Skip to content
main.yml 27 KiB
Newer Older
local_release_dir: /tmp/releases
download_cache_dir: /tmp/kubespray_cache

# do not delete remote cache files after using them
# NOTE: Setting this parameter to TRUE is only really useful when developing kubespray
download_keep_remote_cache: false

# Only useful when download_run_once is false: Localy cached files and images are
# uploaded to kubernetes nodes. Also, images downloaded on those nodes are copied
# back to the ansible runner's cache, if they are not yet preset.
download_force_cache: false
# Used to only evaluate vars from download role
skip_downloads: false

# Optionally skip kubeadm images download
skip_kubeadm_images: false
# if this is set to true will only download files once. Doesn't work
Bogdan Dobrelya's avatar
Bogdan Dobrelya committed
# on Container Linux by CoreOS unless the download_localhost is true and localhost
# is running another OS type. Default compress level is 1 (fastest).
download_run_once: False
download_compress: 1
# if this is set to true will download container
download_container: True

# if this is set to true, uses the localhost for download_run_once mode
# (requires docker and sudo to access docker). You may want this option for
Bogdan Dobrelya's avatar
Bogdan Dobrelya committed
# local caching of docker images or for Container Linux by CoreOS cluster nodes.
# Otherwise, uses the first node in the kube-master group to store images
# in the download_run_once mode.
download_localhost: False
# Always pull images if set to True. Otherwise check by the repo's tag/digest.
download_always_pull: False

# Some problems may occur when downloading files over https proxy due to ansible bug
# https://github.com/ansible/ansible/issues/32750. Set this variable to False to disable
# SSL validation of get_url module. Note that kubespray will still be performing checksum validation.
download_validate_certs: True

# Use the first kube-master if download_localhost is not set
download_delegate: "{% if download_localhost %}localhost{% else %}{{ groups['kube-master'][0] }}{% endif %}"
# Arch of Docker images and needed packages
Antoine Legrand's avatar
Antoine Legrand committed
image_arch: "{{host_architecture | default('amd64')}}"
Smaine Kahlouch's avatar
Smaine Kahlouch committed
# Versions
okamototk's avatar
okamototk committed
kube_version: v1.15.0
kubeadm_version: "{{ kube_version }}"
# kubernetes image repo define
kube_image_repo: "gcr.io/google-containers"

# TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
# after migration to container download
calico_version: "v3.7.3"
calico_ctl_version: "v3.7.3"
calico_cni_version: "v3.7.3"
calico_policy_version: "v3.7.3"
calico_rr_version: "v0.6.1"
calico_typha_version: "v3.7.3"
flannel_version: "v0.11.0"
ArchiFleKs's avatar
ArchiFleKs committed
flannel_cni_version: "v0.3.0"
cni_version: "v0.8.1"
weave_version: 2.5.2
rongzhang's avatar
rongzhang committed
pod_infra_version: 3.1
Erwan Miran's avatar
Erwan Miran committed
contiv_version: 1.2.1
Dmitriy Zinin's avatar
Dmitriy Zinin committed
cilium_version: "v1.3.0"
kube_router_version: "v0.2.5"
okamototk's avatar
okamototk committed
multus_version: "v3.1.autoconf"

crictl_version: "v1.14.0"
ant31's avatar
ant31 committed

# Download URLs
kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/{{ image_arch }}/kubeadm"
hyperkube_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/{{ image_arch }}/hyperkube"
etcd_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
cni_download_url: "https://github.com/containernetworking/plugins/releases/download/{{ cni_version }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
calicoctl_download_url: "https://github.com/projectcalico/calicoctl/releases/download/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
okamototk's avatar
okamototk committed
crictl_download_url: "https://github.com/kubernetes-sigs/cri-tools/releases/download/{{ crictl_version }}/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"

crictl_checksums:
  arm:
    v1.14.0: 9910cecfd6558239ba015323066c7233d8371af359b9ddd0b2a35d5223bcf945
    v1.13.0: 2e478ebed85f9d70d49fd8f1d1089c8fba6e37d3461aeef91813f1ab0f0df586
  arm64:
    v1.14.0: f76b3d00a272c8d210e9a45f77d07d3770bee310d99c4fd9a72d6f55278882e5
    v1.13.0: 68949c0cb5a37e7604c145d189cf1e109c08c93d9c710ba663db026b9c6f2746
  amd64:
    v1.14.0: 483c90a9fe679590df4332ba807991c49232e8cd326c307c575ecef7fe22327b
    v1.13.0: 9bdbea7a2b382494aff2ff014da328a042c5aba9096a7772e57fdf487e5a1d51
ant31's avatar
ant31 committed

Smaine Kahlouch's avatar
Smaine Kahlouch committed
# Checksums
hyperkube_checksums:
okamototk's avatar
okamototk committed
    v1.15.0: d923c781031bfd97d0fbe50311e4d7c3616aa5b6d466b99049931f09d73d07b9
    v1.14.4: 429a10369b2ef35a9c2d662347277339d53fa66ef55ffeabcc7d9b850e31056d
    v1.14.3: 3fac785261bcf79f7a80b12c4a1dda893ce8c0879caf57b36d4701730671b574
    v1.14.2: 6929a59850c8702c04d62cd343d1143b17456da040f32317e09f8c25a08d2346
    v1.14.1: 839a4abfeafbd5f5ab057ad0e8a0b0b488b3cde14a646eba040a7f579875f565
    v1.14.0: d090b1da23564a7e9bb8f1f4264f2116536c52611ae203fe2ca13eaad0a8003e
okamototk's avatar
okamototk committed
    v1.15.0: 824af7d925b87a5ade63575b98b59ee81005fc76eac1dc399602308d7a60bc3c
    v1.14.4: 9e0b4fde88a07c705e0937cd3161392684e3ca08535d14a99ae3b86bbf4c56b3
    v1.14.3: f29211d668cbcf1aa415dfa64aad95ffc53b5410482a23cddb680caec4e907a3
    v1.14.2: 959fb7d9c17fc8f7cb1a69920aaf08aefd62c0fbf6b5bdc46250f147ea6a5cd4
    v1.14.1: d5236efc2547fd07c7cc2ed9345dfbcd1204385847ca686cf1c62d15056de399
    v1.14.0: 708e00a41f6516d525dee00c91ebe3c3bf2feaf9b7f0af7689487e3e17e356c2
okamototk's avatar
okamototk committed
    v1.15.0: 3cc72cc58517b97c608c7a59a20255675bc70f07217c9e11e58cac7746139283
    v1.14.4: 5f31434f3a884257a7b0e3178fc869720a7526c8637af5713d23433ddf2592dd
    v1.14.3: 6c6cb5c118b2129ba4e56697f42567be3587eb636a477cd342b69f87b3b049d1
    v1.14.2: 05546057f2053e085fa8387ab82581c95fe4195cd783408ccbb4fc3487c50176
    v1.14.1: fb34b98da9325feca8daa09bb934dbe6a533aad69c2a5599bbed81b99bb9c267
    v1.14.0: af8b04504365dbe4ce6a1772f42eb390d4221a21149b522fc8a0c4b1cd3d97aa
okamototk's avatar
okamototk committed
    v1.15.0: 9464030a1d4e101de5f47348f3514d5a9eb95cbce2e5e31f53ada1ca485cf75e
    v1.14.4: 36835488d7187406690ee6aa4b3c9c54855cb5c55d786d0574a508b955fe3a46
    v1.14.3: 270b8c346aeaa309d11d65695c4a90f6bff5b1ea14bdec3c417ca2dfb3de0db3
    v1.14.2: d2a59269aa68a4bace2a80b247b6f9a82f0542ec3004185fb0ba86e181fdfb29
    v1.14.1: 4bd111411208f1270ed3af8780b87d24a3c17c9fdbe4b0f8c7a9a21cd765543e
    v1.14.0: 11f2cfa8bf7ee177dbac8073ab0f039dc265536baaa8dc0c4dea699f981f6fd1
okamototk's avatar
okamototk committed
    v1.15.0: fe3c79070814fe847a23209b1027672fe5c5e7e5c9611e329225058926836f96
    v1.14.4: 60745b3ac761d3aa55ab9a24677ecf4e7f48b5abed34c725047a174456e5a79b
    v1.14.3: 8edcc07c65f81eea3fc47cd237dd6560c6907c5e0ca52d71eab53ca1164e7d01
    v1.14.2: bff0712b87796509129aa802ad3ac25b8cc83af01762b22b4dcca8dbdb26b520
    v1.14.1: 5cf05464168e45ee4719264a267c65f9319fae1ceb9923fedab97a9d6a629e0b
    v1.14.0: 7ed9d706e50cd6d3fc618a7af3d19b691b8a5343ddedaeccb4ea09af3ecfae2c
okamototk's avatar
okamototk committed
    v1.15.0: fc4aa44b96dc143d7c3062124e25fed671cab884ebb8b2446edd10abb45e88c2
    v1.14.4: 291790a1cef82c4de28cc3338a199ca8356838ca26f775f2c2acba165b633d9f
    v1.14.3: 026700dfff3c78be1295417e96d882136e5e1f095eb843e6575e57ef9930b5d3
    v1.14.2: 77510f61352bb6e537e70730b670627963f2c314fbd36a644b0c435b97e9705a
    v1.14.1: c4fc478572b5623857f5d820e1c107ae02049ca02cf2993e512a091a0196957b
    v1.14.0: 03678f49ee4737f8b8c4f59ace0d140a36ffbc4f6035c59561f59f45b57d0c93
okamototk's avatar
okamototk committed
crictl_binary_checksums:
  amd64:
    v1.14.0: 483c90a9fe679590df4332ba807991c49232e8cd326c307c575ecef7fe22327b
  # Etcd does not have arm32 builds at the moment, having some dummy value is
  # required to avoid "no attribute" error
  arm: 0
  arm64: 5ec97b0b872adce275b8130d19db314f7f2b803aeb24c4aae17a19e2d66853c4
  amd64: 1620a59150ec0a0124a65540e23891243feb2d9a628092fb1edcc23974724a45
  arm: ae6ddbd87c05a79aceb92e1c8c32d11e302f6fc55045f87f6a3ea7e0268b2fda
  arm64: acde854e3def3c776c532ae521c19d8784534918cc56449ff16945a2909bff6d
  amd64: e9bfc78acd3ae71be77eb8f3e890cc9078a33cc3797703b8ff2fc3077a232252
calicoctl_binary_checksums:
    v3.7.3: 0
    v3.6.1: 3b01336de37550e020343d62a38c96c4605d33a3ed7ddba2fe38bc172a5b42b5
    v3.5.4: 197194b838cc2a9a7455c2ebd5505a5e24f8f3d994eb75c17f5dd568944100b8
    v3.4.4: 93bd084e053cf1bf3b7fef369677bd6767c30fe7135e2c7e044e31693422ef61
    v3.7.3: 932f68e893e80e95e10f064f1e7745e438d456f41a6ff12d11bb16ca0cab735c
    v3.6.1: 60fbaeb257061647bdf12b5ede7a0d4298a5ee216f6472e5a92bb14ef5c2a5d3
    v3.5.4: a4481178665658658a73e4ceca9a1dff5cccded4179615c91d1c3e49fd96f237
    v3.4.4: ff35d9e8b5c00e9fe47d05e8f5123ec98fd641370f8cd93f4fbb3d913da77ab6
    v3.7.3: 7cfaab25c287f7ef93b2682d060b55bf39f76b668540de50376b5ed174209832

etcd_binary_checksum: "{{ etcd_binary_checksums[image_arch] }}"
cni_binary_checksum: "{{ cni_binary_checksums[image_arch] }}"
hyperkube_binary_checksum: "{{ hyperkube_checksums[image_arch][kube_version] }}"
kubeadm_binary_checksum: "{{ kubeadm_checksums[image_arch][kubeadm_version] }}"
calicoctl_binary_checksum: "{{ calicoctl_binary_checksums[image_arch][calico_ctl_version] }}"
okamototk's avatar
okamototk committed
crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}"
# Containers
# In some cases, we need a way to set --registry-mirror or --insecure-registry for docker,
# it helps a lot for local private development or bare metal environment.
# So you need define --registry-mirror or --insecure-registry, and modify the following url address.
# example:
# You need to deploy kubernetes cluster on local private development.
# Also provide the address of your own private registry.
# And use --insecure-registry options for docker
etcd_image_repo: "quay.io/coreos/etcd"
Antoine Legrand's avatar
Antoine Legrand committed
etcd_image_tag: "{{ etcd_version }}{%- if image_arch != 'amd64' -%}-{{ image_arch }}{%- endif -%}"
flannel_image_repo: "quay.io/coreos/flannel"
flannel_image_tag: "{{ flannel_version }}"
flannel_cni_image_repo: "quay.io/coreos/flannel-cni"
flannel_cni_image_tag: "{{ flannel_cni_version }}"
calico_node_image_repo: "docker.io/calico/node"
calico_node_image_tag: "{{ calico_version }}"
calico_cni_image_repo: "docker.io/calico/cni"
calico_cni_image_tag: "{{ calico_cni_version }}"
calico_policy_image_repo: "docker.io/calico/kube-controllers"
calico_policy_image_tag: "{{ calico_policy_version }}"
calico_rr_image_repo: "docker.io/calico/routereflector"
calico_rr_image_tag: "{{ calico_rr_version }}"
calico_typha_image_repo: "docker.io/calico/typha"
calico_typha_image_tag: "{{ calico_typha_version }}"
pod_infra_image_repo: "gcr.io/google_containers/pause-{{ image_arch }}"
install_socat_image_repo: "docker.io/xueshanf/install-socat"
install_socat_image_tag: "latest"
netcheck_version: "v1.0"
netcheck_agent_image_repo: "quay.io/l23network/k8s-netchecker-agent"
netcheck_agent_image_tag: "{{ netcheck_version }}"
netcheck_server_image_repo: "quay.io/l23network/k8s-netchecker-server"
netcheck_server_image_tag: "{{ netcheck_version }}"
weave_kube_image_repo: "docker.io/weaveworks/weave-kube"
Brad Beam's avatar
Brad Beam committed
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "docker.io/weaveworks/weave-npc"
Brad Beam's avatar
Brad Beam committed
weave_npc_image_tag: "{{ weave_version }}"
contiv_image_repo: "docker.io/contiv/netplugin"
contiv_image_tag: "{{ contiv_version }}"
contiv_init_image_repo: "docker.io/contiv/netplugin-init"
Erwan Miran's avatar
Erwan Miran committed
contiv_init_image_tag: "latest"
contiv_auth_proxy_image_repo: "docker.io/contiv/auth_proxy"
contiv_auth_proxy_image_tag: "{{ contiv_version }}"
contiv_etcd_init_image_repo: "docker.io/ferest/etcd-initer"
contiv_etcd_init_image_tag: latest
contiv_ovs_image_repo: "docker.io/contiv/ovs"
Erwan Miran's avatar
Erwan Miran committed
contiv_ovs_image_tag: "latest"
melkosoft's avatar
melkosoft committed
cilium_image_repo: "docker.io/cilium/cilium"
cilium_image_tag: "{{ cilium_version }}"
cilium_init_image_repo: "docker.io/library/busybox"
cilium_init_image_tag: "1.28.4"
kube_router_image_repo: "docker.io/cloudnativelabs/kube-router"
kube_router_image_tag: "{{ kube_router_version }}"
multus_image_repo: "docker.io/nfvpe/multus"
multus_image_tag: "{{ multus_version }}"
nginx_image_repo: docker.io/nginx
haproxy_image_repo: docker.io/haproxy
haproxy_image_tag: 1.9

coredns_version: "1.5.0"
coredns_image_repo: "docker.io/coredns/coredns"
coredns_image_tag: "{{ coredns_version }}"
nodelocaldns_image_repo: "k8s.gcr.io/k8s-dns-node-cache"
nodelocaldns_image_tag: "{{ nodelocaldns_version }}"

okamototk's avatar
okamototk committed
dnsautoscaler_version: 1.6.0
dnsautoscaler_image_repo: "k8s.gcr.io/cluster-proportional-autoscaler-{{ image_arch }}"
dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
test_image_repo: docker.io/busybox
test_image_tag: latest
busybox_image_repo: docker.io/busybox
busybox_image_tag: 1.29.2
helm_version: "v2.13.1"
helm_image_repo: "docker.io/lachlanevenson/k8s-helm"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
helm_image_tag: "{{ helm_version }}"
tiller_image_repo: "gcr.io/kubernetes-helm/tiller"
tiller_image_tag: "{{ helm_version }}"
registry_image_repo: "docker.io/registry"
registry_image_tag: "2.6"
registry_proxy_image_repo: "gcr.io/google_containers/kube-registry-proxy"
registry_proxy_image_tag: "0.4"
okamototk's avatar
okamototk committed
metrics_server_version: "v0.3.3"
metrics_server_image_repo: "gcr.io/google_containers/metrics-server-amd64"
metrics_server_image_tag: "{{ metrics_server_version }}"
local_volume_provisioner_image_repo: "quay.io/external_storage/local-volume-provisioner"
cephfs_provisioner_image_repo: "quay.io/external_storage/cephfs-provisioner"
cephfs_provisioner_image_tag: "v2.1.0-k8s1.11"
rbd_provisioner_image_repo: "quay.io/external_storage/rbd-provisioner"
rbd_provisioner_image_tag: "v2.1.1-k8s1.11"
local_path_provisioner_image_repo: "docker.io/rancher/local-path-provisioner"
local_path_provisioner_image_tag: "v0.0.2"
ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller"
ingress_nginx_controller_image_tag: "0.24.1"
cert_manager_version: "v0.5.2"
cert_manager_controller_image_repo: "quay.io/jetstack/cert-manager-controller"
cert_manager_controller_image_tag: "{{ cert_manager_version }}"
addon_resizer_version: "1.8.3"
addon_resizer_image_repo: "k8s.gcr.io/addon-resizer"
addon_resizer_image_tag: "{{ addon_resizer_version }}"
dashboard_image_repo: "gcr.io/google_containers/kubernetes-dashboard-{{ image_arch }}"
dashboard_image_tag: "v1.10.1"
okamototk's avatar
okamototk committed
image_pull_command: "{{ docker_bin_dir }}/docker pull"
image_info_command: "{{ docker_bin_dir }}/docker images -q | xargs {{ docker_bin_dir }}/docker inspect -f \"{{ '{{' }} if .RepoTags {{ '}}' }}{{ '{{' }} (index .RepoTags 0) {{ '}}' }}{{ '{{' }} end {{ '}}' }}{{ '{{' }} if .RepoDigests {{ '}}' }},{{ '{{' }} (index .RepoDigests 0) {{ '}}' }}{{ '{{' }} end {{ '}}' }}\" | tr '\n' ','"

ant31's avatar
ant31 committed
downloads:
  netcheck_server:
    enabled: "{{ deploy_netchecker }}"
    container: true
    repo: "{{ netcheck_server_image_repo }}"
    tag: "{{ netcheck_server_image_tag }}"
    sha256: "{{ netcheck_server_digest_checksum|default(None) }}"
  netcheck_agent:
    enabled: "{{ deploy_netchecker }}"
    container: true
    repo: "{{ netcheck_agent_image_repo }}"
    tag: "{{ netcheck_agent_image_tag }}"
    sha256: "{{ netcheck_agent_digest_checksum|default(None) }}"
    container: "{{ etcd_deployment_type != 'host' }}"
    file: "{{ etcd_deployment_type == 'host' }}"
    version: "{{ etcd_version }}"
Antoine Legrand's avatar
Antoine Legrand committed
    dest: "{{local_release_dir}}/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
    repo: "{{ etcd_image_repo }}"
    tag: "{{ etcd_image_tag }}"
    sha256: "{{ etcd_binary_checksum if etcd_deployment_type == 'host' else etcd_digest_checksum|d(None) }}"
    url: "{{ etcd_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
      - etcd
  cni:
    enabled: true
    file: true
    version: "{{ cni_version }}"
    dest: "{{local_release_dir}}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
    sha256: "{{ cni_binary_checksum }}"
    url: "{{ cni_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
      - k8s-cluster

  kubeadm:
    enabled: true
    version: "{{ kubeadm_version }}"
    dest: "{{ local_release_dir }}/kubeadm-{{ kubeadm_version }}-{{ image_arch }}"
    sha256: "{{ kubeadm_binary_checksum }}"
    url: "{{ kubeadm_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
  hyperkube_file:
    enabled: true
    file: true
    version: "{{ kube_version }}"
    dest: "{{ local_release_dir }}/hyperkube-{{ kube_version }}-{{ image_arch }}"
    sha256: "{{ hyperkube_binary_checksum }}"
    url: "{{ hyperkube_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
      - k8s-cluster
okamototk's avatar
okamototk committed
  crictl:
    file: true
    enabled: "{{ container_manager in ['crio', 'cri', 'containerd'] }}"
    version: "{{ crictl_version }}"
    dest: "{{local_release_dir}}/crictl-{{ crictl_version }}-linux-{{ image_arch }}.tar.gz"
    sha256: "{{ crictl_binary_checksum }}"
    url: "{{ crictl_download_url }}"
    unarchive: true
    owner: "root"
    mode: "0755"
    groups:
      - k8s-cluster

melkosoft's avatar
melkosoft committed
  cilium:
    enabled: "{{ kube_network_plugin == 'cilium' }}"
    container: true
    repo: "{{ cilium_image_repo }}"
    tag: "{{ cilium_image_tag }}"
    sha256: "{{ cilium_digest_checksum|default(None) }}"
  cilium_init:
    enabled: "{{ kube_network_plugin == 'cilium' }}"
    container: true
    repo: "{{ cilium_init_image_repo }}"
    tag: "{{ cilium_init_image_tag }}"
    sha256: "{{ cilium_init_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster

  multus:
    enabled: "{{ kube_network_plugin_multus }}"
    container: true
    repo: "{{ multus_image_repo }}"
    tag: "{{ multus_image_tag }}"
    sha256: "{{ multus_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster

    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ flannel_image_repo }}"
    tag: "{{ flannel_image_tag }}"
    sha256: "{{ flannel_digest_checksum|default(None) }}"
    enabled: "{{ kube_network_plugin == 'flannel' }}"
    container: true
    repo: "{{ flannel_cni_image_repo }}"
    tag: "{{ flannel_cni_image_tag }}"
    sha256: "{{ flannel_cni_digest_checksum|default(None) }}"
  calicoctl:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    file: true
    version: "{{ calico_ctl_version }}"
    dest: "{{local_release_dir}}/calicoctl"
    sha256: "{{ calicoctl_binary_checksum }}"
    url: "{{ calicoctl_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
  calico_node:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_node_image_repo }}"
    tag: "{{ calico_node_image_tag }}"
    sha256: "{{ calico_node_digest_checksum|default(None) }}"
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_cni_image_repo }}"
    tag: "{{ calico_cni_image_tag }}"
    sha256: "{{ calico_cni_digest_checksum|default(None) }}"
    enabled: "{{ enable_network_policy or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_policy_image_repo }}"
    tag: "{{ calico_policy_image_tag }}"
    sha256: "{{ calico_policy_digest_checksum|default(None) }}"
    enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr and kube_network_plugin == 'calico' }}"
    container: true
    repo: "{{ calico_rr_image_repo }}"
    tag: "{{ calico_rr_image_tag }}"
    sha256: "{{ calico_rr_digest_checksum|default(None) }}"
  calico_typha:
    enabled: "{{ typha_enabled == 'calico' }}"
    container: true
    repo: "{{ calico_typha_image_repo }}"
    tag: "{{ calico_typha_image_tag }}"
    sha256: "{{ calico_typha_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster

Brad Beam's avatar
Brad Beam committed
  weave_kube:
    enabled: "{{ kube_network_plugin == 'weave' }}"
Brad Beam's avatar
Brad Beam committed
    container: true
    repo: "{{ weave_kube_image_repo }}"
    tag: "{{ weave_kube_image_tag }}"
    sha256: "{{ weave_kube_digest_checksum|default(None) }}"
Brad Beam's avatar
Brad Beam committed
  weave_npc:
    enabled: "{{ kube_network_plugin == 'weave' }}"
Brad Beam's avatar
Brad Beam committed
    container: true
    repo: "{{ weave_npc_image_repo }}"
    tag: "{{ weave_npc_image_tag }}"
    sha256: "{{ weave_npc_digest_checksum|default(None) }}"
  contiv:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_image_repo }}"
    tag: "{{ contiv_image_tag }}"
    sha256: "{{ contiv_digest_checksum|default(None) }}"
  contiv_auth_proxy:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_auth_proxy_image_repo }}"
    tag: "{{ contiv_auth_proxy_image_tag }}"
    sha256: "{{ contiv_auth_proxy_digest_checksum|default(None) }}"
  contiv_etcd_init:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_etcd_init_image_repo }}"
    tag: "{{ contiv_etcd_init_image_tag }}"
    sha256: "{{ contiv_etcd_init_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  kube_router:
    enabled: "{{ kube_network_plugin == 'kube-router' }}"
    container: true
    repo: "{{ kube_router_image_repo }}"
    tag: "{{ kube_router_image_tag }}"
    sha256: "{{ kube_router_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster

    container: true
    repo: "{{ pod_infra_image_repo }}"
    tag: "{{ pod_infra_image_tag }}"
    sha256: "{{ pod_infra_digest_checksum|default(None) }}"
    enabled: "{{ ansible_os_family in ['CoreOS', 'Container Linux by CoreOS'] }}"
    container: true
    repo: "{{ install_socat_image_repo }}"
    tag: "{{ install_socat_image_tag }}"
    sha256: "{{ install_socat_digest_checksum|default(None) }}"
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'nginx' }}"
    container: true
    repo: "{{ nginx_image_repo }}"
    tag: "{{ nginx_image_tag }}"
    sha256: "{{ nginx_digest_checksum|default(None) }}"
  haproxy:
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'haproxy' }}"
    container: true
    repo: "{{ haproxy_image_repo }}"
    tag: "{{ haproxy_image_tag }}"
    sha256: "{{ haproxy_digest_checksum|default(None) }}"
    groups:
      - kube-node

  coredns:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
    container: true
    repo: "{{ coredns_image_repo }}"
    tag: "{{ coredns_image_tag }}"
    sha256: "{{ coredns_digest_checksum|default(None) }}"
    enabled: "{{ enable_nodelocaldns }}"
    container: true
    repo: "{{ nodelocaldns_image_repo }}"
    tag: "{{ nodelocaldns_image_tag }}"
    sha256: "{{ nodelocaldns_digest_checksum|default(None) }}"
    groups:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
    repo: "{{ dnsautoscaler_image_repo }}"
    tag: "{{ dnsautoscaler_image_tag }}"
    sha256: "{{ dnsautoscaler_digest_checksum|default(None) }}"
  busybox:
    enabled: "{{ kube_network_plugin in ['kube-router'] }}"
    container: true
    repo: "{{ busybox_image_repo }}"
    tag: "{{ busybox_image_tag }}"
    sha256: "{{ busybox_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster

    container: true
    repo: "{{ test_image_repo }}"
    tag: "{{ test_image_tag }}"
    sha256: "{{ testbox_digest_checksum|default(None) }}"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
  helm:
    enabled: "{{ helm_enabled }}"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
    container: true
    repo: "{{ helm_image_repo }}"
    tag: "{{ helm_image_tag }}"
    sha256: "{{ helm_digest_checksum|default(None) }}"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
  tiller:
    enabled: "{{ helm_enabled }}"
Matthew Mosesohn's avatar
Matthew Mosesohn committed
    container: true
    repo: "{{ tiller_image_repo }}"
    tag: "{{ tiller_image_tag }}"
    sha256: "{{ tiller_digest_checksum|default(None) }}"
  registry:
    enabled: "{{ registry_enabled }}"
    container: true
    repo: "{{ registry_image_repo }}"
    tag: "{{ registry_image_tag }}"
    sha256: "{{ registry_digest_checksum|default(None) }}"
    groups:
      - kube-node
  registry_proxy:
    enabled: "{{ registry_enabled }}"
    container: true
    repo: "{{ registry_proxy_image_repo }}"
    tag: "{{ registry_proxy_image_tag }}"
    sha256: "{{ registry_proxy_digest_checksum|default(None) }}"
    groups:
      - kube-node
  metrics_server:
    enabled: "{{ metrics_server_enabled }}"
    container: true
    repo: "{{ metrics_server_image_repo }}"
    tag: "{{ metrics_server_image_tag }}"
    sha256: "{{ metrics_server_digest_checksum|default(None) }}"
    groups:
      - kube-master

  addon_resizer:
    # Currently addon_resizer is only used by metrics server
    enabled: "{{ metrics_server_enabled }}"
    container: true
    repo: "{{ addon_resizer_image_repo }}"
    tag: "{{ addon_resizer_image_tag }}"
    sha256: "{{ addon_resizer_digest_checksum|default(None) }}"
    groups:
      - kube-master

  local_volume_provisioner:
    enabled: "{{ local_volume_provisioner_enabled }}"
    container: true
    repo: "{{ local_volume_provisioner_image_repo }}"
    tag: "{{ local_volume_provisioner_image_tag }}"
    sha256: "{{ local_volume_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node
  cephfs_provisioner:
    enabled: "{{ cephfs_provisioner_enabled }}"
    container: true
    repo: "{{ cephfs_provisioner_image_repo }}"
    tag: "{{ cephfs_provisioner_image_tag }}"
    sha256: "{{ cephfs_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node
  rbd_provisioner:
    enabled: "{{ rbd_provisioner_enabled }}"
    container: true
    repo: "{{ rbd_provisioner_image_repo }}"
    tag: "{{ rbd_provisioner_image_tag }}"
    sha256: "{{ rbd_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node

  local_path_provisioner:
    enabled: "{{ local_volume_provisioner_enabled }}"
    container: true
    repo: "{{ local_path_provisioner_image_repo }}"
    tag: "{{ local_path_provisioner_image_tag }}"
    sha256: "{{ local_path_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node

  ingress_nginx_controller:
    enabled: "{{ ingress_nginx_enabled }}"
    container: true
    repo: "{{ ingress_nginx_controller_image_repo }}"
    tag: "{{ ingress_nginx_controller_image_tag }}"
    sha256: "{{ ingress_nginx_controller_digest_checksum|default(None) }}"
    groups:
  cert_manager_controller:
    enabled: "{{ cert_manager_enabled }}"
    container: true
    repo: "{{ cert_manager_controller_image_repo }}"
    tag: "{{ cert_manager_controller_image_tag }}"
    sha256: "{{ cert_manager_controller_digest_checksum|default(None) }}"
    groups:
      - kube-node
  dashboard:
    enabled: "{{ dashboard_enabled }}"
    container: true
    repo: "{{ dashboard_image_repo }}"
    tag: "{{ dashboard_image_tag }}"
    sha256: "{{ dashboard_digest_checksum|default(None) }}"
    groups:
      - kube-master

download_defaults:
  container: false
  file: false
  repo: None
  tag: None
  enabled: false
  dest: None
  version: None
  url: None
  unarchive: false
  owner: kube
  mode: None