diff options
| -rw-r--r-- | chaos-at-home/ch-dione.yml | 2 | ||||
| -rw-r--r-- | dan/emc-master.yml | 2 | ||||
| -rw-r--r-- | inventory/host_vars/ch-dione.yml | 7 | ||||
| -rw-r--r-- | inventory/host_vars/ch-helene.yml | 2 | ||||
| -rw-r--r-- | inventory/host_vars/sgg-icecast.yml | 3 | ||||
| -rw-r--r-- | inventory/host_vars/sk-cloudio/nextcloud.yml | 8 | ||||
| -rw-r--r-- | inventory/host_vars/sk-tomnext-nc.yml | 2 | ||||
| -rw-r--r-- | roles/containerd/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/docker/engine/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/kubernetes/base/tasks/main.yml | 9 | ||||
| -rw-r--r-- | roles/kubernetes/kubeadm/base/tasks/main.yml | 9 | ||||
| -rw-r--r-- | roles/kubernetes/kubeadm/upgrade | 30 | ||||
| -rw-r--r-- | roles/streaming/blackmagic/desktopvideo/tasks/main.yml | 7 | ||||
| -rw-r--r-- | roles/streaming/blackmagic/mediaexpress/tasks/main.yml | 6 |
14 files changed, 38 insertions, 61 deletions
diff --git a/chaos-at-home/ch-dione.yml b/chaos-at-home/ch-dione.yml index 3c358470..dd973a5a 100644 --- a/chaos-at-home/ch-dione.yml +++ b/chaos-at-home/ch-dione.yml @@ -11,6 +11,8 @@ - role: core/admin-users - role: apt-repo/spreadspace - role: streaming/blackmagic/desktopvideo + - role: kubernetes/base + - role: kubernetes/standalone/base post_tasks: - name: install lm-sensors and i7z apt: diff --git a/dan/emc-master.yml b/dan/emc-master.yml index 118710a2..edfc0ffe 100644 --- a/dan/emc-master.yml +++ b/dan/emc-master.yml @@ -8,6 +8,6 @@ - role: core/zsh - role: core/ntp - role: apt-repo/spreadspace - - role: monitoring/prometheus/exporter +# - role: monitoring/prometheus/exporter - role: storage/lvm/groups - role: elevate/emc-stats diff --git a/inventory/host_vars/ch-dione.yml b/inventory/host_vars/ch-dione.yml index 9e327b21..93a94476 100644 --- a/inventory/host_vars/ch-dione.yml +++ b/inventory/host_vars/ch-dione.yml @@ -78,3 +78,10 @@ ntp_server: blackmagic_desktopvideo_version: 11.7a12 blackmagic_desktopvideo_include_gui: yes + + +kubernetes_version: 1.22.2 +kubernetes_cri_tools_pkg_version: 1.21.0~2 +kubernetes_container_runtime: containerd +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ch-helene.yml b/inventory/host_vars/ch-helene.yml index 6f35acd3..08c750ef 100644 --- a/inventory/host_vars/ch-helene.yml +++ b/inventory/host_vars/ch-helene.yml @@ -75,7 +75,7 @@ blackmagic_desktopvideo_include_gui: yes -kubernetes_version: 1.21.4 +kubernetes_version: 1.22.2 kubernetes_cri_tools_pkg_version: 1.21.0~2 kubernetes_container_runtime: containerd kubernetes_standalone_max_pods: 42 diff --git a/inventory/host_vars/sgg-icecast.yml b/inventory/host_vars/sgg-icecast.yml index 887ef8ac..eec37447 100644 --- a/inventory/host_vars/sgg-icecast.yml +++ b/inventory/host_vars/sgg-icecast.yml @@ -51,7 +51,8 @@ kubelet_storage: size: 2G fs: ext4 -kubernetes_version: 1.21.1 +kubernetes_version: 1.22.2 +kubernetes_cri_tools_pkg_version: 1.21.0~2 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/sk-cloudio/nextcloud.yml b/inventory/host_vars/sk-cloudio/nextcloud.yml index d7db2ea5..594dd8ac 100644 --- a/inventory/host_vars/sk-cloudio/nextcloud.yml +++ b/inventory/host_vars/sk-cloudio/nextcloud.yml @@ -8,7 +8,7 @@ nextcloud_zfs: nextcloud_instances: wolke.elevate.at: # new: true - version: 21.0.3 + version: 21.0.4 port: 8100 hostnames: - wolke.elevate.at @@ -20,7 +20,7 @@ nextcloud_instances: password: "{{ vault_nextcloud_database_passwords['wolke.elevate.at'] }}" insomnia.skillz.biz: # new: true - version: 21.0.3 + version: 21.0.4 port: 8101 hostnames: - insomnia.skillz.biz @@ -32,7 +32,7 @@ nextcloud_instances: password: "{{ vault_nextcloud_database_passwords['insomnia.skillz.biz'] }}" nc.skillz.biz: # new: true - version: 21.0.3 + version: 21.0.4 port: 8102 hostnames: - nc.skillz.biz @@ -44,7 +44,7 @@ nextcloud_instances: password: "{{ vault_nextcloud_database_passwords['nc.skillz.biz'] }}" wae.elevate.at: # new: true - version: 21.0.3 + version: 21.0.4 port: 8104 hostnames: - wae.elevate.at diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index c9f0be3e..5e0f9997 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -123,7 +123,7 @@ nextcloud_zfs: nextcloud_instances: team.tomwaitz.eu: # new: true - version: 21.0.3 + version: 21.0.4 port: 8100 hostnames: - team.tomwaitz.eu diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml index 56970268..780b0aa9 100644 --- a/roles/containerd/tasks/main.yml +++ b/roles/containerd/tasks/main.yml @@ -41,12 +41,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: "{{ containerd_pkg_name }}" - selection: install - - name: fetch containerd default config check_mode: no command: containerd config default diff --git a/roles/docker/engine/tasks/main.yml b/roles/docker/engine/tasks/main.yml index d07d6d63..0ed1b44f 100644 --- a/roles/docker/engine/tasks/main.yml +++ b/roles/docker/engine/tasks/main.yml @@ -52,12 +52,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: "{{ docker_pkg_name }}" - selection: install - - name: start and enable docker service: name: docker diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml index 72cad066..04994fcc 100644 --- a/roles/kubernetes/base/tasks/main.yml +++ b/roles/kubernetes/base/tasks/main.yml @@ -44,15 +44,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: - - kubelet - - cri-tools - dpkg_selections: - name: "{{ item }}" - selection: install - - name: configure endpoints for crictl copy: dest: /etc/crictl.yaml diff --git a/roles/kubernetes/kubeadm/base/tasks/main.yml b/roles/kubernetes/kubeadm/base/tasks/main.yml index abc0f3af..53c7c6f1 100644 --- a/roles/kubernetes/kubeadm/base/tasks/main.yml +++ b/roles/kubernetes/kubeadm/base/tasks/main.yml @@ -23,15 +23,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: - - kubeadm - - kubectl - dpkg_selections: - name: "{{ item }}" - selection: install - - name: set kubelet node-ip when: kubernetes_overlay_node_ip is defined lineinfile: diff --git a/roles/kubernetes/kubeadm/upgrade b/roles/kubernetes/kubeadm/upgrade index dc0a360a..52fe1a5d 100644 --- a/roles/kubernetes/kubeadm/upgrade +++ b/roles/kubernetes/kubeadm/upgrade @@ -4,18 +4,22 @@ Cluster Upgrades: primary master: --------------- -VERSION=1.20.2 +VERSION=1.22.2 + apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-00" kubeadm version kubeadm upgrade plan kubectl drain $(hostname) --ignore-daemonsets --delete-local-data kubeadm upgrade apply "v$VERSION" - sed "s/^kubernetesVersion: .*$/kubernetesVersion: $VERSION/" -i /etc/kubernetes/kubeadm.config -apt-get update && apt-get install -y --allow-change-held-packages "kubelet=$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl + +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y "kubelet=$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? @@ -25,14 +29,17 @@ kubectl uncordon $(hostname) secondary master: ----------------- -VERSION=1.20.2 +VERSION=1.22.2 apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" kubectl drain $(hostname) --ignore-daemonsets --delete-local-data kubeadm upgrade node -apt-mark unhold kubelet kubectl && apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? @@ -42,15 +49,18 @@ kubectl uncordon $(hostname) worker nodes: ------------- -VERSION=1.20.2 +VERSION=1.22.2 apt-get update -apt-get install -y --allow-change-held-packages "kubeadm=$VERSION-00" && apt-mark hold kubeadm +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-00" @primary master: kubectl drain <node> --ignore-daemonsets --delete-local-data kubeadm upgrade node -apt-mark unhold kubelet kubectl && apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" && apt-mark hold kubelet kubectl +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" // security updates + reboot ? diff --git a/roles/streaming/blackmagic/desktopvideo/tasks/main.yml b/roles/streaming/blackmagic/desktopvideo/tasks/main.yml index 98d2d28b..3906e206 100644 --- a/roles/streaming/blackmagic/desktopvideo/tasks/main.yml +++ b/roles/streaming/blackmagic/desktopvideo/tasks/main.yml @@ -39,13 +39,6 @@ ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - loop: "{{ blackmagic_desktopvideo_packages }}" - dpkg_selections: - name: "{{ item }}" - selection: install - - name: install improved kill mode for DesktopVideoHelper (1/2) file: name: /etc/systemd/system/DesktopVideoHelper.service.d diff --git a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml index 9aa83c28..9b894c43 100644 --- a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml +++ b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml @@ -26,9 +26,3 @@ # allow_downgrade: yes ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 - - ## TODO: remove this when all machines are migrated to use pin files -- name: unhold packages (we now use APT pinning) - dpkg_selections: - name: mediaexpress - selection: install |