This commit is contained in:
111
ansible/windows/roles/runtimes/tasks/containerd.yml
Normal file
111
ansible/windows/roles/runtimes/tasks/containerd.yml
Normal file
@ -0,0 +1,111 @@
|
||||
# Copyright 2020 The Kubernetes Authors.
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
---
|
||||
- name: Download containerd
|
||||
win_get_url:
|
||||
url: '{{ containerd_url }}'
|
||||
dest: '{{ tempdir.stdout | trim }}\containerd.tar.gz'
|
||||
checksum: '{{ containerd_sha256 }}'
|
||||
checksum_algorithm: "sha256"
|
||||
url_timeout: 300
|
||||
register: containerd
|
||||
retries: 5
|
||||
delay: 3
|
||||
until: containerd is not failed
|
||||
|
||||
- name: Create containerd directory structure
|
||||
win_file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
loop:
|
||||
- '{{ programfiles.stdout | trim }}\containerd'
|
||||
- '{{ alluserprofile.stdout | trim }}\containerd\state'
|
||||
- '{{ alluserprofile.stdout | trim }}\containerd\root'
|
||||
- '{{ systemdrive.stdout | trim }}/opt/cni/bin'
|
||||
- '{{ systemdrive.stdout | trim }}/etc/cni/net.d'
|
||||
|
||||
- name: Check if containerd exists
|
||||
win_stat:
|
||||
path: '{{ programfiles.stdout | trim }}\containerd\containerd.exe'
|
||||
register: containerd_file
|
||||
|
||||
- name: Unpack containerd binaries
|
||||
win_command: cmd /c tar -zxvf {{ containerd.dest }} -C "{{ programfiles.stdout | trim }}\containerd" --strip-components 1
|
||||
when: not containerd_file.stat.exists
|
||||
|
||||
- name: Add containerd to path
|
||||
win_path:
|
||||
elements:
|
||||
- '{{ programfiles.stdout | trim }}\containerd'
|
||||
scope: machine
|
||||
|
||||
- name: Copy containerd config file {{ containerd_config_file }}
|
||||
win_template:
|
||||
dest: '{{ programfiles.stdout | trim }}\containerd\config.toml'
|
||||
src: "{{ containerd_config_file }}"
|
||||
vars:
|
||||
allusersprofile: "{{ alluserprofile.stdout | trim }}"
|
||||
plugin_bin_dir: "{{ systemdrive.stdout | trim }}/opt/cni/bin"
|
||||
plugin_conf_dir: "{{ systemdrive.stdout | trim }}/etc/cni/net.d"
|
||||
# programfiles is C:\Program Files, but should be C:\\Program Files
|
||||
# otherwise task Register Containerd fails with "invalid escape sequence: \P"
|
||||
containerd_conf_dir: '{{ programfiles.stdout | trim | regex_replace("\\", "\\\\") }}\\\\containerd'
|
||||
|
||||
- name: Check if a Containerd service is installed
|
||||
win_service:
|
||||
name: containerd
|
||||
register: containerd_service
|
||||
|
||||
- name: Register Containerd
|
||||
win_shell: |
|
||||
#refresh the path to ensure ansible sees update
|
||||
$env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine")
|
||||
containerd.exe --register-service
|
||||
when: containerd_service.exists == false
|
||||
|
||||
# Enables DNS resolution of SMB shares
|
||||
# https://github.com/kubernetes-sigs/windows-gmsa/issues/30#issuecomment-802240945
|
||||
- name: Apply SMB Resolution Fix for containerd
|
||||
win_regedit:
|
||||
path: HKLM:\SYSTEM\CurrentControlSet\Services\hns\State
|
||||
state: present
|
||||
name: EnableCompartmentNamespace
|
||||
data: 1
|
||||
type: dword
|
||||
|
||||
- name: Create Windows Defender Exclusions
|
||||
win_shell: |
|
||||
Add-MpPreference -ExclusionProcess "{{ programfiles.stdout | trim }}\containerd\containerd.exe"
|
||||
Add-MpPreference -ExclusionProcess "{{ programfiles.stdout | trim }}\containerd\ctr.exe"
|
||||
|
||||
- name: Ensure Containerd Service is running
|
||||
win_service:
|
||||
name: containerd
|
||||
start_mode: auto
|
||||
state: started
|
||||
|
||||
- name: Pre-pull containerd images
|
||||
win_shell: |
|
||||
#refresh the path to ensure ansible sees update
|
||||
$env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine")
|
||||
ctr.exe -n k8s.io images pull {{ item }}
|
||||
loop: "{{ images }}"
|
||||
async: 1800
|
||||
poll: 60
|
||||
retries: 5
|
||||
register: pull
|
||||
until: pull is not failed
|
||||
when: (prepull | bool)
|
||||
vars:
|
||||
images: "{{ prepull_images[distribution_version] | default([]) }}"
|
||||
45
ansible/windows/roles/runtimes/tasks/docker_ee.yml
Normal file
45
ansible/windows/roles/runtimes/tasks/docker_ee.yml
Normal file
@ -0,0 +1,45 @@
|
||||
# Copyright 2020 The Kubernetes Authors.
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
---
|
||||
|
||||
# Requires license. If you running on Azure License is currently provided with Windows Server images.
|
||||
- name: Install docker via OneGet
|
||||
win_shell: |
|
||||
Install-PackageProvider -Name DockerMsftProvider -Force -ForceBootstrap | Out-Null
|
||||
$package = Find-Package -Name Docker -ProviderName DockerMsftProvider -RequiredVersion {{ docker_ee_version }}
|
||||
$package | Install-Package -Force | Out-Null
|
||||
|
||||
- name: Start Docker Service
|
||||
win_service:
|
||||
name: docker
|
||||
start_mode: auto
|
||||
state: started
|
||||
|
||||
- name: Set up Docker Network
|
||||
win_shell: |
|
||||
$exists=docker network ls -f name=host -q
|
||||
if (-not $exists) { docker network create -d nat host }
|
||||
|
||||
- name: Pre-pull docker images
|
||||
win_command: docker pull {{ item }}
|
||||
loop: "{{ images }}"
|
||||
async: 1800
|
||||
poll: 60
|
||||
retries: 5
|
||||
register: pull
|
||||
until: pull is not failed
|
||||
when: (prepull | bool)
|
||||
vars:
|
||||
images: "{{ prepull_images[distribution_version] | default([]) }}"
|
||||
|
||||
19
ansible/windows/roles/runtimes/tasks/main.yml
Normal file
19
ansible/windows/roles/runtimes/tasks/main.yml
Normal file
@ -0,0 +1,19 @@
|
||||
# Copyright 2020 The Kubernetes Authors.
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
---
|
||||
- import_tasks: containerd.yml
|
||||
when: runtime == "containerd"
|
||||
|
||||
- import_tasks: docker_ee.yml
|
||||
when: runtime == "docker-ee"
|
||||
Reference in New Issue
Block a user