diff options
| -rw-r--r-- | chaos-at-home/ch-testvm-prometheus.yml | 11 | ||||
| -rw-r--r-- | inventory/host_vars/ch-testvm-prometheus.yml | 12 | ||||
| -rw-r--r-- | inventory/hosts.ini | 1 | ||||
| -rw-r--r-- | roles/containerd/tasks/main.yml | 26 | ||||
| -rw-r--r-- | roles/kubernetes/base/tasks/cri_containerd.yml | 15 | ||||
| -rw-r--r-- | roles/kubernetes/base/tasks/cri_docker.yml | 12 |
6 files changed, 52 insertions, 25 deletions
diff --git a/chaos-at-home/ch-testvm-prometheus.yml b/chaos-at-home/ch-testvm-prometheus.yml index 13a60198..a34d58e3 100644 --- a/chaos-at-home/ch-testvm-prometheus.yml +++ b/chaos-at-home/ch-testvm-prometheus.yml @@ -7,12 +7,5 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp - - role: containerd - containerd_config: - plugins: - "io.containerd.grpc.v1.cri": - containerd: - runtimes: - runc: - options: - SystemdCgroup: true + - role: kubernetes/base + - role: kubernetes/standalone/base diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml index 11dec61c..426a2c00 100644 --- a/inventory/host_vars/ch-testvm-prometheus.yml +++ b/inventory/host_vars/ch-testvm-prometheus.yml @@ -40,3 +40,15 @@ containerd_storage: lv: containerd size: 20G fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 15G + fs: ext4 + +kubernetes_version: 1.21.0 +kubernetes_container_runtime: containerd +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 4c31b999..8d03b7b1 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -457,6 +457,7 @@ glt-telesto glt-datacop glt-thetys sgg-icecast +ch-testvm-prometheus [kubernetes:children] kubernetes-cluster diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml index b6a8d997..a082e27b 100644 --- a/roles/containerd/tasks/main.yml +++ b/roles/containerd/tasks/main.yml @@ -1,18 +1,4 @@ --- -- name: install containerd config - when: containerd_config is defined - block: - - name: create containerd config directory - file: - name: /etc/containerd - state: directory - - - name: install containerd config - copy: - content: "{{ containerd_config | to_toml }}\n" - dest: /etc/containerd/config.toml - notify: restart containerd - - name: prepare storage volume for /var/lib/containerd when: containerd_storage is defined vars: @@ -31,6 +17,18 @@ state: present force: yes +- name: fetch containerd default config + check_mode: no + command: containerd config default + register: containerd_config_default + changed_when: false + +- name: fetch containerd default config + copy: + content: "{{ containerd_config_default.stdout | from_toml | combine(containerd_config, recursive=True) | to_toml }}\n" + dest: /etc/containerd/config.toml + notify: restart containerd + - name: disable automatic upgrades for containerd package when: containerd_pkg_version is defined dpkg_selections: diff --git a/roles/kubernetes/base/tasks/cri_containerd.yml b/roles/kubernetes/base/tasks/cri_containerd.yml index 66398ef2..441360f7 100644 --- a/roles/kubernetes/base/tasks/cri_containerd.yml +++ b/roles/kubernetes/base/tasks/cri_containerd.yml @@ -5,6 +5,21 @@ that: - kubernetes_cri_socket == "unix:///run/containerd/containerd.sock" +- name: switch to systemd cgroup driver + set_fact: + containerd_config_override: + plugins: + "io.containerd.grpc.v1.cri": + containerd: + runtimes: + runc: + options: + SystemdCgroup: true + +- name: override mandatory settings in containerd_config + set_fact: + containerd_config: "{{ containerd_config | default({}) | combine(containerd_config_override, recursive=True) }}" + - name: install containerd include_role: name: containerd diff --git a/roles/kubernetes/base/tasks/cri_docker.yml b/roles/kubernetes/base/tasks/cri_docker.yml index 187d5893..88b35508 100644 --- a/roles/kubernetes/base/tasks/cri_docker.yml +++ b/roles/kubernetes/base/tasks/cri_docker.yml @@ -17,9 +17,17 @@ After=docker.service dest: /etc/systemd/system/kubelet.service.d/after-docker.conf -- name: disable bridge and iptables in docker daemon config +- name: disable bridge and iptables in docker daemon config and switch to systemd cgroup driver set_fact: - docker_daemon_config: "{{ docker_daemon_config | default({}) | combine({'exec-opts': ['native.cgroupdriver=systemd'], 'bridge': 'none', 'iptables': false}) }}" + docker_daemon_config_override: + exec-opts: + - "native.cgroupdriver=systemd" + bridge: "none" + iptables: false + +- name: override mandatory settings in docker_daemon_config + set_fact: + docker_daemon_config: "{{ docker_daemon_config | default({}) | combine(docker_daemon_config_override, recursive=True, list_merge='append') }}" - name: install docker include_role: |