diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/containerd/tasks/main.yml | 26 | ||||
-rw-r--r-- | roles/kubernetes/base/tasks/cri_containerd.yml | 15 | ||||
-rw-r--r-- | roles/kubernetes/base/tasks/cri_docker.yml | 12 |
3 files changed, 37 insertions, 16 deletions
diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml index b6a8d997..a082e27b 100644 --- a/roles/containerd/tasks/main.yml +++ b/roles/containerd/tasks/main.yml @@ -1,18 +1,4 @@ --- -- name: install containerd config - when: containerd_config is defined - block: - - name: create containerd config directory - file: - name: /etc/containerd - state: directory - - - name: install containerd config - copy: - content: "{{ containerd_config | to_toml }}\n" - dest: /etc/containerd/config.toml - notify: restart containerd - - name: prepare storage volume for /var/lib/containerd when: containerd_storage is defined vars: @@ -31,6 +17,18 @@ state: present force: yes +- name: fetch containerd default config + check_mode: no + command: containerd config default + register: containerd_config_default + changed_when: false + +- name: fetch containerd default config + copy: + content: "{{ containerd_config_default.stdout | from_toml | combine(containerd_config, recursive=True) | to_toml }}\n" + dest: /etc/containerd/config.toml + notify: restart containerd + - name: disable automatic upgrades for containerd package when: containerd_pkg_version is defined dpkg_selections: diff --git a/roles/kubernetes/base/tasks/cri_containerd.yml b/roles/kubernetes/base/tasks/cri_containerd.yml index 66398ef2..441360f7 100644 --- a/roles/kubernetes/base/tasks/cri_containerd.yml +++ b/roles/kubernetes/base/tasks/cri_containerd.yml @@ -5,6 +5,21 @@ that: - kubernetes_cri_socket == "unix:///run/containerd/containerd.sock" +- name: switch to systemd cgroup driver + set_fact: + containerd_config_override: + plugins: + "io.containerd.grpc.v1.cri": + containerd: + runtimes: + runc: + options: + SystemdCgroup: true + +- name: override mandatory settings in containerd_config + set_fact: + containerd_config: "{{ containerd_config | default({}) | combine(containerd_config_override, recursive=True) }}" + - name: install containerd include_role: name: containerd diff --git a/roles/kubernetes/base/tasks/cri_docker.yml b/roles/kubernetes/base/tasks/cri_docker.yml index 187d5893..88b35508 100644 --- a/roles/kubernetes/base/tasks/cri_docker.yml +++ b/roles/kubernetes/base/tasks/cri_docker.yml @@ -17,9 +17,17 @@ After=docker.service dest: /etc/systemd/system/kubelet.service.d/after-docker.conf -- name: disable bridge and iptables in docker daemon config +- name: disable bridge and iptables in docker daemon config and switch to systemd cgroup driver set_fact: - docker_daemon_config: "{{ docker_daemon_config | default({}) | combine({'exec-opts': ['native.cgroupdriver=systemd'], 'bridge': 'none', 'iptables': false}) }}" + docker_daemon_config_override: + exec-opts: + - "native.cgroupdriver=systemd" + bridge: "none" + iptables: false + +- name: override mandatory settings in docker_daemon_config + set_fact: + docker_daemon_config: "{{ docker_daemon_config | default({}) | combine(docker_daemon_config_override, recursive=True, list_merge='append') }}" - name: install docker include_role: |