diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md index b7f4b139..4af3bf74 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.md +++ b/.github/ISSUE_TEMPLATE/bug-report.md @@ -2,8 +2,8 @@ name: Bug Report about: Report a bug encountered while operating Kubernetes labels: kind/bug - --- + `vagrant ssh installer -- cat /vagrant/setup-kubernetes.log` diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 138938f5..c38dc5e4 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -5,6 +5,7 @@ Provide a general summary of your changes in the Title above ## Details Describe your changes in detail + + > Note: Vagrant will utilize the default configuration values defined in -[*this*](config/default.yml) file to setup the VM nodes of the cluster. Those -values can be overwritten creating a valid *pdf.yml* file in -the [config](config) folder. +> [_this_](config/default.yml) file to setup the VM nodes of the cluster. Those +> values can be overwritten creating a valid _pdf.yml_ file in +> the [config](config) folder. + ` -An additional *installer* VM will be used for provisioning the Kubernetes +An additional _installer_ VM will be used for provisioning the Kubernetes cluster. Several [environment variables](README.md#environment-variables) can be used to control the provisioning workflow. diff --git a/Makefile b/Makefile index b6368a07..5d6bb9df 100644 --- a/Makefile +++ b/Makefile @@ -28,3 +28,5 @@ fmt: shfmt -l -w -s . command -v yamlfmt > /dev/null || curl -s "https://i.jpillora.com/google/yamlfmt!!" | bash yamlfmt -dstar **/*.{yaml,yml} + command -v prettier > /dev/null || npm install prettier + npx prettier . --write diff --git a/README.md b/README.md index 93e6e46c..02baf267 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,13 @@ # Kubernetes Reference Deployment + + [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![GitHub Super-Linter](https://github.com/electrocucaracha/krd/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter) [![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop/rubocop) + + ![visitors](https://visitor-badge.laobi.icu/badge?page_id=electrocucaracha.krd) [![Scc Code Badge](https://sloc.xyz/github/electrocucaracha/krd?category=code)](https://github.com/boyter/scc/) [![Scc COCOMO Badge](https://sloc.xyz/github/electrocucaracha/krd?category=cocomo)](https://github.com/boyter/scc/) @@ -14,46 +18,46 @@ This project offers a reference for deploying a Kubernetes cluster. Its ansible playbooks allow to provision a deployment on Bare-metal or Virtual Machines. -The *POD Descriptor File (PDF)* is a YAML file which defines the setup used by +The _POD Descriptor File (PDF)_ is a YAML file which defines the setup used by KRD. The [default PDF file](config/default.yml) can be overwritten to try different scenarios. There are different setups located in the [samples folder](config/samples) which can be used. ## Linux Distros Supported -| Name | Version | -|:-----------|:-----------------:| -| Ubuntu | 18.04/20.04/22.04 | -| openSUSE | Leap | -| Fedora | 37/38/39/40 | +| Name | Version | +| :------- | :---------------: | +| Ubuntu | 18.04/20.04/22.04 | +| openSUSE | Leap | +| Fedora | 37/38/39/40 | ## Components -| Name | Description | Source | Status | -|:--------------:|:------------------------------------------------|:----------------------------------|:-----------:| -| Kubernetes | Base Kubernetes deployment | [kubespray][1] | Done | -| Virtlet | Allows to run VMs | [configure-virtlet.yml][3] | Tested | -| Kubevirt | Allows to run VMs | | Tested | -| Virtink | Allows to run VMs | | Tested | -| Multus | Provides Multiple Network support in a pod | | Tested | -| NFD | Node feature discovery | [nfd role][4] | Tested | -| Istio | Service Mesh platform | | Tested | -| PMEM | Persistent Memory CSI | [pmem role][6] | Implemented | -| QAT | QuickAssist Technology Plugin | [qat_plugin role][8] | Tested | -| SR-IOV | Single Root Input/Output Virtualization Plugin | [sriov_plugin role][9] | Implemented | -| Knative | Platform for managing serverless workloads | | Tested | -| Kong | Ingress Controller | | Tested | -| HAProxy | Ingress Controller | | Tested | -| MetalLB | Provides a network load-balancer implementation | | Tested | -| Falco | Deploys a Falco services | | Tested | -| Rook | Storage Operator | | Tested | -| OPA Gatekeeper | Policy Controller | | Tested | -| Kyverno | Kubernetes Native Policy Management | | Tested | -| Kubewarden | Kubernetes Native Policy Management | | Tested | -| kube-monkey | Netflix's Chaos Monkey for Kubernetes clusters | | Implemented | -| Nephio | Management platform to on-board NFs at scale | | Implemented | -| LocalAI | Allows to run LLMs locally | | Implemented | -| K8SGPT | Scans K8s clusters for diagnosing issues | | Implemented | +| Name | Description | Source | Status | +| :------------: | :---------------------------------------------- | :------------------------- | :---------: | +| Kubernetes | Base Kubernetes deployment | [kubespray][1] | Done | +| Virtlet | Allows to run VMs | [configure-virtlet.yml][3] | Tested | +| Kubevirt | Allows to run VMs | | Tested | +| Virtink | Allows to run VMs | | Tested | +| Multus | Provides Multiple Network support in a pod | | Tested | +| NFD | Node feature discovery | [nfd role][4] | Tested | +| Istio | Service Mesh platform | | Tested | +| PMEM | Persistent Memory CSI | [pmem role][6] | Implemented | +| QAT | QuickAssist Technology Plugin | [qat_plugin role][8] | Tested | +| SR-IOV | Single Root Input/Output Virtualization Plugin | [sriov_plugin role][9] | Implemented | +| Knative | Platform for managing serverless workloads | | Tested | +| Kong | Ingress Controller | | Tested | +| HAProxy | Ingress Controller | | Tested | +| MetalLB | Provides a network load-balancer implementation | | Tested | +| Falco | Deploys a Falco services | | Tested | +| Rook | Storage Operator | | Tested | +| OPA Gatekeeper | Policy Controller | | Tested | +| Kyverno | Kubernetes Native Policy Management | | Tested | +| Kubewarden | Kubernetes Native Policy Management | | Tested | +| kube-monkey | Netflix's Chaos Monkey for Kubernetes clusters | | Implemented | +| Nephio | Management platform to on-board NFs at scale | | Implemented | +| LocalAI | Allows to run LLMs locally | | Implemented | +| K8SGPT | Scans K8s clusters for diagnosing issues | | Implemented | ## Quick Deployment @@ -74,11 +78,13 @@ its provisioning. ## Override Default Cluster setup + Vagrant uses the [default configuration](config/default.yml) to define the Virtual Machines used by the Kubernetes cluster, this -configuration can be overwritten defining the *config/pdf.yml* file. -The **diagram** tox environment generates the *krd.png* file to +configuration can be overwritten defining the _config/pdf.yml_ file. +The **diagram** tox environment generates the _krd.png_ file to visualize the topology of the cluster. + tox -e diagram @@ -97,21 +103,21 @@ instruction: The actions which require the execution of a distributed commands were implemented through the **install_k8s_addons** KRD action. This action -uses the *KRD_ADDONS_LIST* environment variable to specify the Ansible +uses the _KRD_ADDONS_LIST_ environment variable to specify the Ansible playbook to be executed. KRD_ADDONS_LIST=virtlet ./krd_command.sh -a install_k8s_addons > Note: Some KRD AddOns have a corresponding validation script in the -[tests](tests) folder. +> [tests](tests) folder. ## Day-2 Operations The functions defined in this project covers the lifecycle of a Kubernetes cluster. In other words, its possible to add more nodes, -upgrade the existing deployment or remove the services. The following +upgrade the existing deployment or remove the services. The following instruction shows how to upgrade the existing Kubernetes cluster to -*v1.18.10* using the Kubespray version *v2.14.2*: +_v1.18.10_ using the Kubespray version _v2.14.2_: KRD_KUBE_VERSION=v1.18.10 KRD_KUBESPRAY_VERSION=v2.14.2 ./krd_command.sh -a upgrade_k8s @@ -120,7 +126,7 @@ instruction shows how to upgrade the existing Kubernetes cluster to #### Global | Name | Default | Description | -|:--------------------------------------|:-----------------------------------------------|:--------------------------------------------------------------------------------| +| :------------------------------------ | :--------------------------------------------- | :------------------------------------------------------------------------------ | | KRD_DEBUG | false | Enables verbose execution | | KRD_ANSIBLE_DEBUG | false | Enables ansible verbose execution | | PKG_DEBUG | false | Enables cURL package installer verbose execution | @@ -142,46 +148,46 @@ instruction shows how to upgrade the existing Kubernetes cluster to #### Kubespray -| Name | Default | Description | -|:-------------------------------------|:---------------|:--------------------------------------------------------------------------------| -| KRD_NETWORK_PLUGIN | flannel | Choose network plugin (calico, canal, cilium, contiv, flannel, weave) | -| KRD_FLANNEL_BACKEND_TYPE | host-gw | Type of flannel backend to use (vxlan, host-gw, udp) | -| KRD_CILIUM_TUNNEL_MODE | disabled | Encapsulation mode for communication between nodes (disabled, vxlan, geneve) | -| KRD_CILIUM_KUBE_PROXY_REPLACEMENT | probe | Specifies the type of kube-proxy replacement. | -| KRD_CILIUM_ENABLE_BPF_MASQUERADE | true | Enable/Disable native IP masquerade support in eBPF | -| KRD_CALICO_IPIP_MODE | Never | Configures Calico IP in IP encapsulation (Always, Never, CrossSubnet) | -| KRD_CALICO_VXLAN_MODE | Never | Configures Calico VXLAN encapsulation (Always, Never, CrossSubnet) | -| KRD_CALICO_NETWORK_BACKEND | bird | Configures Calico Network backend (bird, vxlan, none) | -| KRD_KUBE_PROXY_MODE | ipvs | Choose kube-proxy mode (iptables, ipvs) | -| KRD_DOWNLOAD_RUN_ONCE | true | Download images and binaries only once and then push them to the cluster nodes | -| KRD_DOWNLOAD_LOCALHOST | true | Make localhost the download delegate | -| KRD_MULTUS_ENABLED | false | Enable/Disable [Kubernetes Multus CNI][2] | -| KRD_CONTAINER_RUNTIME | containerd | Specifies the Container Runtime to be used for deploying kubernetes | -| KRD_DASHBOARD_ENABLED | false | Enable/Disable [Kubernetes Dashboard][12] | -| KRD_CERT_MANAGER_ENABLED | true | Enable/Disable [Kubernetes Cert-Manager][10] | -| KRD_INGRESS_NGINX_ENABLED | true | Enable/Disable [NGINX Ingress Controller][11] | -| KRD_KATA_CONTAINERS_ENABLED | false | Enable/Disable [Kata Containers Runtime][13] | -| KRD_CRUN_ENABLED | false | Enable/Disable [crun][18] | -| KRD_YOUKI_ENABLED | false | Enable/Disable [youki][26] | -| KRD_GVISOR_ENABLED | false | Enable/Disable [gVisor][25] | -| KRD_MANUAL_DNS_SERVER | | Set to use a custom cluster DNS | -| KRD_REGISTRY_MIRRORS_LIST | | Specifies a list of additional registry mirrors | -| KRD_INSECURE_REGISTRIES_LIST | | Specifies a list of insecure-registries (IP address or domain name) | -| KRD_LOCAL_VOLUME_PROVISIONER_ENABLED | true | Enable/Disable [Local volume provisioner][20] | -| KRD_DOCKER_VERSION | latest | Specifies the Docker version to be used for deploying Kubernetes | -| KRD_CONTAINERD_VERSION | 1.7.11 | Specifies the ContainerD version to be used for deploying Kubernetes | -| KRD_ENABLE_NODELOCALDNS | true | Enable/Disable [NodeLocal DNSCache][5] | -| KRD_NDOTS | 1 | Threshold for the number of dots which must appear in name resolution | -| KRD_RESOLVCONF_MODE | none | Specifies the DNS setup for non-k8s containers. | -| KRD_KUBE_PROXY_SCHEDULER | sh | Specifies the [IPVS scheduling algorithm][7] for allocating connections | -| KRD_METALLB_ENABLED | false | Enable/Disable [MetalLB load-balancer][22] | -| KRD_METALLB_ADDRESS_POOLS_LIST | | Specifies a lists of Layer 2 Address pools for MetalLB | -| KRD_KUBERNETES_AUDIT | false | Enable/Disable [Auditing][23] | -| KRD_KUBERNETES_AUDIT_WEBHOOK | false | Enable/Disable [Audit Webhook][23] | -| KRD_AUDIT_WEBHOOK_SERVER_URL | | Audit Webhook server URL | -| KRD_KUBELET_LOGFILES_MAX_NR | 5 | Maximum number of [container log][24] files that can be present for a container | -| KRD_KUBELET_LOGFILES_MAX_SIZE | 10Mi | Maximum size of the [container log][24] file before it is rotated | -| KRD_CONTAINER_CHECKPOINT_ENABLED | false | Enable/Disable [Containers checkpoints creation][21] | +| Name | Default | Description | +| :----------------------------------- | :--------- | :------------------------------------------------------------------------------ | +| KRD_NETWORK_PLUGIN | flannel | Choose network plugin (calico, canal, cilium, contiv, flannel, weave) | +| KRD_FLANNEL_BACKEND_TYPE | host-gw | Type of flannel backend to use (vxlan, host-gw, udp) | +| KRD_CILIUM_TUNNEL_MODE | disabled | Encapsulation mode for communication between nodes (disabled, vxlan, geneve) | +| KRD_CILIUM_KUBE_PROXY_REPLACEMENT | probe | Specifies the type of kube-proxy replacement. | +| KRD_CILIUM_ENABLE_BPF_MASQUERADE | true | Enable/Disable native IP masquerade support in eBPF | +| KRD_CALICO_IPIP_MODE | Never | Configures Calico IP in IP encapsulation (Always, Never, CrossSubnet) | +| KRD_CALICO_VXLAN_MODE | Never | Configures Calico VXLAN encapsulation (Always, Never, CrossSubnet) | +| KRD_CALICO_NETWORK_BACKEND | bird | Configures Calico Network backend (bird, vxlan, none) | +| KRD_KUBE_PROXY_MODE | ipvs | Choose kube-proxy mode (iptables, ipvs) | +| KRD_DOWNLOAD_RUN_ONCE | true | Download images and binaries only once and then push them to the cluster nodes | +| KRD_DOWNLOAD_LOCALHOST | true | Make localhost the download delegate | +| KRD_MULTUS_ENABLED | false | Enable/Disable [Kubernetes Multus CNI][2] | +| KRD_CONTAINER_RUNTIME | containerd | Specifies the Container Runtime to be used for deploying kubernetes | +| KRD_DASHBOARD_ENABLED | false | Enable/Disable [Kubernetes Dashboard][12] | +| KRD_CERT_MANAGER_ENABLED | true | Enable/Disable [Kubernetes Cert-Manager][10] | +| KRD_INGRESS_NGINX_ENABLED | true | Enable/Disable [NGINX Ingress Controller][11] | +| KRD_KATA_CONTAINERS_ENABLED | false | Enable/Disable [Kata Containers Runtime][13] | +| KRD_CRUN_ENABLED | false | Enable/Disable [crun][18] | +| KRD_YOUKI_ENABLED | false | Enable/Disable [youki][26] | +| KRD_GVISOR_ENABLED | false | Enable/Disable [gVisor][25] | +| KRD_MANUAL_DNS_SERVER | | Set to use a custom cluster DNS | +| KRD_REGISTRY_MIRRORS_LIST | | Specifies a list of additional registry mirrors | +| KRD_INSECURE_REGISTRIES_LIST | | Specifies a list of insecure-registries (IP address or domain name) | +| KRD_LOCAL_VOLUME_PROVISIONER_ENABLED | true | Enable/Disable [Local volume provisioner][20] | +| KRD_DOCKER_VERSION | latest | Specifies the Docker version to be used for deploying Kubernetes | +| KRD_CONTAINERD_VERSION | 1.7.11 | Specifies the ContainerD version to be used for deploying Kubernetes | +| KRD_ENABLE_NODELOCALDNS | true | Enable/Disable [NodeLocal DNSCache][5] | +| KRD_NDOTS | 1 | Threshold for the number of dots which must appear in name resolution | +| KRD_RESOLVCONF_MODE | none | Specifies the DNS setup for non-k8s containers. | +| KRD_KUBE_PROXY_SCHEDULER | sh | Specifies the [IPVS scheduling algorithm][7] for allocating connections | +| KRD_METALLB_ENABLED | false | Enable/Disable [MetalLB load-balancer][22] | +| KRD_METALLB_ADDRESS_POOLS_LIST | | Specifies a lists of Layer 2 Address pools for MetalLB | +| KRD_KUBERNETES_AUDIT | false | Enable/Disable [Auditing][23] | +| KRD_KUBERNETES_AUDIT_WEBHOOK | false | Enable/Disable [Audit Webhook][23] | +| KRD_AUDIT_WEBHOOK_SERVER_URL | | Audit Webhook server URL | +| KRD_KUBELET_LOGFILES_MAX_NR | 5 | Maximum number of [container log][24] files that can be present for a container | +| KRD_KUBELET_LOGFILES_MAX_SIZE | 10Mi | Maximum size of the [container log][24] file before it is rotated | +| KRD_CONTAINER_CHECKPOINT_ENABLED | false | Enable/Disable [Containers checkpoints creation][21] | ## Contribution diff --git a/ci/update_versions.sh b/ci/update_versions.sh index 56673c0b..59555b9b 100755 --- a/ci/update_versions.sh +++ b/ci/update_versions.sh @@ -228,7 +228,7 @@ sed -i "s/version: .*/version: v$(get_version github_release k8sgpt-ai/k8sgpt)/g # Update GitHub Action commit hashes gh_actions=$(grep -r "uses: [a-zA-Z\-]*/[\_a-z\-]*@" .github/ | sed 's/@.*//' | awk -F ': ' '{ print $3 }' | sort -u) for action in $gh_actions; do - commit_hash=$(git ls-remote "https://github.com/$action" | grep 'refs/tags/[v]\?[0-9][0-9\.]*$' | sed 's|refs/tags/[vV]\?[\.]\?||g' | sort -u -k2 -V | tail -1 | awk '{ printf "%s # %s\n",$1,$2 }') + commit_hash=$(git ls-remote "https://github.com/$action" | grep 'refs/tags/[v]\?[0-9][0-9\.]*$' | sed 's|refs/tags/[vV]\?[\.]\?||g' | sort -u -k2 -V | tail -1 | awk '{ printf "%s # %s\n",$1,$2 }') # shellcheck disable=SC2267 grep -ElRZ "uses: $action@" .github/ | xargs -0 -l sed -i -e "s|uses: $action@.*|uses: $action@$commit_hash|g" done diff --git a/config/default.yml b/config/default.yml index 78221e81..437d3beb 100644 --- a/config/default.yml +++ b/config/default.yml @@ -63,7 +63,7 @@ - "41:02.6" - "41:02.7" cpus: 16 - numa_nodes: # Total memory for NUMA nodes must be equal to RAM size + numa_nodes: # Total memory for NUMA nodes must be equal to RAM size - cpus: 0-3 memory: 8192 - cpus: 4-7 @@ -94,7 +94,7 @@ ip: "10.10.16.7" memory: 8192 pmem: - size: 8G # This value may affect the currentMemory libvirt tag + size: 8G # This value may affect the currentMemory libvirt tag slots: 4 max_size: 32G vNVDIMMs: diff --git a/playbooks/configure-addons.yml b/playbooks/configure-addons.yml index e8202b0a..8fedb891 100644 --- a/playbooks/configure-addons.yml +++ b/playbooks/configure-addons.yml @@ -135,7 +135,7 @@ ansible.builtin.file: state: directory path: /root/.docker/ - mode: '0755' + mode: "0755" - name: Configure docker client to use proxy values ansible.builtin.copy: mode: preserve diff --git a/playbooks/configure-criu.yml b/playbooks/configure-criu.yml index 71edc007..ea7da2a8 100644 --- a/playbooks/configure-criu.yml +++ b/playbooks/configure-criu.yml @@ -41,7 +41,7 @@ ansible.builtin.file: state: directory path: /root/.docker/ - mode: '0755' + mode: "0755" - name: Configure docker client to use proxy values ansible.builtin.template: mode: preserve @@ -66,5 +66,4 @@ ansible.builtin.service: name: docker state: restarted - # TODO: Disable seccomp diff --git a/playbooks/roles/criproxy/tasks/main.yml b/playbooks/roles/criproxy/tasks/main.yml index f6398945..39cae7e0 100644 --- a/playbooks/roles/criproxy/tasks/main.yml +++ b/playbooks/roles/criproxy/tasks/main.yml @@ -19,7 +19,7 @@ - ansible_os_family == "Debian" - ansible_facts.services["apparmor.service"] is defined - name: Disable SELinux in all nodes - selinux: # noqa fqcn + selinux: # noqa fqcn state: disabled when: - ansible_os_family == "RedHat" @@ -58,7 +58,7 @@ msg: Kubelet has removed its Experimental Dockershim option. See https://github.com/kubernetes/kubernetes/commit/53adde65ce000c4d90ee8f807e90658426733a5 - name: Create dockershim service ansible.builtin.copy: - mode: '0644' + mode: "0644" src: dockershim.service dest: /etc/systemd/system/dockershim.service - name: Start dockershim service @@ -75,7 +75,7 @@ timeout: 600 - name: Create CRIProxy binary folder ansible.builtin.file: - mode: '0755' + mode: "0755" state: directory path: "{{ criproxy_dest }}" - name: Check that criproxy binary exists @@ -89,7 +89,7 @@ ansible.builtin.get_url: url: "{{ criproxy_url }}" dest: "{{ criproxy_dest }}/criproxy" - mode: '0755' + mode: "0755" when: not criproxy_stat.stat.exists - name: Set criproxy execution permissions ansible.builtin.file: @@ -110,9 +110,9 @@ - name: Modify args for kubelet service become: true ansible.builtin.lineinfile: - mode: '0644' + mode: "0644" dest: /etc/kubernetes/kubelet.env - insertafter: '^--pod-infra-container-image=*' + insertafter: "^--pod-infra-container-image=*" line: |- --container-runtime=remote --container-runtime-endpoint=unix:///run/criproxy.sock \ --image-service-endpoint=unix:///run/criproxy.sock --enable-controller-attach-detach=false \ diff --git a/playbooks/roles/criu/molecule/default/prepare.yml b/playbooks/roles/criu/molecule/default/prepare.yml index ecadb5ba..0921ca19 100644 --- a/playbooks/roles/criu/molecule/default/prepare.yml +++ b/playbooks/roles/criu/molecule/default/prepare.yml @@ -17,6 +17,6 @@ - name: Add existing user ansible's user to docker's group become: true ansible.builtin.user: - name: '{{ ansible_ssh_user }}' + name: "{{ ansible_ssh_user }}" groups: docker append: true diff --git a/playbooks/roles/nfd/tasks/main.yml b/playbooks/roles/nfd/tasks/main.yml index 972f327a..21357585 100644 --- a/playbooks/roles/nfd/tasks/main.yml +++ b/playbooks/roles/nfd/tasks/main.yml @@ -10,7 +10,7 @@ - name: Create NFD k8s resources based on templates kubernetes.core.k8s: state: present - definition: "{{ lookup('template', 'nfd-{{ item }}.yaml.j2') }}" # noqa jinja[invalid] + definition: "{{ lookup('template', 'nfd-{{ item }}.yaml.j2') }}" # noqa jinja[invalid] with_items: - master - worker-daemonset diff --git a/playbooks/roles/pmem/molecule/default/prepare.yml b/playbooks/roles/pmem/molecule/default/prepare.yml index e9ed7585..479d5dd0 100644 --- a/playbooks/roles/pmem/molecule/default/prepare.yml +++ b/playbooks/roles/pmem/molecule/default/prepare.yml @@ -35,7 +35,7 @@ file: ../../../../krd-vars.yml roles: - role: andrewrothstein.kind - kind_install_dir: '{{ kind_dest }}' + kind_install_dir: "{{ kind_dest }}" - andrewrothstein.kubectl - role: geerlingguy.docker docker_install_compose: false @@ -44,11 +44,11 @@ - name: Add existing user ansible's user to docker's group become: true ansible.builtin.user: - name: '{{ ansible_ssh_user }}' + name: "{{ ansible_ssh_user }}" groups: docker append: true - name: Get k8s clusters - ansible.builtin.command: '{{ kind_dest }}/kind get clusters --quiet' + ansible.builtin.command: "{{ kind_dest }}/kind get clusters --quiet" register: kind_cluster failed_when: (kind_cluster.rc not in [0, 1]) changed_when: false @@ -59,27 +59,27 @@ block: - name: Create k8s cluster become: true - ansible.builtin.command: '{{ kind_dest }}/kind create cluster --name molecule --wait=300s --retain' + ansible.builtin.command: "{{ kind_dest }}/kind create cluster --name molecule --wait=300s --retain" when: not 'molecule' in kind_cluster.stdout changed_when: true - name: Create kubeconfig folder ansible.builtin.file: - mode: '0755' - path: '{{ ansible_env.HOME }}/.kube/' + mode: "0755" + path: "{{ ansible_env.HOME }}/.kube/" state: directory - name: Copy kubeconfig root file become: true ansible.builtin.copy: mode: preserve src: /root/.kube/config - dest: '{{ ansible_env.HOME }}/.kube/config' + dest: "{{ ansible_env.HOME }}/.kube/config" remote_src: true - owner: '{{ ansible_ssh_user }}' - group: '{{ ansible_ssh_user }}' + owner: "{{ ansible_ssh_user }}" + group: "{{ ansible_ssh_user }}" rescue: - name: Get Kind logs become: true - ansible.builtin.command: '{{ kind_dest }}/kind export logs --name molecule' + ansible.builtin.command: "{{ kind_dest }}/kind export logs --name molecule" changed_when: false - name: Label PMEM node kubernetes.core.k8s: diff --git a/playbooks/roles/pmem/tasks/bootstrap.yml b/playbooks/roles/pmem/tasks/bootstrap.yml index eb8478de..b326592d 100644 --- a/playbooks/roles/pmem/tasks/bootstrap.yml +++ b/playbooks/roles/pmem/tasks/bootstrap.yml @@ -18,6 +18,6 @@ ansible.builtin.get_url: url: https://github.com/cloudflare/cfssl/releases/download/v{{ pmem_cfssl_version }}/{{ pmem_cfssl_binary }}_{{ pmem_cfssl_version }}_linux_amd64 dest: /usr/local/bin/{{ pmem_cfssl_binary }} - mode: '0755' + mode: "0755" become: true when: not pmem_cfssl_binary_location.stat.exists diff --git a/playbooks/roles/pmem/tasks/main.yml b/playbooks/roles/pmem/tasks/main.yml index cc9ef734..c9056bca 100644 --- a/playbooks/roles/pmem/tasks/main.yml +++ b/playbooks/roles/pmem/tasks/main.yml @@ -16,7 +16,7 @@ - cfssljson - name: Ensure destination folder exists ansible.builtin.file: - mode: '0755' + mode: "0755" state: directory path: "{{ pmem_template_folder }}" - name: Copy shell scripts @@ -48,17 +48,17 @@ register: pmem_registry_secret - name: Print node and registry values ansible.builtin.debug: - var: '{{ item }}_secret' + var: "{{ item }}_secret" with_items: - node - registry - name: Create PMEM secrets become: true - ansible.builtin.shell: 'PATH=$PATH:/usr/local/bin/ {{ pmem_template_folder }}/setup-ca-kubernetes.sh' + ansible.builtin.shell: "PATH=$PATH:/usr/local/bin/ {{ pmem_template_folder }}/setup-ca-kubernetes.sh" environment: TEST_DRIVER_NAMESPACE: "{{ pmem_namespace }}" args: - chdir: '{{ pmem_template_folder }}' + chdir: "{{ pmem_template_folder }}" when: - pmem_node_secret.resources | length == 0 - pmem_registry_secret.resources | length == 0 @@ -70,7 +70,7 @@ - name: Create PMEM storage classes kubernetes.core.k8s: state: present - definition: "{{ lookup('file', 'pmem-{{ item }}.yaml') }}" # noqa jinja[invalid] + definition: "{{ lookup('file', 'pmem-{{ item }}.yaml') }}" # noqa jinja[invalid] with_items: - storageclass-ext4 - storageclass-xfs diff --git a/playbooks/roles/qat_driver/tasks/build.yml b/playbooks/roles/qat_driver/tasks/build.yml index 3abe80d9..66e9488c 100644 --- a/playbooks/roles/qat_driver/tasks/build.yml +++ b/playbooks/roles/qat_driver/tasks/build.yml @@ -9,12 +9,12 @@ ############################################################################## - name: Create qat folder ansible.builtin.file: - mode: '0755' + mode: "0755" state: directory path: "{{ qat_driver_dest }}" - name: Extract qat driver source code ansible.builtin.unarchive: - mode: '0755' + mode: "0755" src: "{{ qat_driver_url }}" dest: "{{ qat_driver_dest }}" remote_src: true diff --git a/playbooks/roles/qat_plugin/tasks/main.yml b/playbooks/roles/qat_plugin/tasks/main.yml index a4b33e30..a17b48ec 100644 --- a/playbooks/roles/qat_plugin/tasks/main.yml +++ b/playbooks/roles/qat_plugin/tasks/main.yml @@ -11,7 +11,7 @@ ansible.builtin.import_tasks: cleanup.yml - name: Ensure destination folder exists ansible.builtin.file: - mode: '0755' + mode: "0755" state: directory path: "{{ qat_plugin_tmpl_dir }}" - name: Generate QAT DPDK k8s resources based on templates diff --git a/playbooks/roles/sriov_cni/files/net-attach-def.yml b/playbooks/roles/sriov_cni/files/net-attach-def.yml index 6af369df..36e95eec 100644 --- a/playbooks/roles/sriov_cni/files/net-attach-def.yml +++ b/playbooks/roles/sriov_cni/files/net-attach-def.yml @@ -26,14 +26,15 @@ spec: storage: true schema: openAPIV3Schema: - description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one - or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + description: + "NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one + or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec" type: object properties: spec: - description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment' + description: "NetworkAttachmentDefinition spec defines the desired state of a network attachment" type: object properties: config: - description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration' + description: "NetworkAttachmentDefinition config is a JSON-formatted CNI configuration" type: string diff --git a/playbooks/roles/sriov_cni/tasks/main.yml b/playbooks/roles/sriov_cni/tasks/main.yml index e3c2805e..e09b1c8a 100644 --- a/playbooks/roles/sriov_cni/tasks/main.yml +++ b/playbooks/roles/sriov_cni/tasks/main.yml @@ -15,7 +15,7 @@ - name: Create SR-IOV k8s resources kubernetes.core.k8s: state: present - definition: "{{ lookup('template', 'sriov-{{ item }}.yaml.j2') }}" # noqa jinja[invalid] + definition: "{{ lookup('template', 'sriov-{{ item }}.yaml.j2') }}" # noqa jinja[invalid] namespace: kube-system with_items: - cni diff --git a/playbooks/roles/sriov_cni/templates/sriov-cni.yaml.j2 b/playbooks/roles/sriov_cni/templates/sriov-cni.yaml.j2 index 27df4a04..bcdd9d93 100644 --- a/playbooks/roles/sriov_cni/templates/sriov-cni.yaml.j2 +++ b/playbooks/roles/sriov_cni/templates/sriov-cni.yaml.j2 @@ -44,7 +44,7 @@ spec: memory: "50Mi" volumeMounts: - name: cnibin - mountPath: /host/opt/cni/bin + mountPath: /opt/cni/bin volumes: - name: cnibin hostPath: diff --git a/playbooks/roles/sriov_plugin/tasks/main.yml b/playbooks/roles/sriov_plugin/tasks/main.yml index 7b55c006..145c2b2c 100644 --- a/playbooks/roles/sriov_plugin/tasks/main.yml +++ b/playbooks/roles/sriov_plugin/tasks/main.yml @@ -10,7 +10,7 @@ - name: Create SR-IOV k8s resources kubernetes.core.k8s: state: present - definition: "{{ lookup('template', '{{ item }}.yaml.j2') }}" # noqa jinja[invalid] + definition: "{{ lookup('template', '{{ item }}.yaml.j2') }}" # noqa jinja[invalid] namespace: kube-system with_items: - configMap diff --git a/playbooks/roles/virtlet/README.md b/playbooks/roles/virtlet/README.md index f411b747..b712bbb9 100644 --- a/playbooks/roles/virtlet/README.md +++ b/playbooks/roles/virtlet/README.md @@ -9,13 +9,13 @@ The following figure provides a general view of Virtlet architecture: Virtlet consists of the following components: -* Virtlet manager which implements CRI interface for virtualization -and image handling. -* libvirt instance. -* vmwrapper which is responsible for setting up the environment for -emulator. -* the emulator, currently qemu with KVM support (with a possibility -to disable KVM). +- Virtlet manager which implements CRI interface for virtualization + and image handling. +- libvirt instance. +- vmwrapper which is responsible for setting up the environment for + emulator. +- the emulator, currently qemu with KVM support (with a possibility + to disable KVM). > Note: The [multus-cni fix](https://github.com/Mirantis/virtlet/commit/c1880f37149547931832c0e77d5d853b164f150e) > has not been added in this release yet. diff --git a/playbooks/roles/virtlet/tasks/main.yml b/playbooks/roles/virtlet/tasks/main.yml index 4b9929a9..e3d0d06f 100644 --- a/playbooks/roles/virtlet/tasks/main.yml +++ b/playbooks/roles/virtlet/tasks/main.yml @@ -13,7 +13,7 @@ changed_when: false - name: Create Virtlet binary folder ansible.builtin.file: - mode: '0755' + mode: "0755" state: directory path: "{{ virtlet_dest }}" - name: Generate image translations confimap file @@ -56,7 +56,7 @@ when: virtlet_kubectl_version.stdout is version('1.23', '<') changed_when: true - name: Download virtletctl - ansible.builtin.command: curl -Ls -o {{ virtlet_dest }}/virtletctl {{ virtlet_url }} # noqa command-instead-of-module + ansible.builtin.command: curl -Ls -o {{ virtlet_dest }}/virtletctl {{ virtlet_url }} # noqa command-instead-of-module changed_when: false - name: Set virtletctl execution permissions ansible.builtin.file: @@ -77,6 +77,6 @@ changed_when: false register: virtlet_daemonset until: - - '1' + - "1" retries: 6 delay: 10 diff --git a/resources/iperf.yml b/resources/iperf.yml index 91921290..bf38c2c3 100644 --- a/resources/iperf.yml +++ b/resources/iperf.yml @@ -38,7 +38,7 @@ spec: containers: - name: iperf3-server image: clearlinux/iperf - args: ['--server', '--port', '5201', '-V'] + args: ["--server", "--port", "5201", "-V"] ports: - containerPort: 5201 name: tcp5201 @@ -88,7 +88,7 @@ spec: containers: - name: iperf3-client image: clearlinux/iperf - command: ['/bin/sh', '-c', 'sleep infinity'] + command: ["/bin/sh", "-c", "sleep infinity"] --- kind: NetworkPolicy apiVersion: networking.k8s.io/v1 diff --git a/rundeck/Deploy_Kubernetes.yaml b/rundeck/Deploy_Kubernetes.yaml index 6359a4ae..3d73b5e6 100644 --- a/rundeck/Deploy_Kubernetes.yaml +++ b/rundeck/Deploy_Kubernetes.yaml @@ -14,7 +14,7 @@ commands: - configuration: ansible-base-dir-path: /opt/kubespray/ - ansible-become: 'true' + ansible-become: "true" ansible-playbook: cluster.yml nodeStep: true type: com.batix.rundeck.plugins.AnsiblePlaybookWorflowNodeStep diff --git a/tests/configure-envoy.yml b/tests/configure-envoy.yml index 558746ac..607cc1b1 100644 --- a/tests/configure-envoy.yml +++ b/tests/configure-envoy.yml @@ -18,7 +18,7 @@ block: - name: create docker config folder file: - mode: '0755' + mode: "0755" state: directory path: /root/.docker/ - name: configure docker client to use proxy values diff --git a/tests/resources/rook/cluster-test.yaml b/tests/resources/rook/cluster-test.yaml index 2f843d34..2174fb79 100644 --- a/tests/resources/rook/cluster-test.yaml +++ b/tests/resources/rook/cluster-test.yaml @@ -12,7 +12,7 @@ apiVersion: ceph.rook.io/v1 kind: CephCluster metadata: name: my-cluster - namespace: rook-ceph # namespace:cluster + namespace: rook-ceph # namespace:cluster spec: dataDirHostPath: /var/lib/rook cephVersion: @@ -63,7 +63,7 @@ apiVersion: ceph.rook.io/v1 kind: CephBlockPool metadata: name: builtin-mgr - namespace: rook-ceph # namespace:cluster + namespace: rook-ceph # namespace:cluster spec: name: .mgr replicated: diff --git a/tests/resources/rook/toolbox.yaml b/tests/resources/rook/toolbox.yaml index 4d635f9c..fd35537a 100644 --- a/tests/resources/rook/toolbox.yaml +++ b/tests/resources/rook/toolbox.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: rook-ceph-tools - namespace: rook-ceph # namespace:cluster + namespace: rook-ceph # namespace:cluster labels: app: rook-ceph-tools spec: