gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix:TSG-16157:Using separated helm-controller function and bump k3s to v1.29.2 and bump cni to v1.4.0.

Browse Source
This commit is contained in:
fumingwei
2024-02-27 11:11:40 +08:00
parent 1b7b4d0c60
commit c856e76878
3 changed files with 220 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
ansible/roles/k3s-install/files/cni-plugins-linux-amd64.tgz
View File

Binary file not shown.

205
ansible/roles/k3s-install/files/deploy-helm-controller.yaml Normal file
View File

@@ -0,0 +1,205 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: helmcharts.helm.cattle.io
spec:
group: helm.cattle.io
names:
kind: HelmChart
plural: helmcharts
singular: helmchart
preserveUnknownFields: false
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.jobName
name: Job
type: string
- jsonPath: .spec.chart
name: Chart
type: string
- jsonPath: .spec.targetNamespace
name: TargetNamespace
type: string
- jsonPath: .spec.version
name: Version
type: string
- jsonPath: .spec.repo
name: Repo
type: string
- jsonPath: .spec.helmVersion
name: HelmVersion
type: string
- jsonPath: .spec.bootstrap
name: Bootstrap
type: string
name: v1
schema:
openAPIV3Schema:
properties:
spec:
properties:
authPassCredentials:
type: boolean
authSecret:
nullable: true
properties:
name:
nullable: true
type: string
type: object
backOffLimit:
nullable: true
type: integer
bootstrap:
type: boolean
chart:
nullable: true
type: string
chartContent:
nullable: true
type: string
createNamespace:
type: boolean
dockerRegistrySecret:
nullable: true
properties:
name:
nullable: true
type: string
type: object
failurePolicy:
nullable: true
type: string
helmVersion:
nullable: true
type: string
jobImage:
nullable: true
type: string
repo:
nullable: true
type: string
repoCA:
nullable: true
type: string
repoCAConfigMap:
nullable: true
properties:
name:
nullable: true
type: string
type: object
set:
additionalProperties:
x-kubernetes-int-or-string: true
nullable: true
type: object
targetNamespace:
nullable: true
type: string
timeout:
nullable: true
type: string
valuesContent:
nullable: true
type: string
version:
nullable: true
type: string
type: object
status:
properties:
jobName:
nullable: true
type: string
type: object
type: object
served: true
storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: helmchartconfigs.helm.cattle.io
spec:
group: helm.cattle.io
names:
kind: HelmChartConfig
plural: helmchartconfigs
singular: helmchartconfig
preserveUnknownFields: false
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
properties:
spec:
properties:
failurePolicy:
nullable: true
type: string
valuesContent:
nullable: true
type: string
type: object
type: object
served: true
storage: true
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: helm-controller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: helm-controller
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
- nonResourceURLs: ["*"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: helm-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: helm-controller
subjects:
- kind: ServiceAccount
name: helm-controller
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: helm-controller
name: helm-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: helm-controller
template:
metadata:
labels:
app: helm-controller
spec:
serviceAccountName: helm-controller
containers:
- command:
- helm-controller
image: rancher/helm-controller:v0.15.8-amd64
name: helm-controller
---

18
ansible/roles/k3s-install/tasks/main.yml
View File

@@ -6,7 +6,7 @@
- name: "get k3s to dest"
get_url:
url: https://repo.geedge.net/filerepo/install/release/os-build-files/k3s/v1.28.4/k3s
url: https://repo.geedge.net/filerepo/install/release/os-build-files/k3s/v1.29.2/k3s
dest: /usr/bin/k3s
url_username: "{{ lookup('env', 'PULP_REPO_USERNAME') }}"
url_password: "{{ lookup('env', 'PULP_REPO_PASSWORD') }}"
@@ -26,13 +26,13 @@
- name: "get k3s-airgap-images-amd64.tar to dest"
get_url:
url: https://repo.geedge.net/filerepo/install/release/os-build-files/k3s/v1.28.4/k3s-airgap-images-amd64.tar
url: https://repo.geedge.net/filerepo/install/release/os-build-files/k3s/v1.29.2/k3s-airgap-images-amd64.tar
dest: /var/lib/rancher/k3s/agent/images/k3s-airgap-images-amd64.tar
url_username: "{{ lookup('env', 'PULP_REPO_USERNAME') }}"
url_password: "{{ lookup('env', 'PULP_REPO_PASSWORD') }}"
- name: "execute k3s install"
shell: curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_DOWNLOAD=true INSTALL_K3S_SKIP_ENABLE=true INSTALL_K3S_BIN_DIR=/usr/bin INSTALL_K3S_SYSTEMD_DIR=/usr/lib/systemd/system sh -s - --flannel-backend=none --node-name=localhost
shell: curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_DOWNLOAD=true INSTALL_K3S_SKIP_ENABLE=true INSTALL_K3S_BIN_DIR=/usr/bin INSTALL_K3S_SYSTEMD_DIR=/usr/lib/systemd/system sh -s - --flannel-backend=none --node-name=localhost --disable-helm-controller
- name: "enable k3s"
systemd:
@@ -154,3 +154,15 @@
src: "{{ role_path }}/files/k3s-reset.sh"
dest: /usr/bin/
mode: 0755
- name: "download helm-controller images tar"
get_url:
url: https://repo.geedge.net/filerepo/install/release/os-build-files/k3s/v1.29.2/k3s-helm-controller-amd64.tar
dest: /var/lib/rancher/k3s/agent/images/k3s-helm-controller-amd64.tar
url_username: "{{ lookup('env', 'PULP_REPO_USERNAME') }}"
url_password: "{{ lookup('env', 'PULP_REPO_PASSWORD') }}"
- name: "install deploy helm-controller mainfest file to dest"
copy:
src: "{{ role_path }}/files/deploy-helm-controller.yaml"
dest: /var/lib/rancher/k3s/server/manifests/