Configure registry mirrors on workload-cluster nodes;Test ansible collection paths #2
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
9ff0e09625
commit
d0c4251e06
@ -41,7 +41,7 @@ steps:
|
|||||||
- |
|
- |
|
||||||
ansible-galaxy collection install \
|
ansible-galaxy collection install \
|
||||||
-r ansible/requirements.yml \
|
-r ansible/requirements.yml \
|
||||||
-p ./ansible
|
-p ./ansible/collections
|
||||||
volumes:
|
volumes:
|
||||||
- name: scratch
|
- name: scratch
|
||||||
path: /scratch
|
path: /scratch
|
||||||
|
@ -82,6 +82,10 @@
|
|||||||
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
||||||
runcmds:
|
runcmds:
|
||||||
- update-ca-certificates
|
- update-ca-certificates
|
||||||
|
registries:
|
||||||
|
# This should obviously be a dynamic list, but testing first!
|
||||||
|
- docker.io
|
||||||
|
- gcr.io
|
||||||
|
|
||||||
- name: Store custom cluster-template
|
- name: Store custom cluster-template
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
|
@ -47,6 +47,21 @@ patchesStrategicMerge:
|
|||||||
template:
|
template:
|
||||||
spec:
|
spec:
|
||||||
files:
|
files:
|
||||||
|
- content: |
|
||||||
|
[plugins."io.containerd.grpc.v1.cri".registry]
|
||||||
|
config_path = "/etc/containerd/certs.d"
|
||||||
|
append: true
|
||||||
|
path: /etc/containerd/config.toml
|
||||||
|
{% for registry in _template.registries %}
|
||||||
|
- content: |
|
||||||
|
server = "https://{{ registry }}"
|
||||||
|
|
||||||
|
[host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"]
|
||||||
|
capabilities = ["pull", "resolve"]
|
||||||
|
override_path = true
|
||||||
|
owner: root:root
|
||||||
|
path: /etc/containerd/certs.d/{{ registry }}/hosts.toml
|
||||||
|
{% endfor %}
|
||||||
- content: |
|
- content: |
|
||||||
network: {config: disabled}
|
network: {config: disabled}
|
||||||
owner: root:root
|
owner: root:root
|
||||||
@ -103,6 +118,27 @@ patchesJson6902:
|
|||||||
kind: KubeadmControlPlane
|
kind: KubeadmControlPlane
|
||||||
name: .*
|
name: .*
|
||||||
patch: |-
|
patch: |-
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
|
value:
|
||||||
|
content: |
|
||||||
|
[plugins."io.containerd.grpc.v1.cri".registry]
|
||||||
|
config_path = "/etc/containerd/certs.d"
|
||||||
|
append: true
|
||||||
|
path: /etc/containerd/config.toml
|
||||||
|
{% for registry in _template.registries %}
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
|
value:
|
||||||
|
content: |
|
||||||
|
server = "https://{{ registry }}"
|
||||||
|
|
||||||
|
[host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"]
|
||||||
|
capabilities = ["pull", "resolve"]
|
||||||
|
override_path = true
|
||||||
|
owner: root:root
|
||||||
|
path: /etc/containerd/certs.d/{{ registry }}/hosts.toml
|
||||||
|
{% endfor %}
|
||||||
- op: add
|
- op: add
|
||||||
path: /spec/kubeadmConfigSpec/files/-
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
value:
|
value:
|
||||||
|
@ -34,6 +34,7 @@ build {
|
|||||||
"PYTHONUNBUFFERED=1"
|
"PYTHONUNBUFFERED=1"
|
||||||
]
|
]
|
||||||
use_proxy = "false"
|
use_proxy = "false"
|
||||||
|
collections_path = "ansible/collections"
|
||||||
|
|
||||||
extra_arguments = [
|
extra_arguments = [
|
||||||
"--extra-vars", "appliancetype=${source.name}",
|
"--extra-vars", "appliancetype=${source.name}",
|
||||||
|
Loading…
Reference in New Issue
Block a user