Adding support for proxy w/ rkt kubelet

2026-03-21 19:07:43 -02:30 · 2017-02-09 23:34:43 -06:00
parent 948d9bdadb
commit 4c891b8bb0
5 changed files with 56 additions and 31 deletions
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@@ -1,26 +1,4 @@
 ---
- name: Trust kubelet container
-  command: >-
-    /usr/bin/rkt trust
-    --skip-fingerprint-review
-    --root
-    {{ item }}
-  register: kubelet_rkt_trust_result
-  until: kubelet_rkt_trust_result.rc == 0
-  with_items:
-    - "https://quay.io/aci-signing-key"
-    - "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg"
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  changed_when: false
-  when: kubelet_deployment_type == "rkt"
-
- name: create kubelet working directory
-  file:
-    state: directory
-    path: /var/lib/kubelet
-  when: kubelet_deployment_type == "rkt"
-
 - name: install | Set SSL CA directories
  set_fact:
    ssl_ca_dirs: "[
@@ -35,11 +13,12 @@
    ]"
  tags: facts

+- include: "install_{{ kubelet_deployment_type }}.yml"
+
 - name: install | Write kubelet systemd init file
-  template: "src=kubelet.{{ kubelet_deployment_type }}.service.j2 dest=/etc/systemd/system/kubelet.service backup=yes"
+  template: 
+    src: "kubelet.{{ kubelet_deployment_type }}.service.j2"
+    dest: "/etc/systemd/system/kubelet.service"
+    backup: "yes"
  notify: restart kubelet

- name: install | Install kubelet launch script
-  template: src=kubelet-container.j2 dest="{{ bin_dir }}/kubelet" owner=kube mode=0755 backup=yes
-  notify: restart kubelet
-  when: kubelet_deployment_type == "docker"
--- a/roles/kubernetes/node/tasks/install_docker.yml
+++ b/roles/kubernetes/node/tasks/install_docker.yml
@@ -0,0 +1,9 @@
+---
+- name: install | Install kubelet launch script
+  template: 
+    src: kubelet-container.j2 
+    dest: "{{ bin_dir }}/kubelet" 
+    owner: kube 
+    mode: 0755 
+    backup: yes
+  notify: restart kubelet
--- a/roles/kubernetes/node/tasks/install_rkt.yml
+++ b/roles/kubernetes/node/tasks/install_rkt.yml
@@ -0,0 +1,33 @@
+---
+- name: Trust kubelet container
+  command: >-
+    /usr/bin/rkt trust
+    --skip-fingerprint-review
+    --root
+    {{ item }}
+  register: kubelet_rkt_trust_result
+  until: kubelet_rkt_trust_result.rc == 0
+  with_items:
+    - "https://quay.io/aci-signing-key"
+    - "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg"
+  retries: 4
+  delay: "{{ retry_stagger | random + 3 }}"
+  changed_when: false
+
+- name: create kubelet working directory
+  file:
+    state: directory
+    path: /var/lib/kubelet
+
+- name: Create kubelet service systemd directory
+  file: 
+    path: /etc/systemd/system/kubelet.service.d 
+    state: directory
+
+- name: Write kubelet proxy drop-in
+  template:
+    src: http-proxy.conf.j2
+    dest: /etc/systemd/system/kubelet.service.d/http-proxy.conf
+  when: http_proxy is defined or https_proxy is defined or no_proxy is defined
+  notify: restart kubelet
+