Use CentOS 8 in k8s 1.17 example

Now that we support CentOS 8 we update the k8s 1.17 example to deploy the nodes as CentOS 8 systems and use the CentOS 8 containers.
embercsi · Apr 17, 2020 · ff309e2 · ff309e2
1 parent 90893c7
commit ff309e2
Show file tree

Hide file tree

Showing 10 changed files with 835 additions and 52 deletions.
diff --git a/examples/k8s_v1.17-CSI_v1.1/README.md b/examples/k8s_v1.17-CSI_v1.1/README.md
@@ -1,6 +1,6 @@
 # Kubernetes example
 
-This is a demo for Ember-CSI as a CSI v1.1 plugin, deployed in Kubernetes 1.17, to showcase all its functionality: volume creation, cloning, and deletion, creating snapshots and volumes from them, extending volumes, topology, liveness probes, etc.
+This is a demo for Ember-CSI as a CSI v1.1 plugin, deployed in Kubernetes 1.17, running on CentOS 8, to showcase all its functionality: volume creation, cloning, and deletion, creating snapshots and volumes from them, extending volumes, topology, liveness probes, etc.
 
 It deploys a scenario where we have segregated an infra node from the 2 workload nodes, and the 2 CSI plugins are deployed on the infra node.
 
@@ -59,9 +59,9 @@ $ ./up.sh virtualbox
 Bringing machine 'master' up with 'virtualbox' provider...
 Bringing machine 'node0' up with 'virtualbox' provider...
 Bringing machine 'node1' up with 'virtualbox' provider...
-==> master: Checking if box 'centos/7' is up to date...
-==> node1: Checking if box 'centos/7' is up to date...
-==> node0: Checking if box 'centos/7' is up to date...
+==> master: Checking if box 'centos/8' is up to date...
+==> node1: Checking if box 'centos/8' is up to date...
+==> node0: Checking if box 'centos/8' is up to date...
 
 [ . . . ]
 
@@ -78,9 +78,9 @@ $ ./up.sh
 Bringing machine 'master' up with 'libvirt' provider...
 Bringing machine 'node0' up with 'libvirt' provider...
 Bringing machine 'node1' up with 'libvirt' provider...
-==> master: Checking if box 'centos/7' is up to date...
-==> node1: Checking if box 'centos/7' is up to date...
-==> node0: Checking if box 'centos/7' is up to date...
+==> master: Checking if box 'centos/8' is up to date...
+==> node1: Checking if box 'centos/8' is up to date...
+==> node0: Checking if box 'centos/8' is up to date...
 
 [ . . . ]
 
@@ -102,9 +102,9 @@ $ ./up.sh
 Bringing machine 'master' up with 'libvirt' provider...
 Bringing machine 'node0' up with 'libvirt' provider...
 Bringing machine 'node1' up with 'libvirt' provider...
-==> master: Checking if box 'centos/7' is up to date...
-==> node1: Checking if box 'centos/7' is up to date...
-==> node0: Checking if box 'centos/7' is up to date...
+==> master: Checking if box 'centos/8' is up to date...
+==> node1: Checking if box 'centos/8' is up to date...
+==> node0: Checking if box 'centos/8' is up to date...
 
 [ . . . ]
 

diff --git a/examples/k8s_v1.17-CSI_v1.1/Vagrantfile.libvirt b/examples/k8s_v1.17-CSI_v1.1/Vagrantfile.libvirt
@@ -7,7 +7,7 @@ CPUS = 2
 
 Vagrant.configure("2") do |config|
     config.ssh.insert_key = false
-    config.vm.box = "centos/7"
+    config.vm.box = "centos/8"
 
     # Override
     config.vm.provider :libvirt do |v,override|

diff --git a/examples/k8s_v1.17-CSI_v1.1/global_vars.yml b/examples/k8s_v1.17-CSI_v1.1/global_vars.yml
@@ -1,6 +1,6 @@
 ---
 kubernetes_token: abcdef.1234567890abcdef
-ember_image: embercsi/ember-csi:master
+ember_image: embercsi/ember-csi:master8
 ember_insecure_registry: 192.168.1.11:5000
 ember_lvm_config: '{"target_protocol":"iscsi","target_ip_address":"192.168.10.90","name":"lvm","driver":"LVMVolume","volume_group":"ember-volumes","target_helper":"lioadm","multipath":false}'
 ember_rbd_config: '{"name":"ceph","driver":"RBD","rbd_user":"admin","rbd_pool":"rbd","rbd_ceph_conf":"/etc/ceph/ceph.conf","rbd_keyring_conf":"/etc/ceph/ceph.client.admin.keyring"}'

diff --git a/examples/k8s_v1.17-CSI_v1.1/kubeyml/lvm/01-controller.yml b/examples/k8s_v1.17-CSI_v1.1/kubeyml/lvm/01-controller.yml
@@ -136,7 +136,7 @@ spec:
         - mountPath: /csi-data
           name: socket-dir
       - name: external-snapshotter
-        image: quay.io/k8scsi/csi-snapshotter:v2.0.1
+        image: quay.io/k8scsi/csi-snapshotter:v2.1.0
         args:
         - --v=5
         - --csi-address=/csi-data/csi.sock

diff --git a/examples/k8s_v1.17-CSI_v1.1/kubeyml/rbd/01-controller.yml b/examples/k8s_v1.17-CSI_v1.1/kubeyml/rbd/01-controller.yml
@@ -134,7 +134,7 @@ spec:
         - mountPath: /csi-data
           name: socket-dir
       - name: external-snapshotter
-        image: quay.io/k8scsi/csi-snapshotter:v2.0.1
+        image: quay.io/k8scsi/csi-snapshotter:v2.1.0
         args:
         - --v=5
         - --csi-address=/csi-data/csi.sock

diff --git a/examples/k8s_v1.17-CSI_v1.1/roles/common/files/k8s.conf b/examples/k8s_v1.17-CSI_v1.1/roles/common/files/k8s.conf
diff --git a/examples/k8s_v1.17-CSI_v1.1/roles/common/tasks/main.yml b/examples/k8s_v1.17-CSI_v1.1/roles/common/tasks/main.yml
@@ -14,9 +14,6 @@
 - name: disable of selinux - now
   command: setenforce 0
 
-- name: Ensure net.bridge.bridge-nf-call-iptables is set. See kubeadm
-  copy: src=k8s.conf owner=root group=root dest=/etc/sysctl.d/k8s.conf
-
 - name: Run sysctl
   command: sysctl --system
 
@@ -31,17 +28,23 @@
 # Pin kubernetes related packages to ensure we don't break every other day
 - name: install utility programs
   yum:
-    name: ['wget', 'ntp', 'screen', 'epel-release', 'vim', 'iptables', 'iptables-utils', 'iptables-services', 'ncurses-term', 'docker', 'kubelet-1.17.4', 'kubeadm-1.17.4', 'kubectl-1.17.4']
+    name: ['wget', 'lvm2', 'chrony', 'epel-release', 'vim', 'ncurses-term', 'kubelet-1.17.4', 'kubeadm-1.17.4', 'kubectl-1.17.4']
     state: present
     disable_gpg_check: yes
 
-# Workaround for bugs:
-#  - https://github.com/kubernetes/kubernetes/issues/56850
-#  - https://github.com/kubernetes/kubernetes/issues/63804
-- lineinfile:
-    path: /etc/sysconfig/kubelet
-    regexp: '^KUBELET_EXTRA_ARGS='
-    line: 'KUBELET_EXTRA_ARGS=--runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice'
+- name: Add docker repo
+  command: curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
+
+- name: Install docker-ce
+  shell: dnf -y install docker-ce --nobest
+
+# Unlike the docker package, docker-ce doesn't create the directory until it
+# starts
+- file:
+    path: /etc/docker
+    state: directory
+    owner: root
+    group: root
 
 # Note(geguileo): If we want to use our own registry for developtment we just
 # need to edit the roles/common/files/daemon.json with the IP of our registry.
@@ -58,7 +61,7 @@
   service: name={{ item }} state=started enabled=yes
   with_items:
     - docker
-    - ntpd
+    - chronyd
     - kubelet
 
 - name: turn off swap
@@ -70,12 +73,6 @@
     state: absent
     regexp: "swap"
 
-- name: iptables open ports
-  command: iptables -A INPUT -p tcp -m state --state NEW -m multiport --dports 9000:9200 -j ACCEPT
-
-- name: save iptables
-  command: service iptables save
-
 # Accept loop devices for the LVM ember-volumes VG and reject anything else
 - name: Disable new LVM volumes
   lineinfile: