container Linux by CoreOS"
tags: bootstrap-os
# Todo : selinux configuration

View file

@ -2,3 +2,7 @@
- name: Stop if non systemd OS type
assert:
that: ansible_service_mgr == "systemd"
- name: Stop if obsolete CoreOS family fact value
assert:
that: ansible_os_family != "CoreOS"

View file

@ -1,7 +1,7 @@
---
- name: create temporary resolveconf cloud init file
command: cp -f /etc/resolv.conf "{{ resolvconffile }}"
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- name: Remove search/domain/nameserver options
lineinfile:
@ -48,7 +48,7 @@
- name: get temporary resolveconf cloud init file content
command: cat {{ resolvconffile }}
register: cloud_config
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- name: persist resolvconf cloud init file
template:
@ -56,9 +56,9 @@
src: resolvconf.j2
owner: root
mode: 0644
notify: Preinstall | update resolvconf for CoreOS
when: ansible_os_family == "CoreOS"
notify: Preinstall | update resolvconf for Container Linux by CoreOS
when: ansible_os_family == "Container Linux by CoreOS"
- include: dhclient-hooks.yml
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
tags: [bootstrap-os, resolvconf]

View file

@ -35,11 +35,11 @@
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%}
head: >-
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%}
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: target temporary resolvconf cloud init file (CoreOS)
- name: target temporary resolvconf cloud init file (Container Linux by CoreOS)
set_fact: resolvconffile=/tmp/resolveconf_cloud_init_conf
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- name: target dhclient conf/hook files for Red Hat family
set_fact:

View file

@ -74,7 +74,7 @@
/usr/local/share/ca-certificates/kube-ca.crt
{%- elif ansible_os_family == "RedHat" -%}
/etc/pki/ca-trust/source/anchors/kube-ca.crt
{%- elif ansible_os_family == "CoreOS" -%}
{%- elif ansible_os_family == "Container Linux by CoreOS" -%}
/etc/ssl/certs/kube-ca.pem
{%- endif %}
tags: facts
@ -86,9 +86,9 @@
remote_src: true
register: kube_ca_cert
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/CoreOS)
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
command: update-ca-certificates
when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"]
when: kube_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
- name: Gen_certs | update ca-certificates (RedHat)
command: update-ca-trust extract

View file

@ -1,6 +1,6 @@
dependencies:
- role: etcd
- role: docker
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- role: download
file: "{{ downloads.calico_rr }}"

View file

@ -20,7 +20,7 @@
service:
name: docker.socket
state: restarted
when: ansible_os_family == 'CoreOS'
when: ansible_os_family == 'Container Linux by CoreOS'
- name: Flannel | reload docker
service:

View file

@ -1,5 +1,5 @@
[Service]
{% if ansible_os_family == "CoreOS" %}
{% if ansible_os_family == "Container Linux by CoreOS" %}
Environment="DOCKER_OPT_BIP=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
{% else %}
Environment="DOCKER_NETWORK_OPTIONS=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"

View file

@ -7,14 +7,14 @@
tasks:
- name: Force binaries directory for CoreOS
- name: Force binaries directory for Container Linux by CoreOS
set_fact:
bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- set_fact:
bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: Run a replica controller composed of 2 pods
shell: "{{bin_dir}}/kubectl run test --image={{test_image_repo}}:{{test_image_tag}} --replicas=2 --command -- tail -f /dev/null"

View file

@ -3,14 +3,14 @@
tasks:
- name: Force binaries directory for CoreOS
- name: Force binaries directory for Container Linux by CoreOS
set_fact:
bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- set_fact:
bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: Get pod names
shell: "{{bin_dir}}/kubectl get pods -o json"

View file

@ -12,14 +12,14 @@
netchecker_port: 31081
tasks:
- name: Force binaries directory for CoreOS
- name: Force binaries directory for Container Linux by CoreOS
set_fact:
bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS"
when: ansible_os_family == "Container Linux by CoreOS"
- set_fact:
bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS"
when: ansible_os_family != "Container Linux by CoreOS"
- name: Wait for netchecker server
shell: "{{ bin_dir }}/kubectl get pods --namespace {{netcheck_namespace}} | grep ^netchecker-server"