Define registry mirrors dynamically;Fix path;Fix Ansible config

2022-12-10 16:56:13 +01:00 · 2022-12-10 16:56:13 +01:00 · ab5f082933
commit ab5f082933
parent e3f44fab0a
7 changed files with 27 additions and 34 deletions
--- a/ansible/roles/assets/tasks/main.yml
+++ b/ansible/roles/assets/tasks/main.yml
@ -9,7 +9,7 @@
    - /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}
    - /opt/metacluster/cluster-api/control-plane-kubeadm/{{ components.clusterapi.management.version.base }}
    - /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}
-    - /opt/metacluster/cluster-api/ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}
+    - /opt/metacluster/cluster-api/ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}
    - /opt/metacluster/container-images
    - /opt/metacluster/git-repositories/gitops
    - /opt/metacluster/helm-charts
--- a/ansible/roles/assets/tasks/manifests.yml
+++ b/ansible/roles/assets/tasks/manifests.yml
@ -49,9 +49,9 @@
      dest: cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
    # IPAM in-cluster provider (w/ metadata.yaml)
    - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
    - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
  loop_control:
    label: "{{ item.url | basename }}"
  retries: 5
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
@ -39,10 +39,26 @@
      loop_control:
        label: "{{ item | basename }}"

+    - name: Get all stored container images (=artifacts)
+      ansible.builtin.uri:
+        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/search?q=library
+        method: GET
+      register: registry_artifacts
+
+    - name: Get source registries of all artifacts
+      ansible.builtin.set_fact:
+        source_registries: "{{ (source_registries | default([]) + [(item | split('/'))[1]]) | unique | sort }}"
+      loop: "{{ registry_artifacts.json.repository | json_query('[*].repository_name') }}"
+
    - name: Configure K3s node for private registry
      ansible.builtin.template:
        dest: /etc/rancher/k3s/registries.yaml
        src: registries.j2
+      vars:
+        _template:
+          data: "{{ source_registries }}"
+          hv:
+            fqdn: "{{ vapp['metacluster.fqdn'] }}"

    - name: Restart kubelet (k3s) to pick up configured registries
      ansible.builtin.systemd:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@ -31,7 +31,7 @@
      clusterctl init \
        -v5 \
        --infrastructure vsphere:{{ components.clusterapi.management.version.infrastructure_vsphere }} \
-        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }}
+        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }} \
        --config ./clusterctl.yaml \
        --kubeconfig {{ kubeconfig.path }}
    chdir: /opt/metacluster/cluster-api
--- a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
@ -12,7 +12,7 @@ providers:
    url: "/opt/metacluster/cluster-api/infrastructure-vsphere/{{ _template.version.infrastructure_vsphere }}/infrastructure-components.yaml"
    type: "InfrastructureProvider"
  - name: "in-cluster"
-    url: "/opt/metacluster/cluster-api/ipam-incluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
+    url: "/opt/metacluster/cluster-api/ipam-in-cluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
    type: "IPAMProvider"

 cert-manager:
--- a/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2
@ -1,31 +1,8 @@
 mirrors:
-  cr.step.cm:
+{% for value in _template.data %}
+  {{ value }}:
    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
+      - https://registry.{{ _template.hv.fqdn }}
    rewrite:
-      "(.*)": "library/cr.step.sm/$1"
-  docker.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/docker.io/$1"
-  gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/gcr.io/$1"
-  ghcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/ghcr.io/$1"
-  k8s.gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/k8s.gcr.io/$1"
-  quay.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/quay.io/$1"
+      "(.*)": "library/{{ value }}/$1"
+{% endfor %}
--- a/ansible/roles/os/templates/ansible.j2
+++ b/ansible/roles/os/templates/ansible.j2
@ -1,2 +1,2 @@
 [defaults]
-callback_whitelist = ansible.posix.profile_tasks
+callbacks_enabled = ansible.posix.profile_tasks