Merge pull request #12185 from VannTen/cleanup/iproute_with_the_rest

Move package installation to bootstrap-os
2026-05-06 08:57:37 -02:30 · 2025-05-09 20:49:14 -07:00
parent 27e93ee9f6 25e4fa17a8
commit 0c8dfb8e43
28 changed files with 414 additions and 493 deletions
--- a/roles/kubespray-defaults/defaults/main/main.yml
+++ b/roles/kubespray-defaults/defaults/main/main.yml
@@ -6,6 +6,9 @@ ansible_ssh_common_args: "{% if 'bastion' in groups['all'] %} -o ProxyCommand='s
 # selinux state
 preinstall_selinux_state: permissive

+# Check if access_ip responds to ping. Set false if your firewall blocks ICMP.
+ping_access_ip: true
+
 # Setting this value to false will fail
 # For details, read this comment https://github.com/kubernetes-sigs/kubespray/pull/11016#issuecomment-2004985001
 kube_api_anonymous_auth: true
@@ -101,9 +104,6 @@ local_release_dir: "/tmp/releases"
 # Random shifts for retrying failed ops like pushing/downloading
 retry_stagger: 5

-# Install epel repo on Centos/RHEL
-epel_enabled: false
-
 # DNS configuration.
 # Kubernetes cluster name, also will be used as DNS domain
 cluster_name: cluster.local
--- a/roles/kubespray-defaults/tasks/main.yaml
+++ b/roles/kubespray-defaults/tasks/main.yaml
@@ -1,58 +0,0 @@
---
- name: Set facts variables
-  tags:
-    - always
-  block:
-    - name: Gather ansible_default_ipv4
-      setup:
-        gather_subset: '!all,network'
-        filter: "ansible_default_ipv4"
-      when: ansible_default_ipv4 is not defined
-      ignore_unreachable: true
-      # Set 127.0.0.1 as fallback IP if we do not have host facts for host
-      # ansible_default_ipv4 isn't what you think.
-      # https://medium.com/opsops/ansible-default-ipv4-is-not-what-you-think-edb8ab154b10
-      # TODO: discard this and update all the location relying on it in "looping on hostvars" templates
-    - name: Set fallback_ip
-      set_fact:
-        fallback_ip: "{{ ansible_default_ipv4.address | d('127.0.0.1') }}"
-      when: fallback_ip is not defined
-
-    - name: Gather ansible_default_ipv6
-      setup:
-        gather_subset: '!all,network'
-        filter: "ansible_default_ipv6"
-      when: ansible_default_ipv6 is not defined
-      ignore_unreachable: true
-    - name: Set fallback_ip6
-      set_fact:
-        fallback_ip6: "{{ ansible_default_ipv6.address | d('::1') }}"
-      when: fallback_ip6 is not defined
-
-    - name: Set main access ip(access_ip based on ipv4_stack/ipv6_stack options).
-      set_fact:
-        cacheable: true
-        main_access_ip: >-
-          {%- if ipv4_stack -%}
-          {{ access_ip | default(ip | default(fallback_ip)) }}
-          {%- else -%}
-          {{ access_ip6 | default(ip6 | default(fallback_ip6)) }}
-          {%- endif -%}
-
-    - name: Set main ip(ip based on ipv4_stack/ipv6_stack options).
-      set_fact:
-        main_ip: "{{ (ip | default(fallback_ip)) if ipv4_stack else (ip6 | default(fallback_ip6)) }}"
-
-    - name: Set main access ips(mixed ips for dualstack).
-      set_fact:
-        main_access_ips: ["{{ (main_access_ip + ',' + (access_ip6 | default(ip6 | default(fallback_ip6)))) if (ipv4_stack and ipv6_stack) else main_access_ip }}"]
-
-    - name: Set main ips(mixed ips for dualstack).
-      set_fact:
-        main_ips: ["{{ (main_ip + ',' + (ip6 | default(fallback_ip6))) if (ipv4_stack and ipv6_stack) else main_ip }}"]
-
-    - name: Set no_proxy
-      import_tasks: no_proxy.yml
-      when:
-        - http_proxy is defined or https_proxy is defined
-        - no_proxy is not defined
--- a/roles/kubespray-defaults/tasks/no_proxy.yml
+++ b/roles/kubespray-defaults/tasks/no_proxy.yml
@@ -1,40 +0,0 @@
---
- name: Set no_proxy to all assigned cluster IPs and hostnames
-  set_fact:
-    # noqa: jinja[spacing]
-    no_proxy_prepare: >-
-      {%- if loadbalancer_apiserver is defined -%}
-      {{ apiserver_loadbalancer_domain_name | default('') }},
-      {{ loadbalancer_apiserver.address | default('') }},
-      {%- endif -%}
-      {%- if no_proxy_exclude_workers | default(false) -%}
-      {% set cluster_or_control_plane = 'kube_control_plane' %}
-      {%- else -%}
-      {% set cluster_or_control_plane = 'k8s_cluster' %}
-      {%- endif -%}
-      {%- for item in (groups[cluster_or_control_plane] + groups['etcd'] | default([]) + groups['calico_rr'] | default([])) | unique -%}
-      {{ hostvars[item]['main_access_ip'] }},
-      {%- if item != hostvars[item].get('ansible_hostname', '') -%}
-      {{ hostvars[item]['ansible_hostname'] }},
-      {{ hostvars[item]['ansible_hostname'] }}.{{ dns_domain }},
-      {%- endif -%}
-      {{ item }},{{ item }}.{{ dns_domain }},
-      {%- endfor -%}
-      {%- if additional_no_proxy is defined -%}
-      {{ additional_no_proxy }},
-      {%- endif -%}
-      127.0.0.1,localhost,{{ kube_service_subnets }},{{ kube_pods_subnets }},svc,svc.{{ dns_domain }}
-  delegate_to: localhost
-  connection: local
-  delegate_facts: true
-  become: false
-  run_once: true
-
- name: Populates no_proxy to all hosts
-  set_fact:
-    no_proxy: "{{ hostvars.localhost.no_proxy_prepare }}"
-    # noqa: jinja[spacing]
-    proxy_env: "{{ proxy_env | combine({
-        'no_proxy': hostvars.localhost.no_proxy_prepare,
-        'NO_PROXY': hostvars.localhost.no_proxy_prepare
-      }) }}"