From 42afa26f891b9f6a1aa28c9fe16e21bc828bc410 Mon Sep 17 00:00:00 2001 From: Moritz Graf Date: Sun, 9 Oct 2022 13:31:36 +0200 Subject: [PATCH] Updating to k8s 1.21 --- bootstrap/init.sh | 3 +- .../inventory/prod/group_vars/all/all.yml | 3 +- .../inventory/prod/group_vars/all/aws.yml | 8 --- .../inventory/prod/group_vars/all/azure.yml | 37 ------------ .../prod/group_vars/all/containerd.yml | 19 ------ .../inventory/prod/group_vars/all/coreos.yml | 2 - .../inventory/prod/group_vars/all/docker.yml | 58 ------------------- .../inventory/prod/group_vars/all/gcp.yml | 10 ---- .../inventory/prod/group_vars/all/oci.yml | 28 --------- .../prod/group_vars/all/openstack.yml | 51 ---------------- .../inventory/prod/group_vars/all/vsphere.yml | 20 ------- .../group_vars/k8s-cluster/k8s-cluster.yml | 9 ++- 12 files changed, 9 insertions(+), 239 deletions(-) delete mode 100644 bootstrap/inventory/prod/group_vars/all/aws.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/azure.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/containerd.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/coreos.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/docker.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/gcp.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/oci.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/openstack.yml delete mode 100644 bootstrap/inventory/prod/group_vars/all/vsphere.yml diff --git a/bootstrap/init.sh b/bootstrap/init.sh index 3c4d901..f278eb4 100755 --- a/bootstrap/init.sh +++ b/bootstrap/init.sh @@ -6,7 +6,7 @@ echo "######################################################################################" echo "## Reinit repository" rm -rf kubespray -VERSION=${1:-release-2.17} +VERSION=${1:-release-2.19} git clone --branch $VERSION https://github.com/kubernetes-sigs/kubespray.git echo "######################################################################################" @@ -47,7 +47,6 @@ rsync -a ./inventory/ ./kubespray/inventory/ echo "## * changing into kubespray dir" cd kubespray echo "## * execute the following command to force new settings" -echo "ansible-playbook -i inventory/prod/inventory.ini mitogen.yml &&" echo "ansible-playbook -i inventory/prod/inventory.ini -e upgrade_cluster_setup=true cluster.yml" # cp -r kubespray/inventory/sample kubespray/inventory/prod diff --git a/bootstrap/inventory/prod/group_vars/all/all.yml b/bootstrap/inventory/prod/group_vars/all/all.yml index 97c8ff6..aa67d5d 100644 --- a/bootstrap/inventory/prod/group_vars/all/all.yml +++ b/bootstrap/inventory/prod/group_vars/all/all.yml @@ -7,7 +7,8 @@ kubelet_preferred_address_types: 'Hostname,ExternalDNS,ExternalIP,InternalDNS,In etcd_data_dir: /var/lib/etcd ## Experimental kubeadm etcd deployment mode. Available only for new deployment -etcd_kubeadm_enabled: false +#etcd_kubeadm_enabled: false +etcd_deployment_type: docker ## Directory where the binaries will be installed bin_dir: /usr/local/bin diff --git a/bootstrap/inventory/prod/group_vars/all/aws.yml b/bootstrap/inventory/prod/group_vars/all/aws.yml deleted file mode 100644 index ffaac35..0000000 --- a/bootstrap/inventory/prod/group_vars/all/aws.yml +++ /dev/null @@ -1,8 +0,0 @@ -## To use AWS EBS CSI Driver to provision volumes, uncomment the first value -## and configure the parameters below -# aws_ebs_csi_enabled: true -# aws_ebs_csi_enable_volume_scheduling: true -# aws_ebs_csi_enable_volume_snapshot: false -# aws_ebs_csi_enable_volume_resizing: false -# aws_ebs_csi_controller_replicas: 1 -# aws_ebs_csi_plugin_image_tag: latest diff --git a/bootstrap/inventory/prod/group_vars/all/azure.yml b/bootstrap/inventory/prod/group_vars/all/azure.yml deleted file mode 100644 index b9daeb9..0000000 --- a/bootstrap/inventory/prod/group_vars/all/azure.yml +++ /dev/null @@ -1,37 +0,0 @@ -## When azure is used, you need to also set the following variables. -## see docs/azure.md for details on how to get these values - -# azure_cloud: -# azure_tenant_id: -# azure_subscription_id: -# azure_aad_client_id: -# azure_aad_client_secret: -# azure_resource_group: -# azure_location: -# azure_subnet_name: -# azure_security_group_name: -# azure_vnet_name: -# azure_vnet_resource_group: -# azure_route_table_name: -# supported values are 'standard' or 'vmss' -# azure_vmtype: standard - -## Azure Disk CSI credentials and parameters -## see docs/azure-csi.md for details on how to get these values - -# azure_csi_tenant_id: -# azure_csi_subscription_id: -# azure_csi_aad_client_id: -# azure_csi_aad_client_secret: -# azure_csi_location: -# azure_csi_resource_group: -# azure_csi_vnet_name: -# azure_csi_vnet_resource_group: -# azure_csi_subnet_name: -# azure_csi_security_group_name: -# azure_csi_use_instance_metadata: - -## To enable Azure Disk CSI, uncomment below -# azure_csi_enabled: true -# azure_csi_controller_replicas: 1 -# azure_csi_plugin_image_tag: latest diff --git a/bootstrap/inventory/prod/group_vars/all/containerd.yml b/bootstrap/inventory/prod/group_vars/all/containerd.yml deleted file mode 100644 index 0f1e977..0000000 --- a/bootstrap/inventory/prod/group_vars/all/containerd.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Please see roles/container-engine/containerd/defaults/main.yml for more configuration options - -# Example: define registry mirror for docker hub - -# containerd_config: -# grpc: -# max_recv_message_size: 16777216 -# max_send_message_size: 16777216 -# debug: -# level: "" -# registries: -# "docker.io": -# - "https://mirror.gcr.io" -# - "https://registry-1.docker.io" -# max_container_log_line_size: -1 -# metrics: -# address: "" -# grpc_histogram: false diff --git a/bootstrap/inventory/prod/group_vars/all/coreos.yml b/bootstrap/inventory/prod/group_vars/all/coreos.yml deleted file mode 100644 index 22c2166..0000000 --- a/bootstrap/inventory/prod/group_vars/all/coreos.yml +++ /dev/null @@ -1,2 +0,0 @@ -## Does coreos need auto upgrade, default is true -# coreos_auto_upgrade: true diff --git a/bootstrap/inventory/prod/group_vars/all/docker.yml b/bootstrap/inventory/prod/group_vars/all/docker.yml deleted file mode 100644 index 0cad8df..0000000 --- a/bootstrap/inventory/prod/group_vars/all/docker.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -## Uncomment this if you want to force overlay/overlay2 as docker storage driver -## Please note that overlay2 is only supported on newer kernels -# docker_storage_options: -s overlay2 - -## Enable docker_container_storage_setup, it will configure devicemapper driver on Centos7 or RedHat7. -docker_container_storage_setup: false - -## It must be define a disk path for docker_container_storage_setup_devs. -## Otherwise docker-storage-setup will be executed incorrectly. -# docker_container_storage_setup_devs: /dev/vdb - -## Uncomment this if you want to change the Docker Cgroup driver (native.cgroupdriver) -## Valid options are systemd or cgroupfs, default is systemd -# docker_cgroup_driver: systemd - -## Uncomment this if you have more than 3 nameservers, then we'll only use the first 3. -docker_dns_servers_strict: false - -# Path used to store Docker data -docker_daemon_graph: "/var/lib/docker" - -## Used to set docker daemon iptables options to true -docker_iptables_enabled: "false" - -# Docker log options -# Rotate container stderr/stdout logs at 50m and keep last 5 -docker_log_opts: "--log-opt max-size=50m --log-opt max-file=5" - -# define docker bin_dir -docker_bin_dir: "/usr/bin" - -# keep docker packages after installation; speeds up repeated ansible provisioning runs when '1' -# kubespray deletes the docker package on each run, so caching the package makes sense -docker_rpm_keepcache: 0 - -## An obvious use case is allowing insecure-registry access to self hosted registries. -## Can be ipaddress and domain_name. -## example define 172.19.16.11 or mirror.registry.io -# docker_insecure_registries: -# - mirror.registry.io -# - 172.19.16.11 - -## Add other registry,example China registry mirror. -# docker_registry_mirrors: -# - https://registry.docker-cn.com -# - https://mirror.aliyuncs.com - -## If non-empty will override default system MountFlags value. -## This option takes a mount propagation flag: shared, slave -## or private, which control whether mounts in the file system -## namespace set up for docker will receive or propagate mounts -## and unmounts. Leave empty for system default -# docker_mount_flags: - -## A string of extra options to pass to the docker daemon. -## This string should be exactly as you wish it to appear. -# docker_options: "" diff --git a/bootstrap/inventory/prod/group_vars/all/gcp.yml b/bootstrap/inventory/prod/group_vars/all/gcp.yml deleted file mode 100644 index 49eb5c0..0000000 --- a/bootstrap/inventory/prod/group_vars/all/gcp.yml +++ /dev/null @@ -1,10 +0,0 @@ -## GCP compute Persistent Disk CSI Driver credentials and parameters -## See docs/gcp-pd-csi.md for information about the implementation - -## Specify the path to the file containing the service account credentials -# gcp_pd_csi_sa_cred_file: "/my/safe/credentials/directory/cloud-sa.json" - -## To enable GCP Persistent Disk CSI driver, uncomment below -# gcp_pd_csi_enabled: true -# gcp_pd_csi_controller_replicas: 1 -# gcp_pd_csi_driver_image_tag: "v0.7.0-gke.0" diff --git a/bootstrap/inventory/prod/group_vars/all/oci.yml b/bootstrap/inventory/prod/group_vars/all/oci.yml deleted file mode 100644 index 541d0e6..0000000 --- a/bootstrap/inventory/prod/group_vars/all/oci.yml +++ /dev/null @@ -1,28 +0,0 @@ -## When Oracle Cloud Infrastructure is used, set these variables -# oci_private_key: -# oci_region_id: -# oci_tenancy_id: -# oci_user_id: -# oci_user_fingerprint: -# oci_compartment_id: -# oci_vnc_id: -# oci_subnet1_id: -# oci_subnet2_id: -## Override these default/optional behaviors if you wish -# oci_security_list_management: All -## If you would like the controller to manage specific lists per subnet. This is a mapping of subnet ocids to security list ocids. Below are examples. -# oci_security_lists: -# ocid1.subnet.oc1.phx.aaaaaaaasa53hlkzk6nzksqfccegk2qnkxmphkblst3riclzs4rhwg7rg57q: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q -# ocid1.subnet.oc1.phx.aaaaaaaahuxrgvs65iwdz7ekwgg3l5gyah7ww5klkwjcso74u3e4i64hvtvq: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q -## If oci_use_instance_principals is true, you do not need to set the region, tenancy, user, key, passphrase, or fingerprint -# oci_use_instance_principals: false -# oci_cloud_controller_version: 0.6.0 -## If you would like to control OCI query rate limits for the controller -# oci_rate_limit: -# rate_limit_qps_read: -# rate_limit_qps_write: -# rate_limit_bucket_read: -# rate_limit_bucket_write: -## Other optional variables -# oci_cloud_controller_pull_source: (default iad.ocir.io/oracle/cloud-provider-oci) -# oci_cloud_controller_pull_secret: (name of pull secret to use if you define your own mirror above) diff --git a/bootstrap/inventory/prod/group_vars/all/openstack.yml b/bootstrap/inventory/prod/group_vars/all/openstack.yml deleted file mode 100644 index a7f8627..0000000 --- a/bootstrap/inventory/prod/group_vars/all/openstack.yml +++ /dev/null @@ -1,51 +0,0 @@ -## When OpenStack is used, Cinder version can be explicitly specified if autodetection fails (Fixed in 1.9: https://github.com/kubernetes/kubernetes/issues/50461) -# openstack_blockstorage_version: "v1/v2/auto (default)" -# openstack_blockstorage_ignore_volume_az: yes -## When OpenStack is used, if LBaaSv2 is available you can enable it with the following 2 variables. -# openstack_lbaas_enabled: True -# openstack_lbaas_subnet_id: "Neutron subnet ID (not network ID) to create LBaaS VIP" -## To enable automatic floating ip provisioning, specify a subnet. -# openstack_lbaas_floating_network_id: "Neutron network ID (not subnet ID) to get floating IP from, disabled by default" -## Override default LBaaS behavior -# openstack_lbaas_use_octavia: False -# openstack_lbaas_method: "ROUND_ROBIN" -# openstack_lbaas_provider: "haproxy" -# openstack_lbaas_create_monitor: "yes" -# openstack_lbaas_monitor_delay: "1m" -# openstack_lbaas_monitor_timeout: "30s" -# openstack_lbaas_monitor_max_retries: "3" - -## Values for the external OpenStack Cloud Controller -# external_openstack_lbaas_network_id: "Neutron network ID to create LBaaS VIP" -# external_openstack_lbaas_subnet_id: "Neutron subnet ID to create LBaaS VIP" -# external_openstack_lbaas_floating_network_id: "Neutron network ID to get floating IP from" -# external_openstack_lbaas_floating_subnet_id: "Neutron subnet ID to get floating IP from" -# external_openstack_lbaas_use_octavia: true -# external_openstack_lbaas_method: "ROUND_ROBIN" -# external_openstack_lbaas_create_monitor: false -# external_openstack_lbaas_monitor_delay: "1m" -# external_openstack_lbaas_monitor_timeout: "30s" -# external_openstack_lbaas_monitor_max_retries: "3" -# external_openstack_lbaas_manage_security_groups: false -# external_openstack_lbaas_internal_lb: false -# external_openstack_network_ipv6_disabled: false -# external_openstack_network_internal_networks: -# - "" -# external_openstack_network_public_networks: -# - "" -# external_openstack_metadata_search_order: "configDrive,metadataService" - -## Application credentials to authenticate against Keystone API -## Those settings will take precedence over username and password that might be set your environment -## All of them are required -# external_openstack_application_credential_name: -# external_openstack_application_credential_id: -# external_openstack_application_credential_secret: - -## The tag of the external OpenStack Cloud Controller image -# external_openstack_cloud_controller_image_tag: "latest" - -## To use Cinder CSI plugin to provision volumes set this value to true -## Make sure to source in the openstack credentials -# cinder_csi_enabled: true -# cinder_csi_controller_replicas: 1 diff --git a/bootstrap/inventory/prod/group_vars/all/vsphere.yml b/bootstrap/inventory/prod/group_vars/all/vsphere.yml deleted file mode 100644 index 4ceae9f..0000000 --- a/bootstrap/inventory/prod/group_vars/all/vsphere.yml +++ /dev/null @@ -1,20 +0,0 @@ -## Values for the external vSphere Cloud Provider -# external_vsphere_vcenter_ip: "myvcenter.domain.com" -# external_vsphere_vcenter_port: "443" -# external_vsphere_insecure: "true" -# external_vsphere_user: "administrator@vsphere.local" -# external_vsphere_password: "K8s_admin" -# external_vsphere_datacenter: "DATACENTER_name" -# external_vsphere_kubernetes_cluster_id: "kubernetes-cluster-id" - -## Tags for the external vSphere Cloud Provider images -# external_vsphere_cloud_controller_image_tag: "latest" -# vsphere_syncer_image_tag: "v1.0.2" -# vsphere_csi_attacher_image_tag: "v1.1.1" -# vsphere_csi_controller: "v1.0.2" -# vsphere_csi_liveness_probe_image_tag: "v1.1.0" -# vsphere_csi_provisioner_image_tag: "v1.2.2" - -## To use vSphere CSI plugin to provision volumes set this value to true -# vsphere_csi_enabled: true -# vsphere_csi_controller_replicas: 1 diff --git a/bootstrap/inventory/prod/group_vars/k8s-cluster/k8s-cluster.yml b/bootstrap/inventory/prod/group_vars/k8s-cluster/k8s-cluster.yml index c743416..f07b636 100644 --- a/bootstrap/inventory/prod/group_vars/k8s-cluster/k8s-cluster.yml +++ b/bootstrap/inventory/prod/group_vars/k8s-cluster/k8s-cluster.yml @@ -27,7 +27,7 @@ kube_users_dir: "{{ kube_config_dir }}/users" kube_api_anonymous_auth: true ## Change this to use another Kubernetes version, e.g. a current beta release -kube_version: v1.20.7 +kube_version: v1.21.13 # kubernetes image repo define kube_image_repo: "k8s.gcr.io" @@ -295,8 +295,11 @@ nvidia_accelerator_enabled: true ## Important: if you use Ubuntu then you should set in all.yml 'docker_storage_options: -s overlay2' ## Array with nvida_gpu_nodes, leave empty or comment if you don't want to install drivers. ## Labels and taints won't be set to nodes if they are not in the array. -nvidia_gpu_nodes: -- jetson1.dyndns.moritzgraf.de + +#moritz +#nvidia_gpu_nodes: +#- jetson1.dyndns.moritzgraf.de + # nvidia_driver_version: "384.111" ## flavor can be tesla or gtx # nvidia_gpu_flavor: gtx