From 73db44b00c2877301946435a054029bbce5bc1a1 Mon Sep 17 00:00:00 2001
From: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
Date: Fri, 23 Apr 2021 09:50:03 +0300
Subject: [PATCH] Initial AlmaLinux support (#7538)
* AlmaLinux: ansible>2.9.19 is needed to know about AlmaLinux
* AlmaLinux: identify as a centos derrivative
* AlmaLinux: add AlmaLinux to checks for CentOS
* Use ansible_os_family to compare family and not distribution
---
docs/centos8.md | 4 ++--
docs/offline-environment.md | 2 +-
inventory/sample/group_vars/all/offline.yml | 4 ++--
requirements.txt | 2 +-
roles/bootstrap-os/README.md | 2 +-
roles/bootstrap-os/defaults/main.yml | 2 +-
roles/bootstrap-os/tasks/main.yml | 2 +-
.../container-engine/containerd/tasks/containerd_repo.yml | 6 ++++--
roles/container-engine/containerd/tasks/main.yml | 2 +-
roles/container-engine/docker/tasks/main.yml | 7 +++++--
roles/container-engine/docker/tasks/pre-upgrade.yml | 2 +-
roles/kubernetes/preinstall/tasks/0020-verify-settings.yml | 4 ++--
roles/kubernetes/preinstall/tasks/0070-system-packages.yml | 6 +++---
roles/kubernetes/preinstall/tasks/main.yml | 2 +-
roles/network_plugin/macvlan/tasks/main.yml | 6 +++---
15 files changed, 29 insertions(+), 24 deletions(-)
diff --git a/docs/centos8.md b/docs/centos8.md
index 695789a5c..ac52897c8 100644
--- a/docs/centos8.md
+++ b/docs/centos8.md
@@ -1,6 +1,6 @@
-# CentOS 8
+# CentOS 8 / AlmaLinux 8
-CentOS 8 ships only with iptables-nft (ie without iptables-legacy)
+CentOS 8 / AlmaLinux 8 ships only with iptables-nft (ie without iptables-legacy)
The only tested configuration for now is using Calico CNI
You need to use K8S 1.17+ and to add `calico_iptables_backend: "NFT"` or `calico_iptables_backend: "Auto"` to your configuration
diff --git a/docs/offline-environment.md b/docs/offline-environment.md
index f8fc5dc88..5e86b5667 100644
--- a/docs/offline-environment.md
+++ b/docs/offline-environment.md
@@ -31,7 +31,7 @@ calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_versio
# If using Calico with kdd
calico_crds_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_version }}.tar.gz"
-# CentOS/Redhat
+# CentOS/Redhat/AlmaLinux
## Docker / Containerd
docker_rh_repo_base_url: "{{ yum_repo }}/docker-ce/$releasever/$basearch"
docker_rh_repo_gpgkey: "{{ yum_repo }}/docker-ce/gpg"
diff --git a/inventory/sample/group_vars/all/offline.yml b/inventory/sample/group_vars/all/offline.yml
index 901d290c1..3bdefcded 100644
--- a/inventory/sample/group_vars/all/offline.yml
+++ b/inventory/sample/group_vars/all/offline.yml
@@ -3,7 +3,7 @@
### Private Container Image Registry
# registry_host: "myprivateregisry.com"
# files_repo: "http://myprivatehttpd"
-### If using CentOS, RedHat or Fedora
+### If using CentOS, RedHat, AlmaLinux or Fedora
# yum_repo: "http://myinternalyumrepo"
### If using Debian
# debian_repo: "http://myinternaldebianrepo"
@@ -44,7 +44,7 @@
# [Optional] kata: only if you set kata_containers_enabled: true
# kata_containers_download_url: "{{ files_repo }}/kata-containers/runtime/releases/download/{{ kata_containers_version }}/kata-static-{{ kata_containers_version }}-{{ ansible_architecture }}.tar.xz"
-## CentOS/Redhat
+## CentOS/Redhat/AlmaLinux
### For EL7, base and extras repo must be available, for EL8, baseos and appstream
### By default we enable those repo automatically
# rhel_enable_repos: false
diff --git a/requirements.txt b/requirements.txt
index 06eacf1da..2a42e7ed5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-ansible==2.9.18
+ansible==2.9.20
cryptography==2.8
jinja2==2.11.3
netaddr==0.7.19
diff --git a/roles/bootstrap-os/README.md b/roles/bootstrap-os/README.md
index c791850a0..ae14a1a00 100644
--- a/roles/bootstrap-os/README.md
+++ b/roles/bootstrap-os/README.md
@@ -35,7 +35,7 @@ Variables are listed with their default values, if applicable.
* `coreos_locksmithd_disable: false`
Whether `locksmithd` (responsible for rolling restarts) should be disabled or be left alone.
-#### CentOS/RHEL
+#### CentOS/RHEL/AlmaLinux
* `centos_fastestmirror_enabled: false`
Whether the [fastestmirror](https://wiki.centos.org/PackageManagement/Yum/FastestMirror) yum plugin should be enabled.
diff --git a/roles/bootstrap-os/defaults/main.yml b/roles/bootstrap-os/defaults/main.yml
index 649919b3a..e9f33b670 100644
--- a/roles/bootstrap-os/defaults/main.yml
+++ b/roles/bootstrap-os/defaults/main.yml
@@ -1,5 +1,5 @@
---
-## CentOS/RHEL specific variables
+## CentOS/RHEL/AlmaLinux specific variables
# Use the fastestmirror yum plugin
centos_fastestmirror_enabled: false
diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml
index 7b8ffb10e..5016b96c8 100644
--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -7,7 +7,7 @@
check_mode: false
- include_tasks: bootstrap-centos.yml
- when: '''ID="centos"'' in os_release.stdout_lines or ''ID="ol"'' in os_release.stdout_lines'
+ when: '''ID="centos"'' in os_release.stdout_lines or ''ID="ol"'' in os_release.stdout_lines or ''ID="almalinux"'' in os_release.stdout_lines'
- include_tasks: bootstrap-redhat.yml
when: '''ID="rhel"'' in os_release.stdout_lines'
diff --git a/roles/container-engine/containerd/tasks/containerd_repo.yml b/roles/container-engine/containerd/tasks/containerd_repo.yml
index 4c03cf7d1..6c4a0470a 100644
--- a/roles/container-engine/containerd/tasks/containerd_repo.yml
+++ b/roles/container-engine/containerd/tasks/containerd_repo.yml
@@ -25,8 +25,10 @@
dest: "{{ yum_repo_dir }}/containerd.repo"
when: ansible_distribution == "Fedora"
-- name: Configure containerd repository on RedHat/OracleLinux/CentOS
+- name: Configure containerd repository on RedHat/OracleLinux/CentOS/AlmaLinux
template:
src: "rh_containerd.repo.j2"
dest: "{{ yum_repo_dir }}/containerd.repo"
- when: ansible_distribution in ["CentOS", "OracleLinux", "RedHat"]
+ when:
+ - ansible_os_family == "RedHat"
+ - ansible_distribution != "Fedora"
diff --git a/roles/container-engine/containerd/tasks/main.yml b/roles/container-engine/containerd/tasks/main.yml
index 6aacec08d..fd6811ae5 100644
--- a/roles/container-engine/containerd/tasks/main.yml
+++ b/roles/container-engine/containerd/tasks/main.yml
@@ -16,7 +16,7 @@
fail:
msg: "{{ ansible_distribution }} is not supported by containerd."
when:
- - not ansible_distribution in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora"]
+ - not ansible_distribution in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora", "AlmaLinux"]
- name: gather os specific variables
include_vars: "{{ item }}"
diff --git a/roles/container-engine/docker/tasks/main.yml b/roles/container-engine/docker/tasks/main.yml
index 13903e488..ee779279e 100644
--- a/roles/container-engine/docker/tasks/main.yml
+++ b/roles/container-engine/docker/tasks/main.yml
@@ -82,11 +82,14 @@
dest: "{{ yum_repo_dir }}/docker.repo"
when: ansible_distribution == "Fedora" and not is_ostree
-- name: Configure docker repository on RedHat/CentOS/Oracle Linux
+- name: Configure docker repository on RedHat/CentOS/Oracle/AlmaLinux Linux
template:
src: "rh_docker.repo.j2"
dest: "{{ yum_repo_dir }}/docker-ce.repo"
- when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_ostree
+ when:
+ - ansible_os_family == "RedHat"
+ - ansible_distribution != "Fedora"
+ - not is_ostree
- name: Remove dpkg hold
dpkg_selections:
diff --git a/roles/container-engine/docker/tasks/pre-upgrade.yml b/roles/container-engine/docker/tasks/pre-upgrade.yml
index d614220f4..d344b222d 100644
--- a/roles/container-engine/docker/tasks/pre-upgrade.yml
+++ b/roles/container-engine/docker/tasks/pre-upgrade.yml
@@ -4,7 +4,7 @@
path: "{{ yum_repo_dir }}/docker.repo"
state: absent
when:
- - ansible_distribution in ["CentOS","RedHat","OracleLinux"]
+ - ansible_os_family == 'RedHat'
- not is_ostree
- name: Ensure old versions of Docker are not installed. | Debian
diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
index 594d7e459..5c041b8de 100644
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -24,8 +24,8 @@
- name: Stop if unknown OS
assert:
- that: ansible_os_family in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'Flatcar Container Linux by Kinvolk', 'Suse', 'ClearLinux', 'OracleLinux']
- msg: "{{ ansible_os_family }} is not a known OS"
+ that: ansible_distribution in ['RedHat', 'CentOS', 'Fedora', 'Ubuntu', 'Debian', 'Flatcar Container Linux by Kinvolk', 'Suse', 'ClearLinux', 'OracleLinux', 'AlmaLinux']
+ msg: "{{ ansible_distribution }} is not a known OS"
when: not ignore_assert_errors
- name: Stop if unknown network plugin
diff --git a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml
index c35cc0b05..ec77ade59 100644
--- a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml
+++ b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml
@@ -22,7 +22,7 @@
path: "{{ yum_repo_dir }}/docker.repo"
state: absent
when:
- - ansible_distribution in ["CentOS","RedHat","OracleLinux"]
+ - ansible_os_family == "RedHat"
- not is_fedora_coreos
- name: Install python3-dnf for latest RedHat versions
@@ -39,12 +39,12 @@
tags:
- bootstrap-os
-- name: Install epel-release on RedHat/CentOS
+- name: Install epel-release on RHEL derivatives
package:
name: epel-release
state: present
when:
- - ansible_distribution in ["CentOS","RedHat"]
+ - ansible_os_family == "RedHat"
- not is_fedora_coreos
- epel_enabled|bool
tags:
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 2a3418b0e..3d3451221 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -109,6 +109,6 @@
when:
- not dns_late
- azure_check.stat.exists
- - ansible_distribution in ["CentOS","RedHat","OracleLinux"]
+ - ansible_os_family == "RedHat"
tags:
- bootstrap-os
diff --git a/roles/network_plugin/macvlan/tasks/main.yml b/roles/network_plugin/macvlan/tasks/main.yml
index 191df8cef..a3364935e 100644
--- a/roles/network_plugin/macvlan/tasks/main.yml
+++ b/roles/network_plugin/macvlan/tasks/main.yml
@@ -35,7 +35,7 @@
mode: "0755"
with_fileglob:
- files/*
- when: ansible_os_family in ["CentOS","RedHat"]
+ when: ansible_os_family == "RedHat"
- name: Macvlan | Install post-up script on centos
copy:
@@ -44,7 +44,7 @@
owner: root
group: root
mode: "0755"
- when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway
+ when: ansible_os_family == "RedHat" and enable_nat_default_gateway
- name: Macvlan | Install network gateway interface on centos
template:
@@ -55,7 +55,7 @@
- {src: centos-routes-macvlan.cfg, dst: route-mac0 }
- {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }
notify: Macvlan | restart network
- when: ansible_os_family in ["CentOS","RedHat"]
+ when: ansible_os_family == "RedHat"
- name: Macvlan | Install service nat via gateway on Flatcar Container Linux
template:
--
GitLab