ClusterAPI.imageBuilder/ansible/roles/sysprep/tasks/flatcar.yml

# Copyright 2020 The Kubernetes Authors.

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

# http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Define file modes
  set_fact:
    last_log_mode:   "0644"
    machine_id_mode: "0444"

- name: Invalidate the machine-id file for systemd to reevaluate presets
  file:
    path: /etc/machine-id
    state: absent

- name: Stop and mask update-engine to freeze the image version
  systemd:
    name: update-engine
    state: stopped
    enabled: no
    masked: yes

- name: Stop and mask the locksmith reboot manager since it depends on update-engine
  systemd:
    name: locksmithd
    state: stopped
    enabled: no
    masked: yes

- name: Mask docker
  systemd:
    name: "{{ item }}"
    state: stopped
    enabled: no
    masked: yes
  with_items:
  - docker.socket
  - docker.service

- name: Set cgroup v1 to match the cgroupfs driver in containerd and kubelet
  shell: |
    echo 'set linux_append="$linux_append systemd.unified_cgroup_hierarchy=0 systemd.legacy_systemd_cgroup_controller"' >> /usr/share/oem/grub.cfg
  when: kubernetes_semver is version('v1.21.0', '<')

- name: Set oem_id in grub
  shell: |
    echo 'set oem_id="{{oem_id}}"' >> /usr/share/oem/grub.cfg
  when: (oem_id is defined) and (oem_id != "")
Test dependencies 2023-02-22 20:24:42 +00:00			`# Copyright 2020 The Kubernetes Authors.`

			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`

			`# http://www.apache.org/licenses/LICENSE-2.0`

			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`---`
			`- name: Define file modes`
			`set_fact:`
			`last_log_mode: "0644"`
			`machine_id_mode: "0444"`

			`- name: Invalidate the machine-id file for systemd to reevaluate presets`
			`file:`
			`path: /etc/machine-id`
			`state: absent`

			`- name: Stop and mask update-engine to freeze the image version`
			`systemd:`
			`name: update-engine`
			`state: stopped`
			`enabled: no`
			`masked: yes`

			`- name: Stop and mask the locksmith reboot manager since it depends on update-engine`
			`systemd:`
			`name: locksmithd`
			`state: stopped`
			`enabled: no`
			`masked: yes`

			`- name: Mask docker`
			`systemd:`
			`name: "{{ item }}"`
			`state: stopped`
			`enabled: no`
			`masked: yes`
			`with_items:`
			`- docker.socket`
			`- docker.service`

			`- name: Set cgroup v1 to match the cgroupfs driver in containerd and kubelet`
			`shell: \|`
			`echo 'set linux_append="$linux_append systemd.unified_cgroup_hierarchy=0 systemd.legacy_systemd_cgroup_controller"' >> /usr/share/oem/grub.cfg`
			`when: kubernetes_semver is version('v1.21.0', '<')`

			`- name: Set oem_id in grub`
			`shell: \|`
			`echo 'set oem_id="{{oem_id}}"' >> /usr/share/oem/grub.cfg`
			`when: (oem_id is defined) and (oem_id != "")`