diff --git a/inventory/group_vars/k8s-cluster.yml b/inventory/group_vars/k8s-cluster.yml index 09f736af0..a400d05f9 100644 --- a/inventory/group_vars/k8s-cluster.yml +++ b/inventory/group_vars/k8s-cluster.yml @@ -138,6 +138,7 @@ docker_bin_dir: "/usr/bin" etcd_deployment_type: docker kubelet_deployment_type: host vault_deployment_type: docker +helm_deployment_type: docker # K8s image pull policy (imagePullPolicy) k8s_image_pull_policy: IfNotPresent diff --git a/roles/kubernetes-apps/helm/defaults/main.yml b/roles/kubernetes-apps/helm/defaults/main.yml index bb7ca244e..8ac51729e 100644 --- a/roles/kubernetes-apps/helm/defaults/main.yml +++ b/roles/kubernetes-apps/helm/defaults/main.yml @@ -3,3 +3,6 @@ helm_enabled: false # specify a dir and attach it to helm for HELM_HOME. helm_home_dir: "/root/.helm" + +# Deployment mode: host or docker +helm_deployment_type: docker diff --git a/roles/kubernetes-apps/helm/tasks/install_docker.yml b/roles/kubernetes-apps/helm/tasks/install_docker.yml new file mode 100644 index 000000000..1fda9d347 --- /dev/null +++ b/roles/kubernetes-apps/helm/tasks/install_docker.yml @@ -0,0 +1,8 @@ +--- +- name: Helm | Set up helm docker launcher + template: + src: helm-container.j2 + dest: "{{ bin_dir }}/helm" + owner: root + mode: 0755 + register: helm_container diff --git a/roles/kubernetes-apps/helm/tasks/install_host.yml b/roles/kubernetes-apps/helm/tasks/install_host.yml new file mode 100644 index 000000000..f7552ab97 --- /dev/null +++ b/roles/kubernetes-apps/helm/tasks/install_host.yml @@ -0,0 +1,23 @@ +--- +- name: Helm | Compare host helm with hyperkube container + command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ helm_image_repo }}:{{ helm_image_tag }} /usr/bin/cmp /usr/local/bin/helm /systembindir/helm" + register: helm_task_compare_result + until: helm_task_compare_result.rc in [0,1,2] + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + changed_when: false + failed_when: "helm_task_compare_result.rc not in [0,1,2]" + +- name: Helm | Copy helm from helm container + command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/systembindir {{ helm_image_repo }}:{{ helm_image_tag }} /bin/cp -f /usr/local/bin/helm /systembindir/helm" + when: helm_task_compare_result.rc != 0 + register: helm_task_result + until: helm_task_result.rc == 0 + retries: 4 + delay: "{{ retry_stagger | random + 3 }}" + +- name: Helm | Copy socat wrapper for Container Linux + command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}" + args: + creates: "{{ bin_dir }}/socat" + when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS'] diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml index 460cb05ab..027b2afdd 100644 --- a/roles/kubernetes-apps/helm/tasks/main.yml +++ b/roles/kubernetes-apps/helm/tasks/main.yml @@ -3,12 +3,7 @@ file: path={{ helm_home_dir }} state=directory - name: Helm | Set up helm launcher - template: - src: helm-container.j2 - dest: "{{ bin_dir }}/helm" - owner: root - mode: 0755 - register: helm_container + include: "install_{{ helm_deployment_type }}.yml" - name: Helm | Lay Down Helm Manifests (RBAC) template: @@ -33,7 +28,7 @@ - name: Helm | Install/upgrade helm command: "{{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}" - when: helm_container.changed + when: (helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed) - name: Helm | Patch tiller deployment for RBAC command: "{{bin_dir}}/kubectl patch deployment tiller-deploy -p '{\"spec\":{\"template\":{\"spec\":{\"serviceAccount\":\"tiller\"}}}}' -n {{ system_namespace }}" @@ -41,4 +36,4 @@ - name: Helm | Set up bash completion shell: "umask 022 && {{ bin_dir }}/helm completion bash >/etc/bash_completion.d/helm.sh" - when: ( helm_container.changed and not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] ) + when: (helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed) and not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index 17d769ab8..30b5155ff 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -124,6 +124,7 @@ etcd_deployment_type: docker kubelet_deployment_type: docker cert_management: script vault_deployment_type: docker +helm_deployment_type: docker # Enable kubeadm deployment (experimental) kubeadm_enabled: false