From 1e20bf368eb1543aff16b67bb200e1e778d42867 Mon Sep 17 00:00:00 2001 From: Adrien Reslinger Date: Tue, 16 Aug 2022 17:02:36 +0200 Subject: [PATCH] Update ansible code --- handlers/main.yml | 3 +- meta/main.yml | 18 ++-- tasks/main.yml | 242 +++++++++++++++++++++++----------------------- 3 files changed, 132 insertions(+), 131 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 5ddce41..0045287 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,6 +1,5 @@ --- - name: Restart cri-o - service: + ansible.builtin.service: name: crio state: restarted - diff --git a/meta/main.yml b/meta/main.yml index 5206704..61ef90d 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,11 +6,13 @@ galaxy_info: galaxy_tags: [] license: GPL2 platforms: - - name: CentOS - version: - - 7 - - 8 - - name: RedHat - version: - - 7 - - 8 + - name: CentOS + version: + - 7 + - 8 + - 9 + - name: RedHat + version: + - 7 + - 8 + - 9 diff --git a/tasks/main.yml b/tasks/main.yml index be47371..6bf0dd0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,141 +1,141 @@ --- - name: CRI-O setup block: - - name: Include vars for {{ ansible_os_family }} - include_vars: "{{ ansible_os_family }}.yml" + - name: Include vars for {{ ansible_os_family }} + ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" - - name: Create thin volumes for containers - lvol: - vg: "{{ item.vg }}" - lv: "{{ item.name }}" - thinpool: kubernetes - size: "{{ item.size }}" - with_items: - - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} + - name: Create thin volumes for containers + community.general.lvol: + vg: "{{ item.vg }}" + lv: "{{ item.name }}" + thinpool: kubernetes + size: "{{ item.size }}" + with_items: + - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} - - name: create file system on containers lv - filesystem: - fstype: ext4 - dev: "/dev/{{ item.vg }}/{{ item.name }}" - with_items: - - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} + - name: create file system on containers lv + community.general.filesystem: + fstype: ext4 + dev: "/dev/{{ item.vg }}/{{ item.name }}" + with_items: + - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} - - name: mount logical volumes - mount: - name: "{{ item.mount_point }}" - src: "/dev/{{ item.vg }}/{{ item.name }}" - fstype: ext4 - opts: "{{ item.mount_opts }}" - state: mounted - with_items: - - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} + - name: mount logical volumes + ansible.posix.mount: + name: "{{ item.mount_point }}" + src: "/dev/{{ item.vg }}/{{ item.name }}" + fstype: ext4 + opts: "{{ item.mount_opts }}" + state: mounted + with_items: + - { name: var_lib_containers, vg: vg_sys, size: "{{ lv_containers_size | default('10g') }}", mount_point: /var/lib/containers, mount_opts: "discard"} - - name: Configuring kernel module to be load on boot - template: - src: "etc/modules-load.d/{{ item }}.conf.j2" - dest: "/etc/modules-load.d/{{ item }}.conf" - group: root - owner: root - mode: 0644 - with_items: - - "br_netfilter" - - "overlay" + - name: Configuring kernel module to be load on boot + ansible.builtin.template: + src: "etc/modules-load.d/{{ item }}.conf.j2" + dest: "/etc/modules-load.d/{{ item }}.conf" + group: root + owner: root + mode: 0644 + with_items: + - "br_netfilter" + - "overlay" - - name: Load kernel module - modprobe: - name: "{{ item }}" - state: present - with_items: - - br_netfilter - - overlay + - name: Load kernel module + community.general.modprobe: + name: "{{ item }}" + state: present + with_items: + - br_netfilter + - overlay - - name: Configure sysctl - sysctl: - name: "{{ item }}" - value: "1" - sysctl_file: /etc/sysctl.d/99-kubernetes-cri.conf - reload: yes - with_items: - - "net.bridge.bridge-nf-call-iptables" - - "net.ipv4.ip_forward" - - "net.bridge.bridge-nf-call-ip6tables" + - name: Configure sysctl + ansible.posix.sysctl: + name: "{{ item }}" + value: "1" + sysctl_file: /etc/sysctl.d/99-kubernetes-cri.conf + reload: true + with_items: + - "net.bridge.bridge-nf-call-iptables" + - "net.ipv4.ip_forward" + - "net.bridge.bridge-nf-call-ip6tables" - - name: Install dnf-plugins-core package - package: - name: dnf-plugins-core - state: present - - name: Add container-selinux repository - command: - cmd: dnf -y copr enable rhcontainerbot/container-selinux - creates: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:container-selinux.repo - warn: no - - name: Install container-selinux GPG key - rpm_key: - key: "https://download.copr.fedorainfracloud.org/results/rhcontainerbot/container-selinux/pubkey.gpg" - state: present + - name: Install dnf-plugins-core package + ansible.builtin.package: + name: dnf-plugins-core + state: present + - name: Add container-selinux repository + ansible.builtin.command: + cmd: dnf -y copr enable rhcontainerbot/container-selinux + creates: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:container-selinux.repo + warn: no + - name: Install container-selinux GPG key + ansible.builtin.rpm_key: + key: "https://download.copr.fedorainfracloud.org/results/rhcontainerbot/container-selinux/pubkey.gpg" + state: present - - name: Registering libcontainers repository - get_url: - url: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_{{ ansible_distribution_major_version }}/devel:kubic:libcontainers:stable.repo - dest: /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo - owner: root - group: root - mode: 0644 - - name: Install libcontainers GPG key - rpm_key: - key: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_{{ ansible_distribution_major_version }}/repodata/repomd.xml.key" - state: present + - name: Registering libcontainers repository + ansible.builtin.get_url: + url: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_{{ ansible_distribution_major_version }}/devel:kubic:libcontainers:stable.repo + dest: /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo + owner: root + group: root + mode: 0644 + - name: Install libcontainers GPG key + ansible.builtin.rpm_key: + key: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_{{ ansible_distribution_major_version }}/repodata/repomd.xml.key" + state: present - - name: Registering CRI-O {{ crio_version }} repository - get_url: - url: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/CentOS_{{ ansible_distribution_major_version }}/devel:kubic:libcontainers:stable:cri-o:{{ crio_version }}.repo" - dest: "/etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:{{ crio_version }}.repo" - owner: root - group: root - mode: 0644 - - name: Install CRI-O GPG key - rpm_key: - key: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/CentOS_{{ ansible_distribution_major_version }}/repodata/repomd.xml.key" - state: present + - name: Registering CRI-O {{ crio_version }} repository + ansible.builtin.get_url: + url: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/CentOS_{{ ansible_distribution_major_version }}/devel:kubic:libcontainers:stable:cri-o:{{ crio_version }}.repo" + dest: "/etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:{{ crio_version }}.repo" + owner: root + group: root + mode: 0644 + - name: Install CRI-O GPG key + ansible.builtin.rpm_key: + key: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/CentOS_{{ ansible_distribution_major_version }}/repodata/repomd.xml.key" + state: present - - name: Update package manager list - package: - update_cache: yes + - name: Update package manager list + ansible.builtin.package: + update_cache: true - - name: Install cri-o package - package: - name: "{{ crio_package_name }}" - state: present - notify: Restart cri-o + - name: Install cri-o package + ansible.builtin.package: + name: "{{ crio_package_name }}" + state: present + notify: Restart cri-o - - name: Ensuring /etc/crio/crio.conf.d folder exists - file: - path: "/etc/crio/crio.conf.d" - state: "directory" - group: root - owner: root - mode: 0755 + - name: Ensuring /etc/crio/crio.conf.d folder exists + ansible.builtin.file: + path: "/etc/crio/crio.conf.d" + state: "directory" + group: root + owner: root + mode: 0755 - - name: Configuring cri-o - template: - src: "etc/crio/crio.conf.d/{{ item }}.j2" - dest: "/etc/crio/crio.conf.d/{{ item }}" - group: root - owner: root - mode: 0644 - with_items: -# - "01-crio-runtime.conf" -# - "01-cgroup-manager.conf" - - "01-log-level.conf" - - "01-metrics.conf" -# - "01-crio-network.conf" - notify: Restart cri-o + - name: Configuring cri-o + ansible.builtin.template: + src: "etc/crio/crio.conf.d/{{ item }}.j2" + dest: "/etc/crio/crio.conf.d/{{ item }}" + group: root + owner: root + mode: 0644 + with_items: +# - "01-crio-runtime.conf" +# - "01-cgroup-manager.conf" + - "01-log-level.conf" + - "01-metrics.conf" +# - "01-crio-network.conf" + notify: Restart cri-o - - name: Enable cri-o on boot - service: - name: crio - state: restarted - enabled: yes + - name: Enable cri-o on boot + ansible.builtin.service: + name: crio + state: restarted + enabled: true tags: - crio \ No newline at end of file