diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 14:45:46 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 14:45:46 +0200 |
| commit | 77bc1bde857ee4b8fa9641849bf1a4f69ec5cf96 (patch) | |
| tree | 67ae4f7e65549ff3bf9b4143650313128d4ef907 /roles/kubernetes | |
| parent | kubernetes/kubeadm: add support for 1.22 (diff) | |
| parent | docker and containerd: apt pinning vs package hold (diff) | |
Merge branch 'topic/apt-hold-vs-pin'
Diffstat (limited to 'roles/kubernetes')
| -rw-r--r-- | roles/kubernetes/base/tasks/main.yml | 24 | ||||
| -rw-r--r-- | roles/kubernetes/kubeadm/base/tasks/main.yml | 20 | ||||
| -rw-r--r-- | roles/kubernetes/test-pods.url | 1 |
3 files changed, 37 insertions, 8 deletions
diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml index 70be0d3a..72cad066 100644 --- a/roles/kubernetes/base/tasks/main.yml +++ b/roles/kubernetes/base/tasks/main.yml @@ -17,6 +17,21 @@ include_role: name: apt-repo/kubic-project +- name: generate apt pin files for kubelet and cri-tools + loop: + - name: kubelet + version: "{{ kubernetes_version }}-00" + - name: cri-tools + version: "{{ kubernetes_cri_tools_pkg_version }}" + loop_control: + label: "{{ item.name }} == {{ item.version }}" + copy: + dest: "/etc/apt/preferences.d/{{ item.name }}.pref" + content: | + Package: {{ item.name }} + Pin: version {{ item.version }} + Pin-Priority: 1001 + - name: install kubelet and common packages apt: name: @@ -25,17 +40,18 @@ - "kubelet={{ kubernetes_version }}-00" state: present force: yes - ## TODO: remove force once the following changes are available - ## https://github.com/ansible/ansible/pull/73629 or https://github.com/ansible/ansible/pull/72562 + # allow_downgrade: yes + ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 -- name: disable automatic upgrades for kubelet and cri-tools + ## TODO: remove this when all machines are migrated to use pin files +- name: unhold packages (we now use APT pinning) loop: - kubelet - cri-tools dpkg_selections: name: "{{ item }}" - selection: hold + selection: install - name: configure endpoints for crictl copy: diff --git a/roles/kubernetes/kubeadm/base/tasks/main.yml b/roles/kubernetes/kubeadm/base/tasks/main.yml index 0fab7845..abc0f3af 100644 --- a/roles/kubernetes/kubeadm/base/tasks/main.yml +++ b/roles/kubernetes/kubeadm/base/tasks/main.yml @@ -1,4 +1,15 @@ --- +- name: generate apt pin files for kubeadm and kubectl + loop: + - kubeadm + - kubectl + copy: + dest: "/etc/apt/preferences.d/{{ item }}.pref" + content: | + Package: {{ item }} + Pin: version {{ kubernetes_version }}-00 + Pin-Priority: 1001 + - name: install kubeadm packages apt: name: @@ -8,17 +19,18 @@ - "kubectl={{ kubernetes_version }}-00" state: present force: yes - ## TODO: remove force once the following changes are available - ## https://github.com/ansible/ansible/pull/73629 or https://github.com/ansible/ansible/pull/72562 + # allow_downgrade: yes + ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 -- name: disable automatic upgrades for kubeadm/kubectl + ## TODO: remove this when all machines are migrated to use pin files +- name: unhold packages (we now use APT pinning) loop: - kubeadm - kubectl dpkg_selections: name: "{{ item }}" - selection: hold + selection: install - name: set kubelet node-ip when: kubernetes_overlay_node_ip is defined diff --git a/roles/kubernetes/test-pods.url b/roles/kubernetes/test-pods.url new file mode 100644 index 00000000..59404701 --- /dev/null +++ b/roles/kubernetes/test-pods.url @@ -0,0 +1 @@ +https://k8s-examples.container-solutions.com/examples/Pod/Pod.html |