Merge pull request #47 from lablabs/develop

Add custom Containerd Registry
lablabs · Feb 28, 2022 · ff1247d · ff1247d
2 parents 75302c9 + d417bad
commit ff1247d
Show file tree

Hide file tree

Showing 9 changed files with 40 additions and 29 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -18,7 +18,7 @@ jobs:
       max-parallel: 1
       matrix:
         config:
-          - image: "centos8"
+          - image: "rockylinux8"
             tag: "latest"
           - image: "ubuntu2004"
             tag: "latest"

diff --git a/README.md b/README.md
@@ -24,7 +24,7 @@ The Role can install the RKE2 in 3 modes:
 
 ## Tested on
 
-* CentOS 8
+* Rocky Linux 8
 * Ubuntu 20.04 LTS
 
 ## Role Variables
@@ -87,12 +87,17 @@ rke2_custom_manifests:
 # Path to static pods deployed during the RKE2 installation
 rke2_static_pods:
 
-# Deploy RKE2 and set the custom containerd images registries
-rke2_custom_registry: false
+# Configure custom Containerd Registry
+rke2_custom_registry_mirrors:
+  - name:
+    endpoint: {}
 
 # Path to Container registry config file template
 rke2_custom_registry_path: templates/registries.yaml.j2
 
+# Path to RKE2 config file template
+rke2_config: templates/config.yaml.j2
+
 # Override default containerd snapshotter
 rke2_snapshooter: overlayfs
 
@@ -133,6 +138,7 @@ rke2_agents_group_name: workers
 # You could find the flags at https://docs.rke2.io/install/install_options/install_options/#configuring-linux-rke2-agent-nodes
 # rke2_agent_options:
 #   - "option: value"
+
 ```
 
 ## Inventory file example

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -53,12 +53,17 @@ rke2_custom_manifests:
 # Path to static pods deployed during the RKE2 installation
 rke2_static_pods:
 
-# Deploy RKE2 and set the custom containerd images registries
-rke2_custom_registry: false
+# Configure custom Containerd Registry
+rke2_custom_registry_mirrors:
+  - name:
+    endpoint: {}
 
 # Path to Container registry config file template
 rke2_custom_registry_path: templates/registries.yaml.j2
 
+# Path to RKE2 config file template
+rke2_config: templates/config.yaml.j2
+
 # Override default containerd snapshotter
 rke2_snapshooter: overlayfs
 

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -9,7 +9,7 @@ lint: |
   ansible-lint --exclude molecule/
 platforms:
   - name: node1
-    image: "geerlingguy/docker-${image:-centos8}-ansible:${tag:-latest}"
+    image: "geerlingguy/docker-${image:-rockylinux8}-ansible:${tag:-latest}"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:ro

diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
@@ -6,7 +6,13 @@
     - name: Install packages
       ansible.builtin.package:
         update_cache: true
-        name: "{{ item }}"
-      loop:
-        - wget
-        - curl
+        name:
+          - wget
+          - curl
+
+    - name: Install special packages for RockyLinux
+      ansible.builtin.package:
+        update_cache: true
+        name:
+          - iproute
+      when: ansible_distribution == "Rocky"
diff --git a/tasks/first_server.yml b/tasks/first_server.yml
@@ -10,7 +10,7 @@
 
 - name: Copy kubeconfig
   ansible.builtin.template:
-    src: templates/config.yaml.j2
+    src: "{{ rke2_config }}"
     dest: /etc/rancher/rke2/config.yaml
     owner: root
     group: root
@@ -23,7 +23,7 @@
     owner: root
     group: root
     mode: 0644
-  when: rke2_custom_registry | bool
+  when: rke2_custom_registry_mirrors.0.endpoint | length > 0
 
 - name: Start RKE2 service on the first server
   ansible.builtin.systemd:

diff --git a/tasks/remaining_nodes.yml b/tasks/remaining_nodes.yml
@@ -10,7 +10,7 @@
 
 - name: Copy RKE2 config
   ansible.builtin.template:
-    src: templates/config.yaml.j2
+    src: "{{ rke2_config }}"
     dest: /etc/rancher/rke2/config.yaml
     owner: root
     group: root
@@ -23,7 +23,7 @@
     owner: root
     group: root
     mode: 0644
-  when: rke2_custom_registry | bool
+  when: rke2_custom_registry_mirrors.0.endpoint | length > 0
 
 - name: Start RKE2 service on the rest of the nodes
   ansible.builtin.systemd:

diff --git a/tasks/standalone.yml b/tasks/standalone.yml
@@ -10,7 +10,7 @@
 
 - name: Copy RKE2 config
   ansible.builtin.template:
-    src: templates/config.yaml.j2
+    src: "{{ rke2_config }}"
     dest: /etc/rancher/rke2/config.yaml
     owner: root
     group: root
@@ -23,7 +23,7 @@
     owner: root
     group: root
     mode: 0644
-  when: rke2_custom_registry | bool
+  when: rke2_custom_registry_mirrors.0.endpoint | length > 0
 
 - name: Start RKE2 service on the server node
   ansible.builtin.systemd:

diff --git a/templates/registries.yaml.j2 b/templates/registries.yaml.j2
@@ -1,14 +1,8 @@
 mirrors:
-  docker.io:
+{% for mirror in rke2_custom_registry_mirrors %}
+  {{ mirror.name }}:
     endpoint:
-      - "https://registry.example.com:5000"
-configs:
-  "registry.example.com:5000":
-    auth:
-      username: xxxxxx # this is the registry username
-      password: xxxxxx # this is the registry password
-    tls:
-      cert_file:            # path to the cert file used to authenticate to the registry
-      key_file:             # path to the key file for the certificate used to authenticate to the registry
-      ca_file:              # path to the ca file used to verify the registry's certificate
-      insecure_skip_verify: # may be set to true to skip verifying the registry's certificate
+{% for endpoint in mirror.endpoint %}
+      - "{{ endpoint }}"
+{% endfor %}
+{% endfor %}