This fixes deployment with CentOS 8 Streams and make detection more reliable
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
(cherry picked from commit 95b329b64d571dc7e4aba9696db998ee95cbd1cb)
Conflicts:
roles/bootstrap-os/tasks/main.yml
`containerd.io` is the companion package of `docker-ce` and is the
proper package name. This is needed to avoid apt upgrade/dist-upgrade
from breaking kubernetes.
(cherry picked from commit 64502077131f587ad8bdd35802bfd406ec07891d)
Running remove-node.yml tasks for clean up cluster on Fedora CoreOS.
The task failed to restart network daemon (task name: "reset | Restart network").
Fedora CoreOS is essentially using NetworkManager, but this task returns network.
Signed-off-by: Takashi IIGUNI <iiguni.tks@gmail.com>
(cherry picked from commit bcaa31ae338b9710c36f17cb5a990d4be6f71391)
* Add unique annotation on coredns deployment and only remove existing deployment if annotation is missing.
* Ignore errors when gathering coredns deployment details to handle case where it doesn't exist yet
* Remove run_once, deletegate_to and add to when statement
(cherry picked from commit 0cc17267811efa7b9568cdd264d57fd1640e23a8)
Helm v3.5.2 is a security (patch) release. Users are strongly
recommended to update to this release. It fixes two security issues in
upstream dependencies and one security issue in the Helm codebase.
See https://github.com/helm/helm/releases/tag/v3.5.2
(cherry picked from commit 670c37b4282700ba5e3144828b0bd963a45e0408)
Fixes the following error when using Bastion Node with the sample config.
```
fatal: [bastion]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'bastion'\n\nThe error appears to be in '/home/felix/inovex/kubespray/roles/bastion-ssh-config/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: set bastion host IP\n ^ here\n"}
```
(cherry picked from commit 973628fc1b7dba845dbef80cd0fbf74899a8e3a3)
Previous check for presence of NM assumed "systemctl show
NetworkManager" would exit with a nonzero status code, which seems not
the case anymore with recent Flatcar Container Linux.
This new check also checks the activeness of network manager, as
`is-active` implies presence.
Signed-off-by Jorik Jonker <jorik@kippendief.biz>
(cherry picked from commit bba55faae8a53a9f2f4a898a2fe6dea9a71d4b76)
This makes the docker role work the same as the containerd role.
Being able to override this is needed when you have your own debian
repository. E.g. when performing an airgapped installation
Only checking the kubernetes api on the first master when upgrading is not enough.
Each master needs to be checked before it's upgrade.
Signed-off-by: Rick Haan <rickhaan94@gmail.com>
This was introduced in 143e2272ff9d85ba81bfa8c4a67f29994d898d79
Extra repo is enabled by default in CentOS, and is not the right repo for EL8
Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository
For RHEL 7, we need the "extras" repo for container-selinux
For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 8f2b0772f9ca2d146438638e1fb9f7484cbdbd55)
yum_repository expect really different params, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit a8e51e686e6fe548614013dc0075512a83761c45)
we don't need rpm_key, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit a2429ef64d9dc476163037f3f302f850686b4619)
Before this commit we were upgrading base os packages on each run
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 4eec302e869955a000732caf5fb482283c960ac5)
Here the desciption from Ansible docs
Corresponds to the --force-yes to apt-get and implies allow_unauthenticated: yes
This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.
This option *is not* the equivalent of passing the -f flag to apt-get on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see man apt-get for more information.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit f3885aa589975eea0f6ccbd5dd6981df8976e09b)
This was introduced in ef7f5edbb3643dd23009c35e78e6efaae77f1f08
obsoletes=0 is not present in the official repo config
https://download.docker.com/linux/centos/docker-ce.repo
so it might not be needed for some time
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
This was introduced in 3004791c6469181a83d80971110813a3cd3ce658,
so since 2018 everyone should be upgraded ;)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
This variable was added as KUBE_MASTERS_MASTERS. That's probably a typo.
Remove the redundant `_MASTERS` suffix. Also, document the variable in the
help message.
