From 2048ec61c18154fcc8b78e75f9bd471a75dded88 Mon Sep 17 00:00:00 2001 From: tu1h Date: Fri, 14 Jun 2024 17:49:21 +0800 Subject: [PATCH] Refine playbook set_containerd_registry_mirror Signed-off-by: tu1h --- pkg/util/entrypoint/entrypoint.go | 28 +++--- playbooks/set-containerd-registry-mirror.yml | 96 +++++++++++--------- 2 files changed, 67 insertions(+), 57 deletions(-) diff --git a/pkg/util/entrypoint/entrypoint.go b/pkg/util/entrypoint/entrypoint.go index ff2ba3416..894949b3f 100644 --- a/pkg/util/entrypoint/entrypoint.go +++ b/pkg/util/entrypoint/entrypoint.go @@ -24,19 +24,20 @@ const ( RemoveNodePB = "remove-node.yml" UpgradeClusterPB = "upgrade-cluster.yml" - PingPB = "ping.yml" - RepoPB = "enable-repo.yml" - FirewallPB = "disable-firewalld.yml" - KubeconfigPB = "kubeconfig.yml" - ClusterInfoPB = "cluster-info.yml" - UpdateHostsPB = "update-hosts.yml" - RemovePkgsPB = "remove-pkgs.yml" - PreCheckPB = "precheck.yml" - RenewCertsPB = "renew-certs.yml" - KubeVipConfigPB = "config-for-kube-vip.yml" - ConfigInsecureRegistryPB = "config-insecure-registry.yml" - NfConntrackPB = "enable-nf-conntrack.yml" - MountXFSPquotaPB = "mount-xfs-pquota.yml" + PingPB = "ping.yml" + RepoPB = "enable-repo.yml" + FirewallPB = "disable-firewalld.yml" + KubeconfigPB = "kubeconfig.yml" + ClusterInfoPB = "cluster-info.yml" + UpdateHostsPB = "update-hosts.yml" + RemovePkgsPB = "remove-pkgs.yml" + PreCheckPB = "precheck.yml" + RenewCertsPB = "renew-certs.yml" + KubeVipConfigPB = "config-for-kube-vip.yml" + ConfigInsecureRegistryPB = "config-insecure-registry.yml" + NfConntrackPB = "enable-nf-conntrack.yml" + MountXFSPquotaPB = "mount-xfs-pquota.yml" + SetContainerdRegistryMirror = "set-containerd-registry-mirror.yml" ) //go:embed entrypoint.sh.template @@ -65,6 +66,7 @@ func NewActions() *Actions { PingPB, RepoPB, FirewallPB, KubeconfigPB, ClusterInfoPB, UpdateHostsPB, RemovePkgsPB, PreCheckPB, RenewCertsPB, KubeVipConfigPB, ConfigInsecureRegistryPB, NfConntrackPB, MountXFSPquotaPB, + SetContainerdRegistryMirror, } actions.Playbooks.Dict = map[string]void{} for _, pbItem := range actions.Playbooks.List { diff --git a/playbooks/set-containerd-registry-mirror.yml b/playbooks/set-containerd-registry-mirror.yml index 55bc84d89..6add00b30 100644 --- a/playbooks/set-containerd-registry-mirror.yml +++ b/playbooks/set-containerd-registry-mirror.yml @@ -3,56 +3,64 @@ --- - name: Set containerd registry mirrors - hosts: all + hosts: k8s_cluster any_errors_fatal: "{{ any_errors_fatal | default(true) }}" vars: containerd_config_path: /etc/containerd/config.toml - #containerd_mirror: - # override: false - # mirror: docker.io - # endpoints: - # - 192.168.1.1 + # containerd_mirror: + # override: false + # mirror: docker.io + # endpoints: + # - 192.168.1.1 tasks: - - name: containerd_mirror must not be empty - assert: - that: containerd_mirror is defined and containerd_mirror + - name: Option containerd_mirror must not be empty + assert: + that: containerd_mirror is defined and containerd_mirror - - name: fetch containerd config toml - ansible.builtin.slurp: - src: "{{ containerd_config_path }}" - register: containerd_config_file + - name: Fetch containerd config toml + ansible.builtin.slurp: + src: "{{ containerd_config_path }}" + register: containerd_config_file - - name: parse containerd config toml - set_fact: - containerd_config: "{{ containerd_config_file['content'] | b64decode | sivel.toiletwater.from_toml }}" + - name: Parse containerd config toml + set_fact: + containerd_config: "{{ containerd_config_file['content'] | b64decode | sivel.toiletwater.from_toml }}" - - name: detect if mirror is already defined - set_fact: - mirror_exists: "{{ (containerd_mirror.mirror in (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default([]))) }}" + - name: Detect if mirror is already defined + set_fact: + mirror_exists: "{{ (containerd_mirror.mirror in (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default([]))) }}" - - name: update containerd_config - set_fact: - containerd_config: >- - {{ - containerd_config | combine({ - "plugins": { - "io.containerd.grpc.v1.cri": { - "registry": { - "mirrors": (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default({})) | combine({ - containerd_mirror.mirror: { - "endpoint": containerd_mirror.endpoints + (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors[containerd_mirror.mirror].endpoint if (mirror_exists | default(false)) and not (containerd_mirror.override | default(false)) else []) - } - }) - }, - }, - } - }, recursive=True) - }} + - name: Update containerd_config + set_fact: + containerd_config: >- + {{ + containerd_config | combine({ + "plugins": { + "io.containerd.grpc.v1.cri": { + "registry": { + "mirrors": (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors | default({})) | combine({ + containerd_mirror.mirror: { + "endpoint": containerd_mirror.endpoints + (containerd_config.plugins['io.containerd.grpc.v1.cri'].registry.mirrors[containerd_mirror.mirror].endpoint if (mirror_exists | default(false)) and not (containerd_mirror.override | default(false)) else []) + } + }) + }, + }, + } + }, recursive=True) + }} - - name: writeback containerd config toml - copy: - dest: "{{ containerd_config_path }}" - mode: 0644 - content: "{{ containerd_config | sivel.toiletwater.to_toml }}" - backup: true - become: true + - name: Writeback containerd config toml + copy: + dest: "{{ containerd_config_path }}" + mode: "0644" + content: "{{ containerd_config | sivel.toiletwater.to_toml }}" + backup: true + become: true + + - name: Restart containerd + systemd: + name: containerd + state: restarted + enabled: yes + daemon-reload: yes + masked: no