diff --git a/builtin/capkk/roles/precheck/env_check/tasks/network.yaml b/builtin/capkk/roles/precheck/env_check/tasks/network.yaml index 9a77a91b..ac4a2db1 100644 --- a/builtin/capkk/roles/precheck/env_check/tasks/network.yaml +++ b/builtin/capkk/roles/precheck/env_check/tasks/network.yaml @@ -1,13 +1,13 @@ --- - name: Should found network interface command: | - {{- if and .internal_ipv4 (.internal_ipv4 | ne "") }} + {{- if .internal_ipv4 | empty | not }} if [ ! ip -o addr show | grep -q {{ .internal_ipv4 }} ]; then echo "No ipv4 network interface found" exit 1 fi {{- end }} - {{- if and .internal_ipv6 (.internal_ipv6 | ne "") }} + {{- if .internal_ipv6 | empty | not }} if [ ! ip -o addr show | grep -q {{ .internal_ipv6 }} ]; then echo "No ipv6 network interface found" exit 1 @@ -18,20 +18,20 @@ - name: Stop if cidr is not valid block: - name: Stop if pod cidr is not valid - when: and .kubernetes.networking.pod_cidr (.kubernetes.networking.pod_cidr | ne "") + when: .kubernetes.networking.pod_cidr | empty | not assert: that: .kubernetes.networking.pod_cidr | splitList "," | len | ge 2 fail_msg: >- "kubernetes.networking.pod_cidr" should be ipv4_cidr/ipv6_cidr or ipv4_cidr,ipv6_cidr - name: Stop if service cidr is not valid - when: and .kubernetes.networking.service_cidr (.kubernetes.networking.service_cidr | ne "") + when: .kubernetes.networking.service_cidr | empty | not assert: that: .kubernetes.networking.service_cidr | splitList "," | len | ge 2 fail_msg: >- "kubernetes.networking.service_cidr" should be ipv4_cidr/ipv6_cidr or ipv4_cidr,ipv6_cidr - name: Stop if pod networking is not support dual-stack when: - - and .kubernetes.networking.pod_cidr (.kubernetes.networking.pod_cidr | ne "") + - .kubernetes.networking.pod_cidr | empty | not - .kubernetes.networking.pod_cidr | splitList "," | len | eq 2 assert: that: @@ -42,7 +42,7 @@ Kubernetes introduced support for pod dual-stack networking starting from version v1.20.0. - name: Stop if service networking is not support dual-stack when: - - and .kubernetes.networking.service_cidr (.kubernetes.networking.service_cidr | ne "") + - .kubernetes.networking.service_cidr | empty | not - .kubernetes.networking.service_cidr | splitList "," | len | eq 2 assert: that: @@ -57,7 +57,7 @@ that: .cluster_require.require_network_plugin | has .kubernetes.kube_network_plugin fail_msg: >- kube_network_plugin:"{{ .kubernetes.kube_network_plugin }}" is not supported - when: and .kubernetes.kube_network_plugin (ne .kubernetes.kube_network_plugin "") + when: .kubernetes.kube_network_plugin | empty | not # This assertion will fail on the safe side: One can indeed schedule more pods # on a node than the CIDR-range has space for when additional pods use the host diff --git a/builtin/core/playbooks/add_nodes.yaml b/builtin/core/playbooks/add_nodes.yaml index 1b73c360..b99ba7ee 100644 --- a/builtin/core/playbooks/add_nodes.yaml +++ b/builtin/core/playbooks/add_nodes.yaml @@ -83,14 +83,14 @@ - k8s_cluster roles: - role: install/cri - when: or (.add_nodes | default list | len | eq 0) (.add_nodes | default list | has .inventory_hostname) + when: or (.add_nodes | default list | empty) (.add_nodes | default list | has .inventory_hostname) - role: kubernetes/pre-kubernetes - when: or (.add_nodes | default list | len | eq 0) (.add_nodes | default list | has .inventory_hostname) + when: or (.add_nodes | default list | empty) (.add_nodes | default list | has .inventory_hostname) - role: kubernetes/join-kubernetes - when: or (.add_nodes | default list | len | eq 0) (.add_nodes | default list | has .inventory_hostname) + when: or (.add_nodes | default list | empty) (.add_nodes | default list | has .inventory_hostname) - role: kubernetes/certs when: - - or (.add_nodes | default list | len | eq 0) (.add_nodes | default list | has .inventory_hostname) + - or (.add_nodes | default list | empty) (.add_nodes | default list | has .inventory_hostname) - .groups.kube_control_plane | default list | has .inventory_hostname - .kubernetes.renew_certs.enabled diff --git a/builtin/core/playbooks/certs_renew.yaml b/builtin/core/playbooks/certs_renew.yaml index 3ff000e4..d5a21ba9 100644 --- a/builtin/core/playbooks/certs_renew.yaml +++ b/builtin/core/playbooks/certs_renew.yaml @@ -25,13 +25,13 @@ tags: ["certs"] roles: - role: certs/renew-registry - when: and (.groups.image_registry | default list | len | lt 0) .renew_image_registry + when: and (.groups.image_registry | default list | empty | not) .renew_image_registry - hosts: - kube_control_plane tags: ["certs"] roles: - role: certs/renew-kubernetes - when: and (.groups.kube_control_plane | default list | len | lt 0) .renew_kubernetes + when: and (.groups.kube_control_plane | default list | empty | not) .renew_kubernetes - import_playbook: hook/post_install.yaml \ No newline at end of file diff --git a/builtin/core/playbooks/create_cluster.yaml b/builtin/core/playbooks/create_cluster.yaml index 150897e9..2e7b38d2 100644 --- a/builtin/core/playbooks/create_cluster.yaml +++ b/builtin/core/playbooks/create_cluster.yaml @@ -13,7 +13,7 @@ - localhost roles: - role: precheck/artifact_check - when: and .artifact.artifact_file (ne .artifact.artifact_file "") + when: .artifact.artifact_file | empty | not - hosts: - k8s_cluster - etcd diff --git a/builtin/core/playbooks/delete_cluster.yaml b/builtin/core/playbooks/delete_cluster.yaml index 7ae7e7f7..8cdae040 100644 --- a/builtin/core/playbooks/delete_cluster.yaml +++ b/builtin/core/playbooks/delete_cluster.yaml @@ -12,7 +12,9 @@ roles: - uninstall/kubernetes - role: uninstall/cri - when: .deleteCRI + when: + - .deleteCRI + - .groups.image_registry | default list | has .inventory_hostname | not post_tasks: - name: delete localDNS file ignore_errors: true diff --git a/builtin/core/playbooks/hook/post_install.yaml b/builtin/core/playbooks/hook/post_install.yaml index a72d4c83..d3120ece 100644 --- a/builtin/core/playbooks/hook/post_install.yaml +++ b/builtin/core/playbooks/hook/post_install.yaml @@ -14,7 +14,7 @@ register: execute_result - name: Execute post install scripts - when: .execute_result.stderr | eq "" + when: .execute_result.stderr | empty command: | for file in /etc/kubekey/scripts/post_install_*.sh; do if [ -f $file ]; then diff --git a/builtin/core/playbooks/precheck.yaml b/builtin/core/playbooks/precheck.yaml index db80546d..95460176 100644 --- a/builtin/core/playbooks/precheck.yaml +++ b/builtin/core/playbooks/precheck.yaml @@ -5,7 +5,7 @@ - localhost roles: - role: precheck/artifact_check - when: and .artifact.artifact_file (ne .artifact.artifact_file "") + when: .artifact.artifact_file | empty | not - hosts: - k8s_cluster diff --git a/builtin/core/playbooks/vars/create_cluster.yaml b/builtin/core/playbooks/vars/create_cluster.yaml index e973240c..0f8524f3 100644 --- a/builtin/core/playbooks/vars/create_cluster.yaml +++ b/builtin/core/playbooks/vars/create_cluster.yaml @@ -2,32 +2,25 @@ global_registry: "" # dockerio_registry for docker.io image. dockerio_registry: >- - {{- if ne .global_registry "" -}} + {{- if .global_registry | empty | not -}} {{ .global_registry }} {{- else -}} docker.io {{- end -}} # quayio_registry for quay.io image. quayio_registry: >- - {{- if ne .global_registry "" -}} + {{- if .global_registry | empty | not -}} {{ .global_registry }} {{- else -}} quay.io {{- end -}} # ghcrio_registry for ghcr.io image. ghcrio_registry: >- - {{- if ne .global_registry "" -}} + {{- if .global_registry | empty | not -}} {{ .global_registry }} {{- else -}} ghcr.io {{- end -}} -# k8s_registry for registry.k8s.io image. -k8s_registry: >- - {{- if ne .global_registry "" -}} - {{ .global_registry }} - {{- else -}} - registry.k8s.io - {{- end -}} security_enhancement: false diff --git a/builtin/core/roles/certs/renew-kubernetes/tasks/main.yaml b/builtin/core/roles/certs/renew-kubernetes/tasks/main.yaml index e2935442..f85a851d 100644 --- a/builtin/core/roles/certs/renew-kubernetes/tasks/main.yaml +++ b/builtin/core/roles/certs/renew-kubernetes/tasks/main.yaml @@ -5,7 +5,8 @@ - include_tasks: etcd.yaml tags: ["certs"] when: - - and (.kubernetes.etcd.deployment_type | eq "external") (.groups.etcd | default list | len | lt 0) + - .kubernetes.etcd.deployment_type | eq "external" + - .groups.etcd | default list | empty | not - .renew_etcd - name: Reload kubernetes pods diff --git a/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml b/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml index 595adfbe..e7329828 100644 --- a/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml +++ b/builtin/core/roles/init/init-artifact/tasks/download_binary.yaml @@ -15,7 +15,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.etcd .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .etcd_version (ne .etcd_version "") + when: .etcd_version | empty | not - name: Check binaries for kube tags: ["kube"] @@ -52,7 +52,7 @@ curl -L -o $kube_path/kubectl {{ get .artifact.artifact_url.kubectl .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .kube_version (ne .kube_version "") + when: .kube_version | empty | not - name: Check binaries for cni tags: ["cni"] @@ -70,7 +70,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.cni_plugins .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .cni_plugins_version (ne .cni_plugins_version "") + when: .cni_plugins_version | empty | not - name: Check binaries for helm tags: ["helm"] @@ -88,7 +88,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.helm .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .helm_version (ne .helm_version "") + when: .helm_version | empty | not - name: Check binaries for crictl tags: ["crictl"] @@ -106,7 +106,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.crictl .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .crictl_version (ne .crictl_version "") + when: .crictl_version | empty | not - name: Check binaries for docker tags: ["docker"] @@ -124,7 +124,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.docker .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .docker_version (ne .docker_version "") + when: .docker_version | empty | not - name: Check binaries for cridockerd tags: ["cridockerd"] @@ -142,7 +142,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.cridockerd .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .cridockerd_version (ne .docker_version "") + when: .cridockerd_version | empty | not - name: Check binaries for containerd tags: ["containerd"] @@ -160,7 +160,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.containerd .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .containerd_version (ne .containerd_version "") + when: .containerd_version | empty | not - name: Check binaries for runc tags: ["runc"] @@ -178,7 +178,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.runc .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .runc_version (ne .runc_version "") + when: .runc_version | empty | not - name: Check binaries for calicoctl tags: ["calicoctl"] @@ -196,7 +196,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.calicoctl .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .calico_version (ne .calico_version "") + when: .calico_version | empty | not - name: Check binaries for registry tags: ["registry"] @@ -214,7 +214,7 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.registry .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .registry_version (ne .registry_version "") + when: .registry_version | empty | not - name: Check binaries for docker-compose tags: ["docker-compose"] @@ -227,7 +227,7 @@ curl -L -o $compose_path/$compose_name {{ get .artifact.artifact_url.dockercompose .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .dockercompose_version (ne .dockercompose_version "") + when: .dockercompose_version | empty | not - name: Check binaries for harbor tags: ["harbor"] @@ -245,7 +245,7 @@ curl -L -o $harbor_path/$harbor_name {{ get .artifact.artifact_url.harbor .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .harbor_version (ne .harbor_version "") + when: .harbor_version | empty | not - name: Check binaries for keepalived tags: ["keepalived"] @@ -263,4 +263,4 @@ curl -L -o $artifact_path/$artifact_name {{ get .artifact.artifact_url.keepalived .item }} fi loop: "{{ .artifact.arch | toJson }}" - when: and .keepalived_version (ne .keepalived_version "") + when: .keepalived_version | empty | not diff --git a/builtin/core/roles/init/init-artifact/tasks/download_helm.yaml b/builtin/core/roles/init/init-artifact/tasks/download_helm.yaml index 921a9e5f..2a8db2f6 100644 --- a/builtin/core/roles/init/init-artifact/tasks/download_helm.yaml +++ b/builtin/core/roles/init/init-artifact/tasks/download_helm.yaml @@ -8,7 +8,7 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.calico }} fi - when: and .calico_version (ne .calico_version "") + when: .calico_version | empty | not - name: Check binaries for cilium command: | @@ -19,7 +19,7 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.cilium }} fi - when: and .cilium_version (ne .cilium_version "") + when: .cilium_version | empty | not - name: Check binaries for flannel command: | @@ -30,7 +30,7 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.flannel }} fi - when: and .flannel_version (ne .flannel_version "") + when: .flannel_version | empty | not - name: Check binaries for kubeovn tags: ["kubeovn"] @@ -42,7 +42,7 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.kubeovn }} fi - when: and .kubeovn_version (ne .kubeovn_version "") + when: .kubeovn_version | empty | not - name: Check binaries for hybridnet tags: ["hybridnet"] @@ -54,7 +54,7 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.hybridnet }} fi - when: and .hybridnet_version (ne .hybridnet_version "") + when: .hybridnet_version | empty | not - name: Check binaries for nfs_provisioner tags: ["nfs_provisioner"] @@ -66,4 +66,4 @@ # download online curl -Lo $artifact_path/$artifact_name {{ .artifact.artifact_url.nfs_provisioner }} fi - when: and .nfs_provisioner_version (ne .nfs_provisioner_version "") + when: .nfs_provisioner_version | empty | not diff --git a/builtin/core/roles/init/init-artifact/tasks/main.yaml b/builtin/core/roles/init/init-artifact/tasks/main.yaml index e630b8a7..616e41f8 100644 --- a/builtin/core/roles/init/init-artifact/tasks/main.yaml +++ b/builtin/core/roles/init/init-artifact/tasks/main.yaml @@ -6,9 +6,10 @@ mkdir -p {{ .binary_dir }} tar -zxvf {{ .artifact_file }} -C {{ .binary_dir }} fi - when: and .artifact_file (ne .artifact_file "") + when: .artifact_file | empty | not - name: Download binaries + when: .artifact_file | empty block: # the binaries which download binary - include_tasks: download_binary.yaml @@ -21,7 +22,8 @@ images_dir: >- {{ .binary_dir }}/images/ manifests: "{{ .image_manifests | toJson }}" - when: .image_manifests | default list | len | lt 0 + when: + - .image_manifests | default list | empty | not - name: Chown work_dir to sudo tags: ["always"] diff --git a/builtin/core/roles/init/init-cert/tasks/main.yaml b/builtin/core/roles/init/init-cert/tasks/main.yaml index c7941586..ffae1a55 100644 --- a/builtin/core/roles/init/init-cert/tasks/main.yaml +++ b/builtin/core/roles/init/init-cert/tasks/main.yaml @@ -35,7 +35,7 @@ {{ .binary_dir }}/pki/etcd.key out_cert: >- {{ .binary_dir }}/pki/etcd.crt - when: .groups.etcd | default list | len | lt 0 + when: .groups.etcd | default list | empty | not - name: Generate registry image cert file gen_cert: @@ -63,7 +63,7 @@ {{ .binary_dir }}/pki/image_registry.key out_cert: >- {{ .binary_dir }}/pki/image_registry.crt - when: and .groups.image_registry (.groups.image_registry | default list | len | lt 0) + when: .groups.image_registry | default list | empty | not - name: Chown pki to sudo block: diff --git a/builtin/core/roles/init/init-os/tasks/init_localdns.yaml b/builtin/core/roles/init/init-os/tasks/init_localdns.yaml index 3d98737f..b3771fd8 100644 --- a/builtin/core/roles/init/init-os/tasks/init_localdns.yaml +++ b/builtin/core/roles/init/init-os/tasks/init_localdns.yaml @@ -12,37 +12,37 @@ {{- $hostname := index $.hostvars . "hostname" -}} {{- $clusterName := $.kubernetes.cluster_name | default "kubekey" -}} {{- $dnsDomain := $.kubernetes.networking.dns_domain | default "cluster.local" -}} - {{- if and (index $.hostvars . "internal_ipv4") (ne (index $.hostvars . "internal_ipv4") "") }} + {{- if (index $.hostvars . "internal_ipv4") | empty | not }} {{ index $.hostvars . "internal_ipv4" }} {{ $hostname }} {{ printf "%s.%s" $hostname $clusterName }} {{ printf "%s.%s.%s" $hostname $clusterName $dnsDomain }} {{- end }} - {{- if and (index $.hostvars . "internal_ipv6") (ne (index $.hostvars . "internal_ipv6") "") }} + {{- if (index $.hostvars . "internal_ipv6") | empty | not }} {{ index $.hostvars . "internal_ipv6" }} {{ $hostname }} {{ printf "%s.%s" $hostname $clusterName }} {{ printf "%s.%s.%s" $hostname $clusterName $dnsDomain }} {{- end }} {{- end }} # etcd hosts {{- range .groups.etcd | default list }} - {{- if and (index $.hostvars . "internal_ipv4") (ne (index $.hostvars . "internal_ipv4") "") }} + {{- if (index $.hostvars . "internal_ipv4") | empty | not }} {{ index $.hostvars . "internal_ipv4" }} {{ index $.hostvars . "hostname" }} {{- end }} - {{- if and (index $.hostvars . "internal_ipv6") (ne (index $.hostvars . "internal_ipv6") "") }} + {{- if (index $.hostvars . "internal_ipv6") | empty | not }} {{ index $.hostvars . "internal_ipv6" }} {{ index $.hostvars . "hostname" }} {{- end }} {{- end }} # image registry hosts {{- range .groups.image_registry | default list }} - {{- if and (index $.hostvars . "internal_ipv4") (ne (index $.hostvars . "internal_ipv4") "") }} + {{- if (index $.hostvars . "internal_ipv4") | empty | not }} {{ index $.hostvars . "internal_ipv4" }} {{ index $.hostvars . "hostname" }} {{- end }} - {{- if and (index $.hostvars . "internal_ipv6") (ne (index $.hostvars . "internal_ipv6") "") }} + {{- if (index $.hostvars . "internal_ipv6") | empty | not }} {{ index $.hostvars . "internal_ipv6" }} {{ index $.hostvars . "hostname" }} {{- end }} {{- end }} # nfs hosts {{- range .groups.nfs | default list }} - {{- if and (index $.hostvars . "internal_ipv4") (ne (index $.hostvars . "internal_ipv4") "") }} + {{- if (index $.hostvars . "internal_ipv4") | empty | not }} {{ index $.hostvars . "internal_ipv4" }} {{ index $.hostvars . "hostname" }} {{- end }} - {{- if and (index $.hostvars . "internal_ipv6") (ne (index $.hostvars . "internal_ipv6") "") }} + {{- if (index $.hostvars . "internal_ipv6") | empty | not }} {{ index $.hostvars . "internal_ipv4" }} {{ index $.hostvars . "hostname" }} {{- end }} {{- end }} diff --git a/builtin/core/roles/init/init-os/tasks/init_ntpserver.yaml b/builtin/core/roles/init/init-os/tasks/init_ntpserver.yaml index 56a85215..8c24db29 100644 --- a/builtin/core/roles/init/init-os/tasks/init_ntpserver.yaml +++ b/builtin/core/roles/init/init-os/tasks/init_ntpserver.yaml @@ -22,25 +22,25 @@ {{- end }} {{- end }} # add ntp server: {{ $server }} - {{- if $internalIPv4 }} + {{- if $internalIPv4 | empty | not }} grep -q '^server {{ $internalIPv4 }} iburst' $chronyConfigFile || sed '1a server {{ $internalIPv4 }} iburst' -i $chronyConfigFile {{- end }} - {{- if $internalIPv6 }} + {{- if $internalIPv6 | empty | not }} grep -q '^server {{ $internalIPv6 }} iburst' $chronyConfigFile || sed '1a server [{{ $internalIPv6 }}] iburst' -i $chronyConfigFile {{- end }} - {{- if and (eq $internalIPv4 "") (eq $internalIPv6 "") }} + {{- if and ($internalIPv4 | empty) ($internalIPv6 | empty) }} grep -q '^server {{ $server }} iburst' $chronyConfigFile || sed '1a server {{ $server }} iburst' -i $chronyConfigFile {{- end }} {{- end }} when: - .ntp.enabled - - .ntp.servers | len | lt 0 + - .ntp.servers | empty | not - name: Set timezone command: | timedatectl set-timezone {{ .timezone }} - timedatectl set-ntp {{ and .ntp.enabled (.ntp.servers | len | lt 0) }} - when: or (and .ntp.enabled (.ntp.servers | len | lt 0)) (.timezone | ne "") + timedatectl set-ntp {{ and .ntp.enabled (.ntp.servers | empty | not) }} + when: or (and .ntp.enabled (.ntp.servers | empty | not)) (.timezone | empty | not) - name: Restart ntp server command: | @@ -48,4 +48,4 @@ systemctl restart chrony.service {{- end }} systemctl restart chronyd.service - when: or (and .ntp.enabled (.ntp.servers | len | lt 0)) (.timezone | ne "") + when: or (and .ntp.enabled (.ntp.servers | empty | not)) (.timezone | empty | not) diff --git a/builtin/core/roles/init/init-os/templates/init-os.sh b/builtin/core/roles/init/init-os/templates/init-os.sh index f95a1c01..2963887f 100644 --- a/builtin/core/roles/init/init-os/templates/init-os.sh +++ b/builtin/core/roles/init/init-os/templates/init-os.sh @@ -47,7 +47,7 @@ echo 'fs.aio-max-nr = 262144' >> /etc/sysctl.conf echo 'kernel.pid_max = 65535' >> /etc/sysctl.conf echo 'kernel.watchdog_thresh = 5' >> /etc/sysctl.conf echo 'kernel.hung_task_timeout_secs = 5' >> /etc/sysctl.conf -{{- if and .internal_ipv4 (.internal_ipv4 | ne "") }} +{{- if .internal_ipv4 | empty | not }} # add for ipv4 echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.conf @@ -68,7 +68,7 @@ echo 'net.ipv4.conf.default.arp_accept = 1' >> /etc/sysctl.conf echo 'net.ipv4.conf.all.arp_ignore = 1' >> /etc/sysctl.conf echo 'net.ipv4.conf.default.arp_ignore = 1' >> /etc/sysctl.conf {{- end }} -{{- if and .internal_ipv6 (.internal_ipv6 | ne "") }} +{{- if .internal_ipv6 | empty | not }} # add for ipv6 echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.conf echo 'net.ipv6.conf.all.disable_ipv6 = 0' >> /etc/sysctl.conf @@ -98,7 +98,7 @@ sed -r -i "s@#{0,}?net.core.somaxconn ?= ?([0-9]{1,})@net.core.somaxconn = 3276 sed -r -i "s@#{0,}?fs.aio-max-nr ?= ?([0-9]{1,})@fs.aio-max-nr = 262144@g" /etc/sysctl.conf sed -r -i "s@#{0,}?kernel.watchdog_thresh ?= ?([0-9]{1,})@kernel.watchdog_thresh = 5@g" /etc/sysctl.conf sed -r -i "s@#{0,}?kernel.hung_task_timeout_secs ?= ?([0-9]{1,})@kernel.hung_task_timeout_secs = 5@g" /etc/sysctl.conf -{{- if and .internal_ipv4 (.internal_ipv4 | ne "") }} +{{- if .internal_ipv4 | empty | not }} sed -r -i "s@#{0,}?net.ipv4.tcp_tw_recycle ?= ?(0|1|2)@net.ipv4.tcp_tw_recycle = 0@g" /etc/sysctl.conf sed -r -i "s@#{0,}?net.ipv4.tcp_tw_reuse ?= ?(0|1)@net.ipv4.tcp_tw_reuse = 0@g" /etc/sysctl.conf sed -r -i "s@#{0,}?net.ipv4.conf.all.rp_filter ?= ?(0|1|2)@net.ipv4.conf.all.rp_filter = 1@g" /etc/sysctl.conf @@ -119,7 +119,7 @@ sed -r -i "s@#{0,}?net.ipv4.udp_wmem_min ?= ?([0-9]{1,})@net.ipv4.udp_wmem_min sed -r -i "s@#{0,}?net.ipv4.conf.all.arp_ignore ?= ??(0|1|2)@net.ipv4.conf.all.arp_ignore = 1@g" /etc/sysctl.conf sed -r -i "s@#{0,}?net.ipv4.conf.default.arp_ignore ?= ??(0|1|2)@net.ipv4.conf.default.arp_ignore = 1@g" /etc/sysctl.conf {{- end }} -{{- if and .internal_ipv6 (.internal_ipv6 | ne "") }} +{{- if .internal_ipv6 | empty | not }} #add for ipv6 sed -r -i "s@#{0,}?net.bridge.bridge-nf-call-ip6tables ?= ?(0|1)@net.bridge.bridge-nf-call-ip6tables = 1@g" /etc/sysctl.conf sed -r -i "s@#{0,}?net.ipv6.conf.all.disable_ipv6 ?= ?([0-9]{1,})@net.ipv6.conf.all.disable_ipv6 = 0@g" /etc/sysctl.conf @@ -205,10 +205,10 @@ sync echo 3 > /proc/sys/vm/drop_caches # Make sure the iptables utility doesn't use the nftables backend. -{{- if and .internal_ipv4 (.internal_ipv4 | ne "") }} +{{- if .internal_ipv4 | empty | not }} update-alternatives --set iptables /usr/sbin/iptables-legacy >/dev/null 2>&1 || true {{- end }} -{{- if and .internal_ipv6 (.internal_ipv6 | ne "") }} +{{- if .internal_ipv6 | empty | not }} update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy >/dev/null 2>&1 || true {{- end }} update-alternatives --set arptables /usr/sbin/arptables-legacy >/dev/null 2>&1 || true diff --git a/builtin/core/roles/install/cni/tasks/calico.yaml b/builtin/core/roles/install/cni/tasks/calico.yaml index b5a77b20..8c25beea 100644 --- a/builtin/core/roles/install/cni/tasks/calico.yaml +++ b/builtin/core/roles/install/cni/tasks/calico.yaml @@ -5,7 +5,7 @@ register: calicoctl_install_version register_type: yaml - name: Install calicoctl - when: .calicoctl_install_version.stderr | ne "" + when: .calicoctl_install_version.stderr | empty | not block: - name: Sync calicoctl to remote copy: diff --git a/builtin/core/roles/install/cni/tasks/cilium.yaml b/builtin/core/roles/install/cni/tasks/cilium.yaml index 7336b742..74667b11 100644 --- a/builtin/core/roles/install/cni/tasks/cilium.yaml +++ b/builtin/core/roles/install/cni/tasks/cilium.yaml @@ -1,6 +1,6 @@ --- - name: Sync cilium cli package - when: and .ciliumcli_version (ne .ciliumcli_version "") + when: .ciliumcli_version | empty | not copy: src: >- {{ .binary_dir }}/cni/cilium/ciliumcli-{{ .ciliumcli_version }}/{{ .item }} diff --git a/builtin/core/roles/install/cri/tasks/install_containerd.yaml b/builtin/core/roles/install/cri/tasks/install_containerd.yaml index eb264078..09d71f5b 100644 --- a/builtin/core/roles/install/cri/tasks/install_containerd.yaml +++ b/builtin/core/roles/install/cri/tasks/install_containerd.yaml @@ -4,7 +4,7 @@ command: runc --version register: runc_install_version - name: Sync runc binary to remote - when: or (.runc_install_version.stderr | ne "") (.runc_install_version.stdout | contains (printf "runc version %s\n" (.runc_version | default "" | trimPrefix "v" )) | not) + when: or (.runc_install_version.stderr | empty | not) (.runc_install_version.stdout | contains (printf "runc version %s\n" (.runc_version | default "" | trimPrefix "v" )) | not) copy: src: >- {{ .binary_dir }}/runc/{{ .runc_version }}/{{ .binary_type.stdout }}/runc.{{ .binary_type.stdout }} @@ -16,7 +16,7 @@ command: containerd --version register: containerd_install_version - name: Install containerd - when: or (.containerd_install_version.stderr | ne "") (.containerd_install_version.stdout | contains (printf " %s " .containerd_version) | not) + when: or (.containerd_install_version.stderr | empty | not) (.containerd_install_version.stdout | contains (printf " %s " .containerd_version) | not) block: - name: Sync containerd binary to remote copy: @@ -40,7 +40,7 @@ systemctl daemon-reload && systemctl start containerd.service && systemctl enable containerd.service - name: Sync image registry tls to remote - when: .groups.image_registry | default list | len | lt 0 + when: .groups.image_registry | default list | empty | not block: - name: Sync image registry cert file to remote copy: diff --git a/builtin/core/roles/install/cri/tasks/install_crictl.yaml b/builtin/core/roles/install/cri/tasks/install_crictl.yaml index 2cd184d6..792eb0be 100644 --- a/builtin/core/roles/install/cri/tasks/install_crictl.yaml +++ b/builtin/core/roles/install/cri/tasks/install_crictl.yaml @@ -5,7 +5,7 @@ register: crictl_install_version - name: Install crictl - when: or (.crictl_install_version.stderr | ne "") (.crictl_install_version.stdout | ne (printf "crictl version %s" .crictl_version)) + when: or (.crictl_install_version.stderr | empty | not) (.crictl_install_version.stdout | ne (printf "crictl version %s" .crictl_version)) block: - name: Sync crictl binary to remote copy: diff --git a/builtin/core/roles/install/cri/tasks/install_cridockerd.yaml b/builtin/core/roles/install/cri/tasks/install_cridockerd.yaml index af89159d..08d5c9de 100644 --- a/builtin/core/roles/install/cri/tasks/install_cridockerd.yaml +++ b/builtin/core/roles/install/cri/tasks/install_cridockerd.yaml @@ -5,7 +5,7 @@ register: cridockerd_install_version - name: Install cri-dockerd - when: or (.cridockerd_install_version.stderr | ne "") (.cridockerd_install_version.stdout | hasPrefix (printf "cri-dockerd %s " .cridockerd_version) | not) + when: or (.cridockerd_install_version.stderr | empty | not) (.cridockerd_install_version.stdout | hasPrefix (printf "cri-dockerd %s " .cridockerd_version) | not) block: - name: Sync cri-dockerd Binary to remote copy: diff --git a/builtin/core/roles/install/cri/tasks/install_docker.yaml b/builtin/core/roles/install/cri/tasks/install_docker.yaml index b9444758..d7ee3b39 100644 --- a/builtin/core/roles/install/cri/tasks/install_docker.yaml +++ b/builtin/core/roles/install/cri/tasks/install_docker.yaml @@ -5,7 +5,7 @@ register: docker_install_version - name: Install docker - when: or (.docker_install_version.stderr | ne "") (.docker_install_version.stdout | hasPrefix (printf "Docker version %s," .docker_version) | not) + when: or (.docker_install_version.stderr | empty | not) (.docker_install_version.stdout | hasPrefix (printf "Docker version %s," .docker_version) | not) block: - name: Sync docker binary to remote copy: @@ -34,7 +34,7 @@ systemctl daemon-reload && systemctl start docker.service && systemctl enable docker.service - name: Sync image registry tls to remote - when: .groups.image_registry | default list | len | lt 0 + when: .groups.image_registry | default list | empty | not block: - name: Sync image registry cert file to remote copy: diff --git a/builtin/core/roles/install/etcd/tasks/main.yaml b/builtin/core/roles/install/etcd/tasks/main.yaml index a0003169..13531922 100644 --- a/builtin/core/roles/install/etcd/tasks/main.yaml +++ b/builtin/core/roles/install/etcd/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Install etcd - when: .etcd_install_version.stderr | ne "" + when: .etcd_install_version.stderr | empty | not block: - name: Init etcd block: diff --git a/builtin/core/roles/install/etcd/templates/backup.sh b/builtin/core/roles/install/etcd/templates/backup.sh index 5d1d70db..98bdae7b 100644 --- a/builtin/core/roles/install/etcd/templates/backup.sh +++ b/builtin/core/roles/install/etcd/templates/backup.sh @@ -5,9 +5,9 @@ set -o nounset set -o pipefail ETCDCTL_PATH='/usr/local/bin/etcdctl' -{{- if and .internal_ipv4 (ne .internal_ipv4 "") }} +{{- if .internal_ipv4 | empty | not }} ENDPOINTS='https://{{ .internal_ipv4 }}:2379' -{{- else if and .internal_ipv6 (ne .internal_ipv6 "") }} +{{- else if .internal_ipv6 | empty | not }} ENDPOINTS='https://{{ .internal_ipv6 }}:2379' {{- end }} ETCD_DATA_DIR="{{ .etcd.env.data_dir }}" diff --git a/builtin/core/roles/install/etcd/templates/etcd.env b/builtin/core/roles/install/etcd/templates/etcd.env index 0dc7d02f..b0fb9cd9 100644 --- a/builtin/core/roles/install/etcd/templates/etcd.env +++ b/builtin/core/roles/install/etcd/templates/etcd.env @@ -1,12 +1,12 @@ ETCD_DATA_DIR={{ .etcd.env.data_dir }} ETCD_INITIAL_CLUSTER_STATE={{ .etcd.state }} ETCD_INITIAL_CLUSTER_TOKEN={{ .etcd.env.token }} -{{- if and .internal_ipv4 (ne .internal_ipv4 "") }} +{{- if .internal_ipv4 | empty | not }} ETCD_ADVERTISE_CLIENT_URLS={{ printf "https://%s:2379" .internal_ipv4 }} ETCD_INITIAL_ADVERTISE_PEER_URLS={{ printf "https://%s:2380" .internal_ipv4 }} ETCD_LISTEN_CLIENT_URLS={{ printf "https://%s:2379" .internal_ipv4 }},https://127.0.0.1:2379 ETCD_LISTEN_PEER_URLS={{ printf "https://%s:2380" .internal_ipv4 }} -{{- else if and .internal_ipv6 (ne .internal_ipv6 "") }} +{{- else if .internal_ipv6 | empty | not }} ETCD_ADVERTISE_CLIENT_URLS={{ printf "https://%s:2379" .internal_ipv6 }} ETCD_INITIAL_ADVERTISE_PEER_URLS={{ printf "https://%s:2380" .internal_ipv6 }} ETCD_LISTEN_CLIENT_URLS={{ printf "https://%s:2379" .internal_ipv6 }},https://::1:2379 @@ -20,9 +20,9 @@ ETCD_ENABLE_V2=true {{- range .groups.etcd | default list }} {{- $internalIPv4 := index $.hostvars . "internal_ipv4" | default "" }} {{- $internalIPv6 := index $.hostvars . "internal_ipv6" | default "" }} - {{- if ne $internalIPv4 "" }} + {{- if $internalIPv4 | empty | not }} {{- $ips = append $ips (printf "%s=https://%s:2380" (index $.hostvars . "hostname") $internalIPv4) }} - {{- else if ne $internalIPv6 "" }} + {{- else if $internalIPv6 | empty | not }} {{- $ips = append $ips (printf "%s=https://%s:2380" (index $.hostvars . "hostname") $internalIPv6) }} {{- end }} {{- end }} diff --git a/builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml b/builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml index 6a0f0f92..a5ee94aa 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml +++ b/builtin/core/roles/install/image-registry/tasks/install_docker_compose.yaml @@ -5,7 +5,7 @@ register: dockercompose_install_version - name: Sync docker-compose to remote - when: or (.dockercompose_install_version.stderr | ne "") (.dockercompose_install_version.stdout | ne (printf "Docker Compose version %s" .dockercompose_version)) + when: or (.dockercompose_install_version.stderr | empty | not) (.dockercompose_install_version.stdout | ne (printf "Docker Compose version %s" .dockercompose_version)) copy: src: >- {{ .binary_dir }}/image-registry/docker-compose/{{ .dockercompose_version }}/{{ .binary_type.stdout }}/docker-compose diff --git a/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml b/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml index 98b8a5cc..562b2ab0 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml +++ b/builtin/core/roles/install/image-registry/tasks/install_harbor.yaml @@ -36,8 +36,8 @@ dest: >- /opt/harbor/{{ .harbor_version }}/harbor/docker-compose-keepalived.yml when: - - and .image_registry.ha_vip (ne .image_registry.ha_vip "") - - .image_registry_service.stderr | ne "" + - .image_registry.ha_vip | empty | not + - .image_registry_service.stderr | empty | not - name: Install harbor command: | diff --git a/builtin/core/roles/install/image-registry/tasks/install_registry.yaml b/builtin/core/roles/install/image-registry/tasks/install_registry.yaml index 535171c1..ebbccd1d 100644 --- a/builtin/core/roles/install/image-registry/tasks/install_registry.yaml +++ b/builtin/core/roles/install/image-registry/tasks/install_registry.yaml @@ -16,16 +16,16 @@ {{- if }} {{- $internalIPv4 := index .hostvars (.groups.nfs | default list | first) "internal_ipv4" | default "" }} {{- $internalIPv6 := index .hostvars (.groups.nfs | default list | first) "internal_ipv6" | default "" }} - {{- if ne $internalIPv4 "" }} + {{- if $internalIPv4 | empty | not }} mount -t nfs {{ $internalIPv4 }}:{{ .image_registry.registry.storage.filesystem.nfs_mount }} {{ .image_registry.registry.storage.filesystem.rootdir }} {{- else if ne $internalIPv6 "" }} - {{ $internalIPv6 }} + {{ $internalIPv6 | empty | not }} mount -t nfs {{ $internalIPv6 }}:{{ .image_registry.registry.storage.filesystem.nfs_mount }} {{ .image_registry.registry.storage.filesystem.rootdir }} {{- end }} when: - and .image_registry.registry.storage.filesystem.nfs_mount (ne .image_registry.registry.storage.filesystem.nfs_mount "") - .groups.nfs | default list | len | eq 1 - - .image_registry_service.stderr | ne "" + - .image_registry_service.stderr | empty | not - name: Load registry image command: | diff --git a/builtin/core/roles/install/image-registry/tasks/main.yaml b/builtin/core/roles/install/image-registry/tasks/main.yaml index 0fae54ef..b794737a 100644 --- a/builtin/core/roles/install/image-registry/tasks/main.yaml +++ b/builtin/core/roles/install/image-registry/tasks/main.yaml @@ -4,7 +4,7 @@ - include_tasks: install_docker_compose.yaml - include_tasks: install_keepalived.yaml - when: and .image_registry.ha_vip (ne .image_registry.ha_vip "") + when: .image_registry.ha_vip | empty | not - name: Install harbor when: .image_registry.type | eq "harbor" diff --git a/builtin/core/roles/install/image-registry/templates/docker.config b/builtin/core/roles/install/image-registry/templates/docker.config index 23767c21..4a1248a9 100644 --- a/builtin/core/roles/install/image-registry/templates/docker.config +++ b/builtin/core/roles/install/image-registry/templates/docker.config @@ -3,16 +3,16 @@ "max-size": "5m", "max-file":"3" }, -{{- if and .cri.docker.data_root (ne .cri.docker.data_root "") }} +{{- if .cri.docker.data_root | empty | not }} "data-root": "{{ .cri.docker.data_root }}", {{- end }} -{{- if and .cri.registry.mirrors (ne .cri.registry.mirrors "") }} +{{- if .cri.registry.mirrors | empty | not }} "registry-mirrors": {{ .cri.registry.mirrors | toJson }}, {{- end }} - {{- if and .cri.registry.insecure_registries (ne .cri.registry.insecure_registries "") }} + {{- if .cri.registry.insecure_registries | empty | not }} "insecure-registries": {{ .cri.registry.insecure_registries | toJson }}, {{- end }} - {{- if and .cri.docker.bridge_ip (ne .cri.docker.bridge_ip "") }} + {{- if .cri.docker.bridge_ip | empty | not }} "bip": "{{ .cri.docker.bridge_ip }}", {{- end }} "exec-opts": ["native.cgroupdriver={{ .cri.cgroup_driver | default "systemd" }}"] diff --git a/builtin/core/roles/install/image-registry/templates/registry.config b/builtin/core/roles/install/image-registry/templates/registry.config index c008f102..64bdf289 100644 --- a/builtin/core/roles/install/image-registry/templates/registry.config +++ b/builtin/core/roles/install/image-registry/templates/registry.config @@ -22,7 +22,7 @@ log: # to: # - errors@example.com storage: -{{- if and .image_registry.registry.storage.filesystem.rootdirectory (ne .image_registry.registry.storage.filesystem.rootdirectory "") }} +{{- if .image_registry.registry.storage.filesystem.rootdirectory | empty | not }} filesystem: rootdirectory: {{ .image_registry.registry.storage.filesystem.rootdirectory }} maxthreads: 100 @@ -33,7 +33,7 @@ storage: accountkey: {{ .image_registry.registry.storage.azure.accountkey }} container: {{ .image_registry.registry.storage.azure.container }} {{- end }} -{{- if .image_registry.registry.storage.gcs }} +{{- if .image_registry.registry.storage.gcs | empty | not }} gcs: bucket: {{ .image_registry.registry.storage.gcs.bucket }} keyfile: {{ .image_registry.registry.storage.gcs.keyfile }} @@ -50,7 +50,7 @@ storage: client_x509_cert_url: {{ .image_registry.registry.storage.gcs.credentials.client_x509_cert_url }} rootdirectory: {{ .image_registry.registry.storage.gcs.rootdirectory }} {{- end }} -{{- if .image_registry.registry.storage.s3 }} +{{- if .image_registry.registry.storage.s3 | empty | not }} s3: accesskey: {{ .image_registry.registry.storage.s3.accesskey }} secretkey: {{ .image_registry.registry.storage.s3.secretkey }} diff --git a/builtin/core/roles/install/image-registry/templates/registry.docker-compose b/builtin/core/roles/install/image-registry/templates/registry.docker-compose index 57360376..1d76d926 100644 --- a/builtin/core/roles/install/image-registry/templates/registry.docker-compose +++ b/builtin/core/roles/install/image-registry/templates/registry.docker-compose @@ -24,7 +24,7 @@ services: - 443:5000 networks: - registry -{{- if and .image_registry.ha_vip (ne .image_registry.ha_vip "") }} +{{- if .image_registry.ha_vip | empty | not }} keepalived: image: osixia/keepalived:{{ .keepalived_version }} container_name: keepalived diff --git a/builtin/core/roles/kubernetes/init-kubernetes/tasks/init_kubernetes.yaml b/builtin/core/roles/kubernetes/init-kubernetes/tasks/init_kubernetes.yaml index f513776c..7ed1d040 100644 --- a/builtin/core/roles/kubernetes/init-kubernetes/tasks/init_kubernetes.yaml +++ b/builtin/core/roles/kubernetes/init-kubernetes/tasks/init_kubernetes.yaml @@ -1,7 +1,7 @@ --- - name: Sync external etcd config when: - - and (.kubernetes.etcd.deployment_type | eq "external") (.groups.etcd | default list | len | lt 0) + - and (.kubernetes.etcd.deployment_type | eq "external") (.groups.etcd | default list | empty | not) - .groups.kube_control_plane | default list | has .inventory_hostname block: - name: Sync etcd ca file to remote diff --git a/builtin/core/roles/kubernetes/init-kubernetes/templates/dns/coredns.yaml b/builtin/core/roles/kubernetes/init-kubernetes/templates/dns/coredns.yaml index 5ea4d266..61019689 100644 --- a/builtin/core/roles/kubernetes/init-kubernetes/templates/dns/coredns.yaml +++ b/builtin/core/roles/kubernetes/init-kubernetes/templates/dns/coredns.yaml @@ -56,7 +56,7 @@ data: lameduck 5s } - {{- if .kubernetes.zones | len | lt 0 }} + {{- if .kubernetes.zones | empty | not }} kubernetes {{ .kubernetes.zones | join " " }} in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa @@ -99,7 +99,7 @@ data: } {{- end }} - {{- if $.kubernetes.coredns.dns_etc_hosts | len | lt 0 }} + {{- if $.kubernetes.coredns.dns_etc_hosts | empty | not }} hosts /etc/coredns/hosts { fallthrough } @@ -107,7 +107,7 @@ data: } {{- end }} -{{- if .kubernetes.coredns.dns_etc_hosts | len | lt 0 }} +{{- if .kubernetes.coredns.dns_etc_hosts | empty | not }} hosts: | {{- range .kubernetes.coredns.dns_etc_hosts }} {{ . }} diff --git a/builtin/core/roles/kubernetes/pre-kubernetes/tasks/install_binaries.yaml b/builtin/core/roles/kubernetes/pre-kubernetes/tasks/install_binaries.yaml index 82ac9698..b8061392 100644 --- a/builtin/core/roles/kubernetes/pre-kubernetes/tasks/install_binaries.yaml +++ b/builtin/core/roles/kubernetes/pre-kubernetes/tasks/install_binaries.yaml @@ -4,7 +4,7 @@ command: helm version register: helm_install_version - name: Install helm - when: or (.helm_install_version.stderr | ne "") (.helm_install_version.stdout | contains (printf "Version:\"%s\"" .helm_version) | not) + when: or (.helm_install_version.stderr | empty | not) (.helm_install_version.stdout | contains (printf "Version:\"%s\"" .helm_version) | not) block: - name: Sync helm to remote copy: @@ -21,7 +21,7 @@ command: kubeadm version -o short register: kubeadm_install_version - name: Install kubeadm - when: or (.kubeadm_install_version.stderr | ne "") (.kubeadm_install_version.stdout | ne .kube_version) + when: or (.kubeadm_install_version.stderr | empty | not) (.kubeadm_install_version.stdout | ne .kube_version) copy: src: >- {{ .binary_dir }}/kube/{{ .kube_version }}/{{ .binary_type.stdout }}/kubeadm @@ -35,7 +35,7 @@ register_type: yaml - name: Sync kubectl to remote when: | - or (.kubectl_install_version.stderr | ne "") ((get .kubectl_install_version.stdout "Server Version") | ne .kube_version) + or (.kubectl_install_version.stderr | empty | not) ((get .kubectl_install_version.stdout "Server Version") | ne .kube_version) copy: src: >- {{ .binary_dir }}/kube/{{ .kube_version }}/{{ .binary_type.stdout }}/kubectl @@ -47,7 +47,7 @@ command: kubelet --version register: kubelet_install_version - name: Install kubelet - when: or (.kubelet_install_version.stderr | ne "") (.kubelet_install_version.stdout | ne (printf "Kubernetes %s" .kube_version)) + when: or (.kubelet_install_version.stderr | empty | not) (.kubelet_install_version.stdout | ne (printf "Kubernetes %s" .kube_version)) block: - name: Sync kubelet to remote copy: @@ -67,7 +67,7 @@ command: systemctl daemon-reload && systemctl enable kubelet.service - name: Install cni plugins - when: and .cni_plugins_version (ne .cni_plugins_version "") + when: .cni_plugins_version | empty | not block: - name: Sync cni-plugin to remote copy: diff --git a/builtin/core/roles/precheck/artifact_check/tasks/main.yaml b/builtin/core/roles/precheck/artifact_check/tasks/main.yaml index 7101b530..6eda4265 100644 --- a/builtin/core/roles/precheck/artifact_check/tasks/main.yaml +++ b/builtin/core/roles/precheck/artifact_check/tasks/main.yaml @@ -18,4 +18,4 @@ exit 1 fi when: - - and .artifact.artifact_md5 (ne .artifact.artifact_md5 "") + - .artifact.artifact_md5 | empty | not diff --git a/builtin/core/roles/precheck/env_check/tasks/cri.yaml b/builtin/core/roles/precheck/env_check/tasks/cri.yaml index d5a06a15..1055cf46 100644 --- a/builtin/core/roles/precheck/env_check/tasks/cri.yaml +++ b/builtin/core/roles/precheck/env_check/tasks/cri.yaml @@ -5,7 +5,7 @@ fail_msg: >- the container manager:{{ .cri.container_manager }}, must in "{{ .cluster_require.require_container_manager | toJson }}" run_once: true - when: and .cri.container_manager (ne .cri.container_manager "") + when: .cri.container_manager | empty | not - name: Ensure minimum containerd version assert: @@ -14,5 +14,5 @@ containerd_version is too low. Minimum version {{ .cluster_require.containerd_min_version_required }} run_once: true when: - - and .containerd_version (ne .containerd_version "") + - .containerd_version | empty | not - .cri.container_manager | eq "containerd" diff --git a/builtin/core/roles/precheck/env_check/tasks/etcd.yaml b/builtin/core/roles/precheck/env_check/tasks/etcd.yaml index 9411399a..bb36b791 100644 --- a/builtin/core/roles/precheck/env_check/tasks/etcd.yaml +++ b/builtin/core/roles/precheck/env_check/tasks/etcd.yaml @@ -5,7 +5,7 @@ fail_msg: >- the etcd deployment type, should be internal or external but got {{ .kubernetes.etcd.deployment_type }} run_once: true - when: and .kubernetes.etcd.deployment_type (ne .kubernetes.etcd.deployment_type "") + when: .kubernetes.etcd.deployment_type | empty | not - name: Stop if etcd group is empty in external etcd mode assert: @@ -31,7 +31,7 @@ command: fio --version register: fio_install_version - name: Test dev io by fio - when: .fio_install_version.stderr | eq "" + when: .fio_install_version.stderr | empty block: - name: Get fio result command: | diff --git a/builtin/core/roles/precheck/env_check/tasks/kubernetes.yaml b/builtin/core/roles/precheck/env_check/tasks/kubernetes.yaml index 6bd607a8..092782d0 100644 --- a/builtin/core/roles/precheck/env_check/tasks/kubernetes.yaml +++ b/builtin/core/roles/precheck/env_check/tasks/kubernetes.yaml @@ -1,6 +1,6 @@ - name: Should defined internal_ipv4 or internal_ipv6 assert: - that: or (and .internal_ipv4 (ne .internal_ipv4 "")) (and .internal_ipv6 (ne .internal_ipv6 "")) + that: or (.internal_ipv4 | empty | not) (.internal_ipv6 | empty | not) fail_msg: >- "internal_ipv4" and "internal_ipv6" cannot both be empty @@ -28,7 +28,7 @@ that: .kube_version | semverCompare (printf ">=%s" .cluster_require.kube_version_min_required) fail_msg: >- the current release of KubeKey only support newer version of Kubernetes than {{ .cluster_require.kube_version_min_required }} - You are trying to apply {{ .kube_version }} - when: and .kube_version (ne .kube_version "") + when: .kube_version | empty | not - name: Check if kubernetes installed when: .groups.k8s_cluster | default list | has .inventory_hostname diff --git a/builtin/core/roles/precheck/env_check/tasks/network.yaml b/builtin/core/roles/precheck/env_check/tasks/network.yaml index 6d8ed159..8ad37d65 100644 --- a/builtin/core/roles/precheck/env_check/tasks/network.yaml +++ b/builtin/core/roles/precheck/env_check/tasks/network.yaml @@ -1,13 +1,13 @@ --- - name: Should found network interface command: | - {{- if and .internal_ipv4 (.internal_ipv4 | ne "") }} + {{- if .internal_ipv4 | empty | not }} if [ ! ip -o addr show | grep -q {{ .internal_ipv4 }} ]; then echo 'No ipv4 network interface found' exit 1 fi {{- end }} - {{- if and .internal_ipv6 (.internal_ipv6 | ne "") }} + {{- if .internal_ipv6 | empty | not }} if [ ! ip -o addr show | grep -q {{ .internal_ipv6 }} ]; then echo 'No ipv6 network interface found' exit 1 @@ -43,7 +43,7 @@ Kubernetes introduced support for pod dual-stack networking starting from version v1.20.0. - name: Stop if service networking is not support dual-stack when: - - and .kubernetes.networking.service_cidr (.kubernetes.networking.service_cidr | ne "") + - .kubernetes.networking.service_cidr | empty | not - .kubernetes.networking.service_cidr | splitList "," | len | eq 2 assert: that: @@ -59,7 +59,7 @@ that: .cluster_require.require_network_plugin | has .kubernetes.kube_network_plugin fail_msg: >- kube_network_plugin:"{{ .kubernetes.kube_network_plugin }}" is not supported - when: and .kubernetes.kube_network_plugin (ne .kubernetes.kube_network_plugin "") + when: .kubernetes.kube_network_plugin | empty | not # This assertion will fail on the safe side: One can indeed schedule more pods # on a node than the CIDR-range has space for when additional pods use the host