kubernetes: Manage worker nodes
So far, I have been managing Kubernetes worker nodes with Fedora CoreOS Ignition, but I have decided to move everything back to Fedora and Ansible. I like the idea of an immutable operating system, but the FCOS implementation is not really what I want. I like the automated updates, but that can be accomplished with _dnf-automatic_. I do _not_ like giving up control of when to upgrade to the next Fedora release. Mostly, I never did come up with a good way to manage application-level configuration on FCOS machines. None of my experiments (Cue+tmpl, KCL+etcd+Luci) were successful, which mostly resulted in my manually managing configuration on nodes individually. Managing OS-level configuration is also rather cumbersome, since it requires redeploying the machine entirely. Altogether, I just don't think FCOS fits with my model of managing systems. This commit introduces a new playbook, `kubernetes.yml`, and a handful of new roles to manage Kubernetes worker nodes running Fedora Linux. It also adds two new deploy scripts, `k8s-worker.sh` and `k8s-longhorn.sh`, which fully automate the process of bringing up worker nodes.
This commit is contained in:
47
roles/cri-o/tasks/main.yml
Normal file
47
roles/cri-o/tasks/main.yml
Normal file
@@ -0,0 +1,47 @@
|
||||
- name: ensure cri-o is installed
|
||||
package:
|
||||
name:
|
||||
- container-selinux
|
||||
- cri-o
|
||||
- crun
|
||||
state: present
|
||||
tags:
|
||||
- install
|
||||
|
||||
- name: ensure crio configuration drop-in directory exists
|
||||
file:
|
||||
path: /etc/crio/crio.conf.d
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rwx,go=rx
|
||||
state: directory
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: ensure cri-o is configured to use crun
|
||||
copy:
|
||||
src: crun.conf
|
||||
dest: /etc/crio/crio.conf.d/10-crio-crun.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,go=r
|
||||
notify:
|
||||
- restart crio
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: flush handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- name: ensure cri-o service is enabled
|
||||
service:
|
||||
name: crio
|
||||
enabled: true
|
||||
tags:
|
||||
- service
|
||||
- name: ensure cri-o service is running
|
||||
service:
|
||||
name: crio
|
||||
state: started
|
||||
tags:
|
||||
- service
|
||||
Reference in New Issue
Block a user