From b68c73de2d6dab45434545d642c3261cb9ffde52 Mon Sep 17 00:00:00 2001 From: liujian Date: Wed, 9 Jul 2025 16:10:18 +0800 Subject: [PATCH] feat: add role dependency in builtin playbook (#2653) Signed-off-by: joyceliu --- builtin/Makefile | 25 ---- builtin/core/defaults/config/v1.23.yaml | 6 +- builtin/core/defaults/config/v1.24.yaml | 6 +- builtin/core/defaults/config/v1.25.yaml | 6 +- builtin/core/defaults/config/v1.26.yaml | 6 +- builtin/core/defaults/config/v1.27.yaml | 6 +- builtin/core/defaults/config/v1.28.yaml | 6 +- builtin/core/defaults/config/v1.29.yaml | 6 +- builtin/core/defaults/config/v1.30.yaml | 6 +- builtin/core/defaults/config/v1.31.yaml | 6 +- builtin/core/defaults/config/v1.32.yaml | 6 +- builtin/core/defaults/config/v1.33.yaml | 6 +- builtin/core/playbooks/delete_cluster.yaml | 2 +- builtin/core/playbooks/delete_nodes.yaml | 2 +- builtin/core/playbooks/delete_registry.yaml | 2 +- .../certs/renew-registry/tasks/registry.yaml | 4 +- .../init/init-artifact/defaults/main.yaml | 10 +- .../init-artifact/tasks/download_binary.yaml | 10 +- .../install/cni/calico/defaults/main.yaml | 12 ++ .../calico.yaml => calico/tasks/main.yaml} | 0 .../install/cni/cilium/defaults/main.yaml | 70 ++++++++++ .../cilium.yaml => cilium/tasks/main.yaml} | 0 .../core/roles/install/cni/defaults/main.yaml | 130 ------------------ .../install/cni/flannel/defaults/main.yaml | 14 ++ .../flannel.yaml => flannel/tasks/main.yaml} | 0 .../install/cni/hybridnet/defaults/main.yaml | 6 + .../tasks/main.yaml} | 0 .../install/cni/kubeovn/defaults/main.yaml | 33 +++++ .../kubeovn.yaml => kubeovn/tasks/main.yaml} | 0 builtin/core/roles/install/cni/meta/main.yaml | 19 +++ .../multus.yaml => multus/tasks/main.yaml} | 0 .../cni/{ => multus}/templates/multus.yaml | 0 .../core/roles/install/cni/tasks/main.yaml | 18 --- .../install/cri/containerd/defaults/main.yaml | 3 + .../{ => containerd}/files/containerd.service | 0 .../tasks/main.yaml} | 2 +- .../templates/config.toml} | 0 .../tasks/main.yaml} | 2 +- .../templates/crictl.yaml} | 0 .../install/cri/docker/defaults/main.yaml | 3 + .../docker}/files/containerd.service | 0 .../cri/{ => docker}/files/docker.service | 0 .../tasks/cridockerd.yaml} | 0 .../tasks/main.yaml} | 7 +- .../templates/cri-dockerd.service | 0 .../templates/daemon.json} | 0 builtin/core/roles/install/cri/meta/main.yaml | 8 ++ .../core/roles/install/cri/tasks/main.yaml | 17 --- .../install/image-registry/defaults/main.yaml | 43 +----- .../docker-compose/defaults/main.yaml | 5 + .../docker-compose/files/containerd.service | 26 ++++ .../{ => docker-compose}/files/docker.service | 0 .../tasks/docker.yaml} | 2 +- .../tasks/docker_compose.yaml} | 0 .../docker-compose/tasks/main.yaml | 4 + .../templates/daemon.json} | 0 .../docker-registry/defaults/main.yaml | 37 +++++ .../tasks/main.yaml} | 30 ++-- .../templates/config.yaml} | 54 ++++---- .../templates/docker-compose.yaml} | 6 +- .../templates/docker-registry.service} | 4 +- .../image-registry/harbor/defaults/main.yaml | 4 + .../tasks/main.yaml} | 2 +- .../templates/harbor-replications.sh | 0 .../{ => harbor}/templates/harbor.service | 0 .../templates/harbor.yml} | 0 .../files}/healthcheck.sh | 0 .../tasks/main.yaml} | 2 +- .../templates/keepalived.conf | 0 .../install/image-registry/meta/main.yaml | 15 ++ .../image-registry/tasks/load_images.yaml | 51 ------- .../install/image-registry/tasks/main.yaml | 79 +++++++---- .../{ => local}/defaults/main.yaml | 8 +- .../local.yaml => local/tasks/main.yaml} | 0 .../{ => local}/templates/local-volume.yaml | 0 .../roles/install/storageclass/meta/main.yaml | 7 + .../storageclass/nfs/defaults/main.yaml | 7 + .../{tasks/nfs.yaml => nfs/tasks/main.yaml} | 0 .../install/storageclass/tasks/main.yaml | 6 - .../tasks/main.yaml} | 0 .../uninstall/cri/crictl/tasks/main.yaml | 3 + .../tasks/cridockerd.yaml} | 0 .../uninstall/cri/docker/tasks/docker.yaml | 38 +++++ .../uninstall/cri/docker/tasks/main.yaml | 7 + .../core/roles/uninstall/cri/meta/main.yaml | 10 ++ .../core/roles/uninstall/cri/tasks/main.yaml | 18 --- .../uninstall/cri/tasks/uninstall_docker.yaml | 22 --- .../image-registry/defaults/main.yaml | 3 + .../docker-compose/defaults/main.yaml | 5 + .../docker-compose/tasks/main.yaml} | 0 .../docker-registry/defaults/main.yaml | 6 + .../docker-registry/tasks/main.yaml | 19 +++ .../image-registry/harbor/defaults/main.yaml | 3 + .../harbor/tasks/main.yaml} | 0 .../keepalived/tasks/main.yaml} | 0 .../uninstall/image-registry/meta/main.yaml | 14 ++ .../image_registry/defaults/main.yaml | 10 -- .../uninstall/image_registry/tasks/main.yaml | 13 -- .../image_registry/tasks/registry.yaml | 19 --- docs/zh/core/image_registry.md | 36 ++--- 100 files changed, 557 insertions(+), 526 deletions(-) delete mode 100644 builtin/Makefile create mode 100644 builtin/core/roles/install/cni/calico/defaults/main.yaml rename builtin/core/roles/install/cni/{tasks/calico.yaml => calico/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/install/cni/cilium/defaults/main.yaml rename builtin/core/roles/install/cni/{tasks/cilium.yaml => cilium/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/install/cni/flannel/defaults/main.yaml rename builtin/core/roles/install/cni/{tasks/flannel.yaml => flannel/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/install/cni/hybridnet/defaults/main.yaml rename builtin/core/roles/install/cni/{tasks/hybridnet.yaml => hybridnet/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/install/cni/kubeovn/defaults/main.yaml rename builtin/core/roles/install/cni/{tasks/kubeovn.yaml => kubeovn/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/install/cni/meta/main.yaml rename builtin/core/roles/install/cni/{tasks/multus.yaml => multus/tasks/main.yaml} (100%) rename builtin/core/roles/install/cni/{ => multus}/templates/multus.yaml (100%) delete mode 100644 builtin/core/roles/install/cni/tasks/main.yaml create mode 100644 builtin/core/roles/install/cri/containerd/defaults/main.yaml rename builtin/core/roles/install/cri/{ => containerd}/files/containerd.service (100%) rename builtin/core/roles/install/cri/{tasks/install_containerd.yaml => containerd/tasks/main.yaml} (98%) rename builtin/core/roles/install/cri/{templates/containerd.config => containerd/templates/config.toml} (100%) rename builtin/core/roles/install/cri/{tasks/install_crictl.yaml => crictl/tasks/main.yaml} (96%) rename builtin/core/roles/install/cri/{templates/crictl.config => crictl/templates/crictl.yaml} (100%) create mode 100644 builtin/core/roles/install/cri/docker/defaults/main.yaml rename builtin/core/roles/install/{image-registry => cri/docker}/files/containerd.service (100%) rename builtin/core/roles/install/cri/{ => docker}/files/docker.service (100%) rename builtin/core/roles/install/cri/{tasks/install_cridockerd.yaml => docker/tasks/cridockerd.yaml} (100%) rename builtin/core/roles/install/cri/{tasks/install_docker.yaml => docker/tasks/main.yaml} (94%) rename builtin/core/roles/install/cri/{ => docker}/templates/cri-dockerd.service (100%) rename builtin/core/roles/install/cri/{templates/docker.config => docker/templates/daemon.json} (100%) create mode 100644 builtin/core/roles/install/cri/meta/main.yaml delete mode 100644 builtin/core/roles/install/cri/tasks/main.yaml create mode 100644 builtin/core/roles/install/image-registry/docker-compose/defaults/main.yaml create mode 100644 builtin/core/roles/install/image-registry/docker-compose/files/containerd.service rename builtin/core/roles/install/image-registry/{ => docker-compose}/files/docker.service (100%) rename builtin/core/roles/install/image-registry/{tasks/install_docker.yaml => docker-compose/tasks/docker.yaml} (98%) rename builtin/core/roles/install/image-registry/{tasks/install_docker_compose.yaml => docker-compose/tasks/docker_compose.yaml} (100%) create mode 100644 builtin/core/roles/install/image-registry/docker-compose/tasks/main.yaml rename builtin/core/roles/install/image-registry/{templates/docker.config => docker-compose/templates/daemon.json} (100%) create mode 100644 builtin/core/roles/install/image-registry/docker-registry/defaults/main.yaml rename builtin/core/roles/install/image-registry/{tasks/install_registry.yaml => docker-registry/tasks/main.yaml} (50%) rename builtin/core/roles/install/image-registry/{templates/registry.config => docker-registry/templates/config.yaml} (65%) rename builtin/core/roles/install/image-registry/{templates/registry.docker-compose => docker-registry/templates/docker-compose.yaml} (85%) rename builtin/core/roles/install/image-registry/{templates/registry.service => docker-registry/templates/docker-registry.service} (60%) create mode 100644 builtin/core/roles/install/image-registry/harbor/defaults/main.yaml rename builtin/core/roles/install/image-registry/{tasks/install_harbor.yaml => harbor/tasks/main.yaml} (99%) rename builtin/core/roles/install/image-registry/{ => harbor}/templates/harbor-replications.sh (100%) rename builtin/core/roles/install/image-registry/{ => harbor}/templates/harbor.service (100%) rename builtin/core/roles/install/image-registry/{templates/harbor.config => harbor/templates/harbor.yml} (100%) rename builtin/core/roles/install/image-registry/{files/keepalived => keepalived/files}/healthcheck.sh (100%) rename builtin/core/roles/install/image-registry/{tasks/install_keepalived.yaml => keepalived/tasks/main.yaml} (98%) rename builtin/core/roles/install/image-registry/{ => keepalived}/templates/keepalived.conf (100%) create mode 100644 builtin/core/roles/install/image-registry/meta/main.yaml delete mode 100644 builtin/core/roles/install/image-registry/tasks/load_images.yaml rename builtin/core/roles/install/storageclass/{ => local}/defaults/main.yaml (59%) rename builtin/core/roles/install/storageclass/{tasks/local.yaml => local/tasks/main.yaml} (100%) rename builtin/core/roles/install/storageclass/{ => local}/templates/local-volume.yaml (100%) create mode 100644 builtin/core/roles/install/storageclass/meta/main.yaml create mode 100644 builtin/core/roles/install/storageclass/nfs/defaults/main.yaml rename builtin/core/roles/install/storageclass/{tasks/nfs.yaml => nfs/tasks/main.yaml} (100%) delete mode 100644 builtin/core/roles/install/storageclass/tasks/main.yaml rename builtin/core/roles/uninstall/cri/{tasks/uninstall_containerd.yaml => containerd/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/uninstall/cri/crictl/tasks/main.yaml rename builtin/core/roles/uninstall/cri/{tasks/uninstall_cridockerd.yaml => docker/tasks/cridockerd.yaml} (100%) create mode 100644 builtin/core/roles/uninstall/cri/docker/tasks/docker.yaml create mode 100644 builtin/core/roles/uninstall/cri/docker/tasks/main.yaml create mode 100644 builtin/core/roles/uninstall/cri/meta/main.yaml delete mode 100644 builtin/core/roles/uninstall/cri/tasks/main.yaml delete mode 100644 builtin/core/roles/uninstall/cri/tasks/uninstall_docker.yaml create mode 100644 builtin/core/roles/uninstall/image-registry/defaults/main.yaml create mode 100644 builtin/core/roles/uninstall/image-registry/docker-compose/defaults/main.yaml rename builtin/core/roles/uninstall/{image_registry/tasks/docker.yaml => image-registry/docker-compose/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/uninstall/image-registry/docker-registry/defaults/main.yaml create mode 100644 builtin/core/roles/uninstall/image-registry/docker-registry/tasks/main.yaml create mode 100644 builtin/core/roles/uninstall/image-registry/harbor/defaults/main.yaml rename builtin/core/roles/uninstall/{image_registry/tasks/harbor.yaml => image-registry/harbor/tasks/main.yaml} (100%) rename builtin/core/roles/uninstall/{image_registry/tasks/keepalived.yaml => image-registry/keepalived/tasks/main.yaml} (100%) create mode 100644 builtin/core/roles/uninstall/image-registry/meta/main.yaml delete mode 100644 builtin/core/roles/uninstall/image_registry/defaults/main.yaml delete mode 100644 builtin/core/roles/uninstall/image_registry/tasks/main.yaml delete mode 100644 builtin/core/roles/uninstall/image_registry/tasks/registry.yaml diff --git a/builtin/Makefile b/builtin/Makefile deleted file mode 100644 index 4bb3cde3..00000000 --- a/builtin/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -.PHONY: create-role -create-role: ## create a role necessary file in roles - @echo "Creating role $(role) in ${base} ..." - @mkdir -p ${base}/roles/$(role)/tasks - @echo "---" > ${base}/roles/$(role)/tasks/main.yaml - @mkdir -p ${base}/roles/$(role)/defaults - @echo "" > ${base}/roles/$(role)/defaults/main.yaml -ifeq ($(VARIABLE_NAME),"full") - @mkdir -p ${base}/roles/$(role)/handlers - @mkdir -p ${base}/roles/$(role)/templates - @mkdir -p ${base}/roles/$(role)/files - @mkdir -p ${base}/roles/$(role)/vars - @mkdir -p ${base}/roles/$(role)/meta - @echo "---" > ${base}/roles/$(role)/handlers/main.yaml - @echo "---" > ${base}/roles/$(role)/templates/main.yaml - @echo "---" > ${base}/roles/$(role)/files/main.yaml - @echo "---" > ${base}/roles/$(role)/vars/main.yaml - @echo "---" > ${base}/roles/$(role)/defaults/main.yaml - @echo "---" > ${base}/roles/$(role)/meta/main.yaml -endif - @echo "Role $(role) created successfully" - -.PHONY: help -help: ## Display this help. - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n\nTargets:\n"} /^[0-9A-Za-z_-]+:.*?##/ { printf " \033[36m%-45s\033[0m %s\n", $$1, $$2 } /^\$$\([0-9A-Za-z_-]+\):.*?##/ { gsub("_","-", $$1); printf " \033[36m%-45s\033[0m %s\n", tolower(substr($$1, 3, length($$1)-7)), $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) diff --git a/builtin/core/defaults/config/v1.23.yaml b/builtin/core/defaults/config/v1.23.yaml index 441980a4..1078092b 100644 --- a/builtin/core/defaults/config/v1.23.yaml +++ b/builtin/core/defaults/config/v1.23.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.6.3 # docker-compose binary # dockercompose_version: v2.12.2 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.23.0 diff --git a/builtin/core/defaults/config/v1.24.yaml b/builtin/core/defaults/config/v1.24.yaml index c80e7fa1..d2d2d89d 100644 --- a/builtin/core/defaults/config/v1.24.yaml +++ b/builtin/core/defaults/config/v1.24.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.7.1 # docker-compose binary # dockercompose_version: v2.14.0 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.24.0 diff --git a/builtin/core/defaults/config/v1.25.yaml b/builtin/core/defaults/config/v1.25.yaml index 69ebc085..27dc0492 100644 --- a/builtin/core/defaults/config/v1.25.yaml +++ b/builtin/core/defaults/config/v1.25.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.8.1 # docker-compose binary # dockercompose_version: v2.15.1 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.25.0 diff --git a/builtin/core/defaults/config/v1.26.yaml b/builtin/core/defaults/config/v1.26.yaml index 8ef52a3a..93b9145b 100644 --- a/builtin/core/defaults/config/v1.26.yaml +++ b/builtin/core/defaults/config/v1.26.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.9.1 # docker-compose binary # dockercompose_version: v2.16.0 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.26.0 diff --git a/builtin/core/defaults/config/v1.27.yaml b/builtin/core/defaults/config/v1.27.yaml index be1a385f..da944c1b 100644 --- a/builtin/core/defaults/config/v1.27.yaml +++ b/builtin/core/defaults/config/v1.27.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.27.0 diff --git a/builtin/core/defaults/config/v1.28.yaml b/builtin/core/defaults/config/v1.28.yaml index aadf3439..b5b5f1d9 100644 --- a/builtin/core/defaults/config/v1.28.yaml +++ b/builtin/core/defaults/config/v1.28.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.28.0 diff --git a/builtin/core/defaults/config/v1.29.yaml b/builtin/core/defaults/config/v1.29.yaml index bc625415..609e9f97 100644 --- a/builtin/core/defaults/config/v1.29.yaml +++ b/builtin/core/defaults/config/v1.29.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.29.0 diff --git a/builtin/core/defaults/config/v1.30.yaml b/builtin/core/defaults/config/v1.30.yaml index ea32d24c..b1181c44 100644 --- a/builtin/core/defaults/config/v1.30.yaml +++ b/builtin/core/defaults/config/v1.30.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.30.0 diff --git a/builtin/core/defaults/config/v1.31.yaml b/builtin/core/defaults/config/v1.31.yaml index fd54e6f3..3c6a9ff2 100644 --- a/builtin/core/defaults/config/v1.31.yaml +++ b/builtin/core/defaults/config/v1.31.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.31.0 diff --git a/builtin/core/defaults/config/v1.32.yaml b/builtin/core/defaults/config/v1.32.yaml index 66161f66..8e5d0113 100644 --- a/builtin/core/defaults/config/v1.32.yaml +++ b/builtin/core/defaults/config/v1.32.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.32.0 diff --git a/builtin/core/defaults/config/v1.33.yaml b/builtin/core/defaults/config/v1.33.yaml index 221babc9..94e7d1be 100644 --- a/builtin/core/defaults/config/v1.33.yaml +++ b/builtin/core/defaults/config/v1.33.yaml @@ -20,9 +20,9 @@ spec: # harbor_version: v2.10.1 # docker-compose binary # dockercompose_version: v2.20.3 - # ========== image registry: registry ========== - # registry image tag - # registry_version: 2.8.3 + # ========== image registry: docker-registry ========== + # docker-registry image tag + # docker_registry_version: 2.8.3 # ========== cri ========== # crictl binary crictl_version: v1.33.0 diff --git a/builtin/core/playbooks/delete_cluster.yaml b/builtin/core/playbooks/delete_cluster.yaml index dc625727..ee08c58d 100644 --- a/builtin/core/playbooks/delete_cluster.yaml +++ b/builtin/core/playbooks/delete_cluster.yaml @@ -33,7 +33,7 @@ - hosts: - image_registry roles: - - role: uninstall/image_registry + - role: uninstall/image-registry when: - .deleteImageRegistry diff --git a/builtin/core/playbooks/delete_nodes.yaml b/builtin/core/playbooks/delete_nodes.yaml index c6a2dab9..0f21ba6f 100644 --- a/builtin/core/playbooks/delete_nodes.yaml +++ b/builtin/core/playbooks/delete_nodes.yaml @@ -79,7 +79,7 @@ - hosts: - image_registry roles: - - role: uninstall/image_registry + - role: uninstall/image-registry when: - .deleteImageRegistry - .delete_nodes | default list | has .inventory_hostname diff --git a/builtin/core/playbooks/delete_registry.yaml b/builtin/core/playbooks/delete_registry.yaml index 634ea2a4..a852d33f 100644 --- a/builtin/core/playbooks/delete_registry.yaml +++ b/builtin/core/playbooks/delete_registry.yaml @@ -10,6 +10,6 @@ - hosts: - image_registry roles: - - role: uninstall/image_registry + - role: uninstall/image-registry - import_playbook: hook/post_install.yaml \ No newline at end of file diff --git a/builtin/core/roles/certs/renew-registry/tasks/registry.yaml b/builtin/core/roles/certs/renew-registry/tasks/registry.yaml index b45abfa9..9b7409ea 100644 --- a/builtin/core/roles/certs/renew-registry/tasks/registry.yaml +++ b/builtin/core/roles/certs/renew-registry/tasks/registry.yaml @@ -5,7 +5,7 @@ src: >- {{ .binary_dir }}/pki/image_registry.crt dest: >- - /opt/registry/{{ .registry_version }}/ssl/server.crt + /opt/docker-registry/{{ .docker_registry_version }}/ssl/server.crt - name: Sync image registry key file to remote tags: ["certs"] @@ -13,7 +13,7 @@ src: >- {{ .binary_dir }}/pki/image_registry.key dest: >- - /opt/registry/{{ .registry_version }}/ssl/server.key + /opt/docker-registry/{{ .docker_registry_version }}/ssl/server.key - name: Restart registry service tags: ["certs"] diff --git a/builtin/core/roles/init/init-artifact/defaults/main.yaml b/builtin/core/roles/init/init-artifact/defaults/main.yaml index 0572a60e..a3841331 100644 --- a/builtin/core/roles/init/init-artifact/defaults/main.yaml +++ b/builtin/core/roles/init/init-artifact/defaults/main.yaml @@ -162,18 +162,18 @@ artifact: {{- else -}} https://github.com/docker/compose/releases/download/{{ .dockercompose_version }}/docker-compose-linux-aarch64 {{- end -}} -# registry: +# docker_registry: # amd64: >- # {{- if .kkzone | eq "cn" -}} -# https://kubernetes-release.pek3b.qingstor.com/registry/{{ .registry_version }}/registry-{{ .registry_version }}-linux-amd64.tgz +# https://kubernetes-release.pek3b.qingstor.com/registry/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-amd64.tgz # {{- else -}} -# https://github.com/kubesphere/kubekey/releases/download/{{ .registry_version }}/registry-{{ .registry_version }}-linux-amd64.tgz +# https://github.com/kubesphere/kubekey/releases/download/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-amd64.tgz # {{- end -}} # arm64: >- # {{- if .kkzone | eq "cn" -}} -# https://kubernetes-release.pek3b.qingstor.com/registry/{{ .registry_version }}/registry-{{ .registry_version }}-linux-arm64.tgz +# https://kubernetes-release.pek3b.qingstor.com/registry/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-arm64.tgz # {{- else -}} -# https://github.com/kubesphere/kubekey/releases/download/{{ .registry_version }}/registry-{{ .registry_version }}-linux-arm64.tgz +# https://github.com/kubesphere/kubekey/releases/download/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-arm64.tgz # {{- end -}} harbor: amd64: >- diff --git a/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml b/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml index e7329828..cd39f70e 100644 --- a/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml +++ b/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml @@ -201,20 +201,20 @@ - name: Check binaries for registry tags: ["registry"] command: | - artifact_name={{ get .artifact.artifact_url.registry .item | splitList "/" | last }} - artifact_path={{ .binary_dir }}/image-registry/registry/{{ .registry_version }}/{{ .item }} + artifact_name={{ get .artifact.artifact_url.docker_registry .item | splitList "/" | last }} + artifact_path={{ .binary_dir }}/image-registry/docker-registry/{{ .docker_registry_version }}/{{ .item }} if [ ! -f $artifact_path/$artifact_name ]; then mkdir -p $artifact_path # download online - http_code=$(curl -Lo /dev/null -s -w "%{http_code}" {{ get .artifact.artifact_url.registry .item }}) + http_code=$(curl -Lo /dev/null -s -w "%{http_code}" {{ get .artifact.artifact_url.docker_registry .item }}) if [ $http_code != 200 ]; then echo "http code is $http_code" exit 1 fi - curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.registry .item }} + curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.docker_registry .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: .registry_version | empty | not + when: .docker_registry_version | empty | not - name: Check binaries for docker-compose tags: ["docker-compose"] diff --git a/builtin/core/roles/install/cni/calico/defaults/main.yaml b/builtin/core/roles/install/cni/calico/defaults/main.yaml new file mode 100644 index 00000000..1beb801c --- /dev/null +++ b/builtin/core/roles/install/cni/calico/defaults/main.yaml @@ -0,0 +1,12 @@ +cni: + calico: + values: | + # calico helm values + tigeraOperator: + registry: {{ .quayio_registry }} + calicoctl: + image: {{ .dockerio_registry }}/calico/ctl + installation: + registry: {{ .dockerio_registry }} + calicoNetwork: + bgp: Enabled \ No newline at end of file diff --git a/builtin/core/roles/install/cni/tasks/calico.yaml b/builtin/core/roles/install/cni/calico/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/calico.yaml rename to builtin/core/roles/install/cni/calico/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/cilium/defaults/main.yaml b/builtin/core/roles/install/cni/cilium/defaults/main.yaml new file mode 100644 index 00000000..e18f39a6 --- /dev/null +++ b/builtin/core/roles/install/cni/cilium/defaults/main.yaml @@ -0,0 +1,70 @@ +cni: + cilium: + values: | + # cilium helm values + image: + repository: {{ .quayio_registry }}/cilium/cilium-cli + certgen: + image: + repository: {{ .quayio_registry }}/cilium/certgen + hubble: + relay: + image: + repository: {{ .quayio_registry }}/cilium/hubble-relay-ci + ui: + backend: + image: + repository: {{ .quayio_registry }}/cilium/hubble-ui-backend + frontend: + image: + repository: {{ .quayio_registry }}/cilium/hubble-ui + envoy: + image: + repository: {{ .quayio_registry }}/cilium/cilium-envoy + operator: + replicas: 2 + image: + repository: {{ .quayio_registry }}/cilium/operator + nodeinit: + image: + repository: {{ .quayio_registry }}/cilium/startup-script + preflight: + image: + repository: {{ .quayio_registry }}/cilium/cilium-ci + clustermesh: + apiserver: + image: + repository: {{ .quayio_registry }}/cilium/clustermesh-apiserver-ci + authentication: + mutual: + spire: + install: + initImage: + repository: {{ .dockerio_registry }}/library/busybox + agent: + image: + repository: {{ .ghcrio_registry }}/spiffe/spire-agent + server: + image: + repository: {{ .ghcrio_registry }}/spiffe/spire-server + ipv4: + enabled: {{ .cni.ipv4_support }} + ipv6: + enabled: {{ .cni.ipv6_support }} + ipam: + operator: + {{- if .cni.ipv4_support }} + clusterPoolIPv4PodCIDRList: + - {{ .cni.ipv4_pods_cidr }} + clusterPoolIPv4MaskSize: {{ .cni.ipv4_block_size }} + {{- end }} + {{- if .cni.ipv6_support }} + clusterPoolIPv6PodCIDRList: + - {{ .cni.ipv6_pods_cidr }} + clusterPoolIPv6MaskSize: {{ .cni.ipv6_block_size }} + {{- end }} + {{- if not (.kubernetes.kube_proxy.enabled | default true) }} + kubeProxyReplacement: "true" + k8sServiceHost: {{ .kubernetes.control_plane_endpoint.host }} + k8sServicePort: {{ .kubernetes.control_plane_endpoint.port }} + {{- end }} \ No newline at end of file diff --git a/builtin/core/roles/install/cni/tasks/cilium.yaml b/builtin/core/roles/install/cni/cilium/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/cilium.yaml rename to builtin/core/roles/install/cni/cilium/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/defaults/main.yaml b/builtin/core/roles/install/cni/defaults/main.yaml index d749f976..4e9064ad 100644 --- a/builtin/core/roles/install/cni/defaults/main.yaml +++ b/builtin/core/roles/install/cni/defaults/main.yaml @@ -36,134 +36,4 @@ cni: {{ .kubernetes.networking.ipv4_mask_size | default 64 }} kube_svc_cidr: >- {{ .kubernetes.networking.service_cidr | default "10.233.0.0/18" }} - calico: - values: | - # calico helm values - tigeraOperator: - registry: {{ .quayio_registry }} - calicoctl: - image: {{ .dockerio_registry }}/calico/ctl - installation: - registry: {{ .dockerio_registry }} - calicoNetwork: - bgp: Enabled - cilium: - values: | - # cilium helm values - image: - repository: {{ .quayio_registry }}/cilium/cilium-cli - certgen: - image: - repository: {{ .quayio_registry }}/cilium/certgen - hubble: - relay: - image: - repository: {{ .quayio_registry }}/cilium/hubble-relay-ci - ui: - backend: - image: - repository: {{ .quayio_registry }}/cilium/hubble-ui-backend - frontend: - image: - repository: {{ .quayio_registry }}/cilium/hubble-ui - envoy: - image: - repository: {{ .quayio_registry }}/cilium/cilium-envoy - operator: - replicas: 2 - image: - repository: {{ .quayio_registry }}/cilium/operator - nodeinit: - image: - repository: {{ .quayio_registry }}/cilium/startup-script - preflight: - image: - repository: {{ .quayio_registry }}/cilium/cilium-ci - clustermesh: - apiserver: - image: - repository: {{ .quayio_registry }}/cilium/clustermesh-apiserver-ci - authentication: - mutual: - spire: - install: - initImage: - repository: {{ .dockerio_registry }}/library/busybox - agent: - image: - repository: {{ .ghcrio_registry }}/spiffe/spire-agent - server: - image: - repository: {{ .ghcrio_registry }}/spiffe/spire-server - ipv4: - enabled: {{ .cni.ipv4_support }} - ipv6: - enabled: {{ .cni.ipv6_support }} - ipam: - operator: - {{- if .cni.ipv4_support }} - clusterPoolIPv4PodCIDRList: - - {{ .cni.ipv4_pods_cidr }} - clusterPoolIPv4MaskSize: {{ .cni.ipv4_block_size }} - {{- end }} - {{- if .cni.ipv6_support }} - clusterPoolIPv6PodCIDRList: - - {{ .cni.ipv6_pods_cidr }} - clusterPoolIPv6MaskSize: {{ .cni.ipv6_block_size }} - {{- end }} - {{- if not (.kubernetes.kube_proxy.enabled | default true) }} - kubeProxyReplacement: "true" - k8sServiceHost: {{ .kubernetes.control_plane_endpoint.host }} - k8sServicePort: {{ .kubernetes.control_plane_endpoint.port }} - {{- end }} - flannel: - # https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md - values: | - # flannel helm values - podCidr: {{ .cni.ipv4_pod_cidr }} - podCidrv6: {{ .cni.ipv6_pod_cidr }} - flannel: - image: - repository: {{ .dockerio_registry }}/flannel/flannel - image_cni: - repository: {{ .dockerio_registry }}/flannel/flannel-cni-plugin - # support "vxlan" and "host-gw" - backend: vxlan - hybridnet: - values: | - # hybridnet helm values - images: - registryURL: {{ .dockerio_registry }} - kubeovn: - values: | - # kube-ovn helm values - global: - registry: - address: {{ .dockerio_registry }}/kubeovn - {{- $ips := list }} - {{- range .groups.kube_control_plane | default list }} - {{- $internalIPv4 := index $.hostvars . "internal_ipv4" | default "" }} - {{- $internalIPv6 := index $.hostvars . "internal_ipv6" | default "" }} - {{- if $internalIPv4| empty | not }} - {{- $ips = append $ips $internalIPv4 }} - {{- else if $internalIPv6 | empty | not }} - {{- $ips = append $ips $internalIPv6 }} - {{- end }} - {{- end }} - MASTER_NODES: {{ $ips | join "," }} - networking: - NET_STACK: {{ if and .cni.ipv4_support (not .cni.ipv6_support) }}ipv4{{ else if and .cni.ipv6_support (not .cni.ipv4_support) }}ipv6{{ else if and .cni.ipv4_support .cni.ipv6_support }}dual_stack{{ end }} - {{- if and .cni.ipv4_support (not .cni.ipv6_support) }} - ipv4: - POD_CIDR: {{ .cni.ipv4_pods_cidr }} - SVC_CIDR: {{ .cni.kube_svc_cidr }} - {{ else if and .cni.ipv6_support (not .cni.ipv4_support) }} - ipv6: - POD_CIDR: {{ .cni.ipv6_pods_cidr }} - SVC_CIDR: {{ .cni.kube_svc_cidr }} - {{ else if and .cni.ipv4_support .cni.ipv6_support }} - dual_stack: - POD_CIDR: {{ .cni.ipv4_pods_cidr }},{{ .cni.ipv6_pods_cidr }} - SVC_CIDR: {{ .cni.kube_svc_cidr }} - {{- end }} diff --git a/builtin/core/roles/install/cni/flannel/defaults/main.yaml b/builtin/core/roles/install/cni/flannel/defaults/main.yaml new file mode 100644 index 00000000..12272e10 --- /dev/null +++ b/builtin/core/roles/install/cni/flannel/defaults/main.yaml @@ -0,0 +1,14 @@ +cni: + flannel: + # https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md + values: | + # flannel helm values + podCidr: {{ .cni.ipv4_pod_cidr }} + podCidrv6: {{ .cni.ipv6_pod_cidr }} + flannel: + image: + repository: {{ .dockerio_registry }}/flannel/flannel + image_cni: + repository: {{ .dockerio_registry }}/flannel/flannel-cni-plugin + # support "vxlan" and "host-gw" + backend: vxlan \ No newline at end of file diff --git a/builtin/core/roles/install/cni/tasks/flannel.yaml b/builtin/core/roles/install/cni/flannel/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/flannel.yaml rename to builtin/core/roles/install/cni/flannel/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/hybridnet/defaults/main.yaml b/builtin/core/roles/install/cni/hybridnet/defaults/main.yaml new file mode 100644 index 00000000..d46b6055 --- /dev/null +++ b/builtin/core/roles/install/cni/hybridnet/defaults/main.yaml @@ -0,0 +1,6 @@ +cni: + hybridnet: + values: | + # hybridnet helm values + images: + registryURL: {{ .dockerio_registry }} \ No newline at end of file diff --git a/builtin/core/roles/install/cni/tasks/hybridnet.yaml b/builtin/core/roles/install/cni/hybridnet/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/hybridnet.yaml rename to builtin/core/roles/install/cni/hybridnet/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/kubeovn/defaults/main.yaml b/builtin/core/roles/install/cni/kubeovn/defaults/main.yaml new file mode 100644 index 00000000..5d967a90 --- /dev/null +++ b/builtin/core/roles/install/cni/kubeovn/defaults/main.yaml @@ -0,0 +1,33 @@ +cni: + kubeovn: + values: | + # kube-ovn helm values + global: + registry: + address: {{ .dockerio_registry }}/kubeovn + {{- $ips := list }} + {{- range .groups.kube_control_plane | default list }} + {{- $internalIPv4 := index $.hostvars . "internal_ipv4" | default "" }} + {{- $internalIPv6 := index $.hostvars . "internal_ipv6" | default "" }} + {{- if $internalIPv4| empty | not }} + {{- $ips = append $ips $internalIPv4 }} + {{- else if $internalIPv6 | empty | not }} + {{- $ips = append $ips $internalIPv6 }} + {{- end }} + {{- end }} + MASTER_NODES: {{ $ips | join "," }} + networking: + NET_STACK: {{ if and .cni.ipv4_support (not .cni.ipv6_support) }}ipv4{{ else if and .cni.ipv6_support (not .cni.ipv4_support) }}ipv6{{ else if and .cni.ipv4_support .cni.ipv6_support }}dual_stack{{ end }} + {{- if and .cni.ipv4_support (not .cni.ipv6_support) }} + ipv4: + POD_CIDR: {{ .cni.ipv4_pods_cidr }} + SVC_CIDR: {{ .cni.kube_svc_cidr }} + {{ else if and .cni.ipv6_support (not .cni.ipv4_support) }} + ipv6: + POD_CIDR: {{ .cni.ipv6_pods_cidr }} + SVC_CIDR: {{ .cni.kube_svc_cidr }} + {{ else if and .cni.ipv4_support .cni.ipv6_support }} + dual_stack: + POD_CIDR: {{ .cni.ipv4_pods_cidr }},{{ .cni.ipv6_pods_cidr }} + SVC_CIDR: {{ .cni.kube_svc_cidr }} + {{- end }} \ No newline at end of file diff --git a/builtin/core/roles/install/cni/tasks/kubeovn.yaml b/builtin/core/roles/install/cni/kubeovn/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/kubeovn.yaml rename to builtin/core/roles/install/cni/kubeovn/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/meta/main.yaml b/builtin/core/roles/install/cni/meta/main.yaml new file mode 100644 index 00000000..e70fa639 --- /dev/null +++ b/builtin/core/roles/install/cni/meta/main.yaml @@ -0,0 +1,19 @@ +--- +dependencies: + - role: install/cni/multus + when: .cni.multus.enabled + + - role: install/cni/calico + when: .cni.type | eq "calico" + + - role: install/cni/cilium + when: .cni.type | eq "cilium" + + - role: install/cni/flannel + when: .cni.type | eq "flannel" + + - role: install/cni/kubeovn + when: .cni.type | eq "kubeovn" + + - role: install/cni/hybridnet + when: .cni.type | eq "hyvbridnet" diff --git a/builtin/core/roles/install/cni/tasks/multus.yaml b/builtin/core/roles/install/cni/multus/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/cni/tasks/multus.yaml rename to builtin/core/roles/install/cni/multus/tasks/main.yaml diff --git a/builtin/core/roles/install/cni/templates/multus.yaml b/builtin/core/roles/install/cni/multus/templates/multus.yaml similarity index 100% rename from builtin/core/roles/install/cni/templates/multus.yaml rename to builtin/core/roles/install/cni/multus/templates/multus.yaml diff --git a/builtin/core/roles/install/cni/tasks/main.yaml b/builtin/core/roles/install/cni/tasks/main.yaml deleted file mode 100644 index 6a2881a2..00000000 --- a/builtin/core/roles/install/cni/tasks/main.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- include_tasks: calico.yaml - when: .cni.type | eq "calico" - -- include_tasks: cilium.yaml - when: .cni.type | eq "cilium" - -- include_tasks: flannel.yaml - when: .cni.type | eq "flannel" - -- include_tasks: kubeovn.yaml - when: .cni.type | eq "kubeovn" - -- include_tasks: hybridnet.yaml - when: .cni.type | eq "hyvbridnet" - -- include_tasks: multus.yaml - when: .cni.multus.enabled diff --git a/builtin/core/roles/install/cri/containerd/defaults/main.yaml b/builtin/core/roles/install/cri/containerd/defaults/main.yaml new file mode 100644 index 00000000..ba5501ce --- /dev/null +++ b/builtin/core/roles/install/cri/containerd/defaults/main.yaml @@ -0,0 +1,3 @@ +cri: + containerd: + data_root: /var/lib/containerd \ No newline at end of file diff --git a/builtin/core/roles/install/cri/files/containerd.service b/builtin/core/roles/install/cri/containerd/files/containerd.service similarity index 100% rename from builtin/core/roles/install/cri/files/containerd.service rename to builtin/core/roles/install/cri/containerd/files/containerd.service diff --git a/builtin/core/roles/install/cri/tasks/install_containerd.yaml b/builtin/core/roles/install/cri/containerd/tasks/main.yaml similarity index 98% rename from builtin/core/roles/install/cri/tasks/install_containerd.yaml rename to builtin/core/roles/install/cri/containerd/tasks/main.yaml index d2b13ef7..282f6007 100644 --- a/builtin/core/roles/install/cri/tasks/install_containerd.yaml +++ b/builtin/core/roles/install/cri/containerd/tasks/main.yaml @@ -29,7 +29,7 @@ tar -xvf {{ .tmp_dir }}/containerd-{{ .containerd_version | default "" | trimPrefix "v" }}-linux-{{ .binary_type }}.tar.gz --strip-components=1 -C /usr/local/bin/ - name: Generate containerd config file template: - src: containerd.config + src: config.toml dest: /etc/containerd/config.toml - name: Generate containerd Service file copy: diff --git a/builtin/core/roles/install/cri/templates/containerd.config b/builtin/core/roles/install/cri/containerd/templates/config.toml similarity index 100% rename from builtin/core/roles/install/cri/templates/containerd.config rename to builtin/core/roles/install/cri/containerd/templates/config.toml diff --git a/builtin/core/roles/install/cri/tasks/install_crictl.yaml b/builtin/core/roles/install/cri/crictl/tasks/main.yaml similarity index 96% rename from builtin/core/roles/install/cri/tasks/install_crictl.yaml rename to builtin/core/roles/install/cri/crictl/tasks/main.yaml index e60aa231..4cf02b35 100644 --- a/builtin/core/roles/install/cri/tasks/install_crictl.yaml +++ b/builtin/core/roles/install/cri/crictl/tasks/main.yaml @@ -18,5 +18,5 @@ tar -xvf {{ .tmp_dir }}/crictl-{{ .crictl_version }}-linux-{{ .binary_type }}.tar.gz -C /usr/local/bin/ - name: Generate crictl config file template: - src: crictl.config + src: crictl.yaml dest: /etc/crictl.yaml diff --git a/builtin/core/roles/install/cri/templates/crictl.config b/builtin/core/roles/install/cri/crictl/templates/crictl.yaml similarity index 100% rename from builtin/core/roles/install/cri/templates/crictl.config rename to builtin/core/roles/install/cri/crictl/templates/crictl.yaml diff --git a/builtin/core/roles/install/cri/docker/defaults/main.yaml b/builtin/core/roles/install/cri/docker/defaults/main.yaml new file mode 100644 index 00000000..888b6f79 --- /dev/null +++ b/builtin/core/roles/install/cri/docker/defaults/main.yaml @@ -0,0 +1,3 @@ +cri: + docker: + data_root: /var/lib/docker \ No newline at end of file diff --git a/builtin/core/roles/install/image-registry/files/containerd.service b/builtin/core/roles/install/cri/docker/files/containerd.service similarity index 100% rename from builtin/core/roles/install/image-registry/files/containerd.service rename to builtin/core/roles/install/cri/docker/files/containerd.service diff --git a/builtin/core/roles/install/cri/files/docker.service b/builtin/core/roles/install/cri/docker/files/docker.service similarity index 100% rename from builtin/core/roles/install/cri/files/docker.service rename to builtin/core/roles/install/cri/docker/files/docker.service diff --git a/builtin/core/roles/install/cri/tasks/install_cridockerd.yaml b/builtin/core/roles/install/cri/docker/tasks/cridockerd.yaml similarity index 100% rename from builtin/core/roles/install/cri/tasks/install_cridockerd.yaml rename to builtin/core/roles/install/cri/docker/tasks/cridockerd.yaml diff --git a/builtin/core/roles/install/cri/tasks/install_docker.yaml b/builtin/core/roles/install/cri/docker/tasks/main.yaml similarity index 94% rename from builtin/core/roles/install/cri/tasks/install_docker.yaml rename to builtin/core/roles/install/cri/docker/tasks/main.yaml index 91179839..5235dee1 100644 --- a/builtin/core/roles/install/cri/tasks/install_docker.yaml +++ b/builtin/core/roles/install/cri/docker/tasks/main.yaml @@ -1,4 +1,9 @@ --- +# install cridockerd +- include_tasks: cridockerd.yaml + when: + - .kube_version | semverCompare ">=v1.24.0" + - name: Check if docker is installed ignore_errors: true command: docker --version @@ -18,7 +23,7 @@ tar -C /usr/local/bin/ --strip-components=1 -xvf {{ .tmp_dir }}/docker-{{ .docker_version }}.tgz --wildcards docker/* - name: Generate docker config file template: - src: docker.config + src: daemon.json dest: /etc/docker/daemon.json - name: Generate docker service file copy: diff --git a/builtin/core/roles/install/cri/templates/cri-dockerd.service b/builtin/core/roles/install/cri/docker/templates/cri-dockerd.service similarity index 100% rename from builtin/core/roles/install/cri/templates/cri-dockerd.service rename to builtin/core/roles/install/cri/docker/templates/cri-dockerd.service diff --git a/builtin/core/roles/install/cri/templates/docker.config b/builtin/core/roles/install/cri/docker/templates/daemon.json similarity index 100% rename from builtin/core/roles/install/cri/templates/docker.config rename to builtin/core/roles/install/cri/docker/templates/daemon.json diff --git a/builtin/core/roles/install/cri/meta/main.yaml b/builtin/core/roles/install/cri/meta/main.yaml new file mode 100644 index 00000000..631fbb6c --- /dev/null +++ b/builtin/core/roles/install/cri/meta/main.yaml @@ -0,0 +1,8 @@ +dependencies: + - role: install/cri/crictl + + - role: install/cri/docker + when: .cri.container_manager | eq "docker" + + - role: install/cri/containerd + when: .cri.container_manager | eq "containerd" \ No newline at end of file diff --git a/builtin/core/roles/install/cri/tasks/main.yaml b/builtin/core/roles/install/cri/tasks/main.yaml deleted file mode 100644 index 1b5cdb21..00000000 --- a/builtin/core/roles/install/cri/tasks/main.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# install crictl -- include_tasks: install_crictl.yaml - -# install docker -- include_tasks: install_docker.yaml - when: .cri.container_manager | eq "docker" - - # install containerd -- include_tasks: install_containerd.yaml - when: .cri.container_manager | eq "containerd" - -# install cridockerd -- include_tasks: install_cridockerd.yaml - when: - - .cri.container_manager | eq "docker" - - .kube_version | semverCompare ">=v1.24.0" diff --git a/builtin/core/roles/install/image-registry/defaults/main.yaml b/builtin/core/roles/install/image-registry/defaults/main.yaml index 2bbdb1c4..3c6b8ee1 100644 --- a/builtin/core/roles/install/image-registry/defaults/main.yaml +++ b/builtin/core/roles/install/image-registry/defaults/main.yaml @@ -1,4 +1,6 @@ image_registry: + # registry type. support: harbor, docker-registry + type: harbor # ha_vip: 192.168.122.59 # which store images data which will push to registry. images_dir: >- @@ -18,44 +20,3 @@ image_registry: {{- end -}} username: admin password: Harbor12345 - # registry type. support: harbor, registry - type: harbor - # Virtual IP address for repository High Availability. the Virtual IP address should be available. - harbor: - data_dir: /opt/harbor/data - registry: - version: 2 - config: - storage: nfs - nfs_dir: /share/registry - storage: - filesystem: - rootdir: /opt/registry/data -# nfs_mount: /repository/registry # if set. will mount rootdirectory to nfs server in nfs_mount. -# azure: -# accountname: accountname -# accountkey: base64encodedaccountkey -# container: containername -# gcs: -# bucket: bucketname -# keyfile: /path/to/keyfile -# credentials: -# type: service_account -# project_id: project_id_string -# private_key_id: private_key_id_string -# private_key: private_key_string -# client_email: client@example.com -# client_id: client_id_string -# auth_uri: http://example.com/auth_uri -# token_uri: http://example.com/token_uri -# auth_provider_x509_cert_url: http://example.com/provider_cert_url -# client_x509_cert_url: http://example.com/client_cert_url -# rootdirectory: /gcs/object/name/prefix -# s3: -# accesskey: awsaccesskey -# secretkey: awssecretkey -# region: us-west-1 -# regionendpoint: http://myobjects.local -# bucket: bucketname -# keyid: mykeyid -# rootdirectory: /s3/object/name/prefix diff --git a/builtin/core/roles/install/image-registry/docker-compose/defaults/main.yaml b/builtin/core/roles/install/image-registry/docker-compose/defaults/main.yaml new file mode 100644 index 00000000..42d27a1c --- /dev/null +++ b/builtin/core/roles/install/image-registry/docker-compose/defaults/main.yaml @@ -0,0 +1,5 @@ +cri: + docker: + data_root: /var/lib/docker + containerd: + data_root: /var/lib/containerd \ No newline at end of file diff --git a/builtin/core/roles/install/image-registry/docker-compose/files/containerd.service b/builtin/core/roles/install/image-registry/docker-compose/files/containerd.service new file mode 100644 index 00000000..5f67110a --- /dev/null +++ b/builtin/core/roles/install/image-registry/docker-compose/files/containerd.service @@ -0,0 +1,26 @@ +[Unit] +Description=containerd container runtime +Documentation=https://containerd.io +After=network.target local-fs.target + +[Service] +ExecStartPre=-/sbin/modprobe overlay +ExecStart=/usr/local/bin/containerd + +Type=notify +Delegate=yes +KillMode=process +Restart=always +RestartSec=5 +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNPROC=infinity +LimitCORE=infinity +LimitNOFILE=1048576 +# Comment TasksMax if your systemd version does not supports it. +# Only systemd 226 and above support this version. +TasksMax=infinity +OOMScoreAdjust=-999 + +[Install] +WantedBy=multi-user.target diff --git a/builtin/core/roles/install/image-registry/files/docker.service b/builtin/core/roles/install/image-registry/docker-compose/files/docker.service similarity index 100% rename from builtin/core/roles/install/image-registry/files/docker.service rename to builtin/core/roles/install/image-registry/docker-compose/files/docker.service diff --git a/builtin/core/roles/install/image-registry/tasks/install_docker.yaml b/builtin/core/roles/install/image-registry/docker-compose/tasks/docker.yaml similarity index 98% rename from builtin/core/roles/install/image-registry/tasks/install_docker.yaml rename to builtin/core/roles/install/image-registry/docker-compose/tasks/docker.yaml index f54f5582..b3dca9c1 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_docker.yaml +++ b/builtin/core/roles/install/image-registry/docker-compose/tasks/docker.yaml @@ -15,7 +15,7 @@ {{ .tmp_dir }}/docker-{{ .docker_version }}.tgz - name: Generate docker config file template: - src: docker.config + src: daemon.json dest: /etc/docker/daemon.json - name: Unpackage docker binary command: | diff --git a/builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml b/builtin/core/roles/install/image-registry/docker-compose/tasks/docker_compose.yaml similarity index 100% rename from builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml rename to builtin/core/roles/install/image-registry/docker-compose/tasks/docker_compose.yaml diff --git a/builtin/core/roles/install/image-registry/docker-compose/tasks/main.yaml b/builtin/core/roles/install/image-registry/docker-compose/tasks/main.yaml new file mode 100644 index 00000000..1c430e41 --- /dev/null +++ b/builtin/core/roles/install/image-registry/docker-compose/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include_tasks: docker.yaml + +- include_tasks: docker_compose.yaml \ No newline at end of file diff --git a/builtin/core/roles/install/image-registry/templates/docker.config b/builtin/core/roles/install/image-registry/docker-compose/templates/daemon.json similarity index 100% rename from builtin/core/roles/install/image-registry/templates/docker.config rename to builtin/core/roles/install/image-registry/docker-compose/templates/daemon.json diff --git a/builtin/core/roles/install/image-registry/docker-registry/defaults/main.yaml b/builtin/core/roles/install/image-registry/docker-registry/defaults/main.yaml new file mode 100644 index 00000000..fc25713f --- /dev/null +++ b/builtin/core/roles/install/image-registry/docker-registry/defaults/main.yaml @@ -0,0 +1,37 @@ +image_registry: + docker_registry: + version: 2 + config: + storage: nfs + nfs_dir: /share/registry + storage: + filesystem: + rootdir: /opt/docker-registry/data +# nfs_mount: /repository/registry # if set. will mount rootdirectory to nfs server in nfs_mount. +# azure: +# accountname: accountname +# accountkey: base64encodedaccountkey +# container: containername +# gcs: +# bucket: bucketname +# keyfile: /path/to/keyfile +# credentials: +# type: service_account +# project_id: project_id_string +# private_key_id: private_key_id_string +# private_key: private_key_string +# client_email: client@example.com +# client_id: client_id_string +# auth_uri: http://example.com/auth_uri +# token_uri: http://example.com/token_uri +# auth_provider_x509_cert_url: http://example.com/provider_cert_url +# client_x509_cert_url: http://example.com/client_cert_url +# rootdirectory: /gcs/object/name/prefix +# s3: +# accesskey: awsaccesskey +# secretkey: awssecretkey +# region: us-west-1 +# regionendpoint: http://myobjects.local +# bucket: bucketname +# keyid: mykeyid +# rootdirectory: /s3/object/name/prefix diff --git a/builtin/core/roles/install/image-registry/tasks/install_registry.yaml b/builtin/core/roles/install/image-registry/docker-registry/tasks/main.yaml similarity index 50% rename from builtin/core/roles/install/image-registry/tasks/install_registry.yaml rename to builtin/core/roles/install/image-registry/docker-registry/tasks/main.yaml index a42b23f3..24a43ae0 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_registry.yaml +++ b/builtin/core/roles/install/image-registry/docker-registry/tasks/main.yaml @@ -2,9 +2,9 @@ - name: Sync registry image to remote copy: src: >- - {{ .binary_dir }}/image-registry/registry/{{ .registry_version }}/{{ .binary_type }}/registry-{{ .registry_version }}-linux-{{ .binary_type }}.tgz + {{ .binary_dir }}/image-registry/docker-registry/{{ .docker_registry_version }}/{{ .binary_type }}/docker-registry-{{ .docker_registry_version }}-linux-{{ .binary_type }}.tgz dest: >- - /opt/registry/{{ .registry_version }}/registry-{{ .registry_version }}-linux-{{ .binary_type }}.tgz + /opt/docker-registry/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-{{ .binary_type }}.tgz - name: Mount NFS dir command: | @@ -17,52 +17,52 @@ {{- $internalIPv4 := index .hostvars (.groups.nfs | default list | first) "internal_ipv4" | default "" }} {{- $internalIPv6 := index .hostvars (.groups.nfs | default list | first) "internal_ipv6" | default "" }} {{- if $internalIPv4 | empty | not }} - mount -t nfs {{ $internalIPv4 }}:{{ .image_registry.registry.storage.filesystem.nfs_mount }} {{ .image_registry.registry.storage.filesystem.rootdir }} + mount -t nfs {{ $internalIPv4 }}:{{ .image_registry.docker_registry.storage.filesystem.nfs_mount }} {{ .image_registry.docker_registry.storage.filesystem.rootdir }} {{- else if ne $internalIPv6 "" }} {{ $internalIPv6 | empty | not }} - mount -t nfs {{ $internalIPv6 }}:{{ .image_registry.registry.storage.filesystem.nfs_mount }} {{ .image_registry.registry.storage.filesystem.rootdir }} + mount -t nfs {{ $internalIPv6 }}:{{ .image_registry.docker_registry.storage.filesystem.nfs_mount }} {{ .image_registry.docker_registry.storage.filesystem.rootdir }} {{- end }} when: - - .image_registry.registry.storage.filesystem.nfs_mount | empty | not + - .image_registry.docker_registry.storage.filesystem.nfs_mount | empty | not - .groups.nfs | default list | len | eq 1 - name: Load registry image command: | - docker load -i /opt/registry/{{ .registry_version }}/registry-{{ .registry_version }}-linux-{{ .binary_type }}.tgz + docker load -i /opt/docker-registry/{{ .docker_registry_version }}/docker-registry-{{ .docker_registry_version }}-linux-{{ .binary_type }}.tgz - name: Sync image registry cert file to remote copy: src: >- {{ .binary_dir }}/pki/image_registry.crt dest: >- - /opt/registry/{{ .registry_version }}/ssl/server.crt + /opt/docker-registry/{{ .docker_registry_version }}/ssl/server.crt - name: Sync image registry key file to remote copy: src: >- {{ .binary_dir }}/pki/image_registry.key dest: >- - /opt/registry/{{ .registry_version }}/ssl/server.key + /opt/docker-registry/{{ .docker_registry_version }}/ssl/server.key - name: Generate registry docker compose template: - src: registry.docker-compose + src: docker-compose.yaml dest: >- - /opt/registry/{{ .registry_version }}/docker-compose.yml + /opt/docker-registry/{{ .docker_registry_version }}/docker-compose.yml - name: Generate registry config template: - src: registry.config + src: config.yaml dest: >- - /opt/registry/{{ .registry_version }}/config.yml + /opt/docker-registry/{{ .docker_registry_version }}/config.yml - name: Register registry service template: - src: registry.service - dest: /etc/systemd/system/registry.service + src: docker-registry.service + dest: /etc/systemd/system/docker-registry.service - name: Start registry service - command: systemctl daemon-reload && systemctl start registry.service && systemctl enable registry.service + command: systemctl daemon-reload && systemctl start docker-registry.service && systemctl enable docker-registry.service - name: wait registry service ready command: | diff --git a/builtin/core/roles/install/image-registry/templates/registry.config b/builtin/core/roles/install/image-registry/docker-registry/templates/config.yaml similarity index 65% rename from builtin/core/roles/install/image-registry/templates/registry.config rename to builtin/core/roles/install/image-registry/docker-registry/templates/config.yaml index a964621a..bf8dfe66 100644 --- a/builtin/core/roles/install/image-registry/templates/registry.config +++ b/builtin/core/roles/install/image-registry/docker-registry/templates/config.yaml @@ -22,52 +22,52 @@ log: # to: # - errors@example.com storage: -{{- if .image_registry.registry.storage.filesystem.rootdir | empty | not }} +{{- if .image_registry.docker_registry.storage.filesystem.rootdir | empty | not }} filesystem: - rootdirectory: {{ .image_registry.registry.storage.filesystem.rootdir }} + rootdirectory: {{ .image_registry.docker_registry.storage.filesystem.rootdir }} maxthreads: 100 {{- end }} -{{- if .image_registry.registry.storage.azure }} +{{- if .image_registry.docker_registry.storage.azure }} azure: - accountname: {{ .image_registry.registry.storage.azure.accountname }} - accountkey: {{ .image_registry.registry.storage.azure.accountkey }} - container: {{ .image_registry.registry.storage.azure.container }} + accountname: {{ .image_registry.docker_registry.storage.azure.accountname }} + accountkey: {{ .image_registry.docker_registry.storage.azure.accountkey }} + container: {{ .image_registry.docker_registry.storage.azure.container }} {{- end }} -{{- if .image_registry.registry.storage.gcs | empty | not }} +{{- if .image_registry.docker_registry.storage.gcs | empty | not }} gcs: - bucket: {{ .image_registry.registry.storage.gcs.bucket }} - keyfile: {{ .image_registry.registry.storage.gcs.keyfile }} + bucket: {{ .image_registry.docker_registry.storage.gcs.bucket }} + keyfile: {{ .image_registry.docker_registry.storage.gcs.keyfile }} credentials: type: service_account - project_id: {{ .image_registry.registry.storage.gcs.credentials.project_id }} - private_key_id: {{ .image_registry.registry.storage.gcs.credentials.private_key_id }} - private_key: {{ .image_registry.registry.storage.gcs.credentials.private_key }} - client_email: {{ .image_registry.registry.storage.gcs.credentials.client_email }} - client_id: {{ .image_registry.registry.storage.gcs.credentials.client_id }} - auth_uri: {{ .image_registry.registry.storage.gcs.credentials.auth_uri }} - token_uri: {{ .image_registry.registry.storage.gcs.credentials.token_uri }} - auth_provider_x509_cert_url: {{ .image_registry.registry.storage.gcs.credentials.auth_provider_x509_cert_url }} - client_x509_cert_url: {{ .image_registry.registry.storage.gcs.credentials.client_x509_cert_url }} - rootdirectory: {{ .image_registry.registry.storage.gcs.rootdirectory }} + project_id: {{ .image_registry.docker_registry.storage.gcs.credentials.project_id }} + private_key_id: {{ .image_registry.docker_registry.storage.gcs.credentials.private_key_id }} + private_key: {{ .image_registry.docker_registry.storage.gcs.credentials.private_key }} + client_email: {{ .image_registry.docker_registry.storage.gcs.credentials.client_email }} + client_id: {{ .image_registry.docker_registry.storage.gcs.credentials.client_id }} + auth_uri: {{ .image_registry.docker_registry.storage.gcs.credentials.auth_uri }} + token_uri: {{ .image_registry.docker_registry.storage.gcs.credentials.token_uri }} + auth_provider_x509_cert_url: {{ .image_registry.docker_registry.storage.gcs.credentials.auth_provider_x509_cert_url }} + client_x509_cert_url: {{ .image_registry.docker_registry.storage.gcs.credentials.client_x509_cert_url }} + rootdirectory: {{ .image_registry.docker_registry.storage.gcs.rootdirectory }} {{- end }} -{{- if .image_registry.registry.storage.s3 | empty | not }} +{{- if .image_registry.docker_registry.storage.s3 | empty | not }} s3: - accesskey: {{ .image_registry.registry.storage.s3.accesskey }} - secretkey: {{ .image_registry.registry.storage.s3.secretkey }} - region: {{ .image_registry.registry.storage.s3.region }} - regionendpoint: {{ .image_registry.registry.storage.s3.regionendpoint }} + accesskey: {{ .image_registry.docker_registry.storage.s3.accesskey }} + secretkey: {{ .image_registry.docker_registry.storage.s3.secretkey }} + region: {{ .image_registry.docker_registry.storage.s3.region }} + regionendpoint: {{ .image_registry.docker_registry.storage.s3.regionendpoint }} forcepathstyle: true accelerate: false - bucket: {{ .image_registry.registry.storage.s3.bucket }} + bucket: {{ .image_registry.docker_registry.storage.s3.bucket }} encrypt: true - keyid: {{ .image_registry.registry.storage.s3.keyid }} + keyid: {{ .image_registry.docker_registry.storage.s3.keyid }} secure: true v4auth: true chunksize: 5242880 multipartcopychunksize: 33554432 multipartcopymaxconcurrency: 100 multipartcopythresholdsize: 33554432 - rootdirectory: {{ .image_registry.registry.storage.s3.rootdirectory }} + rootdirectory: {{ .image_registry.docker_registry.storage.s3.rootdirectory }} usedualstack: false loglevel: debug {{- end }} diff --git a/builtin/core/roles/install/image-registry/templates/registry.docker-compose b/builtin/core/roles/install/image-registry/docker-registry/templates/docker-compose.yaml similarity index 85% rename from builtin/core/roles/install/image-registry/templates/registry.docker-compose rename to builtin/core/roles/install/image-registry/docker-registry/templates/docker-compose.yaml index b6746e77..ddac10b9 100644 --- a/builtin/core/roles/install/image-registry/templates/registry.docker-compose +++ b/builtin/core/roles/install/image-registry/docker-registry/templates/docker-compose.yaml @@ -2,7 +2,7 @@ version: '2.3' services: registry: - image: registry:{{ .registry_version }} + image: registry:{{ .docker_registry_version }} container_name: registry restart: always dns_search: . @@ -15,10 +15,10 @@ services: - SETUID volumes: - type: bind - source: /opt/registry/{{ .registry_version }}/ssl/ + source: /opt/docker-registry/{{ .docker_registry_version }}/ssl/ target: /etc/registry/ssl/ - type: bind - source: /opt/registry/{{ .registry_version }}/config.yml + source: /opt/docker-registry/{{ .docker_registry_version }}/config.yml target: /etc/docker/registry/config.yml ports: - 443:5000 diff --git a/builtin/core/roles/install/image-registry/templates/registry.service b/builtin/core/roles/install/image-registry/docker-registry/templates/docker-registry.service similarity index 60% rename from builtin/core/roles/install/image-registry/templates/registry.service rename to builtin/core/roles/install/image-registry/docker-registry/templates/docker-registry.service index 27061352..5a51fac4 100644 --- a/builtin/core/roles/install/image-registry/templates/registry.service +++ b/builtin/core/roles/install/image-registry/docker-registry/templates/docker-registry.service @@ -1,11 +1,11 @@ [Unit] -Description=registry +Description=docker-registry After=docker.service systemd-networkd.service systemd-resolved.service Requires=docker.service [Service] Type=simple -ExecStart=/usr/local/bin/docker-compose -p registry -f /opt/registry/{{ .registry_version }}/docker-compose.yml up +ExecStart=/usr/local/bin/docker-compose -p registry -f /opt/docker-registry/{{ .docker_registry_version }}/docker-compose.yml up ExecStop=/usr/local/bin/docker-compose -p registry down Restart=on-failure [Install] diff --git a/builtin/core/roles/install/image-registry/harbor/defaults/main.yaml b/builtin/core/roles/install/image-registry/harbor/defaults/main.yaml new file mode 100644 index 00000000..a6b429c7 --- /dev/null +++ b/builtin/core/roles/install/image-registry/harbor/defaults/main.yaml @@ -0,0 +1,4 @@ +image_registry: + # Virtual IP address for repository High Availability. the Virtual IP address should be available. + harbor: + data_dir: /opt/harbor/data \ No newline at end of file diff --git a/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml b/builtin/core/roles/install/image-registry/harbor/tasks/main.yaml similarity index 99% rename from builtin/core/roles/install/image-registry/tasks/install_harbor.yaml rename to builtin/core/roles/install/image-registry/harbor/tasks/main.yaml index 2b3a7f25..845f36fe 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml +++ b/builtin/core/roles/install/image-registry/harbor/tasks/main.yaml @@ -26,7 +26,7 @@ - name: Generate harbor config template: - src: harbor.config + src: harbor.yml dest: >- /opt/harbor/{{ .harbor_version }}/harbor/harbor.yml diff --git a/builtin/core/roles/install/image-registry/templates/harbor-replications.sh b/builtin/core/roles/install/image-registry/harbor/templates/harbor-replications.sh similarity index 100% rename from builtin/core/roles/install/image-registry/templates/harbor-replications.sh rename to builtin/core/roles/install/image-registry/harbor/templates/harbor-replications.sh diff --git a/builtin/core/roles/install/image-registry/templates/harbor.service b/builtin/core/roles/install/image-registry/harbor/templates/harbor.service similarity index 100% rename from builtin/core/roles/install/image-registry/templates/harbor.service rename to builtin/core/roles/install/image-registry/harbor/templates/harbor.service diff --git a/builtin/core/roles/install/image-registry/templates/harbor.config b/builtin/core/roles/install/image-registry/harbor/templates/harbor.yml similarity index 100% rename from builtin/core/roles/install/image-registry/templates/harbor.config rename to builtin/core/roles/install/image-registry/harbor/templates/harbor.yml diff --git a/builtin/core/roles/install/image-registry/files/keepalived/healthcheck.sh b/builtin/core/roles/install/image-registry/keepalived/files/healthcheck.sh similarity index 100% rename from builtin/core/roles/install/image-registry/files/keepalived/healthcheck.sh rename to builtin/core/roles/install/image-registry/keepalived/files/healthcheck.sh diff --git a/builtin/core/roles/install/image-registry/tasks/install_keepalived.yaml b/builtin/core/roles/install/image-registry/keepalived/tasks/main.yaml similarity index 98% rename from builtin/core/roles/install/image-registry/tasks/install_keepalived.yaml rename to builtin/core/roles/install/image-registry/keepalived/tasks/main.yaml index 27220825..df12d1c8 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_keepalived.yaml +++ b/builtin/core/roles/install/image-registry/keepalived/tasks/main.yaml @@ -59,7 +59,7 @@ - name: Sync healthcheck shell to remote copy: - src: keepalived/healthcheck.sh + src: healthcheck.sh dest: >- /opt/keepalived/{{ .keepalived_version }}/healthcheck.sh mode: 0755 diff --git a/builtin/core/roles/install/image-registry/templates/keepalived.conf b/builtin/core/roles/install/image-registry/keepalived/templates/keepalived.conf similarity index 100% rename from builtin/core/roles/install/image-registry/templates/keepalived.conf rename to builtin/core/roles/install/image-registry/keepalived/templates/keepalived.conf diff --git a/builtin/core/roles/install/image-registry/meta/main.yaml b/builtin/core/roles/install/image-registry/meta/main.yaml new file mode 100644 index 00000000..7b5700db --- /dev/null +++ b/builtin/core/roles/install/image-registry/meta/main.yaml @@ -0,0 +1,15 @@ +--- +dependencies: + - role: install/image-registry/docker-compose + + - role: install/image-registry/keepalived + when: + - .image_registry.ha_vip | empty | not + - .groups.image_registry | len | lt 1 + + - role: install/image-registry/harbor + when: .image_registry.type | eq "harbor" + + - role: install/image-registry/docker-registry + when: .image_registry.type | eq "docker-registry" + diff --git a/builtin/core/roles/install/image-registry/tasks/load_images.yaml b/builtin/core/roles/install/image-registry/tasks/load_images.yaml deleted file mode 100644 index 8e1ffac8..00000000 --- a/builtin/core/roles/install/image-registry/tasks/load_images.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -- name: Sync images to remote - tags: ["only_image"] - copy: - src: >- - {{ .binary_dir }}/images/ - dest: >- - {{ .image_registry.images_dir }} - -- name: Create harbor project for each image - tags: ["only_image"] - command: | - # Iterate through first-level subdirectories in images_dir (skip blobs) - for registry_dir in {{ .image_registry.images_dir }}*; do - if [ ! -d "$registry_dir" ] || [ "$(basename "$registry_dir")" = "blobs" ]; then - continue - fi - - # Iterate through second-level subdirectories in registry_dir - for project_dir in "$registry_dir"/*; do - if [ ! -d "$project_dir" ]; then - continue - fi - - project=$(basename "$project_dir") - - # Check if project exists, create if not - resp=$(curl -u "{{ .image_registry.auth.username }}:{{ .image_registry.auth.password }}" -k -X GET "https://{{ .image_registry.auth.registry }}/api/v2.0/projects/${project}") - if echo "$resp" | grep -q '"code":"NOT_FOUND"'; then - curl -u "{{ .image_registry.auth.username }}:{{ .image_registry.auth.password }}" -k -X POST \ - -H "Content-Type: application/json" \ - "https://{{ .image_registry.auth.registry }}/api/v2.0/projects" \ - -d "{ \"project_name\": \"${project}\", \"public\": true}" - fi - done - done - when: .image_registry.type | eq "harbor" - -- name: Sync images package to image_registry - tags: ["only_image"] - image: - push: - images_dir: >- - {{ .image_registry.images_dir }} - dest: >- - {{ .image_registry.auth.registry }}/{{ .module.image.src.reference.repository }}:{{ .module.image.src.reference.reference }} - username: >- - {{ .image_registry.auth.username }} - password: >- - {{ .image_registry.auth.password }} - skip_tls_verify: true diff --git a/builtin/core/roles/install/image-registry/tasks/main.yaml b/builtin/core/roles/install/image-registry/tasks/main.yaml index 3eb426fb..8e1ffac8 100644 --- a/builtin/core/roles/install/image-registry/tasks/main.yaml +++ b/builtin/core/roles/install/image-registry/tasks/main.yaml @@ -1,32 +1,51 @@ --- -- include_tasks: install_docker.yaml - -- include_tasks: install_docker_compose.yaml - -- include_tasks: install_keepalived.yaml - when: - - .image_registry.ha_vip | empty | not - - .groups.image_registry | len | lt 1 - -- name: Install harbor - when: .image_registry.type | eq "harbor" - block: - - name: Check if harbor installed - ignore_errors: true - command: systemctl is-active harbor.service - register: harbor_install_service - - include_tasks: install_harbor.yaml - when: .harbor_install_service.stdout | eq "inactive" - -- name: Install registry - when: .image_registry.type | eq "registry" - block: - - name: Check if registry installed - ignore_errors: true - command: systemctl is-active registry.service - register: registry_install_service - - include_tasks: install_registry.yaml - when: .registry_install_service.stdout | eq "inactive" - -- include_tasks: load_images.yaml +- name: Sync images to remote tags: ["only_image"] + copy: + src: >- + {{ .binary_dir }}/images/ + dest: >- + {{ .image_registry.images_dir }} + +- name: Create harbor project for each image + tags: ["only_image"] + command: | + # Iterate through first-level subdirectories in images_dir (skip blobs) + for registry_dir in {{ .image_registry.images_dir }}*; do + if [ ! -d "$registry_dir" ] || [ "$(basename "$registry_dir")" = "blobs" ]; then + continue + fi + + # Iterate through second-level subdirectories in registry_dir + for project_dir in "$registry_dir"/*; do + if [ ! -d "$project_dir" ]; then + continue + fi + + project=$(basename "$project_dir") + + # Check if project exists, create if not + resp=$(curl -u "{{ .image_registry.auth.username }}:{{ .image_registry.auth.password }}" -k -X GET "https://{{ .image_registry.auth.registry }}/api/v2.0/projects/${project}") + if echo "$resp" | grep -q '"code":"NOT_FOUND"'; then + curl -u "{{ .image_registry.auth.username }}:{{ .image_registry.auth.password }}" -k -X POST \ + -H "Content-Type: application/json" \ + "https://{{ .image_registry.auth.registry }}/api/v2.0/projects" \ + -d "{ \"project_name\": \"${project}\", \"public\": true}" + fi + done + done + when: .image_registry.type | eq "harbor" + +- name: Sync images package to image_registry + tags: ["only_image"] + image: + push: + images_dir: >- + {{ .image_registry.images_dir }} + dest: >- + {{ .image_registry.auth.registry }}/{{ .module.image.src.reference.repository }}:{{ .module.image.src.reference.reference }} + username: >- + {{ .image_registry.auth.username }} + password: >- + {{ .image_registry.auth.password }} + skip_tls_verify: true diff --git a/builtin/core/roles/install/storageclass/defaults/main.yaml b/builtin/core/roles/install/storageclass/local/defaults/main.yaml similarity index 59% rename from builtin/core/roles/install/storageclass/defaults/main.yaml rename to builtin/core/roles/install/storageclass/local/defaults/main.yaml index 08bd279a..23b31daf 100644 --- a/builtin/core/roles/install/storageclass/defaults/main.yaml +++ b/builtin/core/roles/install/storageclass/local/defaults/main.yaml @@ -12,10 +12,4 @@ sc: {{ .dockerio_registry }} repository: openebs/linux-utils tag: 3.3.0 - path: /var/openebs/local - nfs: # each k8s_cluster node should install nfs-utils - enabled: false - default: false - server: >- - {{ .groups.nfs | default list | first }} - path: /share/kubernetes + path: /var/openebs/local \ No newline at end of file diff --git a/builtin/core/roles/install/storageclass/tasks/local.yaml b/builtin/core/roles/install/storageclass/local/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/storageclass/tasks/local.yaml rename to builtin/core/roles/install/storageclass/local/tasks/main.yaml diff --git a/builtin/core/roles/install/storageclass/templates/local-volume.yaml b/builtin/core/roles/install/storageclass/local/templates/local-volume.yaml similarity index 100% rename from builtin/core/roles/install/storageclass/templates/local-volume.yaml rename to builtin/core/roles/install/storageclass/local/templates/local-volume.yaml diff --git a/builtin/core/roles/install/storageclass/meta/main.yaml b/builtin/core/roles/install/storageclass/meta/main.yaml new file mode 100644 index 00000000..4fd0f9dd --- /dev/null +++ b/builtin/core/roles/install/storageclass/meta/main.yaml @@ -0,0 +1,7 @@ +--- +dependencies: + - role: install/storageclass/local + when: .sc.local.enabled + + - role: install/storageclass/nfs + when: .sc.nfs.enabled diff --git a/builtin/core/roles/install/storageclass/nfs/defaults/main.yaml b/builtin/core/roles/install/storageclass/nfs/defaults/main.yaml new file mode 100644 index 00000000..a61a9949 --- /dev/null +++ b/builtin/core/roles/install/storageclass/nfs/defaults/main.yaml @@ -0,0 +1,7 @@ +sc: + nfs: # each k8s_cluster node should install nfs-utils + enabled: false + default: false + server: >- + {{ .groups.nfs | default list | first }} + path: /share/kubernetes diff --git a/builtin/core/roles/install/storageclass/tasks/nfs.yaml b/builtin/core/roles/install/storageclass/nfs/tasks/main.yaml similarity index 100% rename from builtin/core/roles/install/storageclass/tasks/nfs.yaml rename to builtin/core/roles/install/storageclass/nfs/tasks/main.yaml diff --git a/builtin/core/roles/install/storageclass/tasks/main.yaml b/builtin/core/roles/install/storageclass/tasks/main.yaml deleted file mode 100644 index 59bd771d..00000000 --- a/builtin/core/roles/install/storageclass/tasks/main.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- include_tasks: local.yaml - when: .sc.local.enabled - -- include_tasks: nfs.yaml - when: .sc.nfs.enabled diff --git a/builtin/core/roles/uninstall/cri/tasks/uninstall_containerd.yaml b/builtin/core/roles/uninstall/cri/containerd/tasks/main.yaml similarity index 100% rename from builtin/core/roles/uninstall/cri/tasks/uninstall_containerd.yaml rename to builtin/core/roles/uninstall/cri/containerd/tasks/main.yaml diff --git a/builtin/core/roles/uninstall/cri/crictl/tasks/main.yaml b/builtin/core/roles/uninstall/cri/crictl/tasks/main.yaml new file mode 100644 index 00000000..e68d0e60 --- /dev/null +++ b/builtin/core/roles/uninstall/cri/crictl/tasks/main.yaml @@ -0,0 +1,3 @@ +- name: Delete cri residue files + command: | + rm -f /usr/local/bin/crictl \ No newline at end of file diff --git a/builtin/core/roles/uninstall/cri/tasks/uninstall_cridockerd.yaml b/builtin/core/roles/uninstall/cri/docker/tasks/cridockerd.yaml similarity index 100% rename from builtin/core/roles/uninstall/cri/tasks/uninstall_cridockerd.yaml rename to builtin/core/roles/uninstall/cri/docker/tasks/cridockerd.yaml diff --git a/builtin/core/roles/uninstall/cri/docker/tasks/docker.yaml b/builtin/core/roles/uninstall/cri/docker/tasks/docker.yaml new file mode 100644 index 00000000..bc1e1e62 --- /dev/null +++ b/builtin/core/roles/uninstall/cri/docker/tasks/docker.yaml @@ -0,0 +1,38 @@ +--- +- name: Stop docker service + ignore_errors: true + command: | + systemctl stop docker.service + systemctl disable docker.service + rm -rf /etc/systemd/system/docker.service* + systemctl daemon-reload + systemctl reset-failed docker.service + +- name: Uninstall containerd + block: + - name: Uninstall containerd service + ignore_errors: true + command: | + systemctl stop containerd.service + systemctl disable containerd.service + rm -rf /etc/systemd/system/containerd.service* + systemctl daemon-reload + systemctl reset-failed containerd.service + + - name: Delete containerd residue files + command: | + rm -rf {{ .cri.containerd.data_root }} + rm -rf /etc/containerd + rm -rf /usr/local/bin/containerd* + rm -f /usr/local/bin/runc + rm -f /usr/local/bin/ctr + +- name: Delete docker residue files + command: | + rm -rf {{ .cri.docker.data_root }} + rm -rf /etc/docker + rm -rf /usr/local/bin/docker* + +- name: Uninstall docker interface + ignore_errors: true + command: ip link delete docker0 \ No newline at end of file diff --git a/builtin/core/roles/uninstall/cri/docker/tasks/main.yaml b/builtin/core/roles/uninstall/cri/docker/tasks/main.yaml new file mode 100644 index 00000000..c26a1cff --- /dev/null +++ b/builtin/core/roles/uninstall/cri/docker/tasks/main.yaml @@ -0,0 +1,7 @@ +--- +- include_tasks: docker.yaml + +# uninstall cridockerd +- include_tasks: cridockerd.yaml + when: + - .cridockerd_version | empty | not diff --git a/builtin/core/roles/uninstall/cri/meta/main.yaml b/builtin/core/roles/uninstall/cri/meta/main.yaml new file mode 100644 index 00000000..42f33494 --- /dev/null +++ b/builtin/core/roles/uninstall/cri/meta/main.yaml @@ -0,0 +1,10 @@ +--- +dependencies: + - role: uninstall/cri/containerd + when: .cri.container_manager | eq "containerd" + + - role: uninstall/cri/docker + when: .cri.container_manager | eq "docker" + + - role: uninstall/cri/crictl + diff --git a/builtin/core/roles/uninstall/cri/tasks/main.yaml b/builtin/core/roles/uninstall/cri/tasks/main.yaml deleted file mode 100644 index adb72945..00000000 --- a/builtin/core/roles/uninstall/cri/tasks/main.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Stop containerd - include_tasks: uninstall_containerd.yaml - when: .cri.container_manager | eq "containerd" - -- name: Stop docker - include_tasks: uninstall_docker.yaml - when: .cri.container_manager | eq "docker" - -# uninstall cridockerd -- include_tasks: uninstall_cridockerd.yaml - when: - - .cri.container_manager | eq "docker" - - .cridockerd_version | empty | not - -- name: Delete cri residue files - command: | - rm -f /usr/local/bin/crictl \ No newline at end of file diff --git a/builtin/core/roles/uninstall/cri/tasks/uninstall_docker.yaml b/builtin/core/roles/uninstall/cri/tasks/uninstall_docker.yaml deleted file mode 100644 index 4d28364c..00000000 --- a/builtin/core/roles/uninstall/cri/tasks/uninstall_docker.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Stop docker service - ignore_errors: true - command: | - systemctl stop docker.service - systemctl disable docker.service - rm -rf /etc/systemd/system/docker.service* - systemctl daemon-reload - systemctl reset-failed docker.service - -- name: Uninstall containerd - include_tasks: uninstall_containerd.yaml - -- name: Delete docker residue files - command: | - rm -rf {{ .cri.docker.data_root }} - rm -rf /etc/docker - rm -rf /usr/local/bin/docker* - -- name: Uninstall docker interface - ignore_errors: true - command: ip link delete docker0 \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image-registry/defaults/main.yaml b/builtin/core/roles/uninstall/image-registry/defaults/main.yaml new file mode 100644 index 00000000..d07bbc2f --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/defaults/main.yaml @@ -0,0 +1,3 @@ +image_registry: + type: harbor + # Virtual IP address for repository High Availability. the Virtual IP address should be available. \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image-registry/docker-compose/defaults/main.yaml b/builtin/core/roles/uninstall/image-registry/docker-compose/defaults/main.yaml new file mode 100644 index 00000000..42d27a1c --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/docker-compose/defaults/main.yaml @@ -0,0 +1,5 @@ +cri: + docker: + data_root: /var/lib/docker + containerd: + data_root: /var/lib/containerd \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image_registry/tasks/docker.yaml b/builtin/core/roles/uninstall/image-registry/docker-compose/tasks/main.yaml similarity index 100% rename from builtin/core/roles/uninstall/image_registry/tasks/docker.yaml rename to builtin/core/roles/uninstall/image-registry/docker-compose/tasks/main.yaml diff --git a/builtin/core/roles/uninstall/image-registry/docker-registry/defaults/main.yaml b/builtin/core/roles/uninstall/image-registry/docker-registry/defaults/main.yaml new file mode 100644 index 00000000..1ab56f14 --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/docker-registry/defaults/main.yaml @@ -0,0 +1,6 @@ +image_registry: + docker_registry: + storage: + filesystem: + rootdir: /opt/docker-registry/data +# nfs_mount: /repository/registry # if set. will mount rootdirectory to nfs server in nfs_mount. diff --git a/builtin/core/roles/uninstall/image-registry/docker-registry/tasks/main.yaml b/builtin/core/roles/uninstall/image-registry/docker-registry/tasks/main.yaml new file mode 100644 index 00000000..b7d57ebd --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/docker-registry/tasks/main.yaml @@ -0,0 +1,19 @@ +- name: Stop registry service + ignore_errors: true + command: | + systemctl stop docker-registry.service + systemctl disable docker-registry.service + rm -rf /etc/systemd/system/docker-registry.service* + systemctl daemon-reload + systemctl reset-failed docker-registry.service + +- name: unmount nfs + when: + - .image_registry.docker_registry.storage.filesystem.nfs_mount | empty | not + - .groups.nfs | default list | len | eq 1 + command: | + unmount {{ .image_registry.docker_registry.storage.filesystem.rootdir }} + +- name: Delete residue registry files + command: | + rm -rf /opt/docker-registry/ \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image-registry/harbor/defaults/main.yaml b/builtin/core/roles/uninstall/image-registry/harbor/defaults/main.yaml new file mode 100644 index 00000000..4f1fd9f7 --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/harbor/defaults/main.yaml @@ -0,0 +1,3 @@ +image_registry: + harbor: + data_dir: /opt/harbor/data diff --git a/builtin/core/roles/uninstall/image_registry/tasks/harbor.yaml b/builtin/core/roles/uninstall/image-registry/harbor/tasks/main.yaml similarity index 100% rename from builtin/core/roles/uninstall/image_registry/tasks/harbor.yaml rename to builtin/core/roles/uninstall/image-registry/harbor/tasks/main.yaml diff --git a/builtin/core/roles/uninstall/image_registry/tasks/keepalived.yaml b/builtin/core/roles/uninstall/image-registry/keepalived/tasks/main.yaml similarity index 100% rename from builtin/core/roles/uninstall/image_registry/tasks/keepalived.yaml rename to builtin/core/roles/uninstall/image-registry/keepalived/tasks/main.yaml diff --git a/builtin/core/roles/uninstall/image-registry/meta/main.yaml b/builtin/core/roles/uninstall/image-registry/meta/main.yaml new file mode 100644 index 00000000..748dfa37 --- /dev/null +++ b/builtin/core/roles/uninstall/image-registry/meta/main.yaml @@ -0,0 +1,14 @@ +dependencies: + - role: uninstall/image-registry/harbor + when: .image_registry.type | eq "harbor" + + - role: uninstall/image-registry/docker-registry + when: .image_registry.type | eq "docker-registry" + + - role: uninstall/image-registry/keepalived + when: + - .image_registry.ha_vip | empty | not + - .groups.image_registry | len | lt 1 + + - role: uninstall/image-registry/docker-compose + when: .deleteCRI \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image_registry/defaults/main.yaml b/builtin/core/roles/uninstall/image_registry/defaults/main.yaml deleted file mode 100644 index 587c116a..00000000 --- a/builtin/core/roles/uninstall/image_registry/defaults/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ -image_registry: - type: harbor - # Virtual IP address for repository High Availability. the Virtual IP address should be available. - harbor: - data_dir: /opt/harbor/data - registry: - storage: - filesystem: - rootdir: /opt/registry -# nfs_mount: /repository/registry # if set. will mount rootdirectory to nfs server in nfs_mount. diff --git a/builtin/core/roles/uninstall/image_registry/tasks/main.yaml b/builtin/core/roles/uninstall/image_registry/tasks/main.yaml deleted file mode 100644 index 981b695d..00000000 --- a/builtin/core/roles/uninstall/image_registry/tasks/main.yaml +++ /dev/null @@ -1,13 +0,0 @@ -- include_tasks: harbor.yaml - when: .image_registry.type | eq "harbor" - -- include_tasks: registry.yaml - when: .image_registry.type | eq "registry" - -- include_tasks: keepalived.yaml - when: - - .image_registry.ha_vip | empty | not - - .groups.image_registry | len | lt 1 - -- include_tasks: docker.yaml - when: .deleteCRI \ No newline at end of file diff --git a/builtin/core/roles/uninstall/image_registry/tasks/registry.yaml b/builtin/core/roles/uninstall/image_registry/tasks/registry.yaml deleted file mode 100644 index f3dc731b..00000000 --- a/builtin/core/roles/uninstall/image_registry/tasks/registry.yaml +++ /dev/null @@ -1,19 +0,0 @@ -- name: Stop registry service - ignore_errors: true - command: | - systemctl stop registry.service - systemctl disable registry.service - rm -rf /etc/systemd/system/registry.service* - systemctl daemon-reload - systemctl reset-failed registry.service - -- name: unmount nfs - when: - - .image_registry.registry.storage.filesystem.nfs_mount | empty | not - - .groups.nfs | default list | len | eq 1 - command: | - unmount {{ .image_registry.registry.storage.filesystem.rootdir }} - -- name: Delete residue registry files - command: | - rm -rf /opt/registry/ \ No newline at end of file diff --git a/docs/zh/core/image_registry.md b/docs/zh/core/image_registry.md index 93aabcfc..2a89cdfd 100644 --- a/docs/zh/core/image_registry.md +++ b/docs/zh/core/image_registry.md @@ -1,6 +1,6 @@ # image_registry -image_registry允许用户安装镜像仓库。支持harbor和registry两种镜像仓库 +image_registry允许用户安装镜像仓库。支持`harbor`和`docker-registry`两种类型 ## requirement @@ -70,7 +70,7 @@ harbor是默认安装的镜像仓库 ``` - 在创建集群时,自动安装 -在创建集群时,会检测 `image_registry` 节点是否安装了harbor, 没有安装时会自动根据配置安装harbor。 +在创建集群时,会检测 `image_registry` 节点是否安装了`harbor`, 没有安装时会自动根据配置安装`harbor`。 ```shell kk create cluster -i inventory.yaml --set harbor_version=v2.10.1,docker_version=24.0.7, dockercompose_version=v2.20.3 ``` @@ -161,32 +161,32 @@ spec: kubekey暂未提供registry的离线镜像包地址,需通过手动打包的方式来实现。 ```shell # download registry images - docker pull registry:{{ .registry_version }} + docker pull registry:{{ .docker_registry_version }} # package image - docker save -o registry-{{ .registry_version }}-linux-{{ .binary_type }}.tgz registry:{{ .registry_version }} + docker save -o docker-registry-{{ .docker_registry_version }}-linux-{{ .binary_type }}.tgz registry:{{ .docker_registry_version }} # move image to workdir - mv registry-{{ .registry_version }}-linux-{{ .binary_type }}.tgz {{ .binary_dir }}/ image-registry/registry/{{ .registry_version }}/{{ .binary_type }}/ + mv docker-registry-{{ .docker_registry_version }}-linux-{{ .binary_type }}.tgz {{ .binary_dir }}/ image-registry/docker-registry/{{ .docker_registry_version }}/{{ .binary_type }}/ ``` `binary_type`: 是机器的架构(目前支持amd64和arm64,可通过 `gather_fact` 自动获取) `binary_dir`: 软件包存放地址,通常为: `{{ .work_dir}}/kubekey` ### 安装 -安装registry需要设置`image_registry.type`值为`registry` +安装registry需要设置`image_registry.type`值为`docker-registry` 1. 安装前检查 ```shell - kk precheck image_registry -i inventory.yaml --set image_registry.type=registry --set registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 + kk precheck image_registry -i inventory.yaml --set image_registry.type=docker-registry --set docker_registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 ``` 2. 安装 - 单独安装 `image_registry` 可以脱离集群单独进行安装。 ```shell - kk init registry -i inventory.yaml --set image_registry.type=registry --set registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 --set artifact.artifact_url.registry.amd64=registry-2.8.3-linux.amd64.tgz + kk init registry -i inventory.yaml --set image_registry.type=docker-registry --set docker_registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 --set artifact.artifact_url.docker_registry.amd64=docker-registry-2.8.3-linux.amd64.tgz ``` - 在创建集群时,自动安装 -在创建集群时,会检测 `image_registry` 节点是否安装了harbor, 没有安装时会自动根据配置安装harbor。 +在创建集群时,会检测 `image_registry` 节点是否安装了`docker-registry`, 没有安装时会自动根据配置安装`docker-registry`。 ```shell - kk create cluster -i inventory.yaml --set image_registry.type=registry --set registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 --set artifact.artifact_url.registry.amd64=registry-2.8.3-linux.amd64.tgz + kk create cluster -i inventory.yaml --set image_registry.type=docker-registry --set docker_registry_version=2.8.3,docker_version=24.0.7,dockercompose_version=v2.20.3 --set artifact.artifact_url.docker_registry.amd64=docker-registry-2.8.3-linux.amd64.tgz ``` ### registry高可用 @@ -194,22 +194,22 @@ kubekey暂未提供registry的离线镜像包地址,需通过手动打包的 ![ha-registry](../../images/ha-registry.png) - load balancer: 通过docker compose部署keepalived服务实现。 - registry service: 通过docker compose部署registry实现。 -- storage service: registry 高可用可通过共享存储的方式来实现。registry 支持多种存储后端,常见的有: - - **filesystem**: 本地存储。默认情况下,registry 使用本地磁盘存储镜像数据。如果需要实现高可用,可以将本地存储目 录挂载到 NFS 等共享存储上。配置示例: +- storage service: docker-registry 高可用可通过共享存储的方式来实现。docker-registry 支持多种存储后端,常见的有: + - **filesystem**: 本地存储。默认情况下,docker-registry 使用本地磁盘存储镜像数据。如果需要实现高可用,可以将本地存储目 录挂载到 NFS 等共享存储上。配置示例: ```yaml image_registry: - registry: + docker_registry: storage: filesystem: - rootdir: /opt/registry/data - nfs_mount: /repository/registry # 可选,将 rootdir 挂载到 NFS 服务器 + rootdir: /opt/docker-registry/data + nfs_mount: /repository/docker-registry # 可选,将 rootdir 挂载到 NFS 服务器 ``` 需要在 `nfs` 节点配置和挂载好共享目录,保证所有 registry 实例的数据一致性。 - **azure**: 使用 Azure Blob Storage 作为后端存储。适用于部署在 Azure 云环境下的场景。配置示例: ```yaml image_registry: - registry: + docker_registry: storage: azure: accountname: @@ -220,7 +220,7 @@ kubekey暂未提供registry的离线镜像包地址,需通过手动打包的 - **gcs**: 使用 Google Cloud Storage 作为后端存储。适用于部署在 GCP 云环境下的场景。配置示例: ```yaml image_registry: - registry: + docker_registry: storage: gcs: bucket: @@ -230,7 +230,7 @@ kubekey暂未提供registry的离线镜像包地址,需通过手动打包的 - **s3**: 使用 Amazon S3 或兼容 S3 协议的对象存储作为后端存储。适用于 AWS 或支持 S3 协议的私有云。配置示例: ```yaml image_registry: - registry: + docker_registry: storage: s3: accesskey: