Dustin C. Hatch
0f600b9e6e
So far, I have been managing Kubernetes worker nodes with Fedora CoreOS Ignition, but I have decided to move everything back to Fedora and Ansible. I like the idea of an immutable operating system, but the FCOS implementation is not really what I want. I like the automated updates, but that can be accomplished with _dnf-automatic_. I do _not_ like giving up control of when to upgrade to the next Fedora release. Mostly, I never did come up with a good way to manage application-level configuration on FCOS machines. None of my experiments (Cue+tmpl, KCL+etcd+Luci) were successful, which mostly resulted in my manually managing configuration on nodes individually. Managing OS-level configuration is also rather cumbersome, since it requires redeploying the machine entirely. Altogether, I just don't think FCOS fits with my model of managing systems. This commit introduces a new playbook, `kubernetes.yml`, and a handful of new roles to manage Kubernetes worker nodes running Fedora Linux. It also adds two new deploy scripts, `k8s-worker.sh` and `k8s-longhorn.sh`, which fully automate the process of bringing up worker nodes.
48 lines
815 B
YAML
48 lines
815 B
YAML
- name: ensure cri-o is installed
|
|
package:
|
|
name:
|
|
- container-selinux
|
|
- cri-o
|
|
- crun
|
|
state: present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure crio configuration drop-in directory exists
|
|
file:
|
|
path: /etc/crio/crio.conf.d
|
|
owner: root
|
|
group: root
|
|
mode: u=rwx,go=rx
|
|
state: directory
|
|
tags:
|
|
- config
|
|
|
|
- name: ensure cri-o is configured to use crun
|
|
copy:
|
|
src: crun.conf
|
|
dest: /etc/crio/crio.conf.d/10-crio-crun.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- restart crio
|
|
tags:
|
|
- config
|
|
|
|
- name: flush handlers
|
|
meta: flush_handlers
|
|
|
|
- name: ensure cri-o service is enabled
|
|
service:
|
|
name: crio
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
- name: ensure cri-o service is running
|
|
service:
|
|
name: crio
|
|
state: started
|
|
tags:
|
|
- service
|