更新离线镜像推送条件

down/download.sh

@@ -7,100 +7,36 @@ K8S_VER=v1.13.4
 ETCD_VER=v3.3.8
 DOCKER_VER=18.09.2
 CNI_VER=v0.7.5
-DOCKER_COMPOSE=1.18.0
-HARBOR=v1.5.4
+DOCKER_COMPOSE_VER=1.18.0
+HARBOR_VER=v1.5.4
+CONTAINERD_VER=1.2.6
 
-echo "\nNote1: Before this script, please finish downloading binaries manually from following urls."
-echo "\nNote2：If binaries are not ready, use `Ctrl + C` to stop this script."
+echo -e "\nNote1: Before this script, please finish downloading binaries manually from following urls."
+echo -e "\nNote2：If binaries are not ready, use `Ctrl + C` to stop this script."
 
-echo "\n----download k8s binary at:"
-echo https://dl.k8s.io/${K8S_VER}/kubernetes-server-linux-amd64.tar.gz
+echo -e "\n----download k8s binary at:"
+echo -e https://dl.k8s.io/${K8S_VER}/kubernetes-server-linux-amd64.tar.gz
 
-echo "\n----download etcd binary at:"
-echo https://github.com/coreos/etcd/releases/download/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz
-echo https://storage.googleapis.com/etcd/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz
+echo -e "\n----download etcd binary at:"
+echo -e https://github.com/coreos/etcd/releases/download/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz
+echo -e https://storage.googleapis.com/etcd/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz
 
-echo "\n----download docker binary at:"
-echo https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VER}.tgz
+echo -e "\n----download docker binary at:"
+echo -e https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VER}.tgz
 
-echo "\n----download ca tools at:"
-echo https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
-echo https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
-echo https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64
+echo -e "\n----download ca tools at:"
+echo -e https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
+echo -e https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
+echo -e https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64
 
-echo "\n----download docker-compose at:"
-echo https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE}/docker-compose-Linux-x86_64
+echo -e "\n----download docker-compose at:"
+echo -e https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VER}/docker-compose-Linux-x86_64
 
-echo "\n----download harbor-offline-installer at:"
-echo https://storage.googleapis.com/harbor-releases/harbor-offline-installer-${HARBOR}.tgz
+echo -e "\n----download harbor-offline-installer at:"
+echo -e https://storage.googleapis.com/harbor-releases/harbor-offline-installer-${HARBOR_VER}.tgz
 
-echo "\n----download cni plugins at:"
-echo https://github.com/containernetworking/plugins/releases
+echo -e "\n----download cni plugins at:"
+echo -e https://github.com/containernetworking/plugins/releases
 
-sleep 30
-
-### prepare 'cfssl' cert tool suit
-echo "\nMoving 'cfssl' to 'bin' dir..."
-if [ -f "cfssl_linux-amd64" ]; then
-  mv -f cfssl_linux-amd64 ../bin/cfssl
-else
-  echo Please download 'cfssl' at 'https://pkg.cfssl.org/R1.2/cfssl_linux-amd64'
-fi
-if [ -f "cfssljson_linux-amd64" ]; then
-  mv -f cfssljson_linux-amd64 ../bin/cfssljson
-else
-  echo Please download 'cfssljson' at 'https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64'
-fi
-if [ -f "cfssl-certinfo_linux-amd64" ]; then
-  mv -f cfssl-certinfo_linux-amd64 ../bin/cfssl-certinfo
-else
-  echo Please download 'cfssl-certinfo' at 'https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64'
-fi
-
-### prepare 'etcd' binaries
-if [ -f "etcd-${ETCD_VER}-linux-amd64.tar.gz" ]; then
-  echo "\nextracting etcd binaries..."
-  tar zxf etcd-${ETCD_VER}-linux-amd64.tar.gz
-  mv -f etcd-${ETCD_VER}-linux-amd64/etcd* ../bin
-else
-  echo Please download 'etcd-${ETCD_VER}-linux-amd64.tar.gz' first
-fi
-
-### prepare kubernetes binaries
-if [ -f "kubernetes-server-linux-amd64.tar.gz" ]; then
-  echo "\nextracting kubernetes binaries..."
-  tar zxf kubernetes-server-linux-amd64.tar.gz
-  mv -f kubernetes/server/bin/kube-apiserver ../bin
-  mv -f kubernetes/server/bin/kube-controller-manager ../bin
-  mv -f kubernetes/server/bin/kubectl ../bin
-  mv -f kubernetes/server/bin/kubelet ../bin
-  mv -f kubernetes/server/bin/kube-proxy ../bin
-  mv -f kubernetes/server/bin/kube-scheduler ../bin
-else
-  echo Please download 'kubernetes-server-linux-amd64.tar.gz' first
-fi
-
-### prepare docker binaries
-if [ -f "docker-${DOCKER_VER}.tgz" ]; then
-  echo "\nextracting docker binaries..."
-  tar zxf docker-${DOCKER_VER}.tgz
-  mv -f docker/docker* ../bin
-  if [ -f "docker/completion/bash/docker" ]; then
-    mv -f docker/completion/bash/docker ../roles/docker/files/docker
-  fi
-else
-  echo Please download 'docker-${DOCKER_VER}.tgz' first
-fi
-
-### prepare cni plugins, needed by flannel;
-if [ -f "cni-plugins-amd64-${CNI_VER}.tgz" ]; then
-  echo "\nextracting cni plugins binaries..."
-  tar zxf cni-plugins-amd64-${CNI_VER}.tgz
-  mv -f bridge ../bin
-  mv -f flannel ../bin
-  mv -f host-local ../bin
-  mv -f loopback ../bin
-  mv -f portmap ../bin
-else
-  echo Please download 'cni-plugins-amd64-${CNI_VER}.tgz' first
-fi
+echo -e "\n----download containerd at:"
+echo -e  https://storage.googleapis.com/cri-containerd-release/cri-containerd-${CONTAINERD_VER}.linux-amd64.tar.gz

roles/calico/tasks/main.yml

@@ -33,12 +33,6 @@
   delegate_to: "{{ groups.deploy[0] }}"
   run_once: true
 
-- name: 检查是否已下载离线calico镜像
-  command: "ls {{ base_dir }}/down"
-  register: download_info
-  connection: local
-  run_once: true
-
 - name: node 节点创建calico 相关目录
   file: name={{ item }} state=directory
   with_items:
@@ -47,26 +41,34 @@
   - /opt/kube/images 
 
 # 【可选】推送离线docker 镜像，可以忽略执行错误
-- name: 尝试推送离线docker 镜像（若执行失败，可忽略）
-  copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
-  when: 'item in download_info.stdout'
-  with_items:
-  - "pause_3.1.tar"
-  - "{{ calico_offline }}"
-  ignore_errors: true
-
-- name: 获取calico离线镜像推送情况
-  command: "ls /opt/kube/images"
-  register: image_info
-
-# 如果目录下有离线镜像，就把它导入到node节点上
-- name: 导入 calico的离线镜像（若执行失败，可忽略）
-  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ item }}"
-  when: 'item in image_info.stdout'
-  with_items:
-  - "pause_3.1.tar"
-  - "{{ calico_offline }}"
-  ignore_errors: true
+- block:
+    - name: 检查是否已下载离线calico镜像
+      command: "ls {{ base_dir }}/down"
+      register: download_info
+      connection: local
+      run_once: true
+
+    - name: 尝试推送离线docker 镜像（若执行失败，可忽略）
+      copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
+      when: 'item in download_info.stdout'
+      with_items:
+      - "pause_3.1.tar"
+      - "{{ calico_offline }}"
+      ignore_errors: true
+
+    - name: 获取calico离线镜像推送情况
+      command: "ls /opt/kube/images"
+      register: image_info
+
+    # 如果目录下有离线镜像，就把它导入到node节点上
+    - name: 导入 calico的离线镜像（若执行失败，可忽略）
+      shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ item }}"
+      when: 'item in image_info.stdout'
+      with_items:
+      - "pause_3.1.tar"
+      - "{{ calico_offline }}"
+      ignore_errors: true
+  when: CONTAINER_RUNTIME == 'docker'
 
 # 只需单节点执行一次
 - name: 运行 calico网络

roles/cilium/tasks/main.yml

@@ -17,12 +17,6 @@
   fail: msg="kernel {{ ansible_kernel }} is too old for cilium installing"
   when: "KERNEL_VER|float <= 4.09"
 
-- name: 检查是否已下载离线cilium镜像
-  command: "ls {{ base_dir }}/down"
-  register: download_info
-  connection: local
-  run_once: true
-
 - name: node 节点创建cilium 相关目录
   file: name={{ item }} state=directory
   with_items:
@@ -38,26 +32,34 @@
     state: "mounted" 
 
 # 【可选】推送离线docker 镜像，可以忽略执行错误
-- name: 尝试推送离线docker 镜像（若执行失败，可忽略）
-  copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
-  when: 'item in download_info.stdout'
-  with_items:
-  - "pause_3.1.tar"
-  - "{{ cilium_offline }}"
-  ignore_errors: true
-
-- name: 获取cilium离线镜像推送情况
-  command: "ls /opt/kube/images"
-  register: image_info
-
-# 如果目录下有离线镜像，就把它导入到node节点上
-- name: 导入 cilium的离线镜像（若执行失败，可忽略）
-  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ item }}"
-  when: 'item in image_info.stdout'
-  with_items:
-  - "pause_3.1.tar"
-  - "{{ cilium_offline }}"
-  ignore_errors: true
+- block:
+    - name: 检查是否已下载离线cilium镜像
+      command: "ls {{ base_dir }}/down"
+      register: download_info
+      connection: local
+      run_once: true
+
+    - name: 尝试推送离线docker 镜像（若执行失败，可忽略）
+      copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
+      when: 'item in download_info.stdout'
+      with_items:
+      - "pause_3.1.tar"
+      - "{{ cilium_offline }}"
+      ignore_errors: true
+
+    - name: 获取cilium离线镜像推送情况
+      command: "ls /opt/kube/images"
+      register: image_info
+
+    # 如果目录下有离线镜像，就把它导入到node节点上
+    - name: 导入 cilium的离线镜像（若执行失败，可忽略）
+      shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ item }}"
+      when: 'item in image_info.stdout'
+      with_items:
+      - "pause_3.1.tar"
+      - "{{ cilium_offline }}"
+      ignore_errors: true
+  when: CONTAINER_RUNTIME == 'docker'
 
 # 只需单节点执行一次
 - name: 运行 cilium网络

roles/cluster-addon/tasks/ingress.yml

@@ -1,15 +1,17 @@
 - block:
-    - name: 尝试推送离线 traefik镜像（若执行失败，可忽略）
-      copy: src={{ base_dir }}/down/{{ traefik_offline }} dest=/opt/kube/images/{{ traefik_offline }}
-      when: 'traefik_offline in download_info.stdout'
-
-    - name: 获取traefik离线镜像推送情况
-      command: "ls /opt/kube/images"
-      register: image_info
-
-    - name: 导入 traefik的离线镜像（若执行失败，可忽略）
-      shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ traefik_offline }}"
-      when: 'traefik_offline in image_info.stdout'
+    - block:
+        - name: 尝试推送离线 traefik镜像（若执行失败，可忽略）
+          copy: src={{ base_dir }}/down/{{ traefik_offline }} dest=/opt/kube/images/{{ traefik_offline }}
+          when: 'traefik_offline in download_info.stdout'
+
+        - name: 获取traefik离线镜像推送情况
+          command: "ls /opt/kube/images"
+          register: image_info
+
+        - name: 导入 traefik的离线镜像（若执行失败，可忽略）
+          shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ traefik_offline }}"
+          when: 'traefik_offline in image_info.stdout'
+      when: CONTAINER_RUNTIME == 'docker'
 
     - name: 创建 traefik部署
       shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/ingress/traefik/traefik-ingress.yaml"
@@ -19,17 +21,19 @@
   ignore_errors: true
 
 - block:
-    - name: 尝试推送离线 nginx-ingress镜像（若执行失败，可忽略）
-      copy: src={{ base_dir }}/down/{{ nginx_ingress_offline }} dest=/opt/kube/images/{{ nginx_ingress_offline }}
-      when: 'nginx_ingress_offline in download_info.stdout'
-
-    - name: 获取nginx_ingress离线镜像推送情况
-      command: "ls /opt/kube/images"
-      register: image_info
-
-    - name: 导入 nginx_ingress的离线镜像（若执行失败，可忽略）
-      shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ nginx_ingress_offline }}"
-      when: 'nginx_ingress_offline in image_info.stdout'
+    - block:
+        - name: 尝试推送离线 nginx-ingress镜像（若执行失败，可忽略）
+          copy: src={{ base_dir }}/down/{{ nginx_ingress_offline }} dest=/opt/kube/images/{{ nginx_ingress_offline }}
+          when: 'nginx_ingress_offline in download_info.stdout'
+
+        - name: 获取nginx_ingress离线镜像推送情况
+          command: "ls /opt/kube/images"
+          register: image_info
+
+        - name: 导入 nginx_ingress的离线镜像（若执行失败，可忽略）
+          shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ nginx_ingress_offline }}"
+          when: 'nginx_ingress_offline in image_info.stdout'
+      when: CONTAINER_RUNTIME == 'docker'
 
     - name: 创建 nginx_ingress部署
       shell: "{{ bin_dir }}/kubectl apply -f {{ base_dir }}/manifests/ingress/nginx-ingress/nginx-ingress.yaml"