diff options
Diffstat (limited to 'deploy/adapters/ansible/kubernetes/roles')
10 files changed, 225 insertions, 57 deletions
diff --git a/deploy/adapters/ansible/kubernetes/roles/install-k8s-dependence/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/install-k8s-dependence/tasks/main.yml index ae70427d..6487e4ef 100644 --- a/deploy/adapters/ansible/kubernetes/roles/install-k8s-dependence/tasks/main.yml +++ b/deploy/adapters/ansible/kubernetes/roles/install-k8s-dependence/tasks/main.yml @@ -15,3 +15,10 @@ state: "present" with_items: "{{ packages }}" when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' + +- name: Install apt packages + apt: + pkg: "{{ item }}" + state: "present" + with_items: "{{ packages }}" + when: ansible_os_family == 'Debian' diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml index d3dcb878..08e1dd0d 100644 --- a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml +++ b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml @@ -12,18 +12,21 @@ path: /etc/yum.repos.d state: absent run_once: "True" + when: ansible_os_family == 'RedHat' - name: create local repo conf dir file: path: /etc/yum.repos.d state: directory run_once: "True" + when: ansible_os_family == 'RedHat' - name: configure local mirror repo copy: src: mirrors.repo dest: /etc/yum.repos.d/mirrors.repo run_once: "True" + when: ansible_os_family == 'RedHat' - name: clean local pip conf to use official pip repo file: @@ -41,6 +44,7 @@ - openssl-devel - python-devel run_once: "True" + when: ansible_os_family == 'RedHat' - name: update python packages pip: diff --git a/deploy/adapters/ansible/kubernetes/roles/pre-k8s/files/sources.list.official b/deploy/adapters/ansible/kubernetes/roles/pre-k8s/files/sources.list.official new file mode 100644 index 00000000..799e4b58 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/pre-k8s/files/sources.list.official @@ -0,0 +1,36 @@ +# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to +# newer versions of the distribution. + +deb http://archive.ubuntu.com/ubuntu/ xenial main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted + +## Major bug fix updates produced after the final release of the +## distribution. +deb http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted + +## Uncomment the following two lines to add software from the 'universe' +## repository. +## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu +## team. Also, please note that software in universe WILL NOT receive any +## review or updates from the Ubuntu security team. +deb http://archive.ubuntu.com/ubuntu/ xenial universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial universe +deb http://archive.ubuntu.com/ubuntu/ xenial-updates universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial-updates universe + +## N.B. software from this repository may not have been tested as +## extensively as that contained in the main release, although it includes +## newer versions of some applications which may provide useful features. +## Also, please note that software in backports WILL NOT receive any review +## or updates from the Ubuntu security team. +# deb http://archive.ubuntu.com/ubuntu/ xenial-backports main restricted +# deb-src http://archive.ubuntu.com/ubuntu/ xenial-backports main restricted + +deb http://archive.ubuntu.com/ubuntu/ xenial-security main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial-security main restricted +deb http://archive.ubuntu.com/ubuntu/ xenial-security universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial-security universe +# deb http://archive.ubuntu.com/ubuntu/ xenial-security multiverse +# deb-src http://archive.ubuntu.com/ubuntu/ xenial-security multiverse + diff --git a/deploy/adapters/ansible/kubernetes/roles/pre-k8s/tasks/Ubuntu.yml b/deploy/adapters/ansible/kubernetes/roles/pre-k8s/tasks/Ubuntu.yml index 5bb77485..8054267d 100644 --- a/deploy/adapters/ansible/kubernetes/roles/pre-k8s/tasks/Ubuntu.yml +++ b/deploy/adapters/ansible/kubernetes/roles/pre-k8s/tasks/Ubuntu.yml @@ -54,6 +54,22 @@ path: /etc/apt/apt.conf state: absent +- name: rm sources.list + file: + path: /etc/apt/sources.list + state: absent + +- name: remove the space end of the line in the resolv.conf + shell: "sed -i 's/ *$//' /etc/resolv.conf" + +- name: change sources list + copy: + src: sources.list.official + dest: /etc/apt/sources.list + +- name: update apt cache + apt: update_cache=yes + - name: restart ntp service shell: "service ntp restart" diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/apt.conf b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/apt.conf new file mode 100644 index 00000000..bd8929db --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/apt.conf @@ -0,0 +1,4 @@ +APT::Get::Assume-Yes "true"; +APT::Get::force-yes "true"; +APT::Get::AllowUnauthenticated "true"; + diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/handlers/main.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/handlers/main.yml new file mode 100644 index 00000000..3d979e6a --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/handlers/main.yml @@ -0,0 +1,11 @@ +############################################################################## +## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +## All rights reserved. This program and the accompanying materials +## are made available under the terms of the Apache License, Version 2.0 +## which accompanies this distribution, and is available at +## http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: restart network service + shell: "/sbin/ifconfig eth0 0 &&/sbin/ifdown -a && \ + /sbin/ifup --ignore-errors -a" diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml new file mode 100644 index 00000000..c59fdfc5 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml @@ -0,0 +1,66 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: disable NetworkManager + service: name=NetworkManager state=stopped enabled=no + when: ansible_os_family == 'RedHat' + +- name: enable network service + service: name=network state=started enabled=yes + when: ansible_os_family == 'RedHat' + +- name: ensure script dir exist + shell: mkdir -p /opt/setup_networks + +- name: copy scripts + copy: src={{ item }} dest=/opt/setup_networks + with_items: + - setup_networks/log.py + - setup_networks/setup_networks.py + - setup_networks/check_network.py + tags: + - network_check + + +- name: copy config files + template: src=network.cfg dest=/opt/setup_networks + +- name: config external nic + template: + src: ifcfg-eth.j2 + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["external"]["interface"]}} + +- name: remove defualt gw + lineinfile: + dest: /etc/sysconfig/network + regexp: "^GATEWAY=*" + state: absent + +- name: restart the network + shell: systemctl restart network + +- name: make sure python lib exist + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - python-yaml + - python-netaddr + +- name: check basic network connectivity + shell: > + python /opt/setup_networks/check_network.py \ + "{{ inventory_hostname }}" \ + "{{ ip_settings | to_json }}" + register: result + until: result.stderr.find('unreachable')==-1 + retries: 3 + delay: 2 + tags: + - network_check + +- meta: flush_handlers diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/Ubuntu.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/Ubuntu.yml new file mode 100644 index 00000000..908b15fa --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/Ubuntu.yml @@ -0,0 +1,53 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: ensure script dir exist + shell: mkdir -p /opt/setup_networks + +- name: copy scripts + copy: src={{ item }} dest=/opt/setup_networks + with_items: + - setup_networks/log.py + - setup_networks/setup_networks.py + - setup_networks/check_network.py + tags: + - network_check + +- name: copy config files + template: src=network.cfg dest=/opt/setup_networks + +- name: backup network config file + shell: mv /etc/network/interfaces /etc/network/interfaces.bak + +- name: config network + template: + src: ubuntu_network.j2 + dest: /etc/network/interfaces + notify: + - restart network service + +- meta: flush_handlers + +- name: make sure python lib exist + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - python-yaml + - python-netaddr + +- name: check basic network connectivity + shell: > + python /opt/setup_networks/check_network.py \ + "{{ inventory_hostname }}" \ + "{{ ip_settings | to_json }}" + register: result + until: result.stderr.find('unreachable')==-1 + retries: 3 + delay: 2 + tags: + - network_check diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml index c59fdfc5..674c80cc 100644 --- a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 @@ -7,60 +7,8 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: disable NetworkManager - service: name=NetworkManager state=stopped enabled=no - when: ansible_os_family == 'RedHat' +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' -- name: enable network service - service: name=network state=started enabled=yes - when: ansible_os_family == 'RedHat' - -- name: ensure script dir exist - shell: mkdir -p /opt/setup_networks - -- name: copy scripts - copy: src={{ item }} dest=/opt/setup_networks - with_items: - - setup_networks/log.py - - setup_networks/setup_networks.py - - setup_networks/check_network.py - tags: - - network_check - - -- name: copy config files - template: src=network.cfg dest=/opt/setup_networks - -- name: config external nic - template: - src: ifcfg-eth.j2 - dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["external"]["interface"]}} - -- name: remove defualt gw - lineinfile: - dest: /etc/sysconfig/network - regexp: "^GATEWAY=*" - state: absent - -- name: restart the network - shell: systemctl restart network - -- name: make sure python lib exist - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: - - python-yaml - - python-netaddr - -- name: check basic network connectivity - shell: > - python /opt/setup_networks/check_network.py \ - "{{ inventory_hostname }}" \ - "{{ ip_settings | to_json }}" - register: result - until: result.stderr.find('unreachable')==-1 - retries: 3 - delay: 2 - tags: - - network_check - -- meta: flush_handlers +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ubuntu_network.j2 b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ubuntu_network.j2 new file mode 100644 index 00000000..cca6c967 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ubuntu_network.j2 @@ -0,0 +1,23 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +# mgnt and deploy interface +{% set intf_mgmt = sys_intf_mappings["mgmt"]["interface"] %} +auto {{ intf_mgmt }} +iface {{ intf_mgmt }} inet static + address {{ ip_settings[inventory_hostname]["mgmt"]["ip"] }} + netmask 255.255.255.0 + +# external interface +{% set intf_external = sys_intf_mappings["external"]["interface"] %} +auto {{ intf_external }} +iface {{ intf_external }} inet static + address {{ ip_settings[inventory_hostname]["external"]["ip"] }} + netmask 255.255.255.0 + gateway {{ ip_settings[inventory_hostname]["external"]["gw"] }} + nameserver 8.8.8.8 + |