# Copyright 2020 The Kubernetes Authors. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- - name: Download containerd win_get_url: url: '{{ containerd_url }}' dest: '{{ tempdir.stdout | trim }}\containerd.tar.gz' checksum: '{{ containerd_sha256 }}' checksum_algorithm: "sha256" url_timeout: 300 register: containerd retries: 5 delay: 3 until: containerd is not failed - name: Create containerd directory structure win_file: path: "{{ item }}" state: directory loop: - '{{ programfiles.stdout | trim }}\containerd' - '{{ alluserprofile.stdout | trim }}\containerd\state' - '{{ alluserprofile.stdout | trim }}\containerd\root' - '{{ systemdrive.stdout | trim }}/opt/cni/bin' - '{{ systemdrive.stdout | trim }}/etc/cni/net.d' - name: Check if containerd exists win_stat: path: '{{ programfiles.stdout | trim }}\containerd\containerd.exe' register: containerd_file - name: Unpack containerd binaries win_command: cmd /c tar -zxvf {{ containerd.dest }} -C "{{ programfiles.stdout | trim }}\containerd" --strip-components 1 when: not containerd_file.stat.exists - name: Add containerd to path win_path: elements: - '{{ programfiles.stdout | trim }}\containerd' scope: machine - name: Copy containerd config file {{ containerd_config_file }} win_template: dest: '{{ programfiles.stdout | trim }}\containerd\config.toml' src: "{{ containerd_config_file }}" vars: allusersprofile: "{{ alluserprofile.stdout | trim }}" plugin_bin_dir: "{{ systemdrive.stdout | trim }}/opt/cni/bin" plugin_conf_dir: "{{ systemdrive.stdout | trim }}/etc/cni/net.d" # programfiles is C:\Program Files, but should be C:\\Program Files # otherwise task Register Containerd fails with "invalid escape sequence: \P" containerd_conf_dir: '{{ programfiles.stdout | trim | regex_replace("\\", "\\\\") }}\\\\containerd' - name: Check if a Containerd service is installed win_service: name: containerd register: containerd_service - name: Register Containerd win_shell: | #refresh the path to ensure ansible sees update $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") containerd.exe --register-service when: containerd_service.exists == false # Enables DNS resolution of SMB shares # https://github.com/kubernetes-sigs/windows-gmsa/issues/30#issuecomment-802240945 - name: Apply SMB Resolution Fix for containerd win_regedit: path: HKLM:\SYSTEM\CurrentControlSet\Services\hns\State state: present name: EnableCompartmentNamespace data: 1 type: dword - name: Create Windows Defender Exclusions win_shell: | Add-MpPreference -ExclusionProcess "{{ programfiles.stdout | trim }}\containerd\containerd.exe" Add-MpPreference -ExclusionProcess "{{ programfiles.stdout | trim }}\containerd\ctr.exe" - name: Ensure Containerd Service is running win_service: name: containerd start_mode: auto state: started - name: Pre-pull containerd images win_shell: | #refresh the path to ensure ansible sees update $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") ctr.exe -n k8s.io images pull {{ item }} loop: "{{ images }}" async: 1800 poll: 60 retries: 5 register: pull until: pull is not failed when: (prepull | bool) vars: images: "{{ prepull_images[distribution_version] | default([]) }}"