From 68118c2653c7b779fde76633ee89802d1a90ce28 Mon Sep 17 00:00:00 2001
From: Florent Monbillard <f.monbillard@gmail.com>
Date: Tue, 22 Sep 2020 10:14:48 -0400
Subject: [PATCH] Expose offline install overrides in inventory (#6728)

* Expose offline install overrides in inventory

* Remove not recommended warning
---
 docs/offline-environment.md                   | 16 ++++-
 .../group_vars/k8s-cluster/k8s-cluster.yml    |  3 -
 .../sample/group_vars/k8s-cluster/offline.yml | 71 +++++++++++++++++++
 3 files changed, 86 insertions(+), 4 deletions(-)
 create mode 100644 inventory/sample/group_vars/k8s-cluster/offline.yml

diff --git a/docs/offline-environment.md b/docs/offline-environment.md
index 787f2ab61..2d67df6da 100644
--- a/docs/offline-environment.md
+++ b/docs/offline-environment.md
@@ -10,10 +10,11 @@ In case your servers don't have access to internet (for example when deploying o
 
 ## Configure Inventory
 
-Once all artifacts are accessible from your internal network, **adjust** the following variables in your inventory to match your environment:
+Once all artifacts are accessible from your internal network, **adjust** the following variables in [your inventory](/inventory/sample/group_vars/k8s-cluster/offline.yml) to match your environment:
 
 ```yaml
 # Registry overrides
+kube_image_repo: "{{ registry_host }}"
 gcr_image_repo: "{{ registry_host }}"
 docker_image_repo: "{{ registry_host }}"
 quay_image_repo: "{{ registry_host }}"
@@ -76,6 +77,13 @@ If you use the settings like the one above, you'll need to define in your invent
 
 ## Install Kubespray Python Packages
 
+### Recommended way: Kubespray Container Image
+
+The easiest way is to use [kubespray container image](quay.io/kubespray/kubespray) as all the required packages are baked in the image.
+Just copy the container image in your private container image registry and you are all set!
+
+### Manual installation
+
 Look at the `requirements.txt` file and check if your OS provides all packages out-of-the-box (Using the OS package manager). For those missing, you need to either use a proxy that has Internet access (typically from a DMZ) or setup a PyPi server in your network that will host these packages.
 
 If you're using a HTTP(S) proxy to download your python packages:
@@ -102,4 +110,10 @@ Once all artifacts are in place and your inventory properly set up, you can run
 ansible-playbook -i inventory/my_airgap_cluster/hosts.yaml -b cluster.yml
 ```
 
+If you use [Kubespray Container Image](#recommended-way:-kubespray-container-image), you can mount your inventory inside the container:
+
+```bash
+docker run --rm -it -v path_to_inventory/my_airgap_cluster:inventory/my_airgap_cluster myprivateregisry.com/kubespray/kubespray:v2.14.0 ansible-playbook -i inventory/my_airgap_cluster/hosts.yaml -b cluster.yml
+```
+
 ## Please Note: Offline installation doesn't support CRI-O container runtime at the moment (see [this issue](https://github.com/kubernetes-sigs/kubespray/issues/6233))
diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
index b2b15ce5b..c80b29684 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
@@ -19,9 +19,6 @@ kube_api_anonymous_auth: true
 ## Change this to use another Kubernetes version, e.g. a current beta release
 kube_version: v1.19.2
 
-# kubernetes image repo define
-kube_image_repo: "k8s.gcr.io"
-
 # Where the binaries will be downloaded.
 # Note: ensure that you've enough disk space (about 1G)
 local_release_dir: "/tmp/releases"
diff --git a/inventory/sample/group_vars/k8s-cluster/offline.yml b/inventory/sample/group_vars/k8s-cluster/offline.yml
new file mode 100644
index 000000000..65a85c91a
--- /dev/null
+++ b/inventory/sample/group_vars/k8s-cluster/offline.yml
@@ -0,0 +1,71 @@
+---
+## Global Offline settings
+### Private Container Image Registry
+# registry_host: "myprivateregisry.com"
+# files_repo: "http://myprivatehttpd"
+### If using CentOS, RedHat or Fedora
+# yum_repo: "http://myinternalyumrepo"
+### If using Debian
+# debian_repo: "http://myinternaldebianrepo"
+### If using Ubuntu
+# ubuntu_repo: "http://myinternalubunturepo"
+
+## Container Registry overrides
+# kube_image_repo: "{{ registry_host }}"
+# gcr_image_repo: "{{ registry_host }}"
+# docker_image_repo: "{{ registry_host }}"
+# quay_image_repo: "{{ registry_host }}"
+
+## Kubernetes components
+# kubeadm_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubeadm"
+# kubectl_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubectl"
+# kubelet_download_url: "{{ files_repo }}/kubernetes/{{ kube_version }}/kubelet"
+
+## CNI Plugins
+# cni_download_url: "{{ files_repo }}/kubernetes/cni/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
+
+## cri-tools
+# crictl_download_url: "{{ files_repo }}/kubernetes/cri-tools/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
+
+## [Optional] etcd: only if you **DON'T** use etcd_deployment=host
+# etcd_download_url: "{{ files_repo }}/kubernetes/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
+
+# [Optional] Calico: If using Calico network plugin
+# calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
+
+## CentOS/Redhat
+### Docker
+# docker_rh_repo_base_url: "{{ yum_repo }}/docker-ce/$releasever/$basearch"
+# docker_rh_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg"
+### Containerd
+# extras_rh_repo_base_url: "{{ yum_repo }}/centos/$releasever/extras/$basearch"
+# extras_rh_repo_gpgkey: "{{ yum_repo }}/containerd/gpg"
+
+## Fedora
+### Docker
+# docker_fedora_repo_base_url: "{{ yum_repo }}/docker-ce/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}"
+# docker_fedora_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg"
+### Containerd
+# containerd_fedora_repo_base_url: "{{ yum_repo }}/containerd"
+# containerd_fedora_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg"
+
+## Debian
+### Docker
+# docker_debian_repo_base_url: "{{ debian_repo }}/docker-ce"
+# docker_debian_repo_gpgkey: "{{ debian_repo }}/docker-ce/gpg"
+### Containerd
+# containerd_debian_repo_base_url: "{{ ubuntu_repo }}/containerd"
+# containerd_debian_repo_gpgkey: "{{ ubuntu_repo }}/containerd/gpg"
+# containerd_debian_repo_repokey: 'YOURREPOKEY'
+
+## Ubuntu
+### Docker
+# docker_ubuntu_repo_base_url: "{{ ubuntu_repo }}/docker-ce"
+# docker_ubuntu_repo_gpgkey: "{{ ubuntu_repo }}/docker-ce/gpg"
+### Containerd
+# containerd_ubuntu_repo_base_url: "{{ ubuntu_repo }}/containerd"
+# containerd_ubuntu_repo_gpgkey: "{{ ubuntu_repo }}/containerd/gpg"
+# containerd_ubuntu_repo_repokey: 'YOURREPOKEY'
+
+# [Optiona] Helm: if helm_enabled: true in addons.yml
+# helm_stable_repo_url: "{{ helm_registry }}"
\ No newline at end of file
-- 
GitLab