Update Kubernetes version and try to get CI passing

README.md

@@ -6,7 +6,7 @@ An Ansible Role that installs [Kubernetes](https://kubernetes.io) on Linux.
 
 ## Requirements
 
-Requires Docker or another [Container Runtime](https://kubernetes.io/docs/setup/production-environment/container-runtimes) ; recommended role for Docker installation: `geerlingguy.docker`.
+Requires a compatible [Container Runtime](https://kubernetes.io/docs/setup/production-environment/container-runtimes); recommended role for CRI installation: `geerlingguy.containerd`.
 
 ## Role Variables
 
@@ -27,17 +27,17 @@ kubernetes_packages:
 Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc.
 
 ```yaml
-kubernetes_version: '1.20'
-kubernetes_version_rhel_package: '1.20.4'
+kubernetes_version: '1.25'
+kubernetes_version_rhel_package: '1.25.1'
 ```
 
 The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers.
 
 ```yaml
-kubernetes_role: master
+kubernetes_role: control_plane
 ```
 
-Whether the particular server will serve as a Kubernetes `master` (default) or `node`. The master will have `kubeadm init` run on it to intialize the entire K8s control plane, while `node`s will have `kubeadm join` run on them to join them to the `master`.
+Whether the particular server will serve as a Kubernetes `control_plane` (default) or `node`. The control plane will have `kubeadm init` run on it to intialize the entire K8s control plane, while `node`s will have `kubeadm join` run on them to join them to the `control_plane`.
 
 ### Variables to configure kubeadm and kubelet with `kubeadm init` through a config file (recommended)
 
@@ -49,7 +49,7 @@ kubernetes_kubeadm_kubelet_config_file_path: '/etc/kubernetes/kubeadm-kubelet-co
 
 Path for `<FILE>`. If the directory does not exist, this role will create it.
 
-The following variables are parsed as options to <FILE>. To understand its syntax, see https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/kubelet-integration and https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/#config-file . The skeleton (`apiVersion`, `kind`) of the config file will be created by this role, so do not define them within the variables. (See `templates/kubeadm-kubelet-config.j2`).
+The following variables are parsed as options to <FILE>. To understand its syntax, see [kubelet-integration](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/kubelet-integration) and [kubeadm-config-file](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/#config-file) . The skeleton (`apiVersion`, `kind`) of the config file will be created by this role, so do not define them within the variables. (See `templates/kubeadm-kubelet-config.j2`).
 
 ```yaml
 kubernetes_config_init_configuration:
@@ -70,14 +70,14 @@ Options under `kind: ClusterConfiguration`. Including `kubernetes_pod_network.ci
 
 ```yaml
 kubernetes_config_kubelet_configuration:
-  cgroupDriver: cgroupfs
+  cgroupDriver: systemd
 ```
 
-Options to configure kubelet on any nodes in your cluster through the `kubeadm init` process. To get the syntax of this options see https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file and https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/kubelet-integration.
+Options to configure kubelet on any nodes in your cluster through the `kubeadm init` process. For syntax options read the [kubelet config file](https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file) and [kubelet integration](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/kubelet-integration) documentation.
 
 NOTE: This is the recommended way to do the kubelet-configuration. Most command-line-options are deprecated.
 
-NOTE: The recommended cgroupDriver depends on your [Container Runtime](https://kubernetes.io/docs/setup/production-environment/container-runtimes). When using this role with containerd instead of docker, this value should be changed to `systemd`.
+NOTE: The recommended cgroupDriver depends on your [Container Runtime](https://kubernetes.io/docs/setup/production-environment/container-runtimes). When using this role with Docker instead of containerd, this value should be changed to `cgroupfs`.
 
 ```yaml
 kubernetes_config_kube_proxy_configuration: {}
@@ -92,7 +92,7 @@ kubernetes_kubelet_extra_args: ""
 kubernetes_kubelet_extra_args_config_file: /etc/default/kubelet
 ```
 
-Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start up even if there is swap is enabled on your server, set this to: `"--fail-swap-on=false"`. Or to specify the node-ip advertised by `kubelet`, set this to `"--node-ip={{ ansible_host }}"`. *This is deprecated. Please use `kubernetes_config_kubelet_configuration` instead.*
+Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start up even if there is swap is enabled on your server, set this to: `"--fail-swap-on=false"`. Or to specify the node-ip advertised by `kubelet`, set this to `"--node-ip={{ ansible_host }}"`. **This option is deprecated. Please use `kubernetes_config_kubelet_configuration` instead.**
 
 ```yaml
 kubernetes_kubeadm_init_extra_opts: ""
@@ -109,10 +109,10 @@ Extra args to pass to the generated `kubeadm join` command during K8s node initi
 ### Additional variables
 
 ```yaml
-kubernetes_allow_pods_on_master: true
+kubernetes_allow_pods_on_control_plane: true
 ```
 
-Whether to remove the taint that denies pods from being deployed to the Kubernetes master. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes master which doesn't run any other pods.
+Whether to remove the taint that denies pods from being deployed to the Kubernetes control plane. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes control plane which doesn't run any other pods.
 
 ```yaml
 kubernetes_pod_network:
@@ -137,7 +137,7 @@ kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}'`
 kubernetes_ignore_preflight_errors: 'all'
 ```
 
-Options passed to `kubeadm init` when initializing the Kubernetes master. The `kubernetes_apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty.
+Options passed to `kubeadm init` when initializing the Kubernetes control plane. The `kubernetes_apiserver_advertise_address` defaults to `ansible_default_ipv4.address` if it's left empty.
 
 ```yaml
 kubernetes_apt_release_channel: main
@@ -177,25 +177,25 @@ None.
 
 ## Example Playbooks
 
-### Single node (master-only) cluster
+### Single node (control-plane-only) cluster
 
 ```yaml
 - hosts: all
 
   vars:
-    kubernetes_allow_pods_on_master: true
+    kubernetes_allow_pods_on_control_plane: true
 
   roles:
     - geerlingguy.docker
     - geerlingguy.kubernetes
 ```
 
-### Two or more nodes (single master) cluster
+### Two or more nodes (single control-plane) cluster
 
-Master inventory vars:
+Control plane inventory vars:
 
 ```yaml
-kubernetes_role: "master"
+kubernetes_role: "control_plane"
 ```
 
 Node(s) inventory vars:
@@ -210,14 +210,14 @@ Playbook:
 - hosts: all
 
   vars:
-    kubernetes_allow_pods_on_master: true
+    kubernetes_allow_pods_on_control_plane: true
 
   roles:
     - geerlingguy.docker
     - geerlingguy.kubernetes
 ```
 
-Then, log into the Kubernetes master, and run `kubectl get nodes` as root, and you should see a list of all the servers.
+Then, log into the Kubernetes control plane, and run `kubectl get nodes` as root, and you should see a list of all the servers.
 
 ## License
 

defaults/main.yml

@@ -9,17 +9,17 @@ kubernetes_packages:
   - name: kubernetes-cni
     state: present
 
-kubernetes_version: '1.20'
-kubernetes_version_rhel_package: '1.20.4'
+kubernetes_version: '1.25'
+kubernetes_version_rhel_package: '1.25.1'
 
-kubernetes_role: master
+kubernetes_role: control_plane
 
 # This is deprecated. Please use kubernetes_config_kubelet_configuration instead.
 kubernetes_kubelet_extra_args: ""
 
 kubernetes_kubeadm_init_extra_opts: ""
 kubernetes_join_command_extra_opts: ""
-kubernetes_allow_pods_on_master: true
+kubernetes_allow_pods_on_control_plane: true
 kubernetes_pod_network:
   # Flannel CNI.
   cni: 'flannel'
@@ -30,7 +30,7 @@ kubernetes_pod_network:
 
 kubernetes_kubeadm_kubelet_config_file_path: '/etc/kubernetes/kubeadm-kubelet-config.yaml'
 kubernetes_config_kubelet_configuration:
-  cgroupDriver: "cgroupfs"
+  cgroupDriver: "systemd"
 
 kubernetes_config_init_configuration:
   localAPIEndpoint:

meta/main.yml

@@ -7,12 +7,13 @@ galaxy_info:
   description: Kubernetes for Linux.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.4
+  min_ansible_version: 2.10
   platforms:
     - name: EL
       versions:
         - 7
         - 8
+        - 9
     - name: Debian
       versions:
         - stretch
@@ -23,6 +24,7 @@ galaxy_info:
         - xenial
         - bionic
         - focal
+        - jammy
   galaxy_tags:
     - system
     - containers

molecule/default/calico.yml

@@ -8,9 +8,13 @@
       cni: 'calico'
       cidr: '192.168.0.0/16'
 
-    # Allow swap in test environments (hard to control in some Docker envs).
-    kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs"
-    docker_install_compose: false
+    # Allow swap in test environments (hard to control in some envs).
+    kubernetes_config_kubelet_configuration:
+      cgroupDriver: "systemd"
+      failSwapOn: false
+      cgroupsPerQOS: true
+      enforceNodeAllocatable: ['pods']
+    containerd_config_cgroup_driver_systemd: true
 
   pre_tasks:
     - name: Update apt cache.
@@ -29,7 +33,7 @@
       action: setup
 
   roles:
-    - role: geerlingguy.docker
+    - role: geerlingguy.containerd
     - role: geerlingguy.kubernetes
 
   post_tasks:

molecule/default/converge.yml

@@ -4,9 +4,13 @@
   become: true
 
   vars:
-    # Allow swap in test environments (hard to control in some Docker envs).
-    kubernetes_kubelet_extra_args: "--fail-swap-on=false --cgroup-driver=cgroupfs"
-    docker_install_compose: false
+    # Allow swap in test environments (hard to control in some envs).
+    kubernetes_config_kubelet_configuration:
+      cgroupDriver: "systemd"
+      failSwapOn: false
+      cgroupsPerQOS: true
+      enforceNodeAllocatable: ['pods']
+    containerd_config_cgroup_driver_systemd: true
 
   pre_tasks:
     - name: Update apt cache.
@@ -25,7 +29,7 @@
       action: setup
 
   roles:
-    - role: geerlingguy.docker
+    - role: geerlingguy.containerd
     - role: geerlingguy.kubernetes
 
   post_tasks:

molecule/default/molecule.yml

@@ -9,8 +9,9 @@ platforms:
     image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
-      - /var/lib/docker
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+      - /var/lib/containerd
+    cgroupns_mode: host
     privileged: true
     pre_build_image: true
 provisioner:

molecule/default/requirements.yml

@@ -1,2 +1,2 @@
 ---
-- src: geerlingguy.docker
+- src: geerlingguy.containerd

tasks/master-setup.yml → tasks/control-plane-setup.yml

@@ -9,23 +9,38 @@
     src: "kubeadm-kubelet-config.j2"
     dest: "{{ kubernetes_kubeadm_kubelet_config_file_path }}"
 
-- name: Initialize Kubernetes master with kubeadm init
+- name: Initialize Kubernetes control plane with kubeadm init
   command: >
     kubeadm init
     --config {{ kubernetes_kubeadm_kubelet_config_file_path }}
     {{ kubernetes_kubeadm_init_extra_opts }}
   register: kubeadmin_init
   when: (not kubernetes_init_stat.stat.exists) and (kubernetes_ignore_preflight_errors is not defined)
 
-- name: Initialize Kubernetes master with kubeadm init and ignore_preflight_errors
+- name: Initialize Kubernetes control plane with kubeadm init and ignore_preflight_errors
   command: >
     kubeadm init
     --config {{ kubernetes_kubeadm_kubelet_config_file_path }}
     --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
     {{ kubernetes_kubeadm_init_extra_opts }}
   register: kubeadmin_init
+  failed_when: false  # TODO REMOVE
   when: (not kubernetes_init_stat.stat.exists) and (kubernetes_ignore_preflight_errors is defined)
 
+# TODO REMOVE
+- name: Print kubeadm init output
+  debug: var=kubeadmin_init
+
+# TODO REMOVE
+- name: Get kubelet status
+  command: journalctl --no-pager -xeu kubelet
+  register: journalctl
+  changed_when: false
+
+# TODO REMOVE
+- name: Print kubelet status
+  debug: var=journalctl
+
 - name: Print the init output to screen.
   debug:
     var: kubeadmin_init.stdout
@@ -73,8 +88,8 @@
 
 # TODO: Check if taint exists with something like `kubectl describe nodes`
 # instead of using kubernetes_init_stat.stat.exists check.
-- name: Allow pods on master node (if configured).
-  command: "kubectl taint nodes --all node-role.kubernetes.io/master-"
+- name: Allow pods on control plane (if configured).
+  command: "kubectl taint nodes --all node-role.kubernetes.io/control-plane-"
   when:
-    - kubernetes_allow_pods_on_master | bool
+    - kubernetes_allow_pods_on_control_plane | bool
     - not kubernetes_init_stat.stat.exists

tasks/main.yml

@@ -34,15 +34,15 @@
     path: /etc/kubernetes/admin.conf
   register: kubernetes_init_stat
 
-# Set up master.
-- include_tasks: master-setup.yml
-  when: kubernetes_role == 'master'
+# Set up control plane.
+- include_tasks: control-plane-setup.yml
+  when: kubernetes_role == 'control_plane'
 
 # Set up nodes.
-- name: Get the kubeadm join command from the Kubernetes master.
+- name: Get the kubeadm join command from the Kubernetes control plane.
   command: kubeadm token create --print-join-command
   changed_when: false
-  when: kubernetes_role == 'master'
+  when: kubernetes_role == 'control_plane'
   register: kubernetes_join_command_result
 
 - name: Set the kubeadm join command globally.

tasks/node-setup.yml

@@ -1,5 +1,5 @@
 ---
-- name: Join node to Kubernetes master
+- name: Join node to Kubernetes control plane.
   shell: >
     {{ kubernetes_join_command }}
     creates=/etc/kubernetes/kubelet.conf

templates/kubeadm-kubelet-config.j2

@@ -1,10 +1,10 @@
 ---
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: InitConfiguration
 {{ kubernetes_config_init_configuration | to_nice_yaml }}
 ---
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
-apiVersion: kubeadm.k8s.io/v1beta2
 {{ kubernetes_config_cluster_configuration | to_nice_yaml }}
 {% if kubernetes_config_kubelet_configuration|length > 0 %}
 ---