Configure registry mirrors on workload-cluster nodes;Test ansible collection paths #2
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-04-03 21:37:09 +02:00
parent 9ff0e09625
commit d0c4251e06
4 changed files with 42 additions and 1 deletions

View File

@ -41,7 +41,7 @@ steps:
- | - |
ansible-galaxy collection install \ ansible-galaxy collection install \
-r ansible/requirements.yml \ -r ansible/requirements.yml \
-p ./ansible -p ./ansible/collections
volumes: volumes:
- name: scratch - name: scratch
path: /scratch path: /scratch

View File

@ -82,6 +82,10 @@
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}" rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
runcmds: runcmds:
- update-ca-certificates - update-ca-certificates
registries:
# This should obviously be a dynamic list, but testing first!
- docker.io
- gcr.io
- name: Store custom cluster-template - name: Store custom cluster-template
ansible.builtin.copy: ansible.builtin.copy:

View File

@ -47,6 +47,21 @@ patchesStrategicMerge:
template: template:
spec: spec:
files: files:
- content: |
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
append: true
path: /etc/containerd/config.toml
{% for registry in _template.registries %}
- content: |
server = "https://{{ registry }}"
[host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"]
capabilities = ["pull", "resolve"]
override_path = true
owner: root:root
path: /etc/containerd/certs.d/{{ registry }}/hosts.toml
{% endfor %}
- content: | - content: |
network: {config: disabled} network: {config: disabled}
owner: root:root owner: root:root
@ -103,6 +118,27 @@ patchesJson6902:
kind: KubeadmControlPlane kind: KubeadmControlPlane
name: .* name: .*
patch: |- patch: |-
- op: add
path: /spec/kubeadmConfigSpec/files/-
value:
content: |
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
append: true
path: /etc/containerd/config.toml
{% for registry in _template.registries %}
- op: add
path: /spec/kubeadmConfigSpec/files/-
value:
content: |
server = "https://{{ registry }}"
[host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"]
capabilities = ["pull", "resolve"]
override_path = true
owner: root:root
path: /etc/containerd/certs.d/{{ registry }}/hosts.toml
{% endfor %}
- op: add - op: add
path: /spec/kubeadmConfigSpec/files/- path: /spec/kubeadmConfigSpec/files/-
value: value:

View File

@ -34,6 +34,7 @@ build {
"PYTHONUNBUFFERED=1" "PYTHONUNBUFFERED=1"
] ]
use_proxy = "false" use_proxy = "false"
collections_path = "ansible/collections"
extra_arguments = [ extra_arguments = [
"--extra-vars", "appliancetype=${source.name}", "--extra-vars", "appliancetype=${source.name}",