-##
-## Copyright (c) 2020 Intel Corporation.
-##
-## Licensed under the Apache License, Version 2.0 (the "License");
-## you may not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS,
-## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-##
----
-- name: install epel-release on Red Hat based OS
- package: name=epel-release
- when: ansible_os_family == 'RedHat'
-
-# note: on Ubuntu, pip is installed via install_dependencies
-- name: install pip
- package:
- name: python-pip
- when:
- - ansible_distribution in ["RedHat", "CentOS"]
- - ansible_distribution_version < '8'
-
-- name: install pip
- package:
- name: python3-pip
- when:
- - ansible_distribution in ["RedHat", "CentOS"]
- - ansible_distribution_version >= '8'
+# SPDX-FileCopyrightText: 2021 Intel Corporation.
+#
+# SPDX-License-Identifier: Apache-2.0
+---
- name: install dependencies
include_role:
name: install_dependencies
-- name: install Python dependencies
- pip:
- name:
- - setuptools
- - docker
-
- name: clone CMK repository
git:
repo: "{{ cmk_git_url }}"
- name: build CMK image
make:
chdir: "{{ cmk_dir }}"
+ when: container_runtime == "docker"
# NOTE(przemeklal): this fixes problem in CMK with ImagePullPolicy hardcoded to Never and the pod is scheduled on controller node
- name: tag CMK image
command: docker tag cmk:{{ cmk_img_version }} {{ registry_local_address }}/cmk:{{ cmk_img_version }}
changed_when: true
+ when: container_runtime == "docker"
- name: push CMK image to local registry
command: docker push {{ registry_local_address }}/cmk:{{ cmk_img_version }}
+ changed_when: true
when:
+ - container_runtime == "docker"
- inventory_hostname == groups['kube-node'][0]
+
+- name: build and tag CMK image
+ command: podman build -f Dockerfile -t {{ registry_local_address }}/cmk:{{ cmk_img_version }}
+ args:
+ chdir: "{{ cmk_dir }}"
changed_when: true
+ when: '"docker" not in container_runtime'
+
+- name: push CMK image to local registry
+ command: podman push {{ registry_local_address }}/cmk:{{ cmk_img_version }}
+ changed_when: true
+ when:
+ - inventory_hostname == groups['kube-node'][0]
+ - '"docker" not in container_runtime'
-- name: clean up any preexisting certs/key/CSR files
+- name: clean up any pre-existing certs/key/CSR files
file: path=/etc/ssl/cmk state=absent
when: inventory_hostname == groups['kube-master'][0]
failed_when: false
become: yes
-- name: delete any preexisting certs/key/CSR from Kubernetes
+- name: delete any pre-existing certs/key/CSR from Kubernetes
command: kubectl delete csr cmk-webhook-{{ item }}.{{ cmk_namespace }}
when: inventory_hostname == groups['kube-master'][0]
failed_when: false
when:
- inventory_hostname == groups['kube-master'][0]
-- name: get approved server certificate
+- name: get approved server certificate
shell: kubectl get csr cmk-webhook-server.{{ cmk_namespace }} -o jsonpath='{.status.certificate}'
args:
chdir: "/etc/ssl/cmk/"
- name: restart kube-apiserver after updating admission control configuration
when: inventory_hostname == groups['kube-master'][0]
block:
- - name: remove kube-apiserver Docker container
- shell: docker ps -af name=k8s_kube-apiserver* -q | xargs --no-run-if-empty docker rm -f
+ - name: remove kube-apiserver container
+ # noqa 305 - shell is used intentionally here
+ shell: >-
+ {{ (container_runtime == 'docker') | ternary('docker ps -af name=k8s_kube-apiserver* -q |
+ xargs --no-run-if-empty docker rm -f',
+ 'crictl ps -a --name=kube-apiserver* -q |
+ xargs --no-run-if-empty crictl rm -f') }}
args:
executable: /bin/bash
register: remove_apiserver_container
when:
- inventory_hostname == groups['kube-master'][0]
-# remove any preexisting configmaps before cmk redeployment
-- name: remove any preexisting configmaps before CMK deployment
+# remove any pre-existing configmaps before cmk redeployment
+- name: remove any pre-existing configmaps before CMK deployment
command: kubectl delete cm cmk-config-{{ inventory_hostname }}
when:
- - inventory_hostname in cmk_hosts_list.split(',')
+ - inventory_hostname in (cmk_hosts_list.split(',') if (cmk_hosts_list is defined and cmk_hosts_list | length > 0) else [])
delegate_to: "{{ groups['kube-master']|first }}"
failed_when: false