From 84e5bbaf1a8117a76cbfd2f71092abe0a53f9cbd Mon Sep 17 00:00:00 2001 From: Adrien Date: Sun, 10 May 2020 02:10:28 +0200 Subject: [PATCH] First release --- defaults/main.yml | 2 + handlers/main.yml | 4 + meta/main.yml | 4 + tasks/main.yml | 102 ++++++++++++++++++ .../crio.conf.d/01-cgroup-manager.conf.j2 | 2 + .../etc/crio/crio.conf.d/01-log-level.conf.j2 | 2 + .../etc/crio/crio.conf.d/01-metrics.conf.j2 | 8 ++ .../etc/modules-load.d/br_netfilter.conf.j2 | 1 + templates/etc/modules-load.d/overlay.conf.j2 | 1 + vars/RedHat.yml | 3 + 10 files changed, 129 insertions(+) create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 tasks/main.yml create mode 100644 templates/etc/crio/crio.conf.d/01-cgroup-manager.conf.j2 create mode 100644 templates/etc/crio/crio.conf.d/01-log-level.conf.j2 create mode 100644 templates/etc/crio/crio.conf.d/01-metrics.conf.j2 create mode 100644 templates/etc/modules-load.d/br_netfilter.conf.j2 create mode 100644 templates/etc/modules-load.d/overlay.conf.j2 create mode 100644 vars/RedHat.yml diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..243a08c --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,2 @@ +--- +crio_debug: false \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..e5c32a1 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,4 @@ +--- +- name: Restart cri-o + service: name=cri-o state=restarted + diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..68cb2ed --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,4 @@ +#--- +#dependencies: +# - { role: yumrepo } +# - { role: yum } diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..7c50ddd --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,102 @@ +--- +- name: Include vars for {{ ansible_os_family }} + include_vars: "{{ ansible_os_family }}.yml" + +- name: Configuring kernel module to be load on boot + template: + src: "etc/modules-load.d/{{ item }}.conf.j2" + dest: "/etc/modules-load.d/{{ item }}.conf" + group: root + owner: root + mode: 0644 + with_items: + - "br_netfilter" + - "overlay" + +- name: Load kernel module + modprobe: + name: "{{ item }}" + state: present + with_items: + - br_netfilter + - overlay + +- sysctl: + name: "{{ item }}" + value: "1" + sysctl_file: /etc/sysctl.d/99-kubernetes-cri.conf + reload: yes + with_items: + - "net.bridge.bridge-nf-call-iptables" + - "net.ipv4.ip_forward" + - "net.bridge.bridge-nf-call-ip6tables" + +- name: Install dnf-plugins-core package + package: + name: dnf-plugins-core + state: latest +- name: Add container-selinux repository + command: + cmd: dnf -y copr enable rhcontainerbot/container-selinux + creates: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:container-selinux.repo + warn: no +- name: Install container-selinux GPG key + command: rpm --import https://download.copr.fedorainfracloud.org/results/rhcontainerbot/container-selinux/pubkey.gpg + +- name: Registering libcontainers repository + get_url: + url: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_8/devel:kubic:libcontainers:stable.repo + dest: /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo + owner: root + group: root + mode: 0644 +- name: Install libcontainers GPG key + command: rpm --import http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_8/repodata/repomd.xml.key + +- name: Registering CRI-O 1.18 repository + get_url: + url: http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.18:/1.18.0/CentOS_8/devel:kubic:libcontainers:stable:cri-o:1.18:1.18.0.repo + dest: /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:1.18:1.18.0.repo + owner: root + group: root + mode: 0644 +- name: Install CRI-O GPG key + command: rpm --import http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.18:/1.18.0/CentOS_8/repodata/repomd.xml.key + +- name: Install cri-o + package: + update_cache: yes + +- name: Install cri-o + package: + name: "{{ crio_package_name }}" + state: latest + notify: Restart cri-o + +- name: Enable cri-o on boot + service: + name: cri-o + state: started + enabled: yes + + +- name: Ensuring /etc/crio/crio.conf.d folder exists + file: + path: "/etc/crio/crio.conf.d" + state: "directory" + group: root + owner: root + mode: 0755 + +- name: Configuring cri-o + template: + src: "etc/crio/crio.conf.d/{{ item }}.j2" + dest: "/etc/crio/crio.conf.d/{{ item }}" + group: root + owner: root + mode: 0644 + with_items: + - "01-cgroup-manager.conf" + - "01-log-level.conf" + - "01-metrics.conf" + notify: Restart containerd diff --git a/templates/etc/crio/crio.conf.d/01-cgroup-manager.conf.j2 b/templates/etc/crio/crio.conf.d/01-cgroup-manager.conf.j2 new file mode 100644 index 0000000..61fa0c3 --- /dev/null +++ b/templates/etc/crio/crio.conf.d/01-cgroup-manager.conf.j2 @@ -0,0 +1,2 @@ +[crio.runtime] +cgroup_manager = "systemd" \ No newline at end of file diff --git a/templates/etc/crio/crio.conf.d/01-log-level.conf.j2 b/templates/etc/crio/crio.conf.d/01-log-level.conf.j2 new file mode 100644 index 0000000..ff0431a --- /dev/null +++ b/templates/etc/crio/crio.conf.d/01-log-level.conf.j2 @@ -0,0 +1,2 @@ +[crio.runtime] +log_level = "info" \ No newline at end of file diff --git a/templates/etc/crio/crio.conf.d/01-metrics.conf.j2 b/templates/etc/crio/crio.conf.d/01-metrics.conf.j2 new file mode 100644 index 0000000..17f5adb --- /dev/null +++ b/templates/etc/crio/crio.conf.d/01-metrics.conf.j2 @@ -0,0 +1,8 @@ +# A necessary configuration for Prometheus based metrics retrieval +[crio.metrics] + +# Globally enable or disable metrics support. +enable_metrics = true + +# The port on which the metrics server will listen. +metrics_port = 9090 diff --git a/templates/etc/modules-load.d/br_netfilter.conf.j2 b/templates/etc/modules-load.d/br_netfilter.conf.j2 new file mode 100644 index 0000000..a13fc17 --- /dev/null +++ b/templates/etc/modules-load.d/br_netfilter.conf.j2 @@ -0,0 +1 @@ +br_netfilter diff --git a/templates/etc/modules-load.d/overlay.conf.j2 b/templates/etc/modules-load.d/overlay.conf.j2 new file mode 100644 index 0000000..08047cf --- /dev/null +++ b/templates/etc/modules-load.d/overlay.conf.j2 @@ -0,0 +1 @@ +overlay diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..bd2b2be --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,3 @@ +--- +crio_package_name: + - cri-o