added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role (#5607)

0ca7aa12 · Sylvain Chateau · GitHub · d0d99674 · 0ca7aa12 · 0ca7aa12
Unverified Commit 0ca7aa12 authored 5 years ago by Sylvain Chateau Committed by GitHub 5 years ago
--- a/contrib/vault/roles/vault/tasks/bootstrap/ca_trust.yml
+++ b/contrib/vault/roles/vault/tasks/bootstrap/ca_trust.yml
@@ -13,7 +13,7 @@
      /usr/local/share/ca-certificates/vault-ca.crt
      {%- elif ansible_os_family == "RedHat" -%}
      /etc/pki/ca-trust/source/anchors/vault-ca.crt
-      {%- elif ansible_os_family in ["Coreos", "Container Linux by CoreOS"] -%}
+      {%- elif ansible_os_family in ["Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] -%}
      /etc/ssl/certs/vault-ca.pem
      {%- endif %}

@@ -25,7 +25,7 @@

 - name: bootstrap/ca_trust | update ca-certificates (Debian/Ubuntu/CoreOS)
  command: update-ca-certificates
-  when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Coreos", "Container Linux by CoreOS"]
+  when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

 - name: bootstrap/ca_trust | update ca-certificates (RedHat)
  command: update-ca-trust extract

--- a/roles/bootstrap-os/tasks/bootstrap-coreos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-coreos.yml
@@ -10,7 +10,7 @@
  tags:
    - facts

- name: Force binaries directory for Container Linux by CoreOS
+- name: Force binaries directory for Container Linux by CoreOS and Flatcar
  set_fact:
    bin_dir: "/opt/bin"
  tags:

--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -14,7 +14,7 @@
  when: '"Clear Linux OS" in os_release.stdout'

 - include_tasks: bootstrap-coreos.yml
-  when: '"CoreOS" in os_release.stdout'
+  when: '"CoreOS" in os_release.stdout or "Flatcar" in os_release.stdout'

 - include_tasks: bootstrap-debian.yml
  when: '"Debian" in os_release.stdout or "Ubuntu" in os_release.stdout'
@@ -41,30 +41,30 @@
    gather_subset: '!all'
    filter: ansible_*

- name: Assign inventory name to unconfigured hostnames (non-CoreOS, Suse and ClearLinux)
+- name: Assign inventory name to unconfigured hostnames (non-CoreOS, non-Flatcar, Suse and ClearLinux)
  hostname:
    name: "{{ inventory_hostname }}"
  when:
    - override_system_hostname
-    - ansible_os_family not in ['Suse', 'Container Linux by CoreOS', 'ClearLinux']
+    - ansible_os_family not in ['Suse', 'Container Linux by CoreOS', 'Flatcar Container Linux by Kinvolk', 'ClearLinux']

 # (2/3)
- name: Assign inventory name to unconfigured hostnames (CoreOS, Suse and ClearLinux only)
+- name: Assign inventory name to unconfigured hostnames (CoreOS, non-Flatcar, Suse and ClearLinux only)
  command: "hostnamectl set-hostname {{ inventory_hostname }}"
  register: hostname_changed
  changed_when: false
  when:
    - override_system_hostname
-    - ansible_os_family in ['Suse', 'Container Linux by CoreOS', 'ClearLinux']
+    - ansible_os_family in ['Suse', 'Container Linux by CoreOS', 'Flatcar Container Linux by Kinvolk', 'ClearLinux']

 # (3/3)
- name: Update hostname fact (CoreOS, Suse and ClearLinux only)
+- name: Update hostname fact (CoreOS, Flatcar, Suse and ClearLinux only)
  setup:
    gather_subset: '!all'
    filter: ansible_hostname
  when:
    - override_system_hostname
-    - ansible_os_family in ['Suse', 'Container Linux by CoreOS', 'ClearLinux']
+    - ansible_os_family in ['Suse', 'Flatcar Container Linux by Kinvolk', 'Container Linux by CoreOS', 'ClearLinux']

 - name: "Install ceph-commmon package"
  package:

--- a/roles/container-engine/docker/handlers/main.yml
+++ b/roles/container-engine/docker/handlers/main.yml
@@ -15,7 +15,7 @@
  service:
    name: docker.socket
    state: restarted
-  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
+  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk']

 - name: Docker | reload docker
  service:

--- a/roles/container-engine/docker/tasks/main.yml
+++ b/roles/container-engine/docker/tasks/main.yml
@@ -43,7 +43,7 @@
          docker requires a minimum kernel version of
          {{ docker_kernel_min_version }} on
          {{ ansible_distribution }}-{{ ansible_distribution_version }}
-  when: (not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
+  when: (not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
  tags:
    - facts

@@ -60,7 +60,7 @@
  retries: 4
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ docker_repo_key_info.repo_keys }}"
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic)

 - name: ensure docker-ce repository is enabled
  action: "{{ docker_repo_info.pkg_repo }}"
@@ -68,7 +68,7 @@
    repo: "{{ item }}"
    state: present
  with_items: "{{ docker_repo_info.repos }}"
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (docker_repo_info.repos|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (docker_repo_info.repos|length > 0)

 - name: ensure docker-engine repository public key is installed
  action: "{{ dockerproject_repo_key_info.pkg_key }}"
@@ -82,7 +82,7 @@
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
  when:
-    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
+    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic)
    - use_docker_engine is defined and use_docker_engine

 - name: ensure docker-engine repository is enabled
@@ -93,7 +93,7 @@
  with_items: "{{ dockerproject_repo_info.repos }}"
  when:
    - use_docker_engine is defined and use_docker_engine
-    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
+    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)

 - name: Configure docker repository on Fedora
  template:
@@ -162,7 +162,7 @@
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ docker_package_info.pkgs }}"
  notify: restart docker
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"] or is_atomic) and (docker_package_info.pkgs|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"] or is_atomic) and (docker_package_info.pkgs|length > 0)
  ignore_errors: true

 - name: Ensure docker packages are installed

--- a/roles/container-engine/docker/tasks/systemd.yml
+++ b/roles/container-engine/docker/tasks/systemd.yml
@@ -24,7 +24,7 @@
    dest: /etc/systemd/system/docker.service
  register: docker_service_file
  notify: restart docker
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_atomic)

 - name: Write docker options systemd drop-in
  template:

--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -783,7 +783,7 @@ downloads:
      - k8s-cluster

  install_socat:
-    enabled: "{{ ansible_os_family in ['CoreOS', 'Container Linux by CoreOS'] }}"
+    enabled: "{{ ansible_os_family in ['CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
    container: true
    repo: "{{ install_socat_image_repo }}"
    tag: "{{ install_socat_image_tag }}"

--- a/roles/download/tasks/download_container.yml
+++ b/roles/download/tasks/download_container.yml
@@ -50,7 +50,7 @@
        - download_force_cache
        - image_is_cached
        - not download_localhost
-        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

    - name: download_container | Load image into docker
      shell: "{{ docker_bin_dir }}/docker load < {{ image_path_cached if download_localhost else image_path_final }}"
@@ -62,7 +62,7 @@
      when:
        - download_force_cache
        - image_is_cached
-        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

    - name: download_container | Prepare container download
      include_tasks: check_pull_required.yml
@@ -109,7 +109,7 @@
      when:
        - download_force_cache
        - not image_is_cached or (image_changed | default(true))
-        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

    - name: download_container | Copy image to ansible host cache
      synchronize:
@@ -123,7 +123,7 @@
        - not download_localhost
        - download_delegate == inventory_hostname
        - not image_is_cached or (image_changed | default(true))
-        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

    - name: download_container | Remove container image from cache
      file:
@@ -131,7 +131,7 @@
        path: "{{ image_path_final }}"
      when:
        - not download_keep_remote_cache
-        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+        - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  tags:
    - download
--- a/roles/download/tasks/download_file.yml
+++ b/roles/download/tasks/download_file.yml
@@ -67,7 +67,7 @@
    when:
    - download_force_cache
    - file_is_cached
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  - name: download_file | Set mode and owner
    file:
@@ -78,7 +78,7 @@
    when:
    - download_force_cache
    - file_is_cached
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  # This must always be called, to check if the checksum matches. On no-match the file is re-downloaded.
  - name: download_file | Download item
@@ -116,7 +116,7 @@
    - not file_is_cached or get_url_result.changed
    - download_delegate == inventory_hostname
    - not (download_run_once and download_delegate == 'localhost')
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  tags:
  - download
--- a/roles/download/tasks/prep_download.yml
+++ b/roles/download/tasks/prep_download.yml
@@ -27,7 +27,7 @@
    mode: 0755
    owner: "{{ ansible_ssh_user | default(ansible_user_id) }}"
  when:
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

 - name: prep_download | Create local cache for files and images
  file:

--- a/roles/download/tasks/sync_container.yml
+++ b/roles/download/tasks/sync_container.yml
@@ -18,12 +18,12 @@
    retries: 4
    delay: "{{ retry_stagger | random + 3 }}"
    when:
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  - name: sync_container | Load container image into docker
    shell: "{{ docker_bin_dir }}/docker load < {{ image_path_final }}"
    when:
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  - name: sync_container | Remove container image from cache
    file:
@@ -31,7 +31,7 @@
      path: "{{ image_path_final }}"
    when:
    - not download_keep_remote_cache
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  tags:
  - upload
--- a/roles/download/tasks/sync_file.yml
+++ b/roles/download/tasks/sync_file.yml
@@ -30,7 +30,7 @@
    retries: 4
    delay: "{{ retry_stagger | random + 3 }}"
    when:
-    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - ansible_os_family not in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

  - name: sync_file | Set mode and owner
    file:

--- a/roles/etcd/meta/main.yml
+++ b/roles/etcd/meta/main.yml
@@ -2,7 +2,7 @@
 dependencies:
  - role: adduser
    user: "{{ addusers.etcd }}"
-    when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"] or is_atomic)
+    when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"] or is_atomic)
  - role: adduser
    user: "{{ addusers.kube }}"
-    when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"] or is_atomic)
+    when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"] or is_atomic)
--- a/roles/etcd/tasks/upd_ca_trust.yml
+++ b/roles/etcd/tasks/upd_ca_trust.yml
@@ -6,7 +6,7 @@
      /usr/local/share/ca-certificates/etcd-ca.crt
      {%- elif ansible_os_family == "RedHat" -%}
      /etc/pki/ca-trust/source/anchors/etcd-ca.crt
-      {%- elif ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"] -%}
+      {%- elif ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] -%}
      /etc/ssl/certs/etcd-ca.pem
      {%- elif ansible_os_family == "Suse" -%}
      /etc/pki/trust/anchors/etcd-ca.pem
@@ -25,7 +25,7 @@

 - name: Gen_certs | update ca-certificates (Debian/Ubuntu/SUSE/Container Linux by CoreOS)
  command: update-ca-certificates
-  when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Coreos", "Container Linux by CoreOS", "Suse"]
+  when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "Suse"]

 - name: Gen_certs | update ca-certificates (RedHat)
  command: update-ca-trust extract

--- a/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/README.md
+++ b/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/README.md
@@ -118,7 +118,7 @@ delete the daemonset pod on the relevant host after creating volumes. The pod
 will be recreated and read the size correctly.

 Make sure to make any mounts persist via /etc/fstab or with systemd mounts (for
-CoreOS/Container Linux). Pods with persistent volume claims will not be
+CoreOS/Container Linux and Flatcar). Pods with persistent volume claims will not be
 able to start if the mounts become unavailable.

 Further reading

--- a/roles/kubernetes-apps/helm/tasks/install_host.yml
+++ b/roles/kubernetes-apps/helm/tasks/install_host.yml
@@ -35,8 +35,8 @@
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"

- name: Helm | Copy socat wrapper for Container Linux
+- name: Helm | Copy socat wrapper for Container Linux and Flatcat
  command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
  args:
    creates: "{{ bin_dir }}/socat"
-  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
+  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk']
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -113,4 +113,4 @@
  shell: "umask 022 && {{ bin_dir }}/helm completion bash >/etc/bash_completion.d/helm.sh"
  when:
    - ((helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed))
-    - not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+    - not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@@ -50,4 +50,4 @@
  command: "{{ docker_bin_dir }}/docker run --rm -v {{ bin_dir }}:/opt/bin {{ install_socat_image_repo }}:{{ install_socat_image_tag }}"
  args:
    creates: "{{ bin_dir }}/socat"
-  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
+  when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk']
--- a/roles/kubernetes/preinstall/handlers/main.yml
+++ b/roles/kubernetes/preinstall/handlers/main.yml
@@ -9,18 +9,18 @@
    - Preinstall | restart kube-controller-manager crio/containerd
    - Preinstall | restart kube-apiserver docker
    - Preinstall | restart kube-apiserver crio/containerd
-  when: not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+  when: not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

- name: Preinstall | update resolvconf for Container Linux by CoreOS
+- name: Preinstall | update resolvconf for Container Linux by CoreOS and Flatcar
  command: /bin/true
  notify:
    - Preinstall | apply resolvconf cloud-init
    - Preinstall | reload kubelet
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

 - name: Preinstall | apply resolvconf cloud-init
  command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS"]
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

 - name: Preinstall | reload kubelet
  service:

--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -16,7 +16,7 @@

 - name: Stop if unknown OS
  assert:
-    that: ansible_os_family in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'CoreOS', 'Coreos', 'Container Linux by CoreOS', 'Suse', 'ClearLinux', 'OracleLinux']
+    that: ansible_os_family in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'CoreOS', 'Coreos', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk', 'Suse', 'ClearLinux', 'OracleLinux']
    msg: "{{ ansible_os_family }} is not a known OS"
  ignore_errors: "{{ ignore_assert_errors }}"