diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 23:57:31 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 23:57:31 +0200 |
| commit | 5f925ca116c23a51d3043ebab314b15ff8e21ae4 (patch) | |
| tree | 620d5da748f2d49a4071a1a5ae1cb48c6124f4ed /roles | |
| parent | Merge branch 'topic/apt-hold-vs-pin' (diff) | |
all hosts have been converted to use apt pinning
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/containerd/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/docker/engine/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/kubernetes/base/tasks/main.yml | 9 | ||||
| -rw-r--r-- | roles/kubernetes/kubeadm/base/tasks/main.yml | 9 | ||||
| -rw-r--r-- | roles/kubernetes/kubeadm/upgrade | 30 | ||||
| -rw-r--r-- | roles/streaming/blackmagic/desktopvideo/tasks/main.yml | 7 | ||||
| -rw-r--r-- | roles/streaming/blackmagic/mediaexpress/tasks/main.yml | 6 |
7 files changed, 20 insertions, 53 deletions
diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml index 56970268..780b0aa9 100644 --- a/roles/containerd/tasks/main.yml +++ b/roles/containerd/tasks/main.yml @@ -41,12 +41,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: "{{ containerd_pkg_name }}" - selection: install - - name: fetch containerd default config check_mode: no command: containerd config default diff --git a/roles/docker/engine/tasks/main.yml b/roles/docker/engine/tasks/main.yml index d07d6d63..0ed1b44f 100644 --- a/roles/docker/engine/tasks/main.yml +++ b/roles/docker/engine/tasks/main.yml @@ -52,12 +52,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: "{{ docker_pkg_name }}" - selection: install - - name: start and enable docker service: name: docker diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml index 72cad066..04994fcc 100644 --- a/roles/kubernetes/base/tasks/main.yml +++ b/roles/kubernetes/base/tasks/main.yml @@ -44,15 +44,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: - - kubelet - - cri-tools - dpkg_selections: - name: "{{ item }}" - selection: install - - name: configure endpoints for crictl copy: dest: /etc/crictl.yaml diff --git a/roles/kubernetes/kubeadm/base/tasks/main.yml b/roles/kubernetes/kubeadm/base/tasks/main.yml index abc0f3af..53c7c6f1 100644 --- a/roles/kubernetes/kubeadm/base/tasks/main.yml +++ b/roles/kubernetes/kubeadm/base/tasks/main.yml @@ -23,15 +23,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: - - kubeadm - - kubectl - dpkg_selections: - name: "{{ item }}" - selection: install - - name: set kubelet node-ip when: kubernetes_overlay_node_ip is defined lineinfile: diff --git a/roles/kubernetes/kubeadm/upgrade b/roles/kubernetes/kubeadm/upgrade index dc0a360a..52fe1a5d 100644 --- a/roles/kubernetes/kubeadm/upgrade +++ b/roles/kubernetes/kubeadm/upgrade @@ -4,18 +4,22 @@ Cluster Upgrades: primary master: --------------- -VERSION=1.20.2 +VERSION=1.22.2 + apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-00" kubeadm version kubeadm upgrade plan kubectl drain $(hostname) --ignore-daemonsets --delete-local-data kubeadm upgrade apply "v$VERSION" - sed "s/^kubernetesVersion: .*$/kubernetesVersion: $VERSION/" -i /etc/kubernetes/kubeadm.config -apt-get update && apt-get install -y --allow-change-held-packages "kubelet=$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl + +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y "kubelet=$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? @@ -25,14 +29,17 @@ kubectl uncordon $(hostname) secondary master: ----------------- -VERSION=1.20.2 +VERSION=1.22.2 apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" kubectl drain $(hostname) --ignore-daemonsets --delete-local-data kubeadm upgrade node -apt-mark unhold kubelet kubectl && apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? @@ -42,15 +49,18 @@ kubectl uncordon $(hostname) worker nodes: ------------- -VERSION=1.20.2 +VERSION=1.22.2 apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-00" @primary master: kubectl drain <node> --ignore-daemonsets --delete-local-data kubeadm upgrade node -apt-mark unhold kubelet kubectl && apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? diff --git a/roles/streaming/blackmagic/desktopvideo/tasks/main.yml b/roles/streaming/blackmagic/desktopvideo/tasks/main.yml index 98d2d28b..3906e206 100644 --- a/roles/streaming/blackmagic/desktopvideo/tasks/main.yml +++ b/roles/streaming/blackmagic/desktopvideo/tasks/main.yml @@ -39,13 +39,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: "{{ blackmagic_desktopvideo_packages }}" - dpkg_selections: - name: "{{ item }}" - selection: install - - name: install improved kill mode for DesktopVideoHelper (1/2) file: name: /etc/systemd/system/DesktopVideoHelper.service.d diff --git a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml index 9aa83c28..9b894c43 100644 --- a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml +++ b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml @@ -26,9 +26,3 @@ # allow_downgrade: yes ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: mediaexpress - selection: install |