Replace injected Ansible fact variables with ansible_facts in preinstall role (#13232)

roles/kubernetes/preinstall/defaults/main.yml

@@ -104,7 +104,7 @@ redhat_os_family_extensions:
   - "UniontechOS"
 
 # Sets DNSStubListener=no, useful if you get "0.0.0.0:53: bind: address already in use"
-systemd_resolved_disable_stub_listener: "{{ ansible_os_family in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
+systemd_resolved_disable_stub_listener: "{{ ansible_facts['os_family'] in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
 
 # Used to disable File Access Policy Daemon service.
 # If service is enabled, the CNI plugin installation will fail

roles/kubernetes/preinstall/handlers/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: Preinstall | apply resolvconf cloud-init
   command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
-  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+  when: ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
   listen: Preinstall | propagate resolvconf to k8s components
 
 - name: Preinstall | reload NetworkManager

roles/kubernetes/preinstall/tasks/0020-set_facts.yml

@@ -1,9 +1,12 @@
 ---
-- name: Set os_family fact for other redhat-based operating systems
+- name: Normalize ansible_facts for redhat-family extensions
   set_fact:
-    ansible_os_family: "RedHat"
+    ansible_facts: >-
-    ansible_distribution_major_version: "8"
+      {{ ansible_facts | combine({
-  when: ansible_distribution in redhat_os_family_extensions
+           'os_family': 'RedHat',
+           'distribution_major_version': '8'
+         }) }}
+  when: ansible_facts['distribution'] in redhat_os_family_extensions
   tags:
     - facts
 
@@ -86,12 +89,12 @@
       {%- if resolvconf | bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%}
     head: >-
       {%- if resolvconf | bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%}
-  when: not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and not is_fedora_coreos
+  when: ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and not is_fedora_coreos
 
 - name: Target temporary resolvconf cloud init file (Flatcar Container Linux by Kinvolk / Fedora CoreOS)
   set_fact:
     resolvconffile: /tmp/resolveconf_cloud_init_conf
-  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
 
 - name: Check if /etc/dhclient.conf exists
   stat:
@@ -122,12 +125,12 @@
 - name: Target dhclient hook file for Red Hat family
   set_fact:
     dhclienthookfile: /etc/dhcp/dhclient.d/zdnsupdate.sh
-  when: ansible_os_family == "RedHat"
+  when: ansible_facts['os_family'] == "RedHat"
 
 - name: Target dhclient hook file for Debian family
   set_fact:
     dhclienthookfile: /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
-  when: ansible_os_family == "Debian"
+  when: ansible_facts['os_family'] == "Debian"
 
 - name: Set etcd vars if using kubeadm mode
   set_fact:

roles/kubernetes/preinstall/tasks/0040-verify-settings.yml

@@ -15,25 +15,25 @@
     - not ignore_assert_errors
 - name: Stop if non systemd OS type
   assert:
-    that: ansible_service_mgr == "systemd"
+    that: ansible_facts['service_mgr'] == "systemd"
   when: not ignore_assert_errors
 
 - name: Stop if the os does not support
   assert:
-    that: (allow_unsupported_distribution_setup | default(false)) or ansible_distribution in supported_os_distributions
+    that: (allow_unsupported_distribution_setup | default(false)) or ansible_facts['distribution'] in supported_os_distributions
-    msg: "{{ ansible_distribution }} is not a known OS"
+    msg: "{{ ansible_facts['distribution'] }} is not a known OS"
   when: not ignore_assert_errors
 
 - name: Stop if memory is too small for control plane nodes
   assert:
-    that: ansible_memtotal_mb >= minimal_master_memory_mb
+    that: ansible_facts['memtotal_mb'] >= minimal_master_memory_mb
   when:
     - not ignore_assert_errors
     - ('kube_control_plane' in group_names)
 
 - name: Stop if memory is too small for nodes
   assert:
-    that: ansible_memtotal_mb >= minimal_node_memory_mb
+    that: ansible_facts['memtotal_mb'] >= minimal_node_memory_mb
   when:
     - not ignore_assert_errors
     - ('kube_node' in group_names)
@@ -47,8 +47,8 @@
 
 - name: Stop if ip var does not match local ips
   assert:
-    that: (ip in ansible_all_ipv4_addresses) or (ip in ansible_all_ipv6_addresses)
+    that: (ip in ansible_facts['all_ipv4_addresses']) or (ip in ansible_facts['all_ipv6_addresses'])
-    msg: "IPv4: '{{ ansible_all_ipv4_addresses }}' and IPv6: '{{ ansible_all_ipv6_addresses }}' do not contain '{{ ip }}'"
+    msg: "IPv4: '{{ ansible_facts['all_ipv4_addresses'] }}' and IPv6: '{{ ansible_facts['all_ipv6_addresses'] }}' do not contain '{{ ip }}'"
   when:
     - not ignore_assert_errors
     - ip is defined
@@ -63,14 +63,14 @@
 
 - name: Stop if kernel version is too low for cilium
   assert:
-    that: ansible_kernel.split('-')[0] is version('4.9.17', '>=')
+    that: ansible_facts['kernel'].split('-')[0] is version('4.9.17', '>=')
   when:
     - kube_network_plugin == 'cilium' or cilium_deploy_additionally
     - not ignore_assert_errors
 
 - name: Stop if kernel version is too low for nftables
   assert:
-    that: ansible_kernel.split('-')[0] is version('5.13', '>=')
+    that: ansible_facts['kernel'].split('-')[0] is version('5.13', '>=')
   when:
     - kube_proxy_mode == 'nftables'
     - not kube_proxy_remove
@@ -93,6 +93,6 @@
 
 - name: Stop if download_localhost is enabled for Flatcar Container Linux
   assert:
-    that: ansible_os_family not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    that: ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
     msg: "download_run_once not supported for Flatcar Container Linux"
   when: download_run_once or download_force_cache

roles/kubernetes/preinstall/tasks/0060-resolvconf.yml

@@ -1,7 +1,7 @@
 ---
 - name: Create temporary resolveconf cloud init file
   command: cp -f /etc/resolv.conf "{{ resolvconffile }}"
-  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+  when: ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: Add domain/search/nameservers/options to resolv.conf
   blockinfile:
@@ -45,7 +45,7 @@
 - name: Get temporary resolveconf cloud init file content
   command: cat {{ resolvconffile }}
   register: cloud_config
-  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+  when: ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: Persist resolvconf cloud init file
   template:
@@ -54,4 +54,4 @@
     owner: root
     mode: "0644"
   notify: Preinstall | propagate resolvconf to k8s components
-  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+  when: ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk"]

roles/kubernetes/preinstall/tasks/0080-system-configurations.yml

@@ -7,8 +7,8 @@
     get_checksum: false
     get_mime: false
   when:
-    - ansible_os_family == "RedHat"
+    - ansible_facts['os_family'] == "RedHat"
-    - "'Amazon' not in ansible_distribution"
+    - "'Amazon' not in ansible_facts['distribution']"
   register: slc
 
 - name: Set selinux policy
@@ -16,8 +16,8 @@
     policy: targeted
     state: "{{ preinstall_selinux_state }}"
   when:
-    - ansible_os_family == "RedHat"
+    - ansible_facts['os_family'] == "RedHat"
-    - "'Amazon' not in ansible_distribution"
+    - "'Amazon' not in ansible_facts['distribution']"
     - slc.stat.exists
   tags:
     - bootstrap_os
@@ -32,7 +32,7 @@
     mode: "0644"
   when:
     - disable_ipv6_dns
-    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    - ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
   tags:
     - bootstrap_os
 

roles/kubernetes/preinstall/tasks/0081-ntp-configurations.yml

@@ -15,7 +15,7 @@
       /etc/ntp.conf
       {%- elif ntp_package == "ntpsec" -%}
       /etc/ntpsec/ntp.conf
-      {%- elif ansible_os_family in ['RedHat', 'Suse'] -%}
+      {%- elif ansible_facts['os_family'] in ['RedHat', 'Suse'] -%}
       /etc/chrony.conf
       {%- else -%}
       /etc/chrony/chrony.conf
@@ -24,7 +24,7 @@
     ntp_service_name: >-
       {% if ntp_package == "chrony" -%}
       chronyd
-      {%- elif ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse"] -%}
+      {%- elif ansible_facts['os_family'] in ["Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse"] -%}
       ntpd
       {%- else -%}
       ntp
@@ -72,14 +72,14 @@
   when:
     - ntp_timezone
     - not is_fedora_coreos
-    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    - ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: Gather selinux facts
   ansible.builtin.setup:
     gather_subset: selinux
   when:
     - ntp_timezone
-    - ansible_os_family == "RedHat"
+    - ansible_facts['os_family'] == "RedHat"
 
 - name: Put SELinux in permissive mode, logging actions that would be blocked.
   ansible.posix.selinux:
@@ -87,7 +87,7 @@
     state: permissive
   when:
     - ntp_timezone
-    - ansible_os_family == "RedHat"
+    - ansible_facts['os_family'] == "RedHat"
     - ansible_facts.selinux.status == 'enabled'
     - ansible_facts.selinux.mode == 'enforcing'
 
@@ -103,5 +103,5 @@
     state: "{{ preinstall_selinux_state }}"
   when:
     - ntp_timezone
-    - ansible_os_family == "RedHat"
+    - ansible_facts['os_family'] == "RedHat"
     - ansible_facts.selinux.status == 'enabled'

roles/kubernetes/preinstall/tasks/0100-dhclient-hooks.yml

@@ -26,7 +26,7 @@
     owner: root
     mode: "0755"
   notify: Preinstall | propagate resolvconf to k8s components
-  when: ansible_os_family not in [ "RedHat", "Suse" ]
+  when: ansible_facts['os_family'] not in [ "RedHat", "Suse" ]
 
 - name: Configure dhclient hooks for resolv.conf (RH-only)
   template:
@@ -35,4 +35,4 @@
     owner: root
     mode: "0755"
   notify: Preinstall | propagate resolvconf to k8s components
-  when: ansible_os_family == "RedHat"
+  when: ansible_facts['os_family'] == "RedHat"

roles/kubernetes/preinstall/tasks/main.yml

@@ -83,7 +83,7 @@
     - dns_mode != 'none'
     - resolvconf_mode == 'host_resolvconf'
     - dhclientconffile is defined
-    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    - ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
   tags:
     - bootstrap_os
     - resolvconf
@@ -94,7 +94,7 @@
     - dns_mode != 'none'
     - resolvconf_mode != 'host_resolvconf'
     - dhclientconffile is defined
-    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    - ansible_facts['os_family'] not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
   tags:
     - bootstrap_os
     - resolvconf