From 249c08a3a7b3a2117cca1b1b09cbae015a844021 Mon Sep 17 00:00:00 2001 From: Peter Mikus Date: Thu, 4 Oct 2018 11:49:50 +0000 Subject: Update Ansible scripts - Allow Kubernetes to use specific version (allow-downgrade) - Introduce ansible-vault for sudo password management - Add Kubernetes fixes for 1.11.x+ Change-Id: Ieb77e773ea28f5c551ef0702027f699c1b758aa2 Signed-off-by: Peter Mikus --- resources/tools/testbed-setup/README.md | 2 +- .../testbed-setup/ansible/group_vars/all.yaml | 1 + .../ansible/roles/tg_sut/tasks/ubuntu_x86_64.yaml | 10 ++++++++ resources/tools/testbed-setup/ansible/vault.yml | 27 ++++++++++++++++++++++ resources/tools/testbed-setup/ansible/vault_pass | 1 + 5 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 resources/tools/testbed-setup/ansible/vault.yml create mode 100644 resources/tools/testbed-setup/ansible/vault_pass (limited to 'resources/tools/testbed-setup') diff --git a/resources/tools/testbed-setup/README.md b/resources/tools/testbed-setup/README.md index 4b785468a5..ad9b400126 100644 --- a/resources/tools/testbed-setup/README.md +++ b/resources/tools/testbed-setup/README.md @@ -104,7 +104,7 @@ When installation is finished: - Clone CSIT actual repo: `git clone https://gerrit.fd.io/r/csit` - Go to ansible directory: `cd csit/resources/tools/testbed-setup/ansible` - Edit production file and uncomment servers that are supposed to be installed: `ansible-playbook --ask-become-pass --inventory production site.yaml --list-hosts` - - Run ansible on selected hosts: `ansible-playbook --ask-become-pass --inventory production site.yaml` + - Run ansible on selected hosts: `ansible-playbook --vault-id vault_pass --extra-vars '@vault.yml' --inventory production site.yaml` For non-VIRL hosts, stop here. diff --git a/resources/tools/testbed-setup/ansible/group_vars/all.yaml b/resources/tools/testbed-setup/ansible/group_vars/all.yaml index 443f789a11..c646e06d24 100644 --- a/resources/tools/testbed-setup/ansible/group_vars/all.yaml +++ b/resources/tools/testbed-setup/ansible/group_vars/all.yaml @@ -2,3 +2,4 @@ # file: group_vars/all.yaml ansible_python_interpreter: "/usr/bin/python2.7" +ansible_become_pass: '{{ inventory_sudo_pass }}' diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_x86_64.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_x86_64.yaml index b416f9f7de..76af5be7fd 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_x86_64.yaml +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_x86_64.yaml @@ -157,6 +157,7 @@ apt: name: "kubeadm={{ kubernetes_apt_package_name }}" state: "present" + force: yes update_cache: True install_recommends: False cache_valid_time: "{{ apt_cache_time }}" @@ -166,6 +167,7 @@ apt: name: "kubectl={{ kubernetes_apt_package_name }}" state: "present" + force: yes update_cache: True install_recommends: False cache_valid_time: "{{ apt_cache_time }}" @@ -175,8 +177,16 @@ apt: name: "kubelet={{ kubernetes_apt_package_name }}" state: "present" + force: yes update_cache: True install_recommends: False cache_valid_time: "{{ apt_cache_time }}" tags: install-kubernetes +- name: Apply kubelet parameter + lineinfile: + path: '/etc/default/kubelet' + state: 'present' + regexp: '^KUBELET_EXTRA_ARGS=*' + line: 'KUBELET_EXTRA_ARGS=--feature-gates HugePages=false' + tags: install-kubernetes diff --git a/resources/tools/testbed-setup/ansible/vault.yml b/resources/tools/testbed-setup/ansible/vault.yml new file mode 100644 index 0000000000..ff526ce723 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/vault.yml @@ -0,0 +1,27 @@ +$ANSIBLE_VAULT;1.1;AES256 +65353063336230383530643630643332633166623761643736666630353562363230313637653637 +3666613437643132336162653561356638623062333464390a643331386264333966333766643034 +66373733346133376665666439356533303635343663343034643662336634333033306338386263 +3032313839356363350a303264646333306236336631643637323939633737393637633462336365 +38396231353237303033343962626332616562643434663963373739326337656130313139623766 +65666664353264613633313431643336396563326266623766386336646332343232303264623131 +66633930386138353839396361393032333362636662383332383864663262333366343636376535 +31336437333065333134396162326133363334396639386264663234386465323833316234336463 +36666534326434383737306663353561336335383631643362633261656363616161336562333766 +61656636643062646533396639383666363136393836373463653337373034326166626332346439 +34373165326638386235313932613435616163346234363436336363346362666662336465623935 +65373238393034313563363334303830313738333366323962643535616239656564636332383165 +32353733323638373865393136343339356162653639303965386664626261303364353963633764 +39333830366432666137353334643362613038656230353563333834363738316564316238623938 +37336237313438663162333163666332636534666437376634386231363839653766396636636239 +66356636666165333633633432383933303435663836383863306535386564343234323532623366 +64346263666563356538653031366635643136396633363136616131386630366239613538313131 +31663636323465353930326432346333333666316331366237316364363461373836323535616538 +38616266616332666238396232353766306435616262633831636161643039323534303338633764 +62326561343634663638323366353239306561376462623866643264346664376562633730313537 +38303433353665616535666335663337353630333466353634633933643435646336666632613535 +63636136323966373935313462626337643339303565326130383461616636383237653966656233 +66326634303131373238306532336233306432653334613937386435623235386631386432336461 +33323161333361343032383937613231636630613565313431623937393131363661346536393762 +65323031393964346132656538306538333136353533346164383066313336333736623535303966 +6433646665643235346130353333393533616132356339363637 diff --git a/resources/tools/testbed-setup/ansible/vault_pass b/resources/tools/testbed-setup/ansible/vault_pass new file mode 100644 index 0000000000..e1d46efc1f --- /dev/null +++ b/resources/tools/testbed-setup/ansible/vault_pass @@ -0,0 +1 @@ +Csit1234 -- cgit 1.2.3-korg