mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-02-15 02:00:03 -03:30
Remove non-kubeadm deployment (#3811)
* Remove non-kubeadm deployment * More cleanup * More cleanup * More cleanup * More cleanup * Fix gitlab * Try stop gce first before absent to make the delete process work * More cleanup * Fix bug with checking if kubeadm has already run * Fix bug with checking if kubeadm has already run * More fixes * Fix test * fix * Fix gitlab checkout untill kubespray 2.8 is on quay * Fixed * Add upgrade path from non-kubeadm to kubeadm. Revert ssl path * Readd secret checking * Do gitlab checks from v2.7.0 test upgrade path to 2.8.0 * fix typo * Fix CI jobs to kubeadm again. Fix broken hyperkube path * Fix gitlab * Fix rotate tokens * More fixes * More fixes * Fix tokens
This commit is contained in:
Andreas Krüger
committed by
Kubernetes Prow Robot
Kubernetes Prow Robot
parent
0d1be39a97
commit
ddffdb63bf
@@ -1,11 +1,4 @@
|
||||
---
|
||||
- name: Set kubelet deployment to host if kubeadm is enabled
|
||||
set_fact:
|
||||
kubelet_deployment_type: host
|
||||
when: kubeadm_enabled
|
||||
tags:
|
||||
- kubeadm
|
||||
|
||||
- name: install | Copy kubeadm binary from download dir
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/kubeadm"
|
||||
@@ -15,7 +8,6 @@
|
||||
owner: no
|
||||
group: no
|
||||
delegate_to: "{{ inventory_hostname }}"
|
||||
when: kubeadm_enabled
|
||||
tags:
|
||||
- kubeadm
|
||||
|
||||
@@ -24,15 +16,41 @@
|
||||
path: "{{ bin_dir }}/kubeadm"
|
||||
mode: "0755"
|
||||
state: file
|
||||
when: kubeadm_enabled
|
||||
tags:
|
||||
- kubeadm
|
||||
|
||||
- include_tasks: "install_{{ kubelet_deployment_type }}.yml"
|
||||
- name: install | Copy kubelet binary from download dir
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/hyperkube"
|
||||
dest: "{{ bin_dir }}/kubelet"
|
||||
compress: no
|
||||
perms: yes
|
||||
owner: no
|
||||
group: no
|
||||
delegate_to: "{{ inventory_hostname }}"
|
||||
tags:
|
||||
- hyperkube
|
||||
- upgrade
|
||||
notify: restart kubelet
|
||||
|
||||
- name: install | Set kubelet binary permissions
|
||||
file:
|
||||
path: "{{ bin_dir }}/kubelet"
|
||||
mode: "0755"
|
||||
state: file
|
||||
tags:
|
||||
- hyperkube
|
||||
- upgrade
|
||||
|
||||
- name: install | Copy socat wrapper for Container Linux
|
||||
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
|
||||
args:
|
||||
creates: "{{ bin_dir }}/socat"
|
||||
when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
|
||||
|
||||
- name: install | Write kubelet systemd init file
|
||||
template:
|
||||
src: "kubelet.{{ kubelet_deployment_type }}.service.j2"
|
||||
src: "kubelet.host.service.j2"
|
||||
dest: "/etc/systemd/system/kubelet.service"
|
||||
backup: "yes"
|
||||
notify: restart kubelet
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
---
|
||||
- name: install | Install kubelet launch script
|
||||
template:
|
||||
src: kubelet-container.j2
|
||||
dest: "{{ bin_dir }}/kubelet"
|
||||
owner: kube
|
||||
mode: 0755
|
||||
backup: yes
|
||||
notify: restart kubelet
|
||||
@@ -1,30 +0,0 @@
|
||||
---
|
||||
|
||||
- name: install | Copy kubelet binary from download dir
|
||||
synchronize:
|
||||
src: "{{ local_release_dir }}/hyperkube"
|
||||
dest: "{{ bin_dir }}/kubelet"
|
||||
compress: no
|
||||
perms: yes
|
||||
owner: no
|
||||
group: no
|
||||
delegate_to: "{{ inventory_hostname }}"
|
||||
tags:
|
||||
- hyperkube
|
||||
- upgrade
|
||||
notify: restart kubelet
|
||||
|
||||
- name: install | Set kubelet binary permissions
|
||||
file:
|
||||
path: "{{ bin_dir }}/kubelet"
|
||||
mode: "0755"
|
||||
state: file
|
||||
tags:
|
||||
- hyperkube
|
||||
- upgrade
|
||||
|
||||
- name: install | Copy socat wrapper for Container Linux
|
||||
command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
|
||||
args:
|
||||
creates: "{{ bin_dir }}/socat"
|
||||
when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
|
||||
@@ -1,32 +0,0 @@
|
||||
---
|
||||
- name: Trust kubelet container
|
||||
command: >-
|
||||
/usr/bin/rkt trust
|
||||
--skip-fingerprint-review
|
||||
--root
|
||||
{{ item }}
|
||||
register: kubelet_rkt_trust_result
|
||||
until: kubelet_rkt_trust_result.rc == 0
|
||||
with_items:
|
||||
- "https://quay.io/aci-signing-key"
|
||||
- "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg"
|
||||
retries: 4
|
||||
delay: "{{ retry_stagger | random + 3 }}"
|
||||
changed_when: false
|
||||
|
||||
- name: create kubelet working directory
|
||||
file:
|
||||
state: directory
|
||||
path: /var/lib/kubelet
|
||||
|
||||
- name: Create kubelet service systemd directory
|
||||
file:
|
||||
path: /etc/systemd/system/kubelet.service.d
|
||||
state: directory
|
||||
|
||||
- name: Write kubelet proxy drop-in
|
||||
template:
|
||||
src: http-proxy.conf.j2
|
||||
dest: /etc/systemd/system/kubelet.service.d/http-proxy.conf
|
||||
when: http_proxy is defined or https_proxy is defined
|
||||
notify: restart kubelet
|
||||
@@ -22,16 +22,6 @@
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
- name: Write kubelet config file (non-kubeadm)
|
||||
template:
|
||||
src: kubelet.standard.env.j2
|
||||
dest: "{{ kube_config_dir }}/kubelet.env"
|
||||
backup: yes
|
||||
when: not kubeadm_enabled
|
||||
notify: restart kubelet
|
||||
tags:
|
||||
- kubelet
|
||||
|
||||
- name: Make sure dynamic kubelet configuration directory is writeable
|
||||
file:
|
||||
path: "{{ dynamic_kubelet_configuration_dir }}"
|
||||
@@ -44,25 +34,11 @@
|
||||
src: kubelet.kubeadm.env.j2
|
||||
dest: "{{ kube_config_dir }}/kubelet.env"
|
||||
backup: yes
|
||||
when: kubeadm_enabled
|
||||
notify: restart kubelet
|
||||
tags:
|
||||
- kubelet
|
||||
- kubeadm
|
||||
|
||||
- name: write the kubecfg (auth) file for kubelet
|
||||
template:
|
||||
src: "{{ item }}-kubeconfig.yaml.j2"
|
||||
dest: "{{ kube_config_dir }}/{{ item }}-kubeconfig.yaml"
|
||||
backup: yes
|
||||
with_items:
|
||||
- node
|
||||
- kube-proxy
|
||||
when: not kubeadm_enabled
|
||||
notify: restart kubelet
|
||||
tags:
|
||||
- kubelet
|
||||
|
||||
- name: Ensure nodePort range is reserved
|
||||
sysctl:
|
||||
name: net.ipv4.ip_local_reserved_ports
|
||||
@@ -142,26 +118,17 @@
|
||||
tags:
|
||||
- kube-proxy
|
||||
|
||||
- name: Write proxy manifest
|
||||
template:
|
||||
src: manifests/kube-proxy.manifest.j2
|
||||
dest: "{{ kube_manifest_dir }}/kube-proxy.manifest"
|
||||
when:
|
||||
- not (kubeadm_enabled or kube_proxy_remove)
|
||||
tags:
|
||||
- kube-proxy
|
||||
|
||||
- name: Purge proxy manifest for kubeadm or if proxy services being provided by other means, e.g. network_plugin
|
||||
file:
|
||||
path: "{{ kube_manifest_dir }}/kube-proxy.manifest"
|
||||
state: absent
|
||||
when:
|
||||
- kubeadm_enabled or kube_proxy_remove
|
||||
- kube_proxy_remove
|
||||
tags:
|
||||
- kube-proxy
|
||||
|
||||
- name: Cleanup kube-proxy leftovers from node
|
||||
command: "{{ docker_bin_dir }}/docker run --rm --privileged -v /lib/modules:/lib/modules --net=host {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} kube-proxy --cleanup"
|
||||
command: "{{ local_release_dir }}/hyperkube kube-proxy --cleanup"
|
||||
when:
|
||||
- kube_proxy_remove
|
||||
# `kube-proxy --cleanup`, being Ok as per shown WARNING, still returns 255 from above run (?)
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
service:
|
||||
name: kubelet
|
||||
state: stopped
|
||||
when: kubelet_deployment_type == 'host' and kubelet_container_check.rc == 0
|
||||
when: kubelet_container_check.rc == 0
|
||||
|
||||
- name: "Pre-upgrade | ensure kubelet container is removed if using host deployment"
|
||||
command: docker rm -fv kubelet
|
||||
@@ -26,4 +26,4 @@
|
||||
retries: 4
|
||||
until: remove_kubelet_container.rc == 0
|
||||
delay: 5
|
||||
when: kubelet_deployment_type == 'host' and kubelet_container_check.rc == 0
|
||||
when: kubelet_container_check.rc == 0
|
||||
|
||||
Reference in New Issue
Block a user