From 9ad3dd93e4e67e34106b0676c0dd5f5c66e0b02c Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Fri, 22 May 2020 09:01:03 -0700 Subject: [PATCH 01/10] Add support for ubuntu --- README.md | 2 +- roles/download/tasks/main.yml | 7 +++++-- roles/ubuntu/tasks/main.yml | 37 +++++++++++++++++++++++++++++++++++ site.yml | 2 +- 4 files changed, 44 insertions(+), 4 deletions(-) create mode 100644 roles/ubuntu/tasks/main.yml diff --git a/README.md b/README.md index 9fcaf65..eb45123 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Author: Build a Kubernetes cluster using Ansible with k3s. The goal is easily install a Kubernetes cluster on machines running: - [X] Debian -- [ ] Ubuntu +- [X] Ubuntu - [X] CentOS on processor architecture: diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml index f1aa998..7e14645 100644 --- a/roles/download/tasks/main.yml +++ b/roles/download/tasks/main.yml @@ -22,8 +22,11 @@ group: root mode: 0755 when: - - ansible_facts.architecture is search("arm") - - ansible_facts.userspace_bits == "64" + ( ansible_facts.architecture is search("arm") + and + ansible_facts.userspace_bits == "64" ) + or + ansible_facts.architecture == "aarch64" - name: Download k3s binary armhf get_url: diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml new file mode 100644 index 0000000..acdc08b --- /dev/null +++ b/roles/ubuntu/tasks/main.yml @@ -0,0 +1,37 @@ +--- + +- name: Check if cgroups enabled in /boot/firmware/cmdline.txt + shell: cat /boot/firmware/cmdline.txt | grep cgroup + register: cgroup_enabled + when: ansible_distribution == 'Ubuntu' + # grep will exit with 1 when no results found. + # ignore_errors causes the task not to halt play. + ignore_errors: true + +- name: Enable cgroup via boot commandline if not already present + lineinfile: + path: /boot/firmware/cmdline.txt + backrefs: yes + regexp: "(.*)$" + line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' + when: + ( ansible_distribution == 'Ubuntu' ) + and + ( cgroup_enabled.stdout == "" ) + +- name: Check if cgroups already running + shell: cat /proc/cmdline | grep cgroup + register: cgroup_running + when: + ansible_distribution == 'Ubuntu' + # grep will exit with 1 when no results found. + # ignore_errors causes the task not to halt play. + ignore_errors: true + +- name: Rebooting to enable cgroups if not already running + reboot: + when: + ( ansible_distribution == 'Ubuntu' ) + and + ( cgroup_running.stdout == "" ) + diff --git a/site.yml b/site.yml index f7fa9ac..8862e96 100644 --- a/site.yml +++ b/site.yml @@ -7,7 +7,7 @@ - role: prereq - role: download - role: raspbian - + - role: ubuntu - hosts: master become: yes From 930f1b558602131e64425f499113d23238cdb162 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Fri, 22 May 2020 11:11:00 -0700 Subject: [PATCH 02/10] Clean up conditionals a bit --- roles/ubuntu/tasks/main.yml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index acdc08b..4d1992c 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Check if cgroups enabled in /boot/firmware/cmdline.txt +- name: Check if cgroups enabled shell: cat /boot/firmware/cmdline.txt | grep cgroup register: cgroup_enabled when: ansible_distribution == 'Ubuntu' @@ -8,16 +8,15 @@ # ignore_errors causes the task not to halt play. ignore_errors: true -- name: Enable cgroup via boot commandline if not already present +- name: Enable cgroup via boot commandline if not already enabled lineinfile: path: /boot/firmware/cmdline.txt backrefs: yes regexp: "(.*)$" line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' when: - ( ansible_distribution == 'Ubuntu' ) - and - ( cgroup_enabled.stdout == "" ) + - ansible_distribution == 'Ubuntu' + - cgroup_enabled.stdout == "" - name: Check if cgroups already running shell: cat /proc/cmdline | grep cgroup @@ -28,10 +27,9 @@ # ignore_errors causes the task not to halt play. ignore_errors: true -- name: Rebooting to enable cgroups if not already running +- name: Reboot to enable cgroups if not already running reboot: when: - ( ansible_distribution == 'Ubuntu' ) - and - ( cgroup_running.stdout == "" ) + - ansible_distribution == 'Ubuntu' + - cgroup_running.stdout == "" From 07eca0143ca4332269b39534be4c6b7694737f70 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Fri, 22 May 2020 11:28:14 -0700 Subject: [PATCH 03/10] Add timezone setting support. --- inventory/group_vars/all.yml | 7 ++++++- roles/prereq/handlers/main.yml | 4 ++++ roles/prereq/tasks/main.yml | 6 ++++++ 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 roles/prereq/handlers/main.yml diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 196170e..44fa0df 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,6 +1,11 @@ --- k3s_version: v1.17.5+k3s1 -ansible_user: debian +ansible_user: pi systemd_dir: /etc/systemd/system master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}" extra_server_args: "" + +# Uncomment (and modify if necessary) the following to set the time zone set for +# all members of the cluster. +timezone: US/Pacific + diff --git a/roles/prereq/handlers/main.yml b/roles/prereq/handlers/main.yml new file mode 100644 index 0000000..1d8b8f0 --- /dev/null +++ b/roles/prereq/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart cron + service: + name: cron + state: restarted diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 7f80afc..33510b8 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -50,3 +50,9 @@ path: /etc/sudoers validate: 'visudo -cf %s' when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux'] + +- name: "set timezone to {{ timezone }}" + timezone: + name: "{{ timezone }}" + notify: restart cron + when: timezone is defined From 331c1180492951eda51aa193a935e4b6335119c9 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Fri, 22 May 2020 11:36:19 -0700 Subject: [PATCH 04/10] Lint cleanup timezone setting support. --- inventory/group_vars/all.yml | 6 +++++- roles/prereq/handlers/main.yml | 5 +++++ roles/prereq/tasks/main.yml | 6 ++++++ 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 roles/prereq/handlers/main.yml diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 196170e..d77779d 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,6 +1,10 @@ --- k3s_version: v1.17.5+k3s1 -ansible_user: debian +ansible_user: pi systemd_dir: /etc/systemd/system master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}" extra_server_args: "" + +# Uncomment (and modify if necessary) the following to set the time zone set for +# all members of the cluster. +timezone: US/Pacific diff --git a/roles/prereq/handlers/main.yml b/roles/prereq/handlers/main.yml new file mode 100644 index 0000000..6cd8da2 --- /dev/null +++ b/roles/prereq/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart cron + service: + name: cron + state: restarted diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 7f80afc..33510b8 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -50,3 +50,9 @@ path: /etc/sudoers validate: 'visudo -cf %s' when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux'] + +- name: "set timezone to {{ timezone }}" + timezone: + name: "{{ timezone }}" + notify: restart cron + when: timezone is defined From 58d847a78e9c89a222a005abcac023efea978f85 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Fri, 22 May 2020 11:40:26 -0700 Subject: [PATCH 05/10] More yamllint cleanup --- roles/ubuntu/tasks/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index 4d1992c..62f065c 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -1,5 +1,4 @@ --- - - name: Check if cgroups enabled shell: cat /boot/firmware/cmdline.txt | grep cgroup register: cgroup_enabled @@ -32,4 +31,3 @@ when: - ansible_distribution == 'Ubuntu' - cgroup_running.stdout == "" - From 9422f65b5b1e607b90ed65f8fc25d77395f50d50 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Sat, 23 May 2020 09:31:40 -0700 Subject: [PATCH 06/10] Make cgroup enabling idempotent and fix ansible lint checks. --- roles/ubuntu/tasks/main.yml | 24 ++++++------------------ 1 file changed, 6 insertions(+), 18 deletions(-) diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index 62f065c..c4913bb 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -1,33 +1,21 @@ --- -- name: Check if cgroups enabled - shell: cat /boot/firmware/cmdline.txt | grep cgroup - register: cgroup_enabled - when: ansible_distribution == 'Ubuntu' - # grep will exit with 1 when no results found. - # ignore_errors causes the task not to halt play. - ignore_errors: true - - name: Enable cgroup via boot commandline if not already enabled lineinfile: path: /boot/firmware/cmdline.txt backrefs: yes - regexp: "(.*)$" + regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' when: - ansible_distribution == 'Ubuntu' - - cgroup_enabled.stdout == "" -- name: Check if cgroups already running - shell: cat /proc/cmdline | grep cgroup - register: cgroup_running +- name: Read /proc/cmdline to check for cgroups already running + shell: cat /proc/cmdline + register: cmdline when: - ansible_distribution == 'Ubuntu' - # grep will exit with 1 when no results found. - # ignore_errors causes the task not to halt play. - ignore_errors: true + - ansible_distribution == 'Ubuntu' - name: Reboot to enable cgroups if not already running reboot: when: - ansible_distribution == 'Ubuntu' - - cgroup_running.stdout == "" + - '"cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory" not in cmdline.stdout' From 338d5eb654bb88db85f75b4618d2dd5f76c80d04 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Sat, 23 May 2020 15:40:59 -0700 Subject: [PATCH 07/10] Finally installed ansible-lint and fixed all lint errors. --- roles/ubuntu/tasks/main.yml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index c4913bb..c45ea24 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -9,13 +9,20 @@ - ansible_distribution == 'Ubuntu' - name: Read /proc/cmdline to check for cgroups already running - shell: cat /proc/cmdline - register: cmdline + slurp: + src: /proc/cmdline + register: slurped_cmdline when: - ansible_distribution == 'Ubuntu' -- name: Reboot to enable cgroups if not already running +- name: Decode slurped command line + set_fact: + cmdline: "{{ slurped_cmdline.content | b64decode }}" + when: + - ansible_distribution == 'Ubuntu' + +- name: Reboot to enable cgroups if not already enabled reboot: when: - ansible_distribution == 'Ubuntu' - - '"cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory" not in cmdline.stdout' + - '"cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory" not in cmdline' From 60756934811b78a69991030b200dde07d8fceba2 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Sun, 31 May 2020 10:16:09 -0700 Subject: [PATCH 08/10] Remove timezone changes to focus branch on just ubuntu --- inventory/group_vars/all.yml | 6 +----- roles/prereq/tasks/main.yml | 6 ------ 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index d77779d..196170e 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,10 +1,6 @@ --- k3s_version: v1.17.5+k3s1 -ansible_user: pi +ansible_user: debian systemd_dir: /etc/systemd/system master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}" extra_server_args: "" - -# Uncomment (and modify if necessary) the following to set the time zone set for -# all members of the cluster. -timezone: US/Pacific diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 33510b8..7f80afc 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -50,9 +50,3 @@ path: /etc/sudoers validate: 'visudo -cf %s' when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux'] - -- name: "set timezone to {{ timezone }}" - timezone: - name: "{{ timezone }}" - notify: restart cron - when: timezone is defined From a9affdf9e637036bd5eb5ccbc10672fceb68c743 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Sun, 31 May 2020 10:21:00 -0700 Subject: [PATCH 09/10] Remove file created for Timezone feature addition --- roles/prereq/handlers/main.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 roles/prereq/handlers/main.yml diff --git a/roles/prereq/handlers/main.yml b/roles/prereq/handlers/main.yml deleted file mode 100644 index 6cd8da2..0000000 --- a/roles/prereq/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: restart cron - service: - name: cron - state: restarted From 952768e26e67cdbadbabb7457bc90a3c04f3e169 Mon Sep 17 00:00:00 2001 From: David Putzolu Date: Sun, 31 May 2020 10:24:12 -0700 Subject: [PATCH 10/10] Simplify Ubuntu to reboot no matter what --- roles/ubuntu/tasks/main.yml | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index c45ea24..233e259 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -8,21 +8,7 @@ when: - ansible_distribution == 'Ubuntu' -- name: Read /proc/cmdline to check for cgroups already running - slurp: - src: /proc/cmdline - register: slurped_cmdline - when: - - ansible_distribution == 'Ubuntu' - -- name: Decode slurped command line - set_fact: - cmdline: "{{ slurped_cmdline.content | b64decode }}" - when: - - ansible_distribution == 'Ubuntu' - -- name: Reboot to enable cgroups if not already enabled +- name: Reboot to enable cgroups reboot: when: - ansible_distribution == 'Ubuntu' - - '"cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory" not in cmdline'