Mercurial > code > home > repos > infra

changeset 302:3204157bb3e5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
attempt to fix http-registry problem on rpi
author drewp@bigasterisk.com
date Wed, 07 Aug 2024 00:59:16 -0700
parents 730eea6d809c
children 9e15c07d5258
files kube.py
diffstat 1 files changed, 11 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/kube.py	Wed Aug 07 00:58:44 2024 -0700
+++ b/kube.py	Wed Aug 07 00:59:16 2024 -0700
@@ -24,7 +24,7 @@
     )
 
 
-def install_skaffold():
+def install_skaffold(reg):
     files.download(src=f'https://storage.googleapis.com/skaffold/releases/{skaffold_version}/skaffold-linux-amd64',
                    dest='/usr/local/bin/skaffold',
                    user='root',
@@ -32,7 +32,7 @@
                    mode='755',
                    cache_time=1000)
     # one time; writes to $HOME
-    server.shell(commands="skaffold config set --global insecure-registries reg:5000")
+    server.shell(commands=f"skaffold config set --global insecure-registries {reg}")
 
 
 def host_prep():
@@ -48,9 +48,14 @@
 
 # don't try to get aufs-dkms on rpi-- https://github.com/docker/for-linux/issues/709
 def podman_insecure_registry(reg):
+    # docs: https://rancher.com/docs/k3s/latest/en/installation/private-registry/
+    # user confusions: https://github.com/rancher/k3s/issues/1802
+    files.template(src='templates/kube/registries.yaml.j2', dest='/etc/rancher/k3s/registries.yaml', reg=reg)
+
     files.template(src='templates/kube/podman_registries.conf.j2', dest='/etc/containers/registries.conf.d/reg.conf', reg=reg)
-    systemd.service(service='podman', user_mode=True)
-    systemd.service(service='podman.socket', user_mode=True)
+    if host.data.get('k8s_admin'):
+        systemd.service(service='podman', user_mode=True)
+        systemd.service(service='podman.socket', user_mode=True)
     # and maybe edit /etc/containers/policy.json
 
 
@@ -128,16 +133,13 @@
         host_prep()
         files.directory(path='/etc/rancher/k3s')
 
-        # docs: https://rancher.com/docs/k3s/latest/en/installation/private-registry/
-        # user confusions: https://github.com/rancher/k3s/issues/1802
-        files.template(src='templates/kube/registries.yaml.j2', dest='/etc/rancher/k3s/registries.yaml', reg='reg:5000')
+        podman_insecure_registry(reg='reg:5000')
         # also note that podman dropped the default `docker.io/` prefix on image names (see https://unix.stackexchange.com/a/701785/419418)
         config_and_run_service(k3s_version, server_node, server_ip)
 
     if host.data.get('k8s_admin'):
-        podman_insecure_registry(reg='reg:5000')
         files.directory(path='/etc/rancher/k3s')
-        install_skaffold()
+        install_skaffold("reg:5000")
         files.link(path='/usr/local/bin/kubectl', target='/usr/local/bin/k3s')
         files.directory(path='/home/drewp/.kube', user='drewp', group='drewp')