Skip to content
main.yml 68.6 KiB
Newer Older
    file: true
    version: "{{ kube_version }}"
    dest: "{{ local_release_dir }}/kubectl-{{ kube_version }}-{{ image_arch }}"
    sha256: "{{ kubectl_binary_checksum }}"
    url: "{{ kubectl_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
okamototk's avatar
okamototk committed
  crictl:
    file: true
    enabled: "{{ container_manager in ['crio', 'cri', 'containerd'] }}"
    version: "{{ crictl_version }}"
    dest: "{{ local_release_dir }}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz"
okamototk's avatar
okamototk committed
    sha256: "{{ crictl_binary_checksum }}"
    url: "{{ crictl_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
  crun:
    file: true
    enabled: "{{ crun_enabled }}"
    version: "{{ crun_version }}"
    dest: "{{ local_release_dir }}/crun"
    sha256: "{{ crun_binary_checksum }}"
    url: "{{ crun_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
  youki:
    file: true
    enabled: "{{ youki_enabled }}"
    version: "{{ youki_version }}"
    dest: "{{ local_release_dir }}/youki_v{{ youki_version | regex_replace('\\.', '_') }}_linux.tar.gz"
    sha256: "{{ youki_archive_checksum }}"
    url: "{{ youki_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
    - k8s_cluster

  runc:
    file: true
    enabled: "{{ container_manager == 'containerd' }}"
    version: "{{ runc_version }}"
    dest: "{{ local_release_dir }}/runc"
    sha256: "{{ runc_binary_checksum }}"
    url: "{{ runc_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
    - k8s_cluster

  kata_containers:
    enabled: "{{ kata_containers_enabled }}"
    file: true
    version: "{{ kata_containers_version }}"
    dest: "{{ local_release_dir }}/kata-static-{{ kata_containers_version }}-{{ image_arch }}.tar.xz"
    sha256: "{{ kata_containers_binary_checksum }}"
    url: "{{ kata_containers_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
  containerd:
    enabled: "{{ container_manager == 'containerd' }}"
    file: true
    version: "{{ containerd_version }}"
    dest: "{{ local_release_dir }}/containerd-{{ containerd_version }}-linux-{{ image_arch }}.tar.gz"
    sha256: "{{ containerd_archive_checksum }}"
    url: "{{ containerd_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
    - k8s_cluster

  gvisor_runsc:
    enabled: "{{ gvisor_enabled }}"
    file: true
    version: "{{ gvisor_version }}"
    dest: "{{ local_release_dir }}/gvisor-runsc"
    sha256: "{{ gvisor_runsc_binary_checksum }}"
    url: "{{ gvisor_runsc_download_url }}"
    unarchive: false
    owner: "root"
    mode: 755
    groups:
    - k8s_cluster

  gvisor_containerd_shim:
    enabled: "{{ gvisor_enabled }}"
    file: true
    version: "{{ gvisor_version }}"
    dest: "{{ local_release_dir }}/gvisor-containerd-shim-runsc-v1"
    sha256: "{{ gvisor_containerd_shim_binary_checksum }}"
    url: "{{ gvisor_containerd_shim_runsc_download_url }}"
    unarchive: false
    owner: "root"
    mode: 755
    groups:
    - k8s_cluster

    enabled: "{{ container_manager == 'containerd' }}"
    version: "{{ nerdctl_version }}"
    dest: "{{ local_release_dir }}/nerdctl-{{ nerdctl_version }}-linux-{{ image_arch }}.tar.gz"
    sha256: "{{ nerdctl_archive_checksum }}"
    url: "{{ nerdctl_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
melkosoft's avatar
melkosoft committed
  cilium:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
melkosoft's avatar
melkosoft committed
    container: true
    repo: "{{ cilium_image_repo }}"
    tag: "{{ cilium_image_tag }}"
    sha256: "{{ cilium_digest_checksum|default(None) }}"
  cilium_init:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
    container: true
    repo: "{{ cilium_init_image_repo }}"
    tag: "{{ cilium_init_image_tag }}"
    sha256: "{{ cilium_init_digest_checksum|default(None) }}"
    groups:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
    container: true
    repo: "{{ cilium_operator_image_repo }}"
    tag: "{{ cilium_operator_image_tag }}"
    sha256: "{{ cilium_operator_digest_checksum|default(None) }}"
    groups:
  multus:
    enabled: "{{ kube_network_plugin_multus }}"
    container: true
    repo: "{{ multus_image_repo }}"
    tag: "{{ multus_image_tag }}"
    sha256: "{{ multus_digest_checksum|default(None) }}"
    groups:
    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ flannel_image_repo }}"
    tag: "{{ flannel_image_tag }}"
    sha256: "{{ flannel_digest_checksum|default(None) }}"
  calicoctl:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    file: true
    version: "{{ calico_ctl_version }}"
    dest: "{{ local_release_dir }}/calicoctl"
    sha256: "{{ calicoctl_binary_checksum }}"
    url: "{{ calicoctl_download_url }}"
    mirrors:
    - "{{ calicoctl_alternate_download_url }}"
    - "{{ calicoctl_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
  calico_node:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_node_image_repo }}"
    tag: "{{ calico_node_image_tag }}"
    sha256: "{{ calico_node_digest_checksum|default(None) }}"
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_cni_image_repo }}"
    tag: "{{ calico_cni_image_tag }}"
    sha256: "{{ calico_cni_digest_checksum|default(None) }}"
Samuel Liu's avatar
Samuel Liu committed
  calico_flexvol:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_flexvol_image_repo }}"
    tag: "{{ calico_flexvol_image_tag }}"
    sha256: "{{ calico_flexvol_digest_checksum|default(None) }}"
    groups:
    - k8s_cluster

    enabled: "{{ enable_network_policy and kube_network_plugin in ['calico', 'canal'] }}"
    container: true
    repo: "{{ calico_policy_image_repo }}"
    tag: "{{ calico_policy_image_tag }}"
    sha256: "{{ calico_policy_digest_checksum|default(None) }}"
    enabled: "{{ typha_enabled }}"
    container: true
    repo: "{{ calico_typha_image_repo }}"
    tag: "{{ calico_typha_image_tag }}"
    sha256: "{{ calico_typha_digest_checksum|default(None) }}"
    groups:
  calico_crds:
    file: true
    enabled: "{{ kube_network_plugin == 'calico' and calico_datastore == 'kdd' }}"
    version: "{{ calico_version }}"
    dest: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds/{{ calico_version }}.tar.gz"
    sha256: "{{ calico_crds_archive_checksum }}"
    url: "{{ calico_crds_download_url }}"
    unarchive: true
    unarchive_extra_opts:
    - "--strip=6"
    - "--wildcards"
    - "*/_includes/charts/calico/crds/kdd/"
    owner: "root"
    mode: "0755"
    groups:
Brad Beam's avatar
Brad Beam committed
  weave_kube:
    enabled: "{{ kube_network_plugin == 'weave' }}"
Brad Beam's avatar
Brad Beam committed
    container: true
    repo: "{{ weave_kube_image_repo }}"
    tag: "{{ weave_kube_image_tag }}"
    sha256: "{{ weave_kube_digest_checksum|default(None) }}"
Brad Beam's avatar
Brad Beam committed
  weave_npc:
    enabled: "{{ kube_network_plugin == 'weave' }}"
Brad Beam's avatar
Brad Beam committed
    container: true
    repo: "{{ weave_npc_image_repo }}"
    tag: "{{ weave_npc_image_tag }}"
    sha256: "{{ weave_npc_digest_checksum|default(None) }}"
    enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
    container: true
    repo: "{{ kube_ovn_container_image_repo }}"
    tag: "{{ kube_ovn_container_image_tag }}"
    sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
    groups:
  kube_router:
    enabled: "{{ kube_network_plugin == 'kube-router' }}"
    container: true
    repo: "{{ kube_router_image_repo }}"
    tag: "{{ kube_router_image_tag }}"
    sha256: "{{ kube_router_digest_checksum|default(None) }}"
    groups:
    container: true
    repo: "{{ pod_infra_image_repo }}"
    tag: "{{ pod_infra_image_tag }}"
    sha256: "{{ pod_infra_digest_checksum|default(None) }}"
    enabled: "{{ ansible_os_family in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
    container: true
    repo: "{{ install_socat_image_repo }}"
    tag: "{{ install_socat_image_tag }}"
    sha256: "{{ install_socat_digest_checksum|default(None) }}"
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'nginx' }}"
    container: true
    repo: "{{ nginx_image_repo }}"
    tag: "{{ nginx_image_tag }}"
    sha256: "{{ nginx_digest_checksum|default(None) }}"
  haproxy:
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'haproxy' }}"
    container: true
    repo: "{{ haproxy_image_repo }}"
    tag: "{{ haproxy_image_tag }}"
    sha256: "{{ haproxy_digest_checksum|default(None) }}"
    groups:
  coredns:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
    container: true
    repo: "{{ coredns_image_repo }}"
    tag: "{{ coredns_image_tag }}"
    sha256: "{{ coredns_digest_checksum|default(None) }}"
    enabled: "{{ enable_nodelocaldns }}"
    container: true
    repo: "{{ nodelocaldns_image_repo }}"
    tag: "{{ nodelocaldns_image_tag }}"
    sha256: "{{ nodelocaldns_digest_checksum|default(None) }}"
    groups:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
    repo: "{{ dnsautoscaler_image_repo }}"
    tag: "{{ dnsautoscaler_image_tag }}"
    sha256: "{{ dnsautoscaler_digest_checksum|default(None) }}"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
  helm:
    enabled: "{{ helm_enabled }}"
Etienne Champetier's avatar
Etienne Champetier committed
    file: true
    version: "{{ helm_version }}"
    dest: "{{ local_release_dir }}/helm-{{ helm_version }}/helm-{{ helm_version }}-linux-{{ image_arch }}.tar.gz"
    sha256: "{{ helm_archive_checksum }}"
    url: "{{ helm_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
Samuel Liu's avatar
Samuel Liu committed
  krew:
    enabled: "{{ krew_enabled }}"
    file: true
    version: "{{ krew_version }}"
    dest: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz"
Samuel Liu's avatar
Samuel Liu committed
    sha256: "{{ krew_archive_checksum }}"
    url: "{{ krew_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
    - kube_control_plane

  registry:
    enabled: "{{ registry_enabled }}"
    container: true
    repo: "{{ registry_image_repo }}"
    tag: "{{ registry_image_tag }}"
    sha256: "{{ registry_digest_checksum|default(None) }}"
    groups:
  metrics_server:
    enabled: "{{ metrics_server_enabled }}"
    container: true
    repo: "{{ metrics_server_image_repo }}"
    tag: "{{ metrics_server_image_tag }}"
    sha256: "{{ metrics_server_digest_checksum|default(None) }}"
    groups:
  local_volume_provisioner:
    enabled: "{{ local_volume_provisioner_enabled }}"
    container: true
    repo: "{{ local_volume_provisioner_image_repo }}"
    tag: "{{ local_volume_provisioner_image_tag }}"
    sha256: "{{ local_volume_provisioner_digest_checksum|default(None) }}"
    groups:
  cephfs_provisioner:
    enabled: "{{ cephfs_provisioner_enabled }}"
    container: true
    repo: "{{ cephfs_provisioner_image_repo }}"
    tag: "{{ cephfs_provisioner_image_tag }}"
    sha256: "{{ cephfs_provisioner_digest_checksum|default(None) }}"
    groups:
  rbd_provisioner:
    enabled: "{{ rbd_provisioner_enabled }}"
    container: true
    repo: "{{ rbd_provisioner_image_repo }}"
    tag: "{{ rbd_provisioner_image_tag }}"
    sha256: "{{ rbd_provisioner_digest_checksum|default(None) }}"
    groups:
    enabled: "{{ local_path_provisioner_enabled }}"
    container: true
    repo: "{{ local_path_provisioner_image_repo }}"
    tag: "{{ local_path_provisioner_image_tag }}"
    sha256: "{{ local_path_provisioner_digest_checksum|default(None) }}"
    groups:
  ingress_nginx_controller:
    enabled: "{{ ingress_nginx_enabled }}"
    container: true
    repo: "{{ ingress_nginx_controller_image_repo }}"
    tag: "{{ ingress_nginx_controller_image_tag }}"
    sha256: "{{ ingress_nginx_controller_digest_checksum|default(None) }}"
    groups:
  ingress_alb_controller:
    enabled: "{{ ingress_alb_enabled }}"
    container: true
    repo: "{{ alb_ingress_image_repo }}"
    tag: "{{ alb_ingress_image_tag }}"
    sha256: "{{ ingress_alb_controller_digest_checksum|default(None) }}"
    groups:
  cert_manager_controller:
    enabled: "{{ cert_manager_enabled }}"
    container: true
    repo: "{{ cert_manager_controller_image_repo }}"
    tag: "{{ cert_manager_controller_image_tag }}"
    sha256: "{{ cert_manager_controller_digest_checksum|default(None) }}"
    groups:
  cert_manager_cainjector:
    enabled: "{{ cert_manager_enabled }}"
    container: true
    repo: "{{ cert_manager_cainjector_image_repo }}"
    tag: "{{ cert_manager_cainjector_image_tag }}"
    sha256: "{{ cert_manager_cainjector_digest_checksum|default(None) }}"
    groups:

  cert_manager_webhook:
    enabled: "{{ cert_manager_enabled }}"
    container: true
    repo: "{{ cert_manager_webhook_image_repo }}"
    tag: "{{ cert_manager_webhook_image_tag }}"
    sha256: "{{ cert_manager_webhook_digest_checksum|default(None) }}"
    groups:
  csi_attacher:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
    repo: "{{ csi_attacher_image_repo }}"
    tag: "{{ csi_attacher_image_tag }}"
    sha256: "{{ csi_attacher_digest_checksum|default(None) }}"
  csi_provisioner:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
    repo: "{{ csi_provisioner_image_repo }}"
    tag: "{{ csi_provisioner_image_tag }}"
    sha256: "{{ csi_provisioner_digest_checksum|default(None) }}"
  csi_snapshotter:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
    repo: "{{ csi_snapshotter_image_repo }}"
    tag: "{{ csi_snapshotter_image_tag }}"
    sha256: "{{ csi_snapshotter_digest_checksum|default(None) }}"
    enabled: "{{ csi_snapshot_controller_enabled }}"
    container: true
    repo: "{{ snapshot_controller_image_repo }}"
    tag: "{{ snapshot_controller_image_tag }}"
    sha256: "{{ snapshot_controller_digest_checksum|default(None) }}"
    groups:
  csi_resizer:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
    repo: "{{ csi_resizer_image_repo }}"
    tag: "{{ csi_resizer_image_tag }}"
    sha256: "{{ csi_resizer_digest_checksum|default(None) }}"
    groups:

  csi_node_driver_registrar:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
    container: true
    repo: "{{ csi_node_driver_registrar_image_repo }}"
    tag: "{{ csi_node_driver_registrar_image_tag }}"
    sha256: "{{ csi_node_driver_registrar_digest_checksum|default(None) }}"

  cinder_csi_plugin:
    enabled: "{{ cinder_csi_enabled }}"
    container: true
    repo: "{{ cinder_csi_plugin_image_repo }}"
    tag: "{{ cinder_csi_plugin_image_tag }}"
    sha256: "{{ cinder_csi_plugin_digest_checksum|default(None) }}"
    groups:
  aws_ebs_csi_plugin:
    enabled: "{{ aws_ebs_csi_enabled }}"
    repo: "{{ aws_ebs_csi_plugin_image_repo }}"
    tag: "{{ aws_ebs_csi_plugin_image_tag }}"
    sha256: "{{ aws_ebs_csi_plugin_digest_checksum|default(None) }}"
  dashboard:
    enabled: "{{ dashboard_enabled }}"
    container: true
    repo: "{{ dashboard_image_repo }}"
    tag: "{{ dashboard_image_tag }}"
    sha256: "{{ dashboard_digest_checksum|default(None) }}"
    groups:
  dashboard_metrics_scrapper:
    enabled: "{{ dashboard_enabled }}"
    container: true
    repo: "{{ dashboard_metrics_scraper_repo }}"
    tag: "{{ dashboard_metrics_scraper_tag }}"
    sha256: "{{ dashboard_digest_checksum|default(None) }}"
    groups:
download_defaults:
  container: false
  file: false
  repo: None
  tag: None
  enabled: false
  dest: None
  version: None
  url: None
  unarchive: false
  owner: kube
  mode: None