From d39df9135b90c2dbfb9614074892c1861011a57a Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 20 Dec 2024 13:16:50 +0100 Subject: [PATCH 1/2] Remove krew installation support Krew is fundamentally to install kubectl plugins, which are eminently a client side things. It's also not difficult to install on a client machine. --- README.md | 1 - docs/ansible/ansible.md | 1 - inventory/sample/group_vars/all/offline.yml | 2 - .../sample/group_vars/k8s_cluster/addons.yml | 2 - roles/kubernetes-apps/krew/defaults/main.yml | 5 - roles/kubernetes-apps/krew/tasks/krew.yml | 38 ------- roles/kubernetes-apps/krew/tasks/main.yml | 10 -- roles/kubernetes-apps/krew/templates/krew.j2 | 7 -- .../krew/templates/krew.yml.j2 | 100 ------------------ roles/kubernetes-apps/meta/main.yml | 6 -- .../defaults/main/checksums.yml | 40 ------- .../defaults/main/download.yml | 16 --- .../kubespray-defaults/defaults/main/main.yml | 1 - scripts/readme_versions.md.j2 | 1 - .../files/packet_ubuntu20-flannel-ha-once.yml | 1 - 15 files changed, 231 deletions(-) delete mode 100644 roles/kubernetes-apps/krew/defaults/main.yml delete mode 100644 roles/kubernetes-apps/krew/tasks/krew.yml delete mode 100644 roles/kubernetes-apps/krew/tasks/main.yml delete mode 100644 roles/kubernetes-apps/krew/templates/krew.j2 delete mode 100644 roles/kubernetes-apps/krew/templates/krew.yml.j2 diff --git a/README.md b/README.md index fdebd3d3ffe..c6609b426d3 100644 --- a/README.md +++ b/README.md @@ -118,7 +118,6 @@ Note: - [cert-manager](https://github.com/jetstack/cert-manager) v1.15.3 - [coredns](https://github.com/coredns/coredns) v1.11.3 - [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v1.12.0 - - [krew](https://github.com/kubernetes-sigs/krew) v0.4.4 - [argocd](https://argoproj.github.io/) v2.11.0 - [helm](https://helm.sh/) v3.16.4 - [metallb](https://metallb.universe.tf/) v0.13.9 diff --git a/docs/ansible/ansible.md b/docs/ansible/ansible.md index 45c39d30fff..7ba31cf7b3f 100644 --- a/docs/ansible/ansible.md +++ b/docs/ansible/ansible.md @@ -106,7 +106,6 @@ The following tags are defined in playbooks: | iptables | Flush and clear iptable when resetting | | k8s-pre-upgrade | Upgrading K8s cluster | | kata-containers | Configuring kata-containers runtime | -| krew | Install and manage krew | | kubeadm | Roles linked to kubeadm tasks | | kube-apiserver | Configuring static pod kube-apiserver | | kube-controller-manager | Configuring static pod kube-controller-manager | diff --git a/inventory/sample/group_vars/all/offline.yml b/inventory/sample/group_vars/all/offline.yml index c27aa8956e1..9c3b164391e 100644 --- a/inventory/sample/group_vars/all/offline.yml +++ b/inventory/sample/group_vars/all/offline.yml @@ -78,8 +78,6 @@ # gvisor_runsc_download_url: "{{ files_repo }}/storage.googleapis.com/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/runsc" # gvisor_containerd_shim_runsc_download_url: "{{ files_repo }}/storage.googleapis.com/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/containerd-shim-runsc-v1" -# [Optional] Krew: only if you set krew_enabled: true -# krew_download_url: "{{ files_repo }}/github.com/kubernetes-sigs/krew/releases/download/{{ krew_version }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz" ## CentOS/Redhat/AlmaLinux ### For EL8, baseos and appstream must be available, diff --git a/inventory/sample/group_vars/k8s_cluster/addons.yml b/inventory/sample/group_vars/k8s_cluster/addons.yml index b436ca08034..94505424dd8 100644 --- a/inventory/sample/group_vars/k8s_cluster/addons.yml +++ b/inventory/sample/group_vars/k8s_cluster/addons.yml @@ -255,8 +255,6 @@ argocd_enabled: false # argocd_admin_password: "password" # The plugin manager for kubectl -krew_enabled: false -krew_root_dir: "/usr/local/krew" # Kube VIP kube_vip_enabled: false diff --git a/roles/kubernetes-apps/krew/defaults/main.yml b/roles/kubernetes-apps/krew/defaults/main.yml deleted file mode 100644 index 68784271194..00000000000 --- a/roles/kubernetes-apps/krew/defaults/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -krew_enabled: false -krew_root_dir: "/usr/local/krew" -krew_default_index_uri: https://github.com/kubernetes-sigs/krew-index.git -krew_no_upgrade_check: 0 diff --git a/roles/kubernetes-apps/krew/tasks/krew.yml b/roles/kubernetes-apps/krew/tasks/krew.yml deleted file mode 100644 index 3308aef8570..00000000000 --- a/roles/kubernetes-apps/krew/tasks/krew.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Krew | Download krew - include_tasks: "../../../download/tasks/download_file.yml" - vars: - download: "{{ download_defaults | combine(downloads.krew) }}" - -- name: Krew | krew env - template: - src: krew.j2 - dest: /etc/bash_completion.d/krew - mode: "0644" - -- name: Krew | Copy krew manifest - template: - src: krew.yml.j2 - dest: "{{ local_release_dir }}/krew.yml" - mode: "0644" - -- name: Krew | Install krew # noqa command-instead-of-shell - shell: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }} install --archive={{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz --manifest={{ local_release_dir }}/krew.yml" - environment: - KREW_ROOT: "{{ krew_root_dir }}" - KREW_DEFAULT_INDEX_URI: "{{ krew_default_index_uri | default('') }}" - -- name: Krew | Get krew completion - command: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }} completion bash" - changed_when: false - register: krew_completion - check_mode: false - ignore_errors: true # noqa ignore-errors - -- name: Krew | Install krew completion - copy: - dest: /etc/bash_completion.d/krew.sh - content: "{{ krew_completion.stdout }}" - mode: "0755" - become: true - when: krew_completion.rc == 0 diff --git a/roles/kubernetes-apps/krew/tasks/main.yml b/roles/kubernetes-apps/krew/tasks/main.yml deleted file mode 100644 index 40729e88090..00000000000 --- a/roles/kubernetes-apps/krew/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Krew | install krew on kube_control_plane - import_tasks: krew.yml - -- name: Krew | install krew on localhost - import_tasks: krew.yml - delegate_to: localhost - connection: local - run_once: true - when: kubectl_localhost diff --git a/roles/kubernetes-apps/krew/templates/krew.j2 b/roles/kubernetes-apps/krew/templates/krew.j2 deleted file mode 100644 index 62a744c012f..00000000000 --- a/roles/kubernetes-apps/krew/templates/krew.j2 +++ /dev/null @@ -1,7 +0,0 @@ -# krew bash env(kubespray) -export KREW_ROOT="{{ krew_root_dir }}" -{% if krew_default_index_uri is defined %} -export KREW_DEFAULT_INDEX_URI='{{ krew_default_index_uri }}' -{% endif %} -export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH" -export KREW_NO_UPGRADE_CHECK={{ krew_no_upgrade_check }} diff --git a/roles/kubernetes-apps/krew/templates/krew.yml.j2 b/roles/kubernetes-apps/krew/templates/krew.yml.j2 deleted file mode 100644 index b0c615230a6..00000000000 --- a/roles/kubernetes-apps/krew/templates/krew.yml.j2 +++ /dev/null @@ -1,100 +0,0 @@ -apiVersion: krew.googlecontainertools.github.com/v1alpha2 -kind: Plugin -metadata: - name: krew -spec: - version: "{{ krew_version }}" - homepage: https://krew.sigs.k8s.io/ - shortDescription: Package manager for kubectl plugins. - caveats: | - krew is now installed! To start using kubectl plugins, you need to add - krew's installation directory to your PATH: - - * macOS/Linux: - - Add the following to your ~/.bashrc or ~/.zshrc: - export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH" - - Restart your shell. - - * Windows: Add %USERPROFILE%\.krew\bin to your PATH environment variable - - To list krew commands and to get help, run: - $ kubectl krew - For a full list of available plugins, run: - $ kubectl krew search - - You can find documentation at - https://krew.sigs.k8s.io/docs/user-guide/quickstart/. - - platforms: - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew - files: - - from: ./krew-darwin_amd64 - to: krew - - from: ./LICENSE - to: . - selector: - matchLabels: - os: darwin - arch: amd64 - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew - files: - - from: ./krew-darwin_arm64 - to: krew - - from: ./LICENSE - to: . - selector: - matchLabels: - os: darwin - arch: arm64 - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew - files: - - from: ./krew-linux_amd64 - to: krew - - from: ./LICENSE - to: . - selector: - matchLabels: - os: linux - arch: amd64 - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew - files: - - from: ./krew-linux_arm - to: krew - - from: ./LICENSE - to: . - selector: - matchLabels: - os: linux - arch: arm - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew - files: - - from: ./krew-linux_arm64 - to: krew - - from: ./LICENSE - to: . - selector: - matchLabels: - os: linux - arch: arm64 - - uri: {{ krew_download_url }} - sha256: {{ krew_archive_checksum }} - bin: krew.exe - files: - - from: ./krew-windows_amd64.exe - to: krew.exe - - from: ./LICENSE - to: . - selector: - matchLabels: - os: windows - arch: amd64 diff --git a/roles/kubernetes-apps/meta/main.yml b/roles/kubernetes-apps/meta/main.yml index af69da4157d..17b33d005b3 100644 --- a/roles/kubernetes-apps/meta/main.yml +++ b/roles/kubernetes-apps/meta/main.yml @@ -10,12 +10,6 @@ dependencies: tags: - helm - - role: kubernetes-apps/krew - when: - - krew_enabled - tags: - - krew - - role: kubernetes-apps/registry when: - registry_enabled diff --git a/roles/kubespray-defaults/defaults/main/checksums.yml b/roles/kubespray-defaults/defaults/main/checksums.yml index 456ed8e87f5..1799729b90f 100644 --- a/roles/kubespray-defaults/defaults/main/checksums.yml +++ b/roles/kubespray-defaults/defaults/main/checksums.yml @@ -446,46 +446,6 @@ calico_crds_archive_checksums: v3.27.2: 8154bb4aad887f2a5500b505fe203a918f72c4e602b04c688c4b94f76a26e925 v3.27.1: 76abb0db222af279e3514cfae02be9259097b565bbb2ffcb776ca00566480edb v3.27.0: 2a4b5132035dfd6ac4abc8d545f33de139350eca523e0c5cfe4ac32e43fcb2f1 -krew_archive_checksums: - darwin: - arm: - v0.4.4: 0 - v0.4.3: 0 - arm64: - v0.4.4: e6ac776140b228d6bdfda11247baf4e9b11068f42005d0975fc260c629954464 - v0.4.3: 22f29ce3c3c9c030e2eaf3939d2b00f0187dfdbbfaee37fba8ffaadc46e51372 - amd64: - v0.4.4: 5f4d2f34868a87cf1188212cf7cb598e76a32f389054089aad1fa46e6daf1e1b - v0.4.3: 6f6a774f03ad4190a709d7d4dcbb4af956ca0eb308cb0d0a44abc90777b0b21a - ppc64le: - v0.4.4: 0 - v0.4.3: 0 - linux: - arm: - v0.4.4: 4f3d550227e014f3ba7c72031108ffda0654cb755f70eb96be413a5102d23333 - v0.4.3: 68eb9e9f5bba29c7c19fb52bfc43a31300f92282a4e81f0c51ad26ed2c73eb03 - arm64: - v0.4.4: f8f0cdbf698ed3e8cb46e7bd213754701341a10e11ccb69c90d4863e0cf5a16a - v0.4.3: 0994923848882ad0d4825d5af1dc227687a10a02688f785709b03549dd34d71d - amd64: - v0.4.4: e471396b0ed4f2be092b4854cc030dfcbb12b86197972e7bef0cb89ad9c72477 - v0.4.3: 5df32eaa0e888a2566439c4ccb2ef3a3e6e89522f2f2126030171e2585585e4f - ppc64le: - v0.4.4: 0 - v0.4.3: 0 - windows: - arm: - v0.4.4: 0 - v0.4.3: 0 - arm64: - v0.4.4: 0 - v0.4.3: 0 - amd64: - v0.4.4: da0dfeb2a598f11fb9ce871ee7f3b1a69beb371a45f531ee65a71b2201511d28 - v0.4.3: d1343a366a867e9de60b23cc3d8ee935ee185af25ff8f717a5e696ba3cae7c85 - ppc64le: - v0.4.4: 0 - v0.4.3: 0 helm_archive_checksums: arm: v3.16.4: 432e774d1087d3773737888d384c62477b399227662b42cbf0c32e95e6e72556 diff --git a/roles/kubespray-defaults/defaults/main/download.yml b/roles/kubespray-defaults/defaults/main/download.yml index 1dbd756f4eb..9baee72361b 100644 --- a/roles/kubespray-defaults/defaults/main/download.yml +++ b/roles/kubespray-defaults/defaults/main/download.yml @@ -124,7 +124,6 @@ kube_router_version: "v2.0.0" multus_version: "v4.1.0" helm_version: "v3.16.4" nerdctl_version: "1.7.7" -krew_version: "v0.4.4" skopeo_version: "v1.16.1" # Get kubernetes major version (i.e. 1.17.4 => 1.17) @@ -188,7 +187,6 @@ kata_containers_download_url: "{{ github_url }}/kata-containers/kata-containers/ gvisor_runsc_download_url: "{{ storage_googleapis_url }}/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/runsc" gvisor_containerd_shim_runsc_download_url: "{{ storage_googleapis_url }}/gvisor/releases/release/{{ gvisor_version }}/{{ ansible_architecture }}/containerd-shim-runsc-v1" nerdctl_download_url: "{{ github_url }}/containerd/nerdctl/releases/download/v{{ nerdctl_version }}/nerdctl-{{ nerdctl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz" -krew_download_url: "{{ github_url }}/kubernetes-sigs/krew/releases/download/{{ krew_version }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz" containerd_download_url: "{{ github_url }}/containerd/containerd/releases/download/v{{ containerd_version }}/containerd-{{ containerd_version }}-linux-{{ image_arch }}.tar.gz" cri_dockerd_download_url: "{{ github_url }}/Mirantis/cri-dockerd/releases/download/v{{ cri_dockerd_version }}/cri-dockerd-{{ cri_dockerd_version }}.{{ image_arch }}.tgz" skopeo_download_url: "{{ github_url }}/lework/skopeo-binary/releases/download/{{ skopeo_version }}/skopeo-linux-{{ image_arch }}" @@ -214,7 +212,6 @@ kata_containers_binary_checksum: "{{ kata_containers_binary_checksums[image_arch gvisor_runsc_binary_checksum: "{{ gvisor_runsc_binary_checksums[image_arch][gvisor_version] }}" gvisor_containerd_shim_binary_checksum: "{{ gvisor_containerd_shim_binary_checksums[image_arch][gvisor_version] }}" nerdctl_archive_checksum: "{{ nerdctl_archive_checksums[image_arch][nerdctl_version] }}" -krew_archive_checksum: "{{ krew_archive_checksums[host_os][image_arch][krew_version] }}" containerd_archive_checksum: "{{ containerd_archive_checksums[image_arch][containerd_version] }}" skopeo_binary_checksum: "{{ skopeo_binary_checksums[image_arch][skopeo_version] }}" @@ -946,19 +943,6 @@ downloads: groups: - kube_control_plane - krew: - enabled: "{{ krew_enabled }}" - file: true - version: "{{ krew_version }}" - dest: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz" - sha256: "{{ krew_archive_checksum }}" - url: "{{ krew_download_url }}" - unarchive: true - owner: "root" - mode: "0755" - groups: - - kube_control_plane - registry: enabled: "{{ registry_enabled }}" container: true diff --git a/roles/kubespray-defaults/defaults/main/main.yml b/roles/kubespray-defaults/defaults/main/main.yml index 4d1bf010907..b7f73194498 100644 --- a/roles/kubespray-defaults/defaults/main/main.yml +++ b/roles/kubespray-defaults/defaults/main/main.yml @@ -411,7 +411,6 @@ dashboard_enabled: false # Addons which can be enabled helm_enabled: false -krew_enabled: false registry_enabled: false metrics_server_enabled: false enable_network_policy: true diff --git a/scripts/readme_versions.md.j2 b/scripts/readme_versions.md.j2 index 4960bd53008..f8f6a3e4290 100644 --- a/scripts/readme_versions.md.j2 +++ b/scripts/readme_versions.md.j2 @@ -18,7 +18,6 @@ - [cert-manager](https://github.com/jetstack/cert-manager) {{ cert_manager_version }} - [coredns](https://github.com/coredns/coredns) {{ coredns_version }} - [ingress-nginx](https://github.com/kubernetes/ingress-nginx) {{ ingress_nginx_version }} - - [krew](https://github.com/kubernetes-sigs/krew) {{ krew_version }} - [argocd](https://argoproj.github.io/) {{ argocd_version }} - [helm](https://helm.sh/) {{ helm_version }} - [metallb](https://metallb.universe.tf/) {{ metallb_version }} diff --git a/tests/files/packet_ubuntu20-flannel-ha-once.yml b/tests/files/packet_ubuntu20-flannel-ha-once.yml index 4477421fdf9..211d03ee1f3 100644 --- a/tests/files/packet_ubuntu20-flannel-ha-once.yml +++ b/tests/files/packet_ubuntu20-flannel-ha-once.yml @@ -8,7 +8,6 @@ kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c kube_proxy_mode: iptables kube_network_plugin: flannel helm_enabled: true -krew_enabled: true kubernetes_audit: true etcd_events_cluster_enabled: true local_volume_provisioner_enabled: true From 58df4ef9e5ad8be941ef1ebf8fee89224a4fe22f Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 20 Dec 2024 13:31:50 +0100 Subject: [PATCH 2/2] Remove krew cleanup --- roles/kubespray-defaults/defaults/main/main.yml | 3 --- roles/reset/tasks/main.yml | 3 --- 2 files changed, 6 deletions(-) diff --git a/roles/kubespray-defaults/defaults/main/main.yml b/roles/kubespray-defaults/defaults/main/main.yml index b7f73194498..b832da74ab7 100644 --- a/roles/kubespray-defaults/defaults/main/main.yml +++ b/roles/kubespray-defaults/defaults/main/main.yml @@ -745,9 +745,6 @@ proxy_disable_env: https_proxy: '' no_proxy: '' -# krew root dir -krew_root_dir: "/usr/local/krew" - # sysctl_file_path to add sysctl conf to sysctl_file_path: "/etc/sysctl.d/99-sysctl.conf" diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index 213bf833830..5d1b91c7b47 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -347,9 +347,6 @@ - /etc/bash_completion.d/kubectl.sh - /etc/bash_completion.d/crictl - /etc/bash_completion.d/nerdctl - - /etc/bash_completion.d/krew - - /etc/bash_completion.d/krew.sh - - "{{ krew_root_dir }}" - /etc/modules-load.d/kube_proxy-ipvs.conf - /etc/modules-load.d/kubespray-br_netfilter.conf - /etc/modules-load.d/kubespray-kata-containers.conf