diff --git a/CHANGELOG.md b/CHANGELOG.md index 88212af..6cdc96b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,20 @@ --- --> +## 2021-04-10, v2.8.2 + +### Notable changes + + - #105 - Added Ansible v2.9.16 support + - #102 - Pre-check for cgroup status + +### Known issues + + - As per README.md, you require `ansible` >= 2.9.16 + or `ansible-base` >= 2.10.4. See [#105(comment)](https://github.com/PyratLabs/ansible-role-k3s/issues/105#issuecomment-817182233) + +--- + ## 2021-03-22, v2.8.1 ### Notable changes diff --git a/README.md b/README.md index ee599e7..9e6dac4 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ and [CHANGELOG.md](CHANGELOG.md). The host you're running Ansible from requires the following Python dependencies: - - `ansbile >= 2.9.17` or `ansible-base >= 2.10.4` + - `ansbile >= 2.9.16` or `ansible-base >= 2.10.4` You can install dependencies using the requirements.txt file in this repository: `pip3 install -r requirements.txt`. diff --git a/molecule/highavailabilitydb/prepare.yml b/molecule/highavailabilitydb/prepare.yml index 5b318a5..dade9da 100644 --- a/molecule/highavailabilitydb/prepare.yml +++ b/molecule/highavailabilitydb/prepare.yml @@ -25,7 +25,8 @@ mode: 0644 - name: Ensure HAProxy service is started - command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid + ansible.builtin.command: + cmd: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid args: creates: /var/run/haproxy.pid diff --git a/molecule/highavailabilityetcd/prepare.yml b/molecule/highavailabilityetcd/prepare.yml index 5b318a5..dade9da 100644 --- a/molecule/highavailabilityetcd/prepare.yml +++ b/molecule/highavailabilityetcd/prepare.yml @@ -25,7 +25,8 @@ mode: 0644 - name: Ensure HAProxy service is started - command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid + ansible.builtin.command: + cmd: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid args: creates: /var/run/haproxy.pid diff --git a/requirements.txt b/requirements.txt index 4c1a328..03308f8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -ansible>2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3 +ansible>=2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3 diff --git a/tasks/build/docker/amazon/install.yml b/tasks/build/docker/amazon/install.yml index 37f5ef4..3197393 100644 --- a/tasks/build/docker/amazon/install.yml +++ b/tasks/build/docker/amazon/install.yml @@ -1,7 +1,8 @@ --- - name: Ensure docker is installed using amazon-linux-extras - ansible.builtin.command: amazon-linux-extras install docker + ansible.builtin.command: + cmd: amazon-linux-extras install docker args: creates: /etc/docker notify: diff --git a/tasks/build/docker/redhat/install-prerequisites.yml b/tasks/build/docker/redhat/install-prerequisites.yml index a266d0a..dd8611b 100644 --- a/tasks/build/docker/redhat/install-prerequisites.yml +++ b/tasks/build/docker/redhat/install-prerequisites.yml @@ -46,7 +46,8 @@ become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - name: Ensure Docker repository is installed and configured from file - ansible.builtin.command: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo + ansible.builtin.command: + cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo args: creates: /etc/yum.repos.d/docker-ce.repo when: diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/build/preconfigure-k3s.yml index 54b8568..40d36a1 100644 --- a/tasks/build/preconfigure-k3s.yml +++ b/tasks/build/preconfigure-k3s.yml @@ -82,7 +82,8 @@ - name: Delegate an initializing control plane node block: - name: Lookup control node from file - ansible.builtin.command: "grep '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt" + ansible.builtin.command: + cmd: "grep '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt" changed_when: false check_mode: false register: k3s_control_delegate_raw diff --git a/tasks/teardown/docker/amazon/uninstall.yml b/tasks/teardown/docker/amazon/uninstall.yml index 5f353f4..3e800fc 100644 --- a/tasks/teardown/docker/amazon/uninstall.yml +++ b/tasks/teardown/docker/amazon/uninstall.yml @@ -1,7 +1,8 @@ --- - name: Ensure docker is uninstalled using amazon-linux-extras - ansible.builtin.command: amazon-linux-extras uninstall docker + ansible.builtin.command: + cmd: amazon-linux-extras uninstall docker register: uninstall_docker_from_amazon_linux changed_when: uninstall_docker_from_amazon_linux.rc == 0 become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/drain-and-remove-nodes.yml b/tasks/teardown/drain-and-remove-nodes.yml index b99a843..1f05e3a 100644 --- a/tasks/teardown/drain-and-remove-nodes.yml +++ b/tasks/teardown/drain-and-remove-nodes.yml @@ -10,7 +10,8 @@ block: - name: Gather a list of nodes - ansible.builtin.command: "{{ k3s_install_dir }}/kubectl get nodes" + ansible.builtin.command: + cmd: "{{ k3s_install_dir }}/kubectl get nodes" changed_when: false failed_when: false delegate_to: "{{ k3s_control_delegate }}" @@ -19,11 +20,12 @@ become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" - name: Ensure uninstalled nodes are drained - ansible.builtin.command: >- - {{ k3s_install_dir }}/kubectl drain {{ item }} - --ignore-daemonsets - --delete-local-data - --force + ansible.builtin.command: + cmd: >- + {{ k3s_install_dir }}/kubectl drain {{ item }} + --ignore-daemonsets + --delete-local-data + --force delegate_to: "{{ k3s_control_delegate }}" run_once: true when: @@ -34,7 +36,8 @@ become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" - name: Ensure uninstalled nodes are removed - ansible.builtin.command: "{{ k3s_install_dir }}/kubectl delete node {{ item }}" + ansible.builtin.command: + cmd: "{{ k3s_install_dir }}/kubectl delete node {{ item }}" delegate_to: "{{ k3s_control_delegate }}" run_once: true when: diff --git a/tasks/teardown/uninstall-k3s.yml b/tasks/teardown/uninstall-k3s.yml index b4bdeb2..daca722 100644 --- a/tasks/teardown/uninstall-k3s.yml +++ b/tasks/teardown/uninstall-k3s.yml @@ -11,20 +11,23 @@ register: check_k3s_uninstall_script - name: Check to see if docker is present - ansible.builtin.command: which docker + ansible.builtin.command: + cmd: which docker failed_when: false changed_when: false register: check_k3s_docker_path - name: Run k3s-killall.sh - ansible.builtin.command: /usr/local/bin/k3s-killall.sh + ansible.builtin.command: + cmd: /usr/local/bin/k3s-killall.sh register: k3s_killall changed_when: k3s_killall.rc == 0 when: check_k3s_killall_script.stat.exists become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" - name: Run k3s-uninstall.sh - ansible.builtin.command: /usr/local/bin/k3s-uninstall.sh + ansible.builtin.command: + cmd: /usr/local/bin/k3s-uninstall.sh args: removes: /usr/local/bin/k3s-uninstall.sh register: k3s_uninstall @@ -46,7 +49,8 @@ become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" - name: Clean up Docker - ansible.builtin.command: docker system prune -a --force + ansible.builtin.command: + cmd: docker system prune -a --force when: - ("docker" in k3s_runtime_config and k3s_runtime_config.docker) - check_k3s_docker_path.rc == 0 diff --git a/tasks/validate/configuration/unsupported-rootless.yml b/tasks/validate/configuration/unsupported-rootless.yml index d947243..63b3298 100644 --- a/tasks/validate/configuration/unsupported-rootless.yml +++ b/tasks/validate/configuration/unsupported-rootless.yml @@ -1,7 +1,8 @@ --- - name: Check if newuidmap is available - ansible.builtin.command: which newuidmap + ansible.builtin.command: + cmd: which newuidmap failed_when: false changed_when: false register: k3s_check_newuidmap_installed diff --git a/tasks/validate/environment/local/issue-data.yml b/tasks/validate/environment/local/issue-data.yml index 2935334..fa214b1 100644 --- a/tasks/validate/environment/local/issue-data.yml +++ b/tasks/validate/environment/local/issue-data.yml @@ -4,7 +4,8 @@ ansible.builtin.setup: - name: Ensure Ansible version is captured - ansible.builtin.command: ansible --version + ansible.builtin.command: + cmd: ansible --version failed_when: false changed_when: false register: check_ansible_version @@ -13,7 +14,8 @@ become: false - name: Ensure Ansible config is captured - ansible.builtin.command: ansible-config dump --only-changed + ansible.builtin.command: + cmd: ansible-config dump --only-changed failed_when: false changed_when: false register: check_ansible_config @@ -22,7 +24,8 @@ become: false - name: Ensure a list of roles is captured - ansible.builtin.command: ansible-galaxy role list + ansible.builtin.command: + cmd: ansible-galaxy role list failed_when: false changed_when: false register: check_ansible_roles diff --git a/tasks/validate/environment/remote/cgroups.yml b/tasks/validate/environment/remote/cgroups.yml new file mode 100644 index 0000000..e91af95 --- /dev/null +++ b/tasks/validate/environment/remote/cgroups.yml @@ -0,0 +1,16 @@ +--- + +- name: Check if {{ cgroup.name }} cgroup is enabled + ansible.builtin.command: + cmd: 'grep -E "^{{ cgroup.name }}\s+.*\s+1$" /proc/cgroups' + failed_when: false + changed_when: false + register: k3s_check_cgroup_option + +- name: Fail if {{ cgroup.name }} cgroup is not enabled + ansible.builtin.assert: + that: + - k3s_check_cgroup_option.rc == 0 + fail_msg: | + {{ cgroup.name }} cgroup disabled. {{ cgroup.documentation }} + success_msg: "{{ cgroup.name }} cgroup enabled." diff --git a/tasks/validate/environment/remote/packages.yml b/tasks/validate/environment/remote/packages.yml index 2fb9b12..036bfc5 100644 --- a/tasks/validate/environment/remote/packages.yml +++ b/tasks/validate/environment/remote/packages.yml @@ -1,7 +1,8 @@ --- - name: Check that {{ package.name }} is installed - ansible.builtin.command: "which {{ package.name }}" + ansible.builtin.command: + cmd: "which {{ package.name }}" changed_when: false failed_when: false register: check_k3s_required_package diff --git a/tasks/validate/pre-flight.yml b/tasks/validate/pre-flight.yml index 2387ceb..cdad466 100644 --- a/tasks/validate/pre-flight.yml +++ b/tasks/validate/pre-flight.yml @@ -13,12 +13,20 @@ - not k3s_skip_validation - not k3s_skip_env_checks +- include_tasks: environment/remote/cgroups.yml + loop: "{{ k3s_cgroup_subsys }}" + loop_control: + loop_var: cgroup + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + - include_tasks: environment/remote/packages.yml loop: "{{ k3s_check_packages }}" loop_control: loop_var: package when: - - k3s_skip_validation + - not k3s_skip_validation - not k3s_skip_env_checks - include_tasks: environment/local/issue-data.yml diff --git a/tasks/validate/state/nodes.yml b/tasks/validate/state/nodes.yml index 6351d8e..6e4c16e 100644 --- a/tasks/validate/state/nodes.yml +++ b/tasks/validate/state/nodes.yml @@ -1,7 +1,8 @@ --- - name: Check that all nodes to be ready - ansible.builtin.command: "{{ k3s_install_dir }}/kubectl get nodes" + ansible.builtin.command: + cmd: "{{ k3s_install_dir }}/kubectl get nodes" changed_when: false failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1 diff --git a/tasks/validate/state/uninstalled.yml b/tasks/validate/state/uninstalled.yml index c666281..abaa624 100644 --- a/tasks/validate/state/uninstalled.yml +++ b/tasks/validate/state/uninstalled.yml @@ -1,7 +1,8 @@ --- - name: Check that k3s is not running - ansible.builtin.command: pgrep k3s + ansible.builtin.command: + cmd: pgrep k3s failed_when: - check_k3s_process.rc == 0 - not ansible_check_mode @@ -9,7 +10,8 @@ register: check_k3s_process - name: Check that docker is not running - ansible.builtin.command: pgrep docker + ansible.builtin.command: + cmd: pgrep docker failed_when: - check_k3s_docker_process.rc == 0 - not ansible_check_mode diff --git a/test_versions.sh b/test_versions.sh new file mode 100755 index 0000000..3b5f473 --- /dev/null +++ b/test_versions.sh @@ -0,0 +1,64 @@ +#!/usr/bin/env bash +set -euo pipefail + +ANSIBLE_RELEASE_FEED="$(curl -Ssl https://api.github.com/repos/ansible/ansible/tags?per_page=50)" +TMPDIR="$(mktemp -d /tmp/molecule.XXXXX)" + +function ansible_releases { + local RELEASE_LIST_ALL + + RELEASE_LIST_ALL="$(echo "${ANSIBLE_RELEASE_FEED}" | grep -E "\"name\": \"v[0-9]+\.[0-9]+\.[0-9]+\"")" + + for RELEASE in ${RELEASE_LIST_ALL} ; do + echo "${RELEASE}" | grep -v "name" | sed -E 's/"v([0-9]+\.[0-9]+\.[0-9]+)",/\1/g' || true + done +} + +function build_requirements { + local TEST_REQUIREMENTS + local REQUIREMENTS + local ANSIBLE_VERSION + + ANSIBLE_VERSION="${1:-true}" + + if [ "${ANSIBLE_VERSION}" == "true" ] ; then + echo "Something went wrong!" + exit 1 + fi + + TEST_REQUIREMENTS=$( "${TMPDIR}/version_requirements.txt" + make_venv "${TEST_ANSIBLE}" + echo " |" | tee -a /tmp/molecule_tests.md + done +} + +main diff --git a/vars/main.yml b/vars/main.yml index dfb4c2e..6512c33 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -143,3 +143,13 @@ k3s_deprecated_config: - setting: docker correction: "docker: false" when: 1.20.0 + +k3s_cgroup_subsys: + - name: memory + documentation: | + If you are running on a Raspberry Pi, see: + https://rancher.com/docs/k3s/latest/en/advanced/#enabling-cgroups-for-raspbian-buster + - name: cpuset + documentation: | + If you are running Alpine Linux, see: + https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-alpine-linux-setup