Skip to content

Commit

Permalink
Merge pull request #1274 from tu1h/refine_containerd_registry_mirror_pb
Browse files Browse the repository at this point in the history 
Refine playbook set_containerd_registry_mirror
  • Loading branch information
@ErikJiang
ErikJiang authored Jun 14, 2024
2 parents f869698 + 2048ec6 commit ea7ed84
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 57 deletions.
28 changes: 15 additions & 13 deletions pkg/util/entrypoint/entrypoint.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,19 +24,20 @@ const (
RemoveNodePB = "remove-node.yml"
UpgradeClusterPB = "upgrade-cluster.yml"

PingPB = "ping.yml"
RepoPB = "enable-repo.yml"
FirewallPB = "disable-firewalld.yml"
KubeconfigPB = "kubeconfig.yml"
ClusterInfoPB = "cluster-info.yml"
UpdateHostsPB = "update-hosts.yml"
RemovePkgsPB = "remove-pkgs.yml"
PreCheckPB = "precheck.yml"
RenewCertsPB = "renew-certs.yml"
KubeVipConfigPB = "config-for-kube-vip.yml"
ConfigInsecureRegistryPB = "config-insecure-registry.yml"
NfConntrackPB = "enable-nf-conntrack.yml"
MountXFSPquotaPB = "mount-xfs-pquota.yml"
PingPB = "ping.yml"
RepoPB = "enable-repo.yml"
FirewallPB = "disable-firewalld.yml"
KubeconfigPB = "kubeconfig.yml"
ClusterInfoPB = "cluster-info.yml"
UpdateHostsPB = "update-hosts.yml"
RemovePkgsPB = "remove-pkgs.yml"
PreCheckPB = "precheck.yml"
RenewCertsPB = "renew-certs.yml"
KubeVipConfigPB = "config-for-kube-vip.yml"
ConfigInsecureRegistryPB = "config-insecure-registry.yml"
NfConntrackPB = "enable-nf-conntrack.yml"
MountXFSPquotaPB = "mount-xfs-pquota.yml"
SetContainerdRegistryMirror = "set-containerd-registry-mirror.yml"
)

//go:embed entrypoint.sh.template
Expand Down Expand Up @@ -65,6 +66,7 @@ func NewActions() *Actions {
PingPB, RepoPB, FirewallPB, KubeconfigPB, ClusterInfoPB, UpdateHostsPB,
RemovePkgsPB, PreCheckPB, RenewCertsPB,
KubeVipConfigPB, ConfigInsecureRegistryPB, NfConntrackPB, MountXFSPquotaPB,
SetContainerdRegistryMirror,
}
actions.Playbooks.Dict = map[string]void{}
for _, pbItem := range actions.Playbooks.List {
Expand Down
96 changes: 52 additions & 44 deletions playbooks/set-containerd-registry-mirror.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,56 +3,64 @@

---
- name: Set containerd registry mirrors
hosts: all
hosts: k8s_cluster
any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
vars:
containerd_config_path: /etc/containerd/config.toml
#containerd_mirror:
# override: false
# mirror: docker.io
# endpoints:
# - 192.168.1.1
# containerd_mirror:
# override: false
# mirror: docker.io
# endpoints:
# - 192.168.1.1
tasks:
- name: containerd_mirror must not be empty
assert:
that: containerd_mirror is defined and containerd_mirror
- name: Option containerd_mirror must not be empty
assert:
that: containerd_mirror is defined and containerd_mirror

- name: fetch containerd config toml
ansible.builtin.slurp:
src: "{{ containerd_config_path }}"
register: containerd_config_file
- name: Fetch containerd config toml
ansible.builtin.slurp:
src: "{{ containerd_config_path }}"
register: containerd_config_file

- name: parse containerd config toml
set_fact:
containerd_config: "{{ containerd_config_file['content'] | b64decode | sivel.toiletwater.from_toml }}"
- name: Parse containerd config toml
set_fact:
containerd_config: "{{ containerd_config_file['content'] | b64decode | sivel.toiletwater.from_toml }}"

- name: detect if mirror is already defined
set_fact:
mirror_exists: "{{ (containerd_mirror.mirror in (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default([]))) }}"
- name: Detect if mirror is already defined
set_fact:
mirror_exists: "{{ (containerd_mirror.mirror in (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default([]))) }}"

- name: update containerd_config
set_fact:
containerd_config: >-
{{
containerd_config | combine({
"plugins": {
"io.containerd.grpc.v1.cri": {
"registry": {
"mirrors": (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default({})) | combine({
containerd_mirror.mirror: {
"endpoint": containerd_mirror.endpoints + (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors[containerd_mirror.mirror].endpoint if (mirror_exists | default(false)) and not (containerd_mirror.override | default(false)) else [])
}
})
},
},
}
}, recursive=True)
}}
- name: Update containerd_config
set_fact:
containerd_config: >-
{{
containerd_config | combine({
"plugins": {
"io.containerd.grpc.v1.cri": {
"registry": {
"mirrors": (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default({})) | combine({
containerd_mirror.mirror: {
"endpoint": containerd_mirror.endpoints + (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors[containerd_mirror.mirror].endpoint if (mirror_exists | default(false)) and not (containerd_mirror.override | default(false)) else [])
}
})
},
},
}
}, recursive=True)
}}
- name: writeback containerd config toml
copy:
dest: "{{ containerd_config_path }}"
mode: 0644
content: "{{ containerd_config | sivel.toiletwater.to_toml }}"
backup: true
become: true
- name: Writeback containerd config toml
copy:
dest: "{{ containerd_config_path }}"
mode: "0644"
content: "{{ containerd_config | sivel.toiletwater.to_toml }}"
backup: true
become: true

- name: Restart containerd
systemd:
name: containerd
state: restarted
enabled: yes
daemon-reload: yes
masked: no

0 comments on commit ea7ed84

Please sign in to comment.