diff options
Diffstat (limited to 'sw_config/bmra/patched_cmk_build.yml')
-rw-r--r-- | sw_config/bmra/patched_cmk_build.yml | 65 |
1 files changed, 31 insertions, 34 deletions
diff --git a/sw_config/bmra/patched_cmk_build.yml b/sw_config/bmra/patched_cmk_build.yml index 0b5c774..a424c55 100644 --- a/sw_config/bmra/patched_cmk_build.yml +++ b/sw_config/bmra/patched_cmk_build.yml @@ -1,37 +1,12 @@ -# SPDX-FileCopyrightText: 2020 Intel Corporation. +# SPDX-FileCopyrightText: 2021 Intel Corporation. # # SPDX-License-Identifier: Apache-2.0 --- -- name: install epel-release on Red Hat based OS - package: name=epel-release - when: ansible_os_family == 'RedHat' - -# note: on Ubuntu, pip is installed via install_dependencies -- name: install pip - package: - name: python-pip - when: - - ansible_distribution in ["RedHat", "CentOS"] - - ansible_distribution_version < '8' - -- name: install pip - package: - name: python3-pip - when: - - ansible_distribution in ["RedHat", "CentOS"] - - ansible_distribution_version >= '8' - - name: install dependencies include_role: name: install_dependencies -- name: install Python dependencies - pip: - name: - - setuptools - - docker - - name: clone CMK repository git: repo: "{{ cmk_git_url }}" @@ -61,25 +36,42 @@ - name: build CMK image make: chdir: "{{ cmk_dir }}" + when: container_runtime == "docker" # NOTE(przemeklal): this fixes problem in CMK with ImagePullPolicy hardcoded to Never and the pod is scheduled on controller node - name: tag CMK image command: docker tag cmk:{{ cmk_img_version }} {{ registry_local_address }}/cmk:{{ cmk_img_version }} changed_when: true + when: container_runtime == "docker" - name: push CMK image to local registry command: docker push {{ registry_local_address }}/cmk:{{ cmk_img_version }} + changed_when: true when: + - container_runtime == "docker" - inventory_hostname == groups['kube-node'][0] + +- name: build and tag CMK image + command: podman build -f Dockerfile -t {{ registry_local_address }}/cmk:{{ cmk_img_version }} + args: + chdir: "{{ cmk_dir }}" changed_when: true + when: '"docker" not in container_runtime' + +- name: push CMK image to local registry + command: podman push {{ registry_local_address }}/cmk:{{ cmk_img_version }} + changed_when: true + when: + - inventory_hostname == groups['kube-node'][0] + - '"docker" not in container_runtime' -- name: clean up any preexisting certs/key/CSR files +- name: clean up any pre-existing certs/key/CSR files file: path=/etc/ssl/cmk state=absent when: inventory_hostname == groups['kube-master'][0] failed_when: false become: yes -- name: delete any preexisting certs/key/CSR from Kubernetes +- name: delete any pre-existing certs/key/CSR from Kubernetes command: kubectl delete csr cmk-webhook-{{ item }}.{{ cmk_namespace }} when: inventory_hostname == groups['kube-master'][0] failed_when: false @@ -212,7 +204,7 @@ when: - inventory_hostname == groups['kube-master'][0] -- name: get approved server certificate +- name: get approved server certificate shell: kubectl get csr cmk-webhook-server.{{ cmk_namespace }} -o jsonpath='{.status.certificate}' args: chdir: "/etc/ssl/cmk/" @@ -272,8 +264,13 @@ - name: restart kube-apiserver after updating admission control configuration when: inventory_hostname == groups['kube-master'][0] block: - - name: remove kube-apiserver Docker container - shell: docker ps -af name=k8s_kube-apiserver* -q | xargs --no-run-if-empty docker rm -f + - name: remove kube-apiserver container + # noqa 305 - shell is used intentionally here + shell: >- + {{ (container_runtime == 'docker') | ternary('docker ps -af name=k8s_kube-apiserver* -q | + xargs --no-run-if-empty docker rm -f', + 'crictl ps -a --name=kube-apiserver* -q | + xargs --no-run-if-empty crictl rm -f') }} args: executable: /bin/bash register: remove_apiserver_container @@ -345,11 +342,11 @@ when: - inventory_hostname == groups['kube-master'][0] -# remove any preexisting configmaps before cmk redeployment -- name: remove any preexisting configmaps before CMK deployment +# remove any pre-existing configmaps before cmk redeployment +- name: remove any pre-existing configmaps before CMK deployment command: kubectl delete cm cmk-config-{{ inventory_hostname }} when: - - inventory_hostname in cmk_hosts_list.split(',') + - inventory_hostname in (cmk_hosts_list.split(',') if (cmk_hosts_list is defined and cmk_hosts_list | length > 0) else []) delegate_to: "{{ groups['kube-master']|first }}" failed_when: false |