Drop support for RHEL 7 / CentOS 7 (#11246)

* Simplify docker systemd unit systemd handles missing unit by ignoring the dependency so we don't need to template them. * Remove RHEL 7/CentOS 7 support - remove ref in kubespray roles - move CI from centos 7 to 8 - remove docs related to centos7 * Remove container-storage-setup Only used for RHEL 7 and CentOS 7
2026-03-10 14:09:34 -02:30 · 2024-09-05 06:41:01 +00:00
parent 3da6c4fc18
commit 7f527f6195
34 changed files with 22 additions and 296 deletions
--- a/roles/bootstrap-os/molecule/default/molecule.yml
+++ b/roles/bootstrap-os/molecule/default/molecule.yml
@@ -19,12 +19,6 @@ platforms:
    memory: 1024
    provider_options:
      driver: kvm
-  - name: centos7
-    box: centos/7
-    cpus: 1
-    memory: 512
-    provider_options:
-      driver: kvm
  - name: almalinux8
    box: almalinux/8
    cpus: 1
--- a/roles/bootstrap-os/tasks/centos.yml
+++ b/roles/bootstrap-os/tasks/centos.yml
@@ -80,40 +80,13 @@
    - { option: "name", value: "CentOS-{{ ansible_distribution_major_version }} - Extras" }
    - { option: "enabled", value: "1" }
    - { option: "gpgcheck", value: "0" }
-    - { option: "baseurl", value: "http://vault.centos.org/{{ 'altarch' if (ansible_distribution_major_version | int) <= 7 and ansible_architecture == 'aarch64' else 'centos' }}/{{ ansible_distribution_major_version }}/extras/$basearch/{% if ansible_distribution_major_version | int > 7 %}os/{% endif %}" }
+    - { option: "baseurl", value: "http://mirror.centos.org/centos/{{ ansible_distribution_major_version }}/extras/$basearch/os/" }
  when:
    - use_oracle_public_repo | default(true)
    - '''ID="ol"'' in os_release.stdout_lines'
    - (ansible_distribution_version | float) >= 7.6
    - (ansible_distribution_version | float) < 9

-# CentOS 7 EOL at July 1, 2024.
- name: Check CentOS-Base.repo exists for CentOS 7
-  stat:
-    path: /etc/yum.repos.d/CentOS-Base.repo
-  register: centos_base_repo_stat
-  when:
-    - ansible_distribution_major_version == "7"
-
-# CentOS 7 EOL at July 1, 2024.
- name: Update CentOS 7 CentOS-Base.repo
-  when:
-    - ansible_distribution_major_version == "7"
-    - centos_base_repo_stat.stat.exists
-  become: true
-  block:
-    - name: Disable CentOS 7 mirrorlist in CentOS-Base.repo
-      replace:
-        path: "{{ centos_base_repo_stat.stat.path }}"
-        regexp: '^mirrorlist='
-        replace: '#mirrorlist='
-
-    - name: Update CentOS 7 baseurl in CentOS-Base.repo
-      replace:
-        path: "{{ centos_base_repo_stat.stat.path }}"
-        regexp: '^#baseurl=http:\/\/mirror.centos.org'
-        replace: 'baseurl=http:\/\/vault.centos.org'
-
 # CentOS ships with python installed

 - name: Check presence of fastestmirror.conf
--- a/roles/bootstrap-os/tasks/redhat.yml
+++ b/roles/bootstrap-os/tasks/redhat.yml
@@ -62,17 +62,6 @@
    - rh_subscription_username is defined
    - rh_subscription_status.changed

-# container-selinux is in extras repo
- name: Enable RHEL 7 repos
-  community.general.rhsm_repository:
-    name:
-      - "rhel-7-server-rpms"
-      - "rhel-7-server-extras-rpms"
-    state: "{{ 'enabled' if (rhel_enable_repos | default(True) | bool) else 'disabled' }}"
-  when:
-    - ansible_distribution_major_version == "7"
-    - (not rh_subscription_status.changed) or (rh_subscription_username is defined) or (rh_subscription_org_id is defined)
-
 # container-selinux is in appstream repo
 - name: Enable RHEL 8 repos
  community.general.rhsm_repository:
--- a/roles/container-engine/docker-storage/defaults/main.yml
+++ b/roles/container-engine/docker-storage/defaults/main.yml
@@ -1,19 +0,0 @@
---
-docker_container_storage_setup_repository: https://github.com/projectatomic/container-storage-setup.git
-docker_container_storage_setup_version: v0.6.0
-docker_container_storage_setup_profile_name: kubespray
-docker_container_storage_setup_storage_driver: devicemapper
-docker_container_storage_setup_container_thinpool: docker-pool
-# It must be define a disk path for docker_container_storage_setup_devs.
-# Otherwise docker-storage-setup will be executed incorrectly.
-# docker_container_storage_setup_devs: /dev/vdb
-docker_container_storage_setup_data_size: 40%FREE
-docker_container_storage_setup_min_data_size: 2G
-docker_container_storage_setup_chunk_size: 512K
-docker_container_storage_setup_growpart: "false"
-docker_container_storage_setup_auto_extend_pool: "yes"
-docker_container_storage_setup_pool_autoextend_threshold: 60
-docker_container_storage_setup_pool_autoextend_percent: 20
-docker_container_storage_setup_device_wait_timeout: 60
-docker_container_storage_setup_wipe_signatures: "false"
-docker_container_storage_setup_container_root_lv_size: 40%FREE
--- a/roles/container-engine/docker-storage/files/install_container_storage_setup.sh
+++ b/roles/container-engine/docker-storage/files/install_container_storage_setup.sh
@@ -1,23 +0,0 @@
-#!/bin/sh
-
-set -e
-
-repository=${1:-https://github.com/projectatomic/container-storage-setup.git}
-version=${2:-master}
-profile_name=${3:-kubespray}
-dir=`mktemp -d`
-export GIT_DIR=$dir/.git
-export GIT_WORK_TREE=$dir
-
-git init
-git fetch --depth 1 $repository $version
-git merge FETCH_HEAD
-make -C $dir install
-rm -rf /var/lib/container-storage-setup/$profile_name $dir
-
-set +e
-
-/usr/bin/container-storage-setup create $profile_name /etc/sysconfig/docker-storage-setup && /usr/bin/container-storage-setup activate $profile_name
-# FIXME: exit status can be 1 for both fatal and non fatal errors in current release,
-# could be improved by matching error strings
-exit 0
--- a/roles/container-engine/docker-storage/tasks/main.yml
+++ b/roles/container-engine/docker-storage/tasks/main.yml
@@ -1,48 +0,0 @@
---
-
- name: Docker-storage-setup | install git and make
-  with_items: [git, make]
-  package:
-    pkg: "{{ item }}"
-    state: present
-
- name: Docker-storage-setup | docker-storage-setup sysconfig template
-  template:
-    src: docker-storage-setup.j2
-    dest: /etc/sysconfig/docker-storage-setup
-    mode: "0644"
-
- name: Docker-storage-override-directory | docker service storage-setup override dir
-  file:
-    dest: /etc/systemd/system/docker.service.d
-    mode: "0755"
-    owner: root
-    group: root
-    state: directory
-
- name: Docker-storage-override | docker service storage-setup override file
-  copy:
-    dest: /etc/systemd/system/docker.service.d/override.conf
-    content: |-
-      ### This file is managed by Ansible
-      [Service]
-      EnvironmentFile=-/etc/sysconfig/docker-storage
-
-    owner: root
-    group: root
-    mode: "0644"
-
-# https://docs.docker.com/engine/installation/linux/docker-ce/centos/#install-using-the-repository
- name: Docker-storage-setup | install lvm2
-  package:
-    name: lvm2
-    state: present
-
- name: Docker-storage-setup | install and run container-storage-setup
-  become: true
-  script: |
-    install_container_storage_setup.sh \
-      {{ docker_container_storage_setup_repository }} \
-      {{ docker_container_storage_setup_version }} \
-      {{ docker_container_storage_setup_profile_name }}
-  notify: Docker | reload systemd
--- a/roles/container-engine/docker-storage/templates/docker-storage-setup.j2
+++ b/roles/container-engine/docker-storage/templates/docker-storage-setup.j2
@@ -1,35 +0,0 @@
-{%if docker_container_storage_setup_storage_driver is defined%}STORAGE_DRIVER={{docker_container_storage_setup_storage_driver}}{%endif%}
-
-{%if docker_container_storage_setup_extra_storage_options is defined%}EXTRA_STORAGE_OPTIONS={{docker_container_storage_setup_extra_storage_options}}{%endif%}
-
-{%if docker_container_storage_setup_devs is defined%}DEVS={{docker_container_storage_setup_devs}}{%endif%}
-
-{%if docker_container_storage_setup_container_thinpool is defined%}CONTAINER_THINPOOL={{docker_container_storage_setup_container_thinpool}}{%endif%}
-
-{%if docker_container_storage_setup_vg is defined%}VG={{docker_container_storage_setup_vg}}{%endif%}
-
-{%if docker_container_storage_setup_root_size is defined%}ROOT_SIZE={{docker_container_storage_setup_root_size}}{%endif%}
-
-{%if docker_container_storage_setup_data_size is defined%}DATA_SIZE={{docker_container_storage_setup_data_size}}{%endif%}
-
-{%if docker_container_storage_setup_min_data_size is defined%}MIN_DATA_SIZE={{docker_container_storage_setup_min_data_size}}{%endif%}
-
-{%if docker_container_storage_setup_chunk_size is defined%}CHUNK_SIZE={{docker_container_storage_setup_chunk_size}}{%endif%}
-
-{%if docker_container_storage_setup_growpart is defined%}GROWPART={{docker_container_storage_setup_growpart}}{%endif%}
-
-{%if docker_container_storage_setup_auto_extend_pool is defined%}AUTO_EXTEND_POOL={{docker_container_storage_setup_auto_extend_pool}}{%endif%}
-
-{%if docker_container_storage_setup_pool_autoextend_threshold is defined%}POOL_AUTOEXTEND_THRESHOLD={{docker_container_storage_setup_pool_autoextend_threshold}}{%endif%}
-
-{%if docker_container_storage_setup_pool_autoextend_percent is defined%}POOL_AUTOEXTEND_PERCENT={{docker_container_storage_setup_pool_autoextend_percent}}{%endif%}
-
-{%if docker_container_storage_setup_device_wait_timeout is defined%}DEVICE_WAIT_TIMEOUT={{docker_container_storage_setup_device_wait_timeout}}{%endif%}
-
-{%if docker_container_storage_setup_wipe_signatures is defined%}WIPE_SIGNATURES={{docker_container_storage_setup_wipe_signatures}}{%endif%}
-
-{%if docker_container_storage_setup_container_root_lv_name is defined%}CONTAINER_ROOT_LV_NAME={{docker_container_storage_setup_container_root_lv_name}}{%endif%}
-
-{%if docker_container_storage_setup_container_root_lv_size is defined%}CONTAINER_ROOT_LV_SIZE={{docker_container_storage_setup_container_root_lv_size}}{%endif%}
-
-{%if docker_container_storage_setup_container_root_lv_mount_path is defined%}CONTAINER_ROOT_LV_MOUNT_PATH={{docker_container_storage_setup_container_root_lv_mount_path}}{%endif%}
--- a/roles/container-engine/docker/meta/main.yml
+++ b/roles/container-engine/docker/meta/main.yml
@@ -1,5 +1,3 @@
 ---
 dependencies:
  - role: container-engine/containerd-common
-  - role: container-engine/docker-storage
-    when: docker_container_storage_setup and ansible_os_family == "RedHat"
--- a/roles/container-engine/docker/templates/docker.service.j2
+++ b/roles/container-engine/docker/templates/docker.service.j2
@@ -1,19 +1,11 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-{% if ansible_os_family == "RedHat" %}
-After=network.target {{ ' docker-storage-setup.service' if docker_container_storage_setup else '' }} containerd.service
+After=network.target docker.socket containerd.service lvm2-monitor.service SuSEfirewall2.service
+{% if ansible_os_family != "Suse" %}
 BindsTo=containerd.service
-{{ 'Wants=docker-storage-setup.service' if docker_container_storage_setup else '' }}
-{% elif ansible_os_family == "Debian" %}
-After=network.target docker.socket containerd.service
-BindsTo=containerd.service
-Wants=docker.socket
-{% elif ansible_os_family == "Suse" %}
-After=network.target lvm2-monitor.service SuSEfirewall2.service
-# After=network.target containerd.service
-# BindsTo=containerd.service
 {% endif %}
+Wants=docker.socket

 [Service]
 Type=notify
--- a/roles/kubernetes-apps/container_engine_accelerator/nvidia_gpu/vars/centos-7.yml
+++ b/roles/kubernetes-apps/container_engine_accelerator/nvidia_gpu/vars/centos-7.yml
@@ -1,3 +0,0 @@
---
-nvidia_driver_install_container: "{{ nvidia_driver_install_centos_container }}"
-nvidia_driver_install_supported: true
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -139,6 +139,3 @@ systemd_resolved_disable_stub_listener: "{{ ansible_os_family in ['Flatcar', 'Fl
 # Used to disable File Access Policy Daemon service.
 # If service is enabled, the CNI plugin installation will fail
 disable_fapolicyd: true
-
-# Enable 0120-growpart-azure-centos-7 tasks
-growpart_azure_enabled: true
--- a/roles/kubernetes/preinstall/tasks/0120-growpart-azure-centos-7.yml
+++ b/roles/kubernetes/preinstall/tasks/0120-growpart-azure-centos-7.yml
@@ -1,44 +0,0 @@
---
-
-# Running growpart seems to be only required on Azure, as other Cloud Providers do this at boot time
-
- name: Install growpart
-  package:
-    name: cloud-utils-growpart
-    state: present
-
- name: Gather mounts facts
-  setup:
-    gather_subset: 'mounts'
-
- name: Search root filesystem device
-  vars:
-    query: "[?mount=='/'].device"
-    _root_device: "{{ ansible_mounts | json_query(query) }}"
-  set_fact:
-    device: "{{ _root_device | first | regex_replace('([^0-9]+)[0-9]+', '\\1') }}"
-    partition: "{{ _root_device | first | regex_replace('[^0-9]+([0-9]+)', '\\1') }}"
-    root_device: "{{ _root_device }}"
-
- name: Check if growpart needs to be run
-  command: growpart -N {{ device }} {{ partition }}
-  failed_when: false
-  changed_when: "'NOCHANGE:' not in growpart_needed.stdout"
-  register: growpart_needed
-  environment:
-    LC_ALL: C
-
- name: Check fs type
-  command: file -Ls {{ root_device }}
-  changed_when: false
-  register: fs_type
-
- name: Run growpart  # noqa no-handler
-  command: growpart {{ device }} {{ partition }}
-  when: growpart_needed.changed
-  environment:
-    LC_ALL: C
-
- name: Run xfs_growfs  # noqa no-handler
-  command: xfs_growfs {{ root_device }}
-  when: growpart_needed.changed and 'XFS' in fs_type.stdout
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -130,16 +130,6 @@
  tags:
    - bootstrap-os

- name: Grow partition on azure CentOS
-  import_tasks: 0120-growpart-azure-centos-7.yml
-  when:
-    - not dns_late
-    - azure_check.stat.exists
-    - ansible_os_family == "RedHat"
-    - growpart_azure_enabled
-  tags:
-    - bootstrap-os
-
 - name: Run calico checks
  include_role:
    name: network_plugin/calico
--- a/roles/kubernetes/preinstall/vars/main.yml
+++ b/roles/kubernetes/preinstall/vars/main.yml
@@ -93,11 +93,8 @@ pkgs:
  python3-libselinux:
    os:
      distributions:
-        RedHat: &major_redhat_like
-          major_versions:
-          - "8"
-          - "9"
-        CentOS: *major_redhat_like
+        RedHat: {}
+        CentOS: {}
  rsync: {}
  socat: {}
  software-properties-common: *debian_family_base
--- a/roles/kubespray-defaults/defaults/main/main.yml
+++ b/roles/kubespray-defaults/defaults/main/main.yml
@@ -317,13 +317,6 @@ crio_insecure_registries: []
 ## Please note that overlay2 is only supported on newer kernels
 # docker_storage_options: -s overlay2

-## Enable docker_container_storage_setup, it will configure devicemapper driver on Centos7 or RedHat7.
-docker_container_storage_setup: false
-
-## It must be define a disk path for docker_container_storage_setup_devs.
-## Otherwise docker-storage-setup will be executed incorrectly.
-# docker_container_storage_setup_devs: /dev/vdb
-
 ## Only set this if you have more than 3 nameservers:
 ## If true Kubespray will only use the first 3, otherwise it will fail
 docker_dns_servers_strict: false