Merge pull request #861 from bogdando/rename_coreos

Rename CoreOS fact
pull/863/head
Bogdan Dobrelya 2017-01-05 14:53:06 +01:00 committed by GitHub
commit c0400e9db5
22 changed files with 61 additions and 57 deletions

View File

@ -97,7 +97,7 @@ gfs_volume_size_in_gb = "50"
ssh_user_gfs = "ubuntu" ssh_user_gfs = "ubuntu"
``` ```
If these variables are provided, this will give rise to a new ansible group called `gfs-cluster`, for which we have added ansible roles to execute in the ansible provisioning step. If you are using CoreOS, these GlusterFS VM necessarily need to be either Debian or RedHat based VMs, CoreOS cannot serve GlusterFS, but can connect to it through binaries available on hyperkube v1.4.3_coreos.0 or higher. If these variables are provided, this will give rise to a new ansible group called `gfs-cluster`, for which we have added ansible roles to execute in the ansible provisioning step. If you are using Container Linux by CoreOS, these GlusterFS VM necessarily need to be either Debian or RedHat based VMs, Container Linux by CoreOS cannot serve GlusterFS, but can connect to it through binaries available on hyperkube v1.4.3_coreos.0 or higher.
# Provision a Kubernetes Cluster on OpenStack # Provision a Kubernetes Cluster on OpenStack
@ -146,7 +146,7 @@ example-k8s-master-1 | SUCCESS => {
} }
``` ```
if you are deploying a system that needs bootstrapping, like CoreOS, these might have a state `FAILED` due to CoreOS not having python. As long as the state is not `UNREACHABLE`, this is fine. if you are deploying a system that needs bootstrapping, like Container Linux by CoreOS, these might have a state `FAILED` due to Container Linux by CoreOS not having python. As long as the state is not `UNREACHABLE`, this is fine.
if it fails try to connect manually via SSH ... it could be somthing as simple as a stale host key. if it fails try to connect manually via SSH ... it could be somthing as simple as a stale host key.

View File

@ -10,7 +10,7 @@ local_release_dir: "/tmp/releases"
# Random shifts for retrying failed ops like pushing/downloading # Random shifts for retrying failed ops like pushing/downloading
retry_stagger: 5 retry_stagger: 5
# Uncomment this line for CoreOS only. # Uncomment this line for Container Linux by CoreOS only.
# Directory where python binary is installed # Directory where python binary is installed
# ansible_python_interpreter: "/opt/bin/python" # ansible_python_interpreter: "/opt/bin/python"

View File

@ -15,7 +15,7 @@
service: service:
name: docker.socket name: docker.socket
state: restarted state: restarted
when: ansible_os_family == 'CoreOS' when: ansible_os_family == 'Container Linux by CoreOS'
- name: Docker | reload docker - name: Docker | reload docker
service: service:

View File

@ -20,7 +20,7 @@
docker requires a minimum kernel version of docker requires a minimum kernel version of
{{ docker_kernel_min_version }} on {{ docker_kernel_min_version }} on
{{ ansible_distribution }}-{{ ansible_distribution_version }} {{ ansible_distribution }}-{{ ansible_distribution_version }}
when: (ansible_os_family != "CoreOS") and (ansible_kernel|version_compare(docker_kernel_min_version, "<")) when: (ansible_os_family != "Container Linux by CoreOS") and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
tags: facts tags: facts
- name: ensure docker repository public key is installed - name: ensure docker repository public key is installed
@ -34,7 +34,7 @@
retries: 4 retries: 4
delay: "{{ retry_stagger | random + 3 }}" delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{ docker_repo_key_info.repo_keys }}" with_items: "{{ docker_repo_key_info.repo_keys }}"
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: ensure docker repository is enabled - name: ensure docker repository is enabled
action: "{{ docker_repo_info.pkg_repo }}" action: "{{ docker_repo_info.pkg_repo }}"
@ -42,7 +42,7 @@
repo: "{{item}}" repo: "{{item}}"
state: present state: present
with_items: "{{ docker_repo_info.repos }}" with_items: "{{ docker_repo_info.repos }}"
when: (ansible_os_family != "CoreOS") and (docker_repo_info.repos|length > 0) when: (ansible_os_family != "Container Linux by CoreOS") and (docker_repo_info.repos|length > 0)
- name: Configure docker repository on RedHat/CentOS - name: Configure docker repository on RedHat/CentOS
copy: copy:
@ -61,7 +61,7 @@
retries: 4 retries: 4
delay: "{{ retry_stagger | random + 3 }}" delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{ docker_package_info.pkgs }}" with_items: "{{ docker_package_info.pkgs }}"
when: (ansible_os_family != "CoreOS") and (docker_package_info.pkgs|length > 0) when: (ansible_os_family != "Container Linux by CoreOS") and (docker_package_info.pkgs|length > 0)
- name: Set docker systemd config - name: Set docker systemd config
include: systemd.yml include: systemd.yml

View File

@ -13,7 +13,7 @@
src: docker.service.j2 src: docker.service.j2
dest: /etc/systemd/system/docker.service dest: /etc/systemd/system/docker.service
register: docker_service_file register: docker_service_file
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: Write docker options systemd drop-in - name: Write docker options systemd drop-in
template: template:

View File

@ -2,14 +2,14 @@
local_release_dir: /tmp local_release_dir: /tmp
# if this is set to true will only download files once. Doesn't work # if this is set to true will only download files once. Doesn't work
# on CoreOS unless the download_localhost is true and localhost # on Container Linux by CoreOS unless the download_localhost is true and localhost
# is running another OS type. Default compress level is 9 (best). # is running another OS type. Default compress level is 9 (best).
download_run_once: False download_run_once: False
download_compress: 9 download_compress: 9
# if this is set to true, uses the localhost for download_run_once mode # if this is set to true, uses the localhost for download_run_once mode
# (requires docker and sudo to access docker). You may want this option for # (requires docker and sudo to access docker). You may want this option for
# local caching of docker images or for CoreOS cluster nodes. # local caching of docker images or for Container Linux by CoreOS cluster nodes.
# Otherwise, uses the first node in the kube-master group to store images # Otherwise, uses the first node in the kube-master group to store images
# in the download_run_once mode. # in the download_run_once mode.
download_localhost: False download_localhost: False

View File

@ -48,7 +48,7 @@
when: "{{ download.enabled|bool and download.container|bool }}" when: "{{ download.enabled|bool and download.container|bool }}"
tags: bootstrap-os tags: bootstrap-os
# This is required for the download_localhost delegate to work smooth with CoreOS cluster nodes # This is required for the download_localhost delegate to work smooth with Container Linux by CoreOS cluster nodes
- name: Hack python binary path for localhost - name: Hack python binary path for localhost
raw: sh -c "mkdir -p /opt/bin; ln -sf /usr/bin/python /opt/bin/python" raw: sh -c "mkdir -p /opt/bin; ln -sf /usr/bin/python /opt/bin/python"
when: "{{ download_delegate == 'localhost' }}" when: "{{ download_delegate == 'localhost' }}"
@ -119,7 +119,7 @@
delegate_to: "{{ download_delegate }}" delegate_to: "{{ download_delegate }}"
register: saved register: saved
run_once: true run_once: true
when: (ansible_os_family != "CoreOS" or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool and (container_changed|bool or not img.stat.exists) when: (ansible_os_family != "Container Linux by CoreOS" or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool and (container_changed|bool or not img.stat.exists)
- name: Download | copy container images to ansible host - name: Download | copy container images to ansible host
synchronize: synchronize:
@ -128,7 +128,7 @@
mode: pull mode: pull
delegate_to: localhost delegate_to: localhost
become: false become: false
when: ansible_os_family != "CoreOS" and inventory_hostname == groups['kube-master'][0] and download_delegate != "localhost" and download_run_once|bool and download.enabled|bool and download.container|bool and saved.changed when: ansible_os_family != "Container Linux by CoreOS" and inventory_hostname == groups['kube-master'][0] and download_delegate != "localhost" and download_run_once|bool and download.enabled|bool and download.container|bool and saved.changed
- name: Download | upload container images to nodes - name: Download | upload container images to nodes
synchronize: synchronize:
@ -141,10 +141,10 @@
until: get_task|success until: get_task|success
retries: 4 retries: 4
delay: "{{ retry_stagger | random + 3 }}" delay: "{{ retry_stagger | random + 3 }}"
when: (ansible_os_family != "CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool when: (ansible_os_family != "Container Linux by CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
tags: [upload, upgrade] tags: [upload, upgrade]
- name: Download | load container images - name: Download | load container images
shell: "{{ docker_bin_dir }}/docker load < {{ fname }}" shell: "{{ docker_bin_dir }}/docker load < {{ fname }}"
when: (ansible_os_family != "CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool when: (ansible_os_family != "Container Linux by CoreOS" and inventory_hostname != groups['kube-master'][0] or download_delegate == "localhost") and download_run_once|bool and download.enabled|bool and download.container|bool
tags: [upload, upgrade] tags: [upload, upgrade]

View File

@ -2,7 +2,7 @@
dependencies: dependencies:
- role: adduser - role: adduser
user: "{{ addusers.etcd }}" user: "{{ addusers.etcd }}"
when: ansible_os_family != 'CoreOS' when: ansible_os_family != 'Container Linux by CoreOS'
- role: download - role: download
file: "{{ downloads.etcd }}" file: "{{ downloads.etcd }}"
tags: download tags: download

View File

@ -129,7 +129,7 @@
/usr/local/share/ca-certificates/etcd-ca.crt /usr/local/share/ca-certificates/etcd-ca.crt
{%- elif ansible_os_family == "RedHat" -%} {%- elif ansible_os_family == "RedHat" -%}
/etc/pki/ca-trust/source/anchors/etcd-ca.crt /etc/pki/ca-trust/source/anchors/etcd-ca.crt
{%- elif ansible_os_family == "CoreOS" -%} {%- elif ansible_os_family == "Container Linux by CoreOS" -%}
/etc/ssl/certs/etcd-ca.pem /etc/ssl/certs/etcd-ca.pem
{%- endif %} {%- endif %}
tags: facts tags: facts
@ -141,9 +141,9 @@
remote_src: true remote_src: true
register: etcd_ca_cert register: etcd_ca_cert
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/CoreOS) - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
command: update-ca-certificates command: update-ca-certificates
when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"] when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
- name: Gen_certs | update ca-certificates (RedHat) - name: Gen_certs | update ca-certificates (RedHat)
command: update-ca-trust extract command: update-ca-trust extract

View File

@ -29,6 +29,6 @@ openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID') }}"
# All clients access each node individually, instead of using a load balancer. # All clients access each node individually, instead of using a load balancer.
etcd_multiaccess: true etcd_multiaccess: true
# CoreOS cloud init config file to define /etc/resolv.conf content # Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content
# for hostnet pods and infra needs # for hostnet pods and infra needs
resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf

View File

@ -3,7 +3,7 @@
notify: notify:
- Preinstall | reload network - Preinstall | reload network
- Preinstall | reload kubelet - Preinstall | reload kubelet
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
# FIXME(bogdando) https://github.com/projectcalico/felix/issues/1185 # FIXME(bogdando) https://github.com/projectcalico/felix/issues/1185
- name: Preinstall | reload network - name: Preinstall | reload network
@ -15,18 +15,18 @@
networking networking
{%- endif %} {%- endif %}
state: restarted state: restarted
when: ansible_os_family != "CoreOS" and kube_network_plugin not in ['canal', 'calico'] when: ansible_os_family != "Container Linux by CoreOS" and kube_network_plugin not in ['canal', 'calico']
- name: Preinstall | update resolvconf for CoreOS - name: Preinstall | update resolvconf for Container Linux by CoreOS
command: /bin/true command: /bin/true
notify: notify:
- Preinstall | apply resolvconf cloud-init - Preinstall | apply resolvconf cloud-init
- Preinstall | reload kubelet - Preinstall | reload kubelet
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- name: Preinstall | apply resolvconf cloud-init - name: Preinstall | apply resolvconf cloud-init
command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }} command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- name: Preinstall | reload kubelet - name: Preinstall | reload kubelet
service: service:

View File

@ -2,10 +2,10 @@
- include: pre-upgrade.yml - include: pre-upgrade.yml
tags: [upgrade, bootstrap-os] tags: [upgrade, bootstrap-os]
- name: Force binaries directory for CoreOS - name: Force binaries directory for Container Linux by CoreOS
set_fact: set_fact:
bin_dir: "/opt/bin" bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
tags: facts tags: facts
- name: check bin dir exists - name: check bin dir exists
@ -131,7 +131,7 @@
retries: 4 retries: 4
delay: "{{ retry_stagger | random + 3 }}" delay: "{{ retry_stagger | random + 3 }}"
with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}" with_items: "{{required_pkgs | default([]) | union(common_required_pkgs|default([]))}}"
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
tags: bootstrap-os tags: bootstrap-os
- name: Disable IPv6 DNS lookup - name: Disable IPv6 DNS lookup
@ -140,7 +140,7 @@
line: "precedence ::ffff:0:0/96 100" line: "precedence ::ffff:0:0/96 100"
state: present state: present
backup: yes backup: yes
when: disable_ipv6_dns and ansible_os_family != "CoreOS" when: disable_ipv6_dns and ansible_os_family != "Container Linux by CoreOS"
tags: bootstrap-os tags: bootstrap-os
# Todo : selinux configuration # Todo : selinux configuration

View File

@ -2,3 +2,7 @@
- name: Stop if non systemd OS type - name: Stop if non systemd OS type
assert: assert:
that: ansible_service_mgr == "systemd" that: ansible_service_mgr == "systemd"
- name: Stop if obsolete CoreOS family fact value
assert:
that: ansible_os_family != "CoreOS"

View File

@ -1,7 +1,7 @@
--- ---
- name: create temporary resolveconf cloud init file - name: create temporary resolveconf cloud init file
command: cp -f /etc/resolv.conf "{{ resolvconffile }}" command: cp -f /etc/resolv.conf "{{ resolvconffile }}"
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- name: Remove search/domain/nameserver options - name: Remove search/domain/nameserver options
lineinfile: lineinfile:
@ -48,7 +48,7 @@
- name: get temporary resolveconf cloud init file content - name: get temporary resolveconf cloud init file content
command: cat {{ resolvconffile }} command: cat {{ resolvconffile }}
register: cloud_config register: cloud_config
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- name: persist resolvconf cloud init file - name: persist resolvconf cloud init file
template: template:
@ -56,9 +56,9 @@
src: resolvconf.j2 src: resolvconf.j2
owner: root owner: root
mode: 0644 mode: 0644
notify: Preinstall | update resolvconf for CoreOS notify: Preinstall | update resolvconf for Container Linux by CoreOS
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- include: dhclient-hooks.yml - include: dhclient-hooks.yml
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
tags: [bootstrap-os, resolvconf] tags: [bootstrap-os, resolvconf]

View File

@ -35,11 +35,11 @@
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%} {%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%}
head: >- head: >-
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%} {%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%}
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: target temporary resolvconf cloud init file (CoreOS) - name: target temporary resolvconf cloud init file (Container Linux by CoreOS)
set_fact: resolvconffile=/tmp/resolveconf_cloud_init_conf set_fact: resolvconffile=/tmp/resolveconf_cloud_init_conf
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- name: target dhclient conf/hook files for Red Hat family - name: target dhclient conf/hook files for Red Hat family
set_fact: set_fact:

View File

@ -74,7 +74,7 @@
/usr/local/share/ca-certificates/kube-ca.crt /usr/local/share/ca-certificates/kube-ca.crt
{%- elif ansible_os_family == "RedHat" -%} {%- elif ansible_os_family == "RedHat" -%}
/etc/pki/ca-trust/source/anchors/kube-ca.crt /etc/pki/ca-trust/source/anchors/kube-ca.crt
{%- elif ansible_os_family == "CoreOS" -%} {%- elif ansible_os_family == "Container Linux by CoreOS" -%}
/etc/ssl/certs/kube-ca.pem /etc/ssl/certs/kube-ca.pem
{%- endif %} {%- endif %}
tags: facts tags: facts
@ -86,9 +86,9 @@
remote_src: true remote_src: true
register: kube_ca_cert register: kube_ca_cert
- name: Gen_certs | update ca-certificates (Debian/Ubuntu/CoreOS) - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
command: update-ca-certificates command: update-ca-certificates
when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"] when: kube_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
- name: Gen_certs | update ca-certificates (RedHat) - name: Gen_certs | update ca-certificates (RedHat)
command: update-ca-trust extract command: update-ca-trust extract

View File

@ -1,6 +1,6 @@
dependencies: dependencies:
- role: etcd - role: etcd
- role: docker - role: docker
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- role: download - role: download
file: "{{ downloads.calico_rr }}" file: "{{ downloads.calico_rr }}"

View File

@ -20,7 +20,7 @@
service: service:
name: docker.socket name: docker.socket
state: restarted state: restarted
when: ansible_os_family == 'CoreOS' when: ansible_os_family == 'Container Linux by CoreOS'
- name: Flannel | reload docker - name: Flannel | reload docker
service: service:

View File

@ -1,5 +1,5 @@
[Service] [Service]
{% if ansible_os_family == "CoreOS" %} {% if ansible_os_family == "Container Linux by CoreOS" %}
Environment="DOCKER_OPT_BIP=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}" Environment="DOCKER_OPT_BIP=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
{% else %} {% else %}
Environment="DOCKER_NETWORK_OPTIONS=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}" Environment="DOCKER_NETWORK_OPTIONS=--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"

View File

@ -7,14 +7,14 @@
tasks: tasks:
- name: Force binaries directory for CoreOS - name: Force binaries directory for Container Linux by CoreOS
set_fact: set_fact:
bin_dir: "/opt/bin" bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- set_fact: - set_fact:
bin_dir: "/usr/local/bin" bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: Run a replica controller composed of 2 pods - name: Run a replica controller composed of 2 pods
shell: "{{bin_dir}}/kubectl run test --image={{test_image_repo}}:{{test_image_tag}} --replicas=2 --command -- tail -f /dev/null" shell: "{{bin_dir}}/kubectl run test --image={{test_image_repo}}:{{test_image_tag}} --replicas=2 --command -- tail -f /dev/null"

View File

@ -3,14 +3,14 @@
tasks: tasks:
- name: Force binaries directory for CoreOS - name: Force binaries directory for Container Linux by CoreOS
set_fact: set_fact:
bin_dir: "/opt/bin" bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- set_fact: - set_fact:
bin_dir: "/usr/local/bin" bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: Get pod names - name: Get pod names
shell: "{{bin_dir}}/kubectl get pods -o json" shell: "{{bin_dir}}/kubectl get pods -o json"

View File

@ -12,14 +12,14 @@
netchecker_port: 31081 netchecker_port: 31081
tasks: tasks:
- name: Force binaries directory for CoreOS - name: Force binaries directory for Container Linux by CoreOS
set_fact: set_fact:
bin_dir: "/opt/bin" bin_dir: "/opt/bin"
when: ansible_os_family == "CoreOS" when: ansible_os_family == "Container Linux by CoreOS"
- set_fact: - set_fact:
bin_dir: "/usr/local/bin" bin_dir: "/usr/local/bin"
when: ansible_os_family != "CoreOS" when: ansible_os_family != "Container Linux by CoreOS"
- name: Wait for netchecker server - name: Wait for netchecker server
shell: "{{ bin_dir }}/kubectl get pods --namespace {{netcheck_namespace}} | grep ^netchecker-server" shell: "{{ bin_dir }}/kubectl get pods --namespace {{netcheck_namespace}} | grep ^netchecker-server"