Plug packaging into stack

Change-Id: Ie1621374f6f4dd5fe6eeea681428d0fd4bd096ab

diff --git a/package.sh b/package.sh
new file mode 100755 (executable)
index 0000000..197f1f2
--- /dev/null
+++ b/package.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+#-------------------------------------------------------------------------------
+# Start packaging process
+#-------------------------------------------------------------------------------
+echo "Info  : Start packaging process"
+echo "-------------------------------------------------------------------------"
+cd "${ENGINE_PATH}"
+ansible-playbook "${ENGINE_ANSIBLE_PARAMS[@]}" \
+    -i "${ENGINE_PATH}/engine/inventory/localhost.ini" \
+    engine/stack/kubernetes/playbooks/package.yaml
+echo "-------------------------------------------------------------------------"
+echo
+echo "Info  : Packaging is done!"
+echo "        You can take $OFFLINE_INSTALLER_FILE and use it for offline deployment!"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/package.yaml b/playbooks/package.yaml
new file mode 100644 (file)
index 0000000..2d5f5b4
--- /dev/null
+++ b/playbooks/package.yaml
@@ -0,0 +1,26 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- hosts: localhost
+  connection: local
+  gather_facts: true
+  become: false
+
+  roles:
+    - role: package

diff --git a/playbooks/roles/bootstrap-swconfig/tasks/main.yaml b/playbooks/roles/bootstrap-swconfig/tasks/main.yaml
index 60c6edd7ce31b0884af1d6feefade70a8296225a..46db541181f2b863868479fd9b8f135750e5760f 100644 (file)
--- a/playbooks/roles/bootstrap-swconfig/tasks/main.yaml
+++ b/playbooks/roles/bootstrap-swconfig/tasks/main.yaml
@@ -83,7 +83,7 @@
   include_vars: "{{ deployment_vars_file }}"
 
 # NOTE (fdegir): Prepare provisioner and installer
   include_vars: "{{ deployment_vars_file }}"
 
 # NOTE (fdegir): Prepare provisioner and installer

-- name: Prepare provisioner and installer for '{{ execution_mode }}'
+- name: Prepare provisioner and installer for {{ execution_mode }}

   include_tasks: "configure-{{ execution_mode }}.yaml"
 
 # vim: set ts=2 sw=2 expandtab:
   include_tasks: "configure-{{ execution_mode }}.yaml"
 
 # vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/defaults/main.yaml b/playbooks/roles/package/defaults/main.yaml
new file mode 100644 (file)
index 0000000..a888ec1
--- /dev/null
+++ b/playbooks/roles/package/defaults/main.yaml
@@ -0,0 +1,228 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# locations of the packaged dependencies
+pkg_folder: "{{ offline_pkg_folder }}/pkg"
+dib_folder: "{{ offline_pkg_folder }}/dib"
+git_folder: "{{ offline_pkg_folder }}/git"
+binaries_folder: "{{ offline_pkg_folder }}/binaries"
+containers_folder: "{{ offline_pkg_folder }}/containers"
+pip_folder: "{{ offline_pkg_folder }}/pip"
+
+helm_download_url: "https://get.helm.sh/helm-{{ helm_version }}-linux-amd64.tar.gz"
+
+# some images require architecture
+image_arch: amd64
+
+dib_images:
+  - https://artifactory.nordix.org/artifactory/cloud-infra/dib/deployment_image/ubuntu1804/deployment_image.qcow2
+  - https://artifactory.nordix.org/artifactory/cloud-infra/dib/ipa_image/coreos/ipa.initramfs
+  - https://artifactory.nordix.org/artifactory/cloud-infra/dib/ipa_image/coreos/ipa.kernel
+
+k8s_binaries:
+  - calicoctl
+  - cni
+  - kubeadm
+  - kubectl
+  - kubelet
+
+k8s_misc_images:
+  - addon_resizer
+  - calico_cni
+  - calico_node
+  - calico_policy
+  - coredns
+  - dashboard
+  - dnsautoscaler
+  - etcd
+  - flannel
+  - flannel_cni
+  - helm
+  - metrics_server
+  - multus
+  - nginx
+  - nodelocaldns
+  - pod_infra
+  - registry_proxy
+  - tiller
+  - weave_kube
+  - weave_npc
+
+other_images:
+  # ceph
+  ceph:
+    repo: ceph/ceph
+    tag: "{{ ceph_version }}"
+  cephcsi:
+    repo: quay.io/cephcsi/cephcsi
+    tag: "{{ cephcsi_version }}"
+  csi-attacher:
+    repo: quay.io/k8scsi/csi-attacher
+    tag: "{{ csi_attacher_version }}"
+  csi-node-driver-registrar:
+    repo: quay.io/k8scsi/csi-node-driver-registrar
+    tag: "{{ csi_node_driver_registrar_version }}"
+  csi-provisioner:
+    repo: quay.io/k8scsi/csi-provisioner
+    tag: "{{ csi_provisioner_version }}"
+  csi-snapshotter:
+    repo: quay.io/k8scsi/csi-snapshotter
+    tag: "{{ csi_snapshotter_version }}"
+  rook:
+    repo: rook/ceph
+    tag: "{{ rook_version }}"
+  # prometheus
+  prom-alertmanager:
+    repo: docker.io/prom/alertmanager
+    tag: "{{ prom_alertmanager_version }}"
+  prom-node-exporter:
+    repo: docker.io/prom/node-exporter
+    tag: "{{ prom_node_exporter_version }}"
+  prom-prometheus:
+    repo: docker.io/prom/prometheus
+    tag: "{{ prom_prometheus_version }}"
+  prom-pushgateway:
+    repo: docker.io/prom/pushgateway
+    tag: "{{ prom_push_gateway_version }}"
+  # docker
+  docker-registry:
+    repo: docker.io/registry
+    tag: "{{ docker_registry_version }}"
+  # other - we don't know where this comes from
+  configmap-reload:
+    repo: docker.io/jimmidyson/configmap-reload
+    tag: "{{ configmap_reload_version }}"
+  kube-state-metrics:
+    repo: quay.io/coreos/kube-state-metrics
+    tag: "{{ kube_state_metrics_version }}"
+
+repositories:
+  # NOTE (fdegir): OpenDev Git Repositories - Using Nordix Mirrors
+  bifrost:
+    repo: "https://gerrit.nordix.org/opendev/openstack/bifrost"
+    dest: "bifrost"
+    version: "{{ bifrost_version }}"
+  diskimage-builder:
+    repo: "https://gerrit.nordix.org/opendev/openstack/diskimage-builder"
+    dest: "diskimage-builder"
+    version: "{{ diskimage_builder_version }}"
+  ironic:
+    repo: "https://gerrit.nordix.org/opendev/openstack/ironic"
+    dest: "ironic"
+    version: "{{ ironic_version }}"
+  ironic-inspector:
+    repo: "https://gerrit.nordix.org/opendev/openstack/ironic-inspector"
+    dest: "ironic-inspector"
+    version: "{{ ironic_inspector_version }}"
+  ironic-python-agent:
+    repo: "https://gerrit.nordix.org/opendev/openstack/ironic-python-agent"
+    dest: "ironic-python-agent"
+    version: "{{ ironic_python_agent_version }}"
+  ironic-python-agent-builder:
+    repo: "https://gerrit.nordix.org/opendev/openstack/ironic-python-agent-builder"
+    dest: "ironic-python-agent-builder"
+    version: "{{ ironic_python_agent_builder_version }}"
+  ironic-staging-drivers:
+    repo: "https://gerrit.nordix.org/opendev/x/ironic-staging-drivers"
+    dest: "ironic-staging-drivers"
+    version: "{{ ironic_staging_drivers_version }}"
+  keystone:
+    repo: "https://gerrit.nordix.org/opendev/openstack/keystone"
+    dest: "keystone"
+    version: "{{ keystone_version }}"
+  openstacksdk:
+    repo: "https://gerrit.nordix.org/opendev/openstack/openstacksdk"
+    dest: "openstacksdk"
+    version: "{{ openstacksdk_version }}"
+  python-ironicclient:
+    repo: "https://gerrit.nordix.org/opendev/openstack/python-ironicclient"
+    dest: "python-ironicclient"
+    version: "{{ python_ironicclient_version }}"
+  python-ironic-inspector-client:
+    repo: "https://gerrit.nordix.org/opendev/openstack/python-ironic-inspector-client"
+    dest: "python-ironic-inspector-client"
+    version: "{{ python_ironic_inspector_client_version }}"
+  requirements:
+    repo: "https://gerrit.nordix.org/opendev/openstack/requirements"
+    dest: "requirements"
+    version: "{{ requirements_version }}"
+  shade:
+    repo: "https://gerrit.nordix.org/opendev/openstack/shade"
+    dest: "shade"
+    version: "{{ shade_version }}"
+  sushy:
+    repo: "https://gerrit.nordix.org/opendev/openstack/sushy"
+    dest: "sushy"
+    version: "{{ sushy_version }}"
+  # NOTE (fdegir): Kubespray and Helm Git Repositories
+  charts:
+    repo: "https://github.com/helm/charts.git"
+    dest: "charts"
+    version: "{{ charts_version }}"
+  kubespray:
+    repo: "https://github.com/kubernetes-sigs/kubespray.git"
+    dest: "kubespray"
+    version: "{{ kubespray_version }}"
+  # NOTE (fdegir): Nordix Git Repositories
+  engine:
+    repo: "https://gerrit.nordix.org/infra/engine.git"
+    dest: "engine"
+    version: "{{ lookup('env', 'NORDIX_ENGINE_VERSION') | default('master', true) }}"
+    refspec: "{{ lookup('env', 'NORDIX_ENGINE_REFSPEC') | default(omit) }}"
+  hwconfig:
+    repo: "https://gerrit.nordix.org/infra/hwconfig.git"
+    dest: "hwconfig"
+    version: "{{ lookup('env', 'NORDIX_HWCONFIG_VERSION') | default('master', true) }}"
+    refspec: "{{ lookup('env', 'NORDIX_HWCONFIG_REFSPEC') | default(omit) }}"
+  swconfig:
+    repo: "https://gerrit.nordix.org/infra/swconfig.git"
+    dest: "swconfig"
+    version: "{{ lookup('env', 'NORDIX_SWCONFIG_VERSION') | default('master', true) }}"
+    refspec: "{{ lookup('env', 'NORDIX_SWCONFIG_REFSPEC') | default(omit) }}"
+  test:
+    repo: "https://gerrit.nordix.org/infra/test.git"
+    dest: "test"
+    version: "{{ lookup('env', 'NORDIX_TEST_VERSION') | default('master', true) }}"
+    refspec: "{{ lookup('env', 'NORDIX_TEST_REFSPEC') | default(omit) }}"
+  # NOTE (fdegir): Engine provisioner and installer repos will be prepended with engine
+  # in order to prevent name clashes during packaging
+  # NOTE (fdegir): stack git details are inherited from engine/inventory/group_vars/all/sdf.yaml
+  engine-kubernetes:
+    repo: "{{ stacks['kubernetes'].src }}"
+    dest: "engine-kubernetes"
+    version: "{{ stacks['kubernetes'].version }}"
+    refspec: "{{ stacks['kubernetes'].refspec | default(omit) }}"
+  # NOTE (fdegir): bifrost, heat, and kuberspray git details are inherited from kubernetes/vars/kubernetes.yaml
+  engine-bifrost:
+    repo: "{{ provisioners['bifrost'].src }}"
+    dest: "engine-bifrost"
+    version: "{{ provisioners['bifrost'].version }}"
+    refspec: "{{ provisioners['bifrost'].refspec | default(omit) }}"
+  engine-heat:
+    repo: "{{ provisioners['heat'].src }}"
+    dest: "engine-heat"
+    version: "{{ provisioners['heat'].version }}"
+    refspec: "{{ provisioners['heat'].refspec | default(omit) }}"
+  engine-kubespray:
+    repo: "{{ installers['kubespray'].src }}"
+    dest: "engine-kubespray"
+    version: "{{ installers['kubespray'].version }}"
+    refspec: "{{ installers['kubespray'].refspec | default(omit) }}"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/files/build.sh b/playbooks/roles/package/files/build.sh
new file mode 100755 (executable)
index 0000000..5308647
--- /dev/null
+++ b/playbooks/roles/package/files/build.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+export OFFLINE_PKG_FOLDER="${OFFLINE_PKG_FOLDER:-/tmp/offline-package}"
+export OFFLINE_PKG_FILE="${OFFLINE_PKG_FILE:-/tmp/offline-package.tgz}"
+
+# NOTE (fdegir): In order to package and test the change for offline deployment,
+# we need to include the change/patch within the package since that is what should
+# be used during the deployment phase.
+# check if we are running as part of CI verify job
+GERRIT_PROJECT="${GERRIT_PROJECT:-}"
+if [[ "$GERRIT_PROJECT" == "infra/engine" ]]; then
+  REPO_GIT_URL="https://gerrit.nordix.org/infra/engine.git"
+  echo "Info  : Running in CI - infra/engine patch will be packaged for testing."
+  echo "        Checking out the change/patch $GERRIT_REFSPEC for $REPO_GIT_URL"
+  # navigate to the folder and checkout the patch
+  cd "$OFFLINE_PKG_FOLDER/git/engine"
+  git fetch "$REPO_GIT_URL" "$GERRIT_REFSPEC" && git checkout FETCH_HEAD
+fi
+
+# compress & archive offline dependencies
+tar -C "$OFFLINE_PKG_FOLDER" -czf "$OFFLINE_PKG_FILE" .
+
+# create self extracting installer
+cat /tmp/decompress.sh "$OFFLINE_PKG_FILE" > "$OFFLINE_INSTALLER_FILE"
+chmod +x "$OFFLINE_INSTALLER_FILE"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/files/decompress.sh b/playbooks/roles/package/files/decompress.sh
new file mode 100755 (executable)
index 0000000..25c7570
--- /dev/null
+++ b/playbooks/roles/package/files/decompress.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+cat <<EOF
+#---------------------------------------------------#
+#             Self Extracting Installer             #
+#---------------------------------------------------#
+User            : $USER
+Hostname        : $HOSTNAME
+Host OS         : $(source /etc/os-release &> /dev/null || source /usr/lib/os-release &> /dev/null; echo "${PRETTY_NAME}")
+IP              : $(hostname -I | cut -d' ' -f1)
+#---------------------------------------------------#
+Info  : Please wait while extracting dependencies.
+        This might take a while.
+#---------------------------------------------------#
+EOF
+
+ENGINE_WORKSPACE=/opt/engine
+DESTINATION_FOLDER="$ENGINE_WORKSPACE/offline"
+export ENGINE_WORKSPACE DESTINATION_FOLDER
+
+# NOTE (fdegir): we need to clean things up in order to prevent side effects from leftovers
+sudo rm -rf "$ENGINE_WORKSPACE"
+sudo mkdir -p "$DESTINATION_FOLDER"
+sudo chown -R "$USER":"$USER" "$ENGINE_WORKSPACE"
+
+ARCHIVE=$(awk '/^__ARCHIVE_BELOW__/ {print NR + 1; exit 0; }' "$0")
+
+tail -n+"$ARCHIVE" "$0" | tar -xz -C "$DESTINATION_FOLDER"
+
+cd "$DESTINATION_FOLDER"
+./install.sh
+
+exit 0
+__ARCHIVE_BELOW__

diff --git a/playbooks/roles/package/files/install.sh b/playbooks/roles/package/files/install.sh
new file mode 100755 (executable)
index 0000000..a5c1ccb
--- /dev/null
+++ b/playbooks/roles/package/files/install.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# TODO (fdegir): This script could be enhanced to provide full installation functionality
+# by parsing arguments and executing actual engine deploy.sh with the arguments but left for later
+echo "Info  : Dependencies are extracted to $DESTINATION_FOLDER"
+echo "Info  : Please navigate to $DESTINATION_FOLDER/git/engine/engine folder and issue deployment command"
+echo "        You can get help about the engine usage by issuing command ./deploy.sh -h"
+echo "        Do not forget to specify PDF and IDF file locations using -p and -i arguments!"
+echo "Info  : Done!"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/binaries.yaml b/playbooks/roles/package/tasks/binaries.yaml
new file mode 100644 (file)
index 0000000..f90ac01
--- /dev/null
+++ b/playbooks/roles/package/tasks/binaries.yaml
@@ -0,0 +1,59 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store k8s binaries
+  file:
+    path: "{{ binaries_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Set versions of k8s components in Kubespray downloads role
+  lineinfile:
+    path: "{{ git_folder }}/kubespray/roles/download/defaults/main.yml"
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - {regexp: "^kube_version:.*", line: "kube_version: {{ kubernetes_version }}"}
+    - {regexp: "^helm_version:.*", line: "helm_version: {{ helm_version }}"}
+
+# NOTE (fdegir): order of vars files is significant
+- name: Include kubespray vars files
+  include_vars: "{{ item }}"
+  with_items:
+    - "{{ git_folder }}/kubespray/roles/kubespray-defaults/defaults/main.yaml"
+    - "{{ git_folder }}/kubespray/roles/download/defaults/main.yml"
+
+- name: Download k8s binaries
+  get_url:
+    url: "{{ downloads[item].url }}"
+    dest: "{{ binaries_folder }}/{{ item }}"
+    mode: 0755
+    force: true
+  loop: "{{ k8s_binaries }}"
+
+- name: Download helm binary
+  get_url:
+    url: "{{ helm_download_url }}"
+    dest: "{{ binaries_folder }}"
+    mode: 0755
+    force: true
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/containers.yaml b/playbooks/roles/package/tasks/containers.yaml
new file mode 100644 (file)
index 0000000..9101950
--- /dev/null
+++ b/playbooks/roles/package/tasks/containers.yaml
@@ -0,0 +1,145 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store container images
+  file:
+    path: "{{ containers_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Set versions of k8s components in Kubespray downloads role
+  lineinfile:
+    path: "{{ git_folder }}/kubespray/roles/download/defaults/main.yml"
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - {regexp: "^kube_version:.*", line: "kube_version: {{ kubernetes_version }}"}
+    - {regexp: "^helm_version:.*", line: "helm_version: {{ helm_version }}"}
+
+# NOTE (fdegir): order of vars files is significant
+- name: Include kubespray vars files
+  include_vars: "{{ item }}"
+  with_items:
+    - "{{ git_folder }}/kubespray/roles/kubespray-defaults/defaults/main.yaml"
+    - "{{ git_folder }}/kubespray/roles/download/defaults/main.yml"
+
+- name: Remove outdated kubeadm-images.yaml file
+  file:
+    path: "/tmp/kubeadm-images.yaml"
+    state: absent
+
+- name: Generate kubeadm-images.yaml to fetch container images
+  template:
+    src: "kubeadm-images.yaml.j2"
+    dest: "/tmp/kubeadm-images.yaml"
+    force: true
+
+# NOTE (fdegir): the tasks below are taken from kubespray/roles/download/tasks/prep_kubeadm_images.yml
+- name: Get list of kubeadm images
+  shell: |
+    set -o pipefail
+    {{ binaries_folder }}/kubeadm config images list --config=/tmp/kubeadm-images.yaml | grep -v coredns
+  args:
+    executable: /bin/bash
+  register: kubeadm_images_raw
+  run_once: true
+  changed_when: false
+
+- name: Parse list of kubeadm images
+  vars:
+    kubeadm_images_list: "{{ kubeadm_images_raw.stdout_lines }}"
+  set_fact:
+    kubeadm_image:
+      key: "kubeadm_{{ (item | regex_replace('^(?:.*\\/)*','')).split(':')[0] }}"
+      value:
+        enabled: true
+        container: true
+        repo: "{{ item | regex_replace('^(.*):.*$','\\1') }}"
+        tag: "{{ item | regex_replace('^.*:(.*)$','\\1') }}"
+  loop: "{{ kubeadm_images_list | flatten(levels=1) }}"
+  register: kubeadm_images_cooked
+  run_once: true
+
+- name: Convert list of kubeadm images to dict
+  set_fact:
+    kubeadm_images: "{{ kubeadm_images_cooked.results | map(attribute='ansible_facts.kubeadm_image') | list | items2dict }}"
+  run_once: true
+
+# NOTE (fdegir): docker_image module doesn't seem to respect become so falling back to command module
+- name: Pull kubeadm container images
+  command: "docker pull {{ kubeadm_images[item.key].repo }}:{{ kubeadm_images[item.key].tag }}"
+  with_dict: "{{ kubeadm_images }}"
+  become: true
+  changed_when: false
+
+- name: Pull misc container images
+  command: "docker pull {{ downloads[item].repo }}:{{ downloads[item].tag }}"
+  loop: "{{ k8s_misc_images }}"
+  become: true
+  changed_when: false
+
+- name: Pull other container images
+  command: "docker pull {{ other_images[item.key].repo }}:{{ other_images[item.key].tag }}"
+  with_dict: "{{ other_images }}"
+  become: true
+  changed_when: false
+
+# save container images
+- name: Save kubeadm container images
+  command: |-
+    docker save {{ kubeadm_images[item.key].repo }}:{{ kubeadm_images[item.key].tag }}
+    -o {{ kubeadm_images[item.key].repo | replace('/', '_') }}_{{ kubeadm_images[item.key].tag }}.tar
+  with_dict: "{{ kubeadm_images }}"
+  args:
+    chdir: "{{ containers_folder }}"
+  become: true
+  changed_when: false
+
+- name: Save misc container images
+  command: |-
+    docker save {{ downloads[item].repo }}:{{ downloads[item].tag }}
+    -o {{ downloads[item].repo }} -o {{ downloads[item].repo | replace('/', '_') }}_{{ downloads[item].tag }}.tar
+  loop: "{{ k8s_misc_images }}"
+  args:
+    chdir: "{{ containers_folder }}"
+  become: true
+  changed_when: false
+
+- name: Save other container images
+  command: |-
+    docker save {{ other_images[item.key].repo }}:{{ other_images[item.key].tag }}
+    -o {{ other_images[item.key].repo | replace('/', '_') }}_{{ other_images[item.key].tag }}.tar
+  with_dict: "{{ other_images }}"
+  args:
+    chdir: "{{ containers_folder }}"
+  become: true
+  changed_when: false
+
+# NOTE (fdegir): archive fails due to wrong permissions so we fix them
+- name: Fix container image permissions
+  file:
+    path: "{{ containers_folder }}"
+    state: directory
+    recurse: true
+    mode: 0755
+  become: true
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/dib.yaml b/playbooks/roles/package/tasks/dib.yaml
new file mode 100644 (file)
index 0000000..887977b
--- /dev/null
+++ b/playbooks/roles/package/tasks/dib.yaml
@@ -0,0 +1,35 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store images used for provisioning
+  file:
+    path: "{{ dib_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Download distro images used for provisioning nodes
+  get_url:
+    url: "{{ item }}"
+    dest: "{{ dib_folder }}"
+    force: true
+  loop: "{{ dib_images }}"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/git.yaml b/playbooks/roles/package/tasks/git.yaml
new file mode 100644 (file)
index 0000000..60ddff8
--- /dev/null
+++ b/playbooks/roles/package/tasks/git.yaml
@@ -0,0 +1,41 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store git repositories
+  file:
+    path: "{{ git_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Clone repositories
+  git:
+    repo: "{{ repositories[item.key].repo }}"
+    dest: "{{ git_folder }}/{{ repositories[item.key].dest }}"
+    version: "{{ repositories[item.key].version }}"
+    refspec: "{{ repositories[item.key].refspec | default(omit) }}"
+    force: true
+  with_dict: "{{ repositories }}"
+  environment:
+    http_proxy: "{{ lookup('env','http_proxy') }}"
+    https_proxy: "{{ lookup('env','https_proxy') }}"
+    no_proxy: "{{ lookup('env','no_proxy') }}"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/install-packages-Debian.yml b/playbooks/roles/package/tasks/install-packages-Debian.yml
new file mode 100644 (file)
index 0000000..b69f4bd
--- /dev/null
+++ b/playbooks/roles/package/tasks/install-packages-Debian.yml
@@ -0,0 +1,61 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Load distribution variables
+  include_vars: '{{ ansible_os_family }}.yaml'
+
+- name: Add docker apt key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+  become: true
+
+# NOTE(fdegir): ansible apt_repository gives segmentation fault so failling back to command
+- name: Add docker apt repository
+  command: |-
+    add-apt-repository \
+    "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+  changed_when: false
+  become: true
+
+- name: Run apt update
+  apt:
+    update_cache: true
+  become: true
+
+- name: Install packages
+  apt:
+    name: "{{ packages }}"
+    state: "{{ item }}"
+    force: true
+    install_recommends: true
+    autoremove: true
+    update_cache: true
+  with_items:
+    - absent
+    - present
+  become: true
+
+- name: Restart docker service
+  service:
+    name: "{{ docker_service_name }}"
+    state: restarted
+  become: true
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/main.yaml b/playbooks/roles/package/tasks/main.yaml
new file mode 100644 (file)
index 0000000..a1296b1
--- /dev/null
+++ b/playbooks/roles/package/tasks/main.yaml
@@ -0,0 +1,87 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Prepare packaging
+  include_tasks: prepare-packaging.yaml
+
+- name: Create folder to store dependencies for offline deployment
+  file:
+    path: "{{ offline_pkg_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Install packages on {{ ansible_os_family }}
+  include_tasks: "install-packages-{{ ansible_os_family }}.yml"
+
+# TODO (fdegir): we need to switch to build with dib here
+- name: Fetch operating system images for provisioning
+  include_tasks: dib.yaml
+
+# collect apt packages
+- name: Fetch operating system packages
+  include_tasks: "pkg-{{ ansible_os_family }}.yaml"
+
+# clone git repositories
+- name: Fetch git repositories
+  include_tasks: git.yaml
+
+# download binaries
+- name: Fetch binaries
+  include_tasks: binaries.yaml
+
+# download pip packages
+- name: Fetch pip python packages
+  include_tasks: pip.yaml
+
+# fetch k8s container images
+- name: Fetch container images
+  include_tasks: containers.yaml
+
+# ensure we don't have leftovers
+- name: Delete outdated files
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - "{{ offline_pkg_file }}"
+    - "{{ offline_pkg_folder }}/install.sh"
+    - "{{ offline_installer_file }}"
+    - "/tmp/decompress.sh"
+
+- name: Copy decompress and install scripts
+  copy:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: 0755
+  with_items:
+    - {src: "install.sh", dest: "{{ offline_pkg_folder }}/install.sh"}
+    - {src: "decompress.sh", dest: "/tmp/decompress.sh"}
+
+# create tarball
+- name: Create engine installer file
+  script: build.sh
+  register: build_script
+
+- name: Log build script output to console
+  debug:
+    msg: "{{ build_script.stdout_lines }}"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/pip.yaml b/playbooks/roles/package/tasks/pip.yaml
new file mode 100644 (file)
index 0000000..a4a4642
--- /dev/null
+++ b/playbooks/roles/package/tasks/pip.yaml
@@ -0,0 +1,40 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store pip packages
+  file:
+    path: "{{ pip_folder }}"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+- name: Download pip packages using requirements.txt file
+  command: "pip download -r {{ engine_path }}/requirements.txt --no-cache"
+  changed_when: false
+  args:
+    chdir: "{{ pip_folder }}"
+
+- name: Copy pip.conf
+  template:
+    src: pip.conf.j2
+    dest: "{{ pip_folder }}/pip.conf"
+    force: true
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/pkg-Debian.yaml b/playbooks/roles/package/tasks/pkg-Debian.yaml
new file mode 100644 (file)
index 0000000..f844bf9
--- /dev/null
+++ b/playbooks/roles/package/tasks/pkg-Debian.yaml
@@ -0,0 +1,53 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Create directory to store apt packages
+  file:
+    path: "{{ pkg_folder }}/amd64"
+    state: "{{ item }}"
+  with_items:
+    - absent
+    - directory
+
+# NOTE (fdegir): docker version is taken and updated from engine versions file
+- name: Generate ubuntu.list file from template
+  template:
+    src: ubuntu.list.j2
+    dest: /tmp/ubuntu.list
+    force: true
+
+- name: Download apt packages using ubuntu.list file
+  shell: |
+    set -o pipefail
+    apt download $(grep -vE "^\s*#" /tmp/ubuntu.list | tr "\n" " ")
+  changed_when: false
+  args:
+    executable: /bin/bash
+    chdir: "{{ pkg_folder }}/amd64"
+
+- name: Generate Packages.gz file for apt packages
+  shell: |
+    set -o pipefail
+    dpkg-scanpackages amd64 | gzip -9c > amd64/Packages.gz
+  args:
+    executable: /bin/bash
+    creates: "{{ pkg_folder }}/amd64/Packages.gz"
+    chdir: "{{ pkg_folder }}"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/tasks/prepare-packaging.yaml b/playbooks/roles/package/tasks/prepare-packaging.yaml
new file mode 100644 (file)
index 0000000..48428e3
--- /dev/null
+++ b/playbooks/roles/package/tasks/prepare-packaging.yaml
@@ -0,0 +1,82 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Ensure provisioner and installer folders exist and empty
+  file:
+    path: "{{ engine_path }}/engine/{{ item.path}}"
+    state: "{{ item.state }}"
+  with_items:
+    - {path: "{{ engine_path }}/engine/provisioner", state: absent}
+    - {path: "{{ engine_path }}/engine/provisioner", state: directory}
+    - {path: "{{ engine_path }}/engine/installer", state: absent}
+    - {path: "{{ engine_path }}/engine/installer", state: directory}
+
+- name: Clone engine provisioner repositories
+  git:
+    repo: "{{ provisioners[provisioner.key].src }}"
+    dest: "{{ engine_path }}/engine/provisioner/{{ provisioner.key }}"
+    version: "{{ provisioners[provisioner.key].version }}"
+    refspec: "{{ provisioners[provisioner.key].refspec | default(omit) }}"
+    force: true
+  with_dict: "{{ provisioners }}"
+  loop_control:
+    loop_var: provisioner
+  environment:
+    http_proxy: "{{ lookup('env','http_proxy') }}"
+    https_proxy: "{{ lookup('env','https_proxy') }}"
+    no_proxy: "{{ lookup('env','no_proxy') }}"
+
+- name: Copy engine provisioner vars file into group_vars
+  copy:
+    src: "{{ engine_path }}/engine/provisioner/{{ provisioner.key }}/vars/{{ provisioner.key }}.yaml"
+    dest: "{{ engine_path }}/engine/inventory/group_vars/all/{{ provisioner.key }}.yaml"
+    force: true
+  with_dict: "{{ provisioners }}"
+  loop_control:
+    loop_var: provisioner
+
+- name: Clone engine installer repositories
+  git:
+    repo: "{{ installers[installer.key].src }}"
+    dest: "{{ engine_path }}/engine/installer/{{ installer.key }}"
+    version: "{{ installers[installer.key].version }}"
+    refspec: "{{ installers[installer.key].refspec | default(omit) }}"
+    force: true
+  with_dict: "{{ installers }}"
+  loop_control:
+    loop_var: installer
+  environment:
+    http_proxy: "{{ lookup('env','http_proxy') }}"
+    https_proxy: "{{ lookup('env','https_proxy') }}"
+    no_proxy: "{{ lookup('env','no_proxy') }}"
+
+- name: Copy engine installer vars file into group_vars
+  copy:
+    src: "{{ engine_path }}/engine/installer/{{ installer.key }}/vars/{{ installer.key }}.yaml"
+    dest: "{{ engine_path }}/engine/inventory/group_vars/all/{{ installer.key }}.yaml"
+    force: true
+  with_dict: "{{ installers }}"
+  loop_control:
+    loop_var: installer
+
+- name: Include vars from collected provisioners and installers vars files
+  include_vars:
+    dir: "{{ engine_path }}/engine/inventory/group_vars/all"
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/playbooks/roles/package/templates/kubeadm-images.yaml.j2 b/playbooks/roles/package/templates/kubeadm-images.yaml.j2
new file mode 100644 (file)
index 0000000..cc4f212
--- /dev/null
+++ b/playbooks/roles/package/templates/kubeadm-images.yaml.j2
@@ -0,0 +1,13 @@
+apiVersion: kubeadm.k8s.io/v1beta1
+kind: InitConfiguration
+nodeRegistration:
+  criSocket: {{ cri_socket }}
+---
+apiVersion: kubeadm.k8s.io/v1beta1
+kind: ClusterConfiguration
+imageRepository: {{ kube_image_repo }}
+kubernetesVersion: {{ kube_version }}
+dns:
+  type: CoreDNS
+  imageRepository: {{ coredns_image_repo | regex_replace('/coredns$','') }}
+  imageTag: {{ coredns_image_tag }}

diff --git a/playbooks/roles/package/templates/pip.conf.j2 b/playbooks/roles/package/templates/pip.conf.j2
new file mode 100644 (file)
index 0000000..9ab40ef
--- /dev/null
+++ b/playbooks/roles/package/templates/pip.conf.j2
@@ -0,0 +1,4 @@
+[global]
+timeout=10
+find-links={{ engine_workspace }}/offline/pip
+no-index=yes

diff --git a/playbooks/roles/package/templates/ubuntu.list.j2 b/playbooks/roles/package/templates/ubuntu.list.j2
new file mode 100644 (file)
index 0000000..7003921
--- /dev/null
+++ b/playbooks/roles/package/templates/ubuntu.list.j2
@@ -0,0 +1,859 @@
+accountsservice
+acl
+acpid
+adduser
+amd64-microcode
+apparmor
+apport
+apport-symptoms
+apt
+apt-cacher-ng
+apt-transport-https
+apt-utils
+at
+aufs-tools
+augeas-lenses
+base-files
+base-passwd
+bash
+bash-completion
+bc
+bcache-tools
+bind9-host
+binutils
+binutils-common:amd64
+binutils-x86-64-linux-gnu
+bridge-utils
+bsdmainutils
+bsdutils
+btrfs-progs
+btrfs-tools
+build-essential
+busybox
+busybox-initramfs
+busybox-static
+byobu
+bzip2
+ca-certificates
+chrony
+cloud-guest-utils
+cloud-image-utils
+cloud-init
+cloud-initramfs-copymods
+cloud-initramfs-dyn-netconf
+cloud-utils
+command-not-found
+command-not-found-data
+conntrack
+console-setup
+console-setup-linux
+coreutils
+cpio
+cpp
+cpp-7
+cpu-checker
+crda
+cron
+cryptsetup
+cryptsetup-bin
+curl
+dash
+dbus
+dconf-gsettings-backend:amd64
+dconf-service
+debconf
+debconf-i18n
+debianutils
+debootstrap
+dh-python
+diffutils
+dirmngr
+distro-info-data
+dmeventd
+dmidecode
+dmsetup
+dnsmasq
+dnsmasq-base
+dns-root-data
+dnsutils
+dosfstools
+dpkg
+dpkg-dev
+e2fsprogs
+eatmydata
+ebtables
+ed
+efibootmgr
+eject
+ethtool
+fakeroot
+fdisk
+file
+findutils
+fontconfig
+fontconfig-config
+fonts-dejavu-core
+fonts-ubuntu-console
+freeipmi-common
+friendly-recovery
+ftp
+fuse
+g++
+g++-7
+galera-3
+gawk
+gcc
+gcc-7
+gcc-7-base:amd64
+gcc-8-base:amd64
+gdisk
+genisoimage
+geoip-database
+gettext-base
+gir1.2-glib-2.0:amd64
+gir1.2-harfbuzz-0.0:amd64
+git
+git-man
+glib-networking:amd64
+glib-networking-common
+glib-networking-services
+gnupg
+gnupg-agent
+gnupg-l10n
+gnupg-utils
+gpg
+gpg-agent
+gpgconf
+gpgsm
+gpgv
+gpg-wks-client
+gpg-wks-server
+grep
+groff-base
+grub2-common
+grub-common
+grub-efi-amd64
+grub-efi-amd64-bin
+grub-efi-amd64-signed
+grub-gfxpayload-lists
+grub-ipxe
+grub-legacy-ec2
+grub-pc
+grub-pc-bin
+gsettings-desktop-schemas
+gstreamer1.0-plugins-base:amd64
+gstreamer1.0-plugins-good:amd64
+gstreamer1.0-x:amd64
+gzip
+hdparm
+hostname
+htop
+ibverbs-providers:amd64
+icu-devtools
+ifupdown
+info
+init
+initramfs-tools
+initramfs-tools-bin
+initramfs-tools-core
+init-system-helpers
+install-info
+intel-microcode
+ipmitool
+iproute2
+ipset
+iptables
+iputils-ping
+iputils-tracepath
+ipvsadm
+ipxe
+ipxe-qemu
+ipxe-qemu-256k-compat-efi-roms
+irqbalance
+isc-dhcp-client
+isc-dhcp-common
+iso-codes
+iucode-tool
+iw
+javascript-common
+kbd
+keyboard-configuration
+klibc-utils
+kmod
+kpartx
+krb5-locales
+landscape-common
+language-pack-en
+language-pack-en-base
+language-selector-common
+less
+libaa1:amd64
+libaccountsservice0:amd64
+libacl1:amd64
+libaio1:amd64
+libalgorithm-diff-perl
+libalgorithm-diff-xs-perl
+libalgorithm-merge-perl
+libapparmor1:amd64
+libapt-inst2.0:amd64
+libapt-pkg5.0:amd64
+libargon2-0:amd64
+libasan4:amd64
+libasn1-8-heimdal:amd64
+libasound2:amd64
+libasound2-data
+libassuan0:amd64
+libasyncns0:amd64
+libatm1:amd64
+libatomic1:amd64
+libattr1:amd64
+libaudit1:amd64
+libaudit-common
+libaugeas0:amd64
+libavahi-client3:amd64
+libavahi-common3:amd64
+libavahi-common-data:amd64
+libavc1394-0:amd64
+libbind9-160:amd64
+libbinutils:amd64
+libblkid1:amd64
+libbluetooth3:amd64
+libbrlapi0.6:amd64
+libbsd0:amd64
+libbz2-1.0:amd64
+libc6:amd64
+libc6-dev:amd64
+libcaca0:amd64
+libcacard0:amd64
+libcairo2:amd64
+libcairo-gobject2:amd64
+libcap2:amd64
+libcap2-bin
+libcap-ng0:amd64
+libc-bin
+libcc1-0:amd64
+libc-dev-bin
+libcdparanoia0:amd64
+libcgi-fast-perl
+libcgi-pm-perl
+libcilkrts5:amd64
+libcom-err2:amd64
+libconfig-inifiles-perl
+libcryptsetup12:amd64
+libcurl3-gnutls:amd64
+libcurl4:amd64
+libdatrie1:amd64
+libdb5.3:amd64
+libdbd-mysql-perl
+libdbi-perl
+libdbus-1-3:amd64
+libdconf1:amd64
+libdebconfclient0:amd64
+libdevmapper1.02.1:amd64
+libdevmapper-event1.02.1:amd64
+libdns1100:amd64
+libdns-export1100
+libdpkg-perl
+libdrm2:amd64
+libdrm-common
+libdumbnet1:amd64
+libdv4:amd64
+libeatmydata1:amd64
+libedit2:amd64
+libefiboot1:amd64
+libefivar1:amd64
+libelf1:amd64
+libencode-locale-perl
+liberror-perl
+libestr0:amd64
+libevent-2.1-6:amd64
+libexpat1:amd64
+libexpat1-dev:amd64
+libext2fs2:amd64
+libfakeroot:amd64
+libfastjson4:amd64
+libfcgi-perl
+libfdisk1:amd64
+libfdt1:amd64
+libffi6:amd64
+libffi-dev:amd64
+libfile-copy-recursive-perl
+libfile-fcntllock-perl
+libflac8:amd64
+libfontconfig1:amd64
+libfreeipmi16
+libfreetype6:amd64
+libfribidi0:amd64
+libfuse2:amd64
+libgcc1:amd64
+libgcc-7-dev:amd64
+libgcrypt20:amd64
+libgd3:amd64
+libgdbm5:amd64
+libgdbm-compat4:amd64
+libgdk-pixbuf2.0-0:amd64
+libgdk-pixbuf2.0-bin
+libgdk-pixbuf2.0-common
+libgeoip1:amd64
+libgirepository-1.0-1:amd64
+libglib2.0-0:amd64
+libglib2.0-bin
+libglib2.0-data
+libglib2.0-dev:amd64
+libglib2.0-dev-bin
+libgmp10:amd64
+libgnutls30:amd64
+libgomp1:amd64
+libgpg-error0:amd64
+libgpm2:amd64
+libgraphite2-3:amd64
+libgraphite2-dev:amd64
+libgssapi3-heimdal:amd64
+libgssapi-krb5-2:amd64
+libgstreamer1.0-0:amd64
+libgstreamer-plugins-base1.0-0:amd64
+libgstreamer-plugins-good1.0-0:amd64
+libgudev-1.0-0:amd64
+libharfbuzz0b:amd64
+libharfbuzz-dev:amd64
+libharfbuzz-gobject0:amd64
+libharfbuzz-icu0:amd64
+libhcrypto4-heimdal:amd64
+libheimbase1-heimdal:amd64
+libheimntlm0-heimdal:amd64
+libhogweed4:amd64
+libhtml-parser-perl
+libhtml-tagset-perl
+libhtml-template-perl
+libhttp-date-perl
+libhttp-message-perl
+libhx509-5-heimdal:amd64
+libibverbs1:amd64
+libicu60:amd64
+libicu-dev
+libicu-le-hb0:amd64
+libicu-le-hb-dev:amd64
+libiculx60:amd64
+libidn11:amd64
+libidn2-0:amd64
+libiec61883-0:amd64
+libio-html-perl
+libip4tc0:amd64
+libip6tc0:amd64
+libipset3:amd64
+libiptc0:amd64
+libirs160:amd64
+libisc169:amd64
+libisccc160:amd64
+libisccfg160:amd64
+libisc-export169:amd64
+libiscsi7:amd64
+libisl19:amd64
+libisns0:amd64
+libitm1:amd64
+libjack-jackd2-0:amd64
+libjbig0:amd64
+libjemalloc1
+libjpeg8:amd64
+libjpeg-turbo8:amd64
+libjs-jquery
+libjson-c3:amd64
+libjs-sphinxdoc
+libjs-underscore
+libk5crypto3:amd64
+libkeyutils1:amd64
+libklibc
+libkmod2:amd64
+libkrb5-26-heimdal:amd64
+libkrb5-3:amd64
+libkrb5support0:amd64
+libksba8:amd64
+libldap-2.4-2:amd64
+libldap-common
+liblocale-gettext-perl
+liblsan0:amd64
+libltdl7
+liblvm2app2.2:amd64
+liblvm2cmd2.02:amd64
+liblwp-mediatypes-perl
+liblwres160:amd64
+liblxc1
+liblxc-common
+liblz4-1:amd64
+liblzma5:amd64
+liblzo2-2:amd64
+libmagic1:amd64
+libmagic-mgc
+libmnl0:amd64
+libmount1:amd64
+libmp3lame0:amd64
+libmpc3:amd64
+libmpdec2:amd64
+libmpfr6:amd64
+libmpg123-0:amd64
+libmpx2:amd64
+libmspack0:amd64
+libmysqlclient20:amd64
+libncurses5:amd64
+libncursesw5:amd64
+libnetcf1:amd64
+libnetfilter-conntrack3:amd64
+libnettle6:amd64
+libnewt0.52:amd64
+libnfnetlink0:amd64
+libnghttp2-14:amd64
+libnginx-mod-http-geoip
+libnginx-mod-http-image-filter
+libnginx-mod-http-xslt-filter
+libnginx-mod-mail
+libnginx-mod-stream
+libnih1:amd64
+libnl-3-200:amd64
+libnl-genl-3-200:amd64
+libnl-route-3-200:amd64
+libnorm1:amd64
+libnpth0:amd64
+libnspr4:amd64
+libnss3:amd64
+libnss-systemd:amd64
+libntfs-3g88
+libnuma1:amd64
+libogg0:amd64
+libopenipmi0
+libopus0:amd64
+liborc-0.4-0:amd64
+libp11-kit0:amd64
+libpam0g:amd64
+libpam-cap:amd64
+libpam-modules:amd64
+libpam-modules-bin
+libpam-runtime
+libpam-systemd:amd64
+libpango-1.0-0:amd64
+libpangocairo-1.0-0:amd64
+libpangoft2-1.0-0:amd64
+libparted2:amd64
+libpcap0.8:amd64
+libpci3:amd64
+libpciaccess0:amd64
+libpcre16-3:amd64
+libpcre32-3:amd64
+libpcre3:amd64
+libpcre3-dev:amd64
+libpcrecpp0v5:amd64
+libperl5.26:amd64
+libpgm-5.2-0:amd64
+libpipeline1:amd64
+libpixman-1-0:amd64
+libplymouth4:amd64
+libpng16-16:amd64
+libpolkit-agent-1-0:amd64
+libpolkit-backend-1-0:amd64
+libpolkit-gobject-1-0:amd64
+libpopt0:amd64
+libprocps6:amd64
+libproxy1v5:amd64
+libpsl5:amd64
+libpulse0:amd64
+libpython2.7:amd64
+libpython2.7-dev:amd64
+libpython2.7-minimal:amd64
+libpython2.7-stdlib:amd64
+libpython3.6:amd64
+libpython3.6-dev:amd64
+libpython3.6-minimal:amd64
+libpython3.6-stdlib:amd64
+libpython3-dev:amd64
+libpython3-stdlib:amd64
+libpython-all-dev:amd64
+libpython-dev:amd64
+libpython-stdlib:amd64
+libquadmath0:amd64
+librados2
+libraw1394-11:amd64
+librbd1
+librdmacm1:amd64
+libreadline5:amd64
+libreadline7:amd64
+libroken18-heimdal:amd64
+librtmp1:amd64
+libsamplerate0:amd64
+libsasl2-2:amd64
+libsasl2-modules:amd64
+libsasl2-modules-db:amd64
+libsdl1.2debian:amd64
+libseccomp2:amd64
+libselinux1:amd64
+libsemanage1:amd64
+libsemanage-common
+libsensors4:amd64
+libsepol1:amd64
+libshout3:amd64
+libsigsegv2:amd64
+libslang2:amd64
+libsmartcols1:amd64
+libsndfile1:amd64
+libsnmp30:amd64
+libsnmp-base
+libsodium23:amd64
+libsoup2.4-1:amd64
+libspeex1:amd64
+libspice-server1:amd64
+libsqlite3-0:amd64
+libss2:amd64
+libssl1.0.0:amd64
+libssl1.1:amd64
+libssl-dev:amd64
+libstdc++6:amd64
+libstdc++-7-dev:amd64
+libsystemd0:amd64
+libtag1v5:amd64
+libtag1v5-vanilla:amd64
+libtasn1-6:amd64
+libterm-readkey-perl
+libtext-charwidth-perl
+libtext-iconv-perl
+libtext-wrapi18n-perl
+libthai0:amd64
+libthai-data
+libtheora0:amd64
+libtiff5:amd64
+libtimedate-perl
+libtinfo5:amd64
+libtsan0:amd64
+libtwolame0:amd64
+libubsan0:amd64
+libudev1:amd64
+libunistring2:amd64
+libunwind8:amd64
+liburi-perl
+libusb-1.0-0:amd64
+libusbredirparser1:amd64
+libutempter0:amd64
+libuuid1:amd64
+libv4l-0:amd64
+libv4lconvert0:amd64
+libvirt0:amd64
+libvirt-bin
+libvirt-clients
+libvirt-daemon
+libvirt-daemon-driver-storage-rbd
+libvirt-daemon-system
+libvirt-dev:amd64
+libvisual-0.4-0:amd64
+libvorbis0a:amd64
+libvorbisenc2:amd64
+libvpx5:amd64
+libwavpack1:amd64
+libwebp6:amd64
+libwind0-heimdal:amd64
+libwrap0:amd64
+libwsman1:amd64
+libwsman-client4:amd64
+libwsman-curl-client-transport1:amd64
+libx11-6:amd64
+libx11-data
+libxau6:amd64
+libxcb1:amd64
+libxcb-render0:amd64
+libxcb-shm0:amd64
+libxdamage1:amd64
+libxdmcp6:amd64
+libxen-4.9:amd64
+libxen-dev:amd64
+libxenstore3.0:amd64
+libxext6:amd64
+libxfixes3:amd64
+libxml2:amd64
+libxml2-dev:amd64
+libxml2-utils
+libxmlsec1:amd64
+libxmlsec1-openssl:amd64
+libxmuu1:amd64
+libxpm4:amd64
+libxrender1:amd64
+libxslt1.1:amd64
+libxslt1-dev:amd64
+libxtables12:amd64
+libxv1:amd64
+libyajl2:amd64
+libyaml-0-2:amd64
+libzmq5:amd64
+libzstd1:amd64
+linux-base
+linux-firmware
+linux-headers-4.15.0-20
+linux-headers-4.15.0-20-generic
+linux-headers-generic
+linux-headers-virtual
+linux-image-4.15.0-20-generic
+linux-image-4.15.0-88-generic
+linux-image-generic
+linux-image-virtual
+linux-libc-dev:amd64
+linux-modules-4.15.0-20-generic
+linux-modules-4.15.0-88-generic
+linux-modules-extra-4.15.0-88-generic
+linux-virtual
+locales
+login
+logrotate
+lsb-base
+lsb-release
+lshw
+lsof
+ltrace
+lvm2
+lxcfs
+lxd
+lxd-client
+make
+man-db
+manpages
+manpages-dev
+mariadb-client-10.1
+mariadb-client-core-10.1
+mariadb-common
+mariadb-server
+mariadb-server-10.1
+mariadb-server-core-10.1
+mawk
+mdadm
+mime-support
+mlocate
+mokutil
+mount
+msr-tools
+mtr-tiny
+multiarch-support
+mysql-common
+nano
+ncurses-base
+ncurses-bin
+ncurses-term
+netbase
+netcat-openbsd
+netplan.io
+net-tools
+networkd-dispatcher
+nginx
+nginx-common
+nginx-core
+nplan
+ntfs-3g
+openipmi
+open-iscsi
+openssh-client
+openssh-server
+openssh-sftp-server
+openssl
+open-vm-tools
+os-prober
+overlayroot
+parted
+passwd
+pastebinit
+patch
+pciutils
+perl
+perl-base
+perl-modules-5.26
+pinentry-curses
+pkg-config
+plymouth
+plymouth-theme-ubuntu-text
+policykit-1
+pollinate
+popularity-contest
+powermgmt-base
+procps
+psmisc
+publicsuffix
+python
+python2.7
+python2.7-dev
+python2.7-minimal
+python3
+python3.6
+python3.6-dev
+python3.6-minimal
+python3-apport
+python3-apt
+python3-asn1crypto
+python3-attr
+python3-automat
+python3-blinker
+python3-certifi
+python3-cffi-backend
+python3-chardet
+python3-click
+python3-colorama
+python3-commandnotfound
+python3-configobj
+python3-constantly
+python3-crypto
+python3-cryptography
+python3-dbus
+python3-debconf
+python3-debian
+python3-dev
+python3-distro-info
+python3-distupgrade
+python3-distutils
+python3-gdbm:amd64
+python3-gi
+python3-httplib2
+python3-hyperlink
+python3-idna
+python3-incremental
+python3-jinja2
+python3-jsonpatch
+python3-json-pointer
+python3-jsonschema
+python3-jwt
+python3-keyring
+python3-keyrings.alt
+python3-lib2to3
+python3-markupsafe
+python3-minimal
+python3-mysqldb
+python3-newt:amd64
+python3-oauthlib
+python3-openssl
+python3-pam
+python3-pip
+python3-pkg-resources
+python3-problem-report
+python3-pyasn1
+python3-pyasn1-modules
+python3-pymysql
+python3-requests
+python3-requests-unixsocket
+python3-secretstorage
+python3-serial
+python3-service-identity
+python3-setuptools
+python3-six
+python3-software-properties
+python3-systemd
+python3-twisted
+python3-twisted-bin:amd64
+python3-update-manager
+python3-urllib3
+python3-virtualenv
+python3-wheel
+python3-xdg
+python3-yaml
+python3-zmq
+python3-zope.interface
+python-all
+python-all-dev
+python-apt
+python-apt-common
+python-asn1crypto
+python-cffi-backend
+python-configparser
+python-crypto
+python-cryptography
+python-dbus
+python-dev
+python-enum34
+python-gi
+python-idna
+python-ipaddress
+python-keyring
+python-keyrings.alt
+python-minimal
+python-mysqldb
+python-openwsman
+python-pip
+python-pip-whl
+python-pkg-resources
+python-pymysql
+python-secretstorage
+python-setuptools
+python-six
+python-virtualenv
+python-wheel
+python-xdg
+qemu-block-extra:amd64
+qemu-kvm
+qemu-system-common
+qemu-system-x86
+qemu-utils
+readline-common
+rsync
+rsyslog
+run-one
+sbsigntool
+screen
+seabios
+secureboot-db
+sed
+sensible-utils
+sgabios
+shared-mime-info
+sharutils
+shim
+shim-signed
+snapd
+socat
+software-properties-common
+sosreport
+squashfs-tools
+ssh-import-id
+strace
+sudo
+systemd
+systemd-sysv
+sysvinit-utils
+tar
+tcpdump
+telnet
+tftpd-hpa
+tftp-hpa
+time
+tmux
+tzdata
+ubuntu-advantage-tools
+ubuntu-keyring
+ubuntu-minimal
+ubuntu-release-upgrader-core
+ubuntu-server
+ubuntu-standard
+ucf
+udev
+ufw
+uidmap
+unattended-upgrades
+unzip
+update-inetd
+update-manager-core
+update-notifier-common
+ureadahead
+usbutils
+util-linux
+uuid-runtime
+vim
+vim-common
+vim-runtime
+vim-tiny
+virtualenv
+wget
+whiptail
+wireless-regdb
+xauth
+xdelta3
+xdg-user-dirs
+xfsprogs
+xinetd
+xkb-data
+xxd
+xz-utils
+zerofree
+zlib1g:amd64
+zlib1g-dev:amd64
+# NOTE (fdegir): pinned docker versions
+docker-ce={{ docker_ce_version }}
+docker-ce-cli={{ docker_ce_cli_version }}
+containerd.io={{ containerd_io_version }}

diff --git a/playbooks/roles/package/vars/Debian.yaml b/playbooks/roles/package/vars/Debian.yaml
new file mode 100644 (file)
index 0000000..bd7361f
--- /dev/null
+++ b/playbooks/roles/package/vars/Debian.yaml
@@ -0,0 +1,30 @@
+---
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# package names
+packages:
+  - dpkg-dev
+  - docker-ce={{ docker_ce_version }}
+  - docker-ce-cli={{ docker_ce_cli_version }}
+  - containerd.io={{ containerd_io_version }}
+
+# service names
+docker_service_name: docker
+
+# vim: set ts=2 sw=2 expandtab:

diff --git a/vars/kubernetes.yaml b/vars/kubernetes.yaml
index e30fb82a5d2a22eddcbd9fa5f3377a04b345139a..0da0d1b78895e8cb2e35bb7c858dfe9a1640df5b 100644 (file)
--- a/vars/kubernetes.yaml
+++ b/vars/kubernetes.yaml
@@ -26,16 +26,19 @@ provisioners:
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/bifrost
     version: "{{ lookup('env', 'NORDIX_BIFROST_VERSION') | default('poc', true) }}"
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/bifrost
     version: "{{ lookup('env', 'NORDIX_BIFROST_VERSION') | default('poc', true) }}"

+    refspec: "{{ lookup('env', 'NORDIX_BIFROST_REFSPEC') | default(omit) }}"

   heat:
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/heat
     version: "{{ lookup('env', 'NORDIX_HEAT_VERSION') | default('poc', true) }}"
   heat:
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/heat
     version: "{{ lookup('env', 'NORDIX_HEAT_VERSION') | default('poc', true) }}"

+    refspec: "{{ lookup('env', 'NORDIX_HEAT_REFSPEC') | default(omit) }}"

 
 installers:
   kubespray:
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/kubespray
     version: "{{ lookup('env', 'NORDIX_KUBESPRAY_VERSION') | default('poc', true) }}"
 
 installers:
   kubespray:
     scm: git
     src: ssh://localhost:47821/home/fdegir/repos/poc-nordix/kubespray
     version: "{{ lookup('env', 'NORDIX_KUBESPRAY_VERSION') | default('poc', true) }}"

+    refspec: "{{ lookup('env', 'NORDIX_KUBESPRAY_REFSPEC') | default(omit) }}"

 
 # NOTE (fdegir): this is only the list of scenarios implemented within
 # installer repository and does not list what apps are for curated for
 
 # NOTE (fdegir): this is only the list of scenarios implemented within
 # installer repository and does not list what apps are for curated for


@@ -53,4 +56,54 @@ scenarios:
   - k8-multus-plugins
   - k8-weave-nofeature
 
   - k8-multus-plugins
   - k8-weave-nofeature
 

+# -------------------------------------------------------------------------------
+# Kubernetes: Kubernetes and kubectl versions
+# -------------------------------------------------------------------------------
+# Kubernetes version that is supported by the pinned kubespray version
+kubernetes_version: "v1.17.0"
+# version of the kubectl should generally match to the version of kubernetes itself
+# but it would be good to have possibility to override it in case if someone needs it for some reason
+kubectl_version: "{{ kubernetes_version }}"
+
+# -------------------------------------------------------------------------------
+# Kubernetes: Versions of rook, ceph and their dependencies
+# -------------------------------------------------------------------------------
+rook_version: "v1.1.2"
+ceph_version: "v14.2.4-20190917"
+cephcsi_version: "v1.2.1"
+csi_node_driver_registrar_version: "v1.1.0"
+csi_attacher_version: "v1.2.0"
+csi_provisioner_version: "v1.3.0"
+csi_snapshotter_version: "v1.2.0"
+
+# -------------------------------------------------------------------------------
+# Kubernetes: Versions of prometheus and its dependencies
+# -------------------------------------------------------------------------------
+# TODO (fdegir): prometheus version of what? helm chart?
+prometheus_version: "1.3.1"
+prom_alertmanager_version: "v0.20.0"
+prom_node_exporter_version: "v0.18.1"
+prom_prometheus_version: "v2.16.0"
+prom_push_gateway_version: "v1.0.1"
+
+# -------------------------------------------------------------------------------
+# Kubernetes: Versions of spinnaker and its dependencies
+# -------------------------------------------------------------------------------
+# Helm chart and docker version
+spinnaker_version: "1.23.2"
+spinnaker_app_version: "1.16.2"
+
+# -------------------------------------------------------------------------------
+# Kubernetes: App versions
+# -------------------------------------------------------------------------------
+helm_version: "v2.16.1"
+charts_version: "0b64349aeb537d0fd038df0e1d40ec5cf1206609"
+istio_version: "1.3.1"
+
+# -------------------------------------------------------------------------------
+# Misc: Versions of other components
+# -------------------------------------------------------------------------------
+configmap_reload_version: "v0.3.0"
+kube_state_metrics_version: "v1.9.5"
+

 # vim: set ts=2 sw=2 expandtab:
 # vim: set ts=2 sw=2 expandtab: