diff options
30 files changed, 63 insertions, 81 deletions
diff --git a/inventory/group_vars/k8s-chtest/vars.yml b/inventory/group_vars/k8s-chtest/vars.yml index ecc9de63..ced61a29 100644 --- a/inventory/group_vars/k8s-chtest/vars.yml +++ b/inventory/group_vars/k8s-chtest/vars.yml @@ -1,8 +1,7 @@ --- kubernetes_node_name: "{{ inventory_hostname | replace('ch-', '') }}" -kubernetes_version: 1.27.1 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: containerd containerd_pkg_provider: docker-com diff --git a/inventory/group_vars/k8s-emc/vars.yml b/inventory/group_vars/k8s-emc/vars.yml index 9a6f8b56..3ad30e4c 100644 --- a/inventory/group_vars/k8s-emc/vars.yml +++ b/inventory/group_vars/k8s-emc/vars.yml @@ -1,7 +1,7 @@ --- kubernetes_node_name: "{{ inventory_hostname | replace('ele-', '') }}" -kubernetes_version: 1.26.1 +kubernetes_version: 1.28.5 kubernetes_container_runtime: containerd containerd_pkg_provider: docker-com kubernetes_network_plugin: kubeguard diff --git a/inventory/host_vars/ch-apps/vars.yml b/inventory/host_vars/ch-apps/vars.yml index 03be1a58..f8eedf26 100644 --- a/inventory/host_vars/ch-apps/vars.yml +++ b/inventory/host_vars/ch-apps/vars.yml @@ -113,8 +113,7 @@ kubelet_storage: quota: 10G 'syncoid:sync': 'false' -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ch-dione.yml b/inventory/host_vars/ch-dione.yml index 693fed65..1a9ba770 100644 --- a/inventory/host_vars/ch-dione.yml +++ b/inventory/host_vars/ch-dione.yml @@ -54,8 +54,7 @@ kubelet_storage: size: 5G fs: ext4 -# kubernetes_version: 1.28.2 -# kubernetes_cri_tools_pkg_version: 1.26.0-00 +# kubernetes_version: 1.28.5 # kubernetes_container_runtime: docker # kubernetes_standalone_max_pods: 42 # kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ch-equinox-t450s.yml b/inventory/host_vars/ch-equinox-t450s.yml index 80614562..23c141e1 100644 --- a/inventory/host_vars/ch-equinox-t450s.yml +++ b/inventory/host_vars/ch-equinox-t450s.yml @@ -303,6 +303,8 @@ ws_base_extra_packages: # needs apt-repo/element - element-desktop +kubernetes_version: "1.28" + ws_minet_wired_interface_name: enp0s25 ws_minet_wired_interface_module: e1000e diff --git a/inventory/host_vars/ch-equinox-ws.yml b/inventory/host_vars/ch-equinox-ws.yml index af5dfc1a..1b831752 100644 --- a/inventory/host_vars/ch-equinox-ws.yml +++ b/inventory/host_vars/ch-equinox-ws.yml @@ -312,6 +312,8 @@ ws_base_extra_packages: # needs apt-repo/element - element-desktop +kubernetes_version: "1.28" + ws_base_xrandr_setup_script: | #!/bin/bash diff --git a/inventory/host_vars/ch-helene.yml b/inventory/host_vars/ch-helene.yml index ea832744..7bd5104e 100644 --- a/inventory/host_vars/ch-helene.yml +++ b/inventory/host_vars/ch-helene.yml @@ -54,8 +54,7 @@ kubelet_storage: size: 5G fs: ext4 -# kubernetes_version: 1.28.2 -# kubernetes_cri_tools_pkg_version: 1.26.0-00 +# kubernetes_version: 1.28.5 # kubernetes_container_runtime: docker # kubernetes_standalone_max_pods: 42 # kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml index 04e3e709..e6088527 100644 --- a/inventory/host_vars/ch-testvm-prometheus.yml +++ b/inventory/host_vars/ch-testvm-prometheus.yml @@ -70,8 +70,7 @@ kubelet_storage: size: 1G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ele-calypso.yml b/inventory/host_vars/ele-calypso.yml index 40aed800..854b76e0 100644 --- a/inventory/host_vars/ele-calypso.yml +++ b/inventory/host_vars/ele-calypso.yml @@ -70,8 +70,7 @@ kubelet_storage: size: 5G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ele-coturn.yml b/inventory/host_vars/ele-coturn.yml index 473f8b31..45eb87c1 100644 --- a/inventory/host_vars/ele-coturn.yml +++ b/inventory/host_vars/ele-coturn.yml @@ -27,8 +27,7 @@ acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" acme_client: acmetool -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_pod_cidr: 192.168.255.0/24 diff --git a/inventory/host_vars/ele-helene.yml b/inventory/host_vars/ele-helene.yml index e8eab99c..41f08c2c 100644 --- a/inventory/host_vars/ele-helene.yml +++ b/inventory/host_vars/ele-helene.yml @@ -91,8 +91,7 @@ kubelet_storage: size: 5G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ele-jitsi.yml b/inventory/host_vars/ele-jitsi.yml index 61b1ab4b..8a2b3484 100644 --- a/inventory/host_vars/ele-jitsi.yml +++ b/inventory/host_vars/ele-jitsi.yml @@ -32,8 +32,7 @@ acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" acme_client: acmetool -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml index a2f6ef90..ea2b00b4 100644 --- a/inventory/host_vars/ele-media.yml +++ b/inventory/host_vars/ele-media.yml @@ -72,8 +72,7 @@ kubelet_storage: size: 5G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ele-thetys.yml b/inventory/host_vars/ele-thetys.yml index 53009eda..e5da1055 100644 --- a/inventory/host_vars/ele-thetys.yml +++ b/inventory/host_vars/ele-thetys.yml @@ -81,8 +81,7 @@ kubelet_storage: size: 5G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/glt-calypso.yml b/inventory/host_vars/glt-calypso.yml index 6c2b0f8a..61da1f8c 100644 --- a/inventory/host_vars/glt-calypso.yml +++ b/inventory/host_vars/glt-calypso.yml @@ -57,8 +57,7 @@ kubelet_storage: size: 10G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/glt-coturn.yml b/inventory/host_vars/glt-coturn.yml index 125240e1..483307c9 100644 --- a/inventory/host_vars/glt-coturn.yml +++ b/inventory/host_vars/glt-coturn.yml @@ -20,8 +20,7 @@ spreadspace_apt_repo_components: acme_client: acmetool -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_pod_cidr: 192.168.255.0/24 diff --git a/inventory/host_vars/glt-meet1.yml b/inventory/host_vars/glt-meet1.yml index dcc7dd02..8218de9e 100644 --- a/inventory/host_vars/glt-meet1.yml +++ b/inventory/host_vars/glt-meet1.yml @@ -20,8 +20,7 @@ spreadspace_apt_repo_components: acme_client: acmetool -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/glt-meet2.yml b/inventory/host_vars/glt-meet2.yml index 3276bebf..a643d115 100644 --- a/inventory/host_vars/glt-meet2.yml +++ b/inventory/host_vars/glt-meet2.yml @@ -20,8 +20,7 @@ spreadspace_apt_repo_components: acme_client: acmetool -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/glt-tsdatacop.yml b/inventory/host_vars/glt-tsdatacop.yml index 43b4f36e..7c7bcf1a 100644 --- a/inventory/host_vars/glt-tsdatacop.yml +++ b/inventory/host_vars/glt-tsdatacop.yml @@ -53,8 +53,7 @@ kubelet_storage: size: 10G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/s2-thetys.yml b/inventory/host_vars/s2-thetys.yml index 9bd56855..0a899916 100644 --- a/inventory/host_vars/s2-thetys.yml +++ b/inventory/host_vars/s2-thetys.yml @@ -53,8 +53,7 @@ kubelet_storage: size: 5G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/sgg-icecast.yml b/inventory/host_vars/sgg-icecast.yml index 400018e9..71353223 100644 --- a/inventory/host_vars/sgg-icecast.yml +++ b/inventory/host_vars/sgg-icecast.yml @@ -63,8 +63,7 @@ kubelet_storage: size: 2G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/sk-cloudio/vars.yml b/inventory/host_vars/sk-cloudio/vars.yml index d510cf9f..ffb78d08 100644 --- a/inventory/host_vars/sk-cloudio/vars.yml +++ b/inventory/host_vars/sk-cloudio/vars.yml @@ -70,8 +70,7 @@ kubelet_storage: properties: quota: 20G -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_pod_cidr: 192.168.255.0/24 diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 12362457..1d698f40 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -56,8 +56,7 @@ kubelet_storage: size: 1G fs: ext4 -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_pod_cidr: 192.168.255.0/24 diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index 9134993a..4cf034a6 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -88,8 +88,7 @@ kubelet_storage: properties: quota: 15G -kubernetes_version: 1.28.2 -kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_version: 1.28.5 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 15 kubernetes_standalone_cni_variant: with-portmap diff --git a/roles/apt-repo/kubernetes/files/repo.gpg b/roles/apt-repo/kubernetes/files/repo.gpg Binary files differindex 7fe476f8..469208ef 100644 --- a/roles/apt-repo/kubernetes/files/repo.gpg +++ b/roles/apt-repo/kubernetes/files/repo.gpg diff --git a/roles/apt-repo/kubernetes/tasks/main.yml b/roles/apt-repo/kubernetes/tasks/main.yml index 5fd2f5c6..aaba3466 100644 --- a/roles/apt-repo/kubernetes/tasks/main.yml +++ b/roles/apt-repo/kubernetes/tasks/main.yml @@ -14,7 +14,7 @@ - name: add repository entry copy: content: | - deb [signed-by=/etc/apt/keyrings/kubernetes.gpg] https://apt.kubernetes.io/ kubernetes-xenial main + deb [signed-by=/etc/apt/keyrings/kubernetes.gpg] https://pkgs.k8s.io/core:/stable:/v{{ ([0, 1] | map('extract', kubernetes_version.split('.'))) | join('.') }}/deb/ / dest: /etc/apt/sources.list.d/kubernetes.list register: apt_repo_kubernetes_sources diff --git a/roles/kubernetes/base/defaults/main.yml b/roles/kubernetes/base/defaults/main.yml index 2b69fb5e..07a37504 100644 --- a/roles/kubernetes/base/defaults/main.yml +++ b/roles/kubernetes/base/defaults/main.yml @@ -1,4 +1,2 @@ --- -kubernetes_cri_tools_pkg_version: "{{ ([0, 1] | map('extract', kubernetes_version.split('.'))) | join('.') }}.0-00" - kubernetes_cri_sandbox_image: "registry.k8s.io/pause:3.9" diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml index d2f7ef81..614f7685 100644 --- a/roles/kubernetes/base/tasks/main.yml +++ b/roles/kubernetes/base/tasks/main.yml @@ -20,27 +20,26 @@ include_role: name: apt-repo/kubernetes -- name: generate apt pin files for kubelet and cri-tools - loop: - - name: kubelet - version: "{{ kubernetes_version }}-00" - - name: cri-tools - version: "{{ kubernetes_cri_tools_pkg_version }}" - loop_control: - label: "{{ item.name }} == {{ item.version }}" +- name: generate apt pin file for kubelet copy: - dest: "/etc/apt/preferences.d/{{ item.name }}.pref" + dest: "/etc/apt/preferences.d/kubelet.pref" content: | - Package: {{ item.name }} - Pin: version {{ item.version }} + Package: kubelet + Pin: version {{ kubernetes_version }}-* Pin-Priority: 1001 +## TODO: remove once all servers have been converted +- name: remove apt pin file for cri-tools + file: + path: "/etc/apt/preferences.d/cri-tools.pref" + state: absent + - name: install kubelet and common packages apt: name: - bridge-utils - - "cri-tools={{ kubernetes_cri_tools_pkg_version }}" - - "kubelet={{ kubernetes_version }}-00" + - cri-tools + - "kubelet={{ kubernetes_version }}-*" state: present allow_downgrade: yes diff --git a/roles/kubernetes/kubeadm/base/tasks/main.yml b/roles/kubernetes/kubeadm/base/tasks/main.yml index e339fbcb..1e5ef920 100644 --- a/roles/kubernetes/kubeadm/base/tasks/main.yml +++ b/roles/kubernetes/kubeadm/base/tasks/main.yml @@ -7,7 +7,7 @@ dest: "/etc/apt/preferences.d/{{ item }}.pref" content: | Package: {{ item }} - Pin: version {{ kubernetes_version }}-00 + Pin: version {{ kubernetes_version }}-* Pin-Priority: 1001 - name: install kubeadm packages @@ -15,8 +15,8 @@ name: - haproxy - hatop - - "kubeadm={{ kubernetes_version }}-00" - - "kubectl={{ kubernetes_version }}-00" + - "kubeadm={{ kubernetes_version }}-*" + - "kubectl={{ kubernetes_version }}-*" state: present allow_downgrade: yes diff --git a/roles/kubernetes/kubeadm/upgrade b/roles/kubernetes/kubeadm/upgrade index 5328eefa..d08471f6 100644 --- a/roles/kubernetes/kubeadm/upgrade +++ b/roles/kubernetes/kubeadm/upgrade @@ -4,12 +4,12 @@ Cluster Upgrades: primary control-plane node: --------------------------- -VERSION=1.24.3 - +VERSION=1.28.5 +sed "s#/v[0-9.]*/deb/#/v${VERSION%.*}/deb/#" -i /etc/apt/sources.list.d/kubernetes.list apt-get update -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref -apt-get install -y "kubeadm=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-*" kubeadm version kubeadm upgrade plan @@ -17,9 +17,9 @@ kubectl drain $(hostname) --ignore-daemonsets --delete-emptydir-data kubeadm upgrade apply "v$VERSION" sed "s/^kubernetesVersion: .*$/kubernetesVersion: $VERSION/" -i /etc/kubernetes/kubeadm.config -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref -apt-get update && apt-get install -y "kubelet=$VERSION-00" "kubectl=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y "kubelet=$VERSION-*" "kubectl=$VERSION-*" // security updates + reboot ? @@ -29,17 +29,18 @@ kubectl uncordon $(hostname) secondary control-plane node: ----------------------------- -VERSION=1.24.3 +VERSION=1.28.5 +sed "s#/v[0-9.]*/deb/#/v${VERSION%.*}/deb/#" -i /etc/apt/sources.list.d/kubernetes.list apt-get update -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref -apt-get install -y "kubeadm=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-*" kubectl drain $(hostname) --ignore-daemonsets --delete-emptydir-data kubeadm upgrade node -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref -apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-*" "kubectl=$VERSION-*" // security updates + reboot ? @@ -49,18 +50,19 @@ kubectl uncordon $(hostname) worker nodes: ------------- -VERSION=1.24.3 +VERSION=1.28.5 +sed "s#/v[0-9.]*/deb/#/v${VERSION%.*}/deb/#" -i /etc/apt/sources.list.d/kubernetes.list apt-get update -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubeadm.pref -apt-get install -y "kubeadm=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubeadm.pref +apt-get install -y "kubeadm=$VERSION-*" @primary control-plane node: kubectl drain <node> --ignore-daemonsets --delete-emptydir-data kubeadm upgrade node -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubelet.pref -sed "s/^Pin: version .*$/Pin: version $VERSION-00/" -i /etc/apt/preferences.d/kubectl.pref -apt-get update && apt-get install -y kubelet="$VERSION-00" "kubectl=$VERSION-00" +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubelet.pref +sed "s/^Pin: version .*$/Pin: version $VERSION-*/" -i /etc/apt/preferences.d/kubectl.pref +apt-get update && apt-get install -y kubelet="$VERSION-*" "kubectl=$VERSION-*" // security updates + reboot ? |