ansible-role-kubernetes icon indicating copy to clipboard operation
ansible-role-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon geerlingguy

update apt sources, add apt keyring gpg

Open rdxmb opened this issue 1 year ago • 7 comments

fix https://github.com/geerlingguy/ansible-role-kubernetes/issues/149 fix https://github.com/geerlingguy/ansible-role-kubernetes/issues/105

see https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl

rdxmb avatar Nov 07 '23 03:11 rdxmb

I've searched for a solution without using the shell module, but all of them were even more ugly ...

Any other ideas for that?

Thanks for your feedback!

(ps. Ok, saving as .asc does not need dearmor, so this will be the way to go)

rdxmb avatar Nov 07 '23 03:11 rdxmb

This is how I currently solve this: https://www.jeffgeerling.com/blog/2022/aptkey-deprecated-debianubuntu-how-fix-ansible

geerlingguy avatar Nov 07 '23 03:11 geerlingguy

@geerlingguy yes, I have already seen that. However, /etc/apt/trusted.gpg.d/ does not seem to be the recommended way. Most docs recommend to add the signing key explicitly to the source.

The trick seems to be the .asc here, so I will change that.

What about the other stuff with deleting the old source?

rdxmb avatar Nov 07 '23 03:11 rdxmb

ready for review.

rdxmb avatar Nov 07 '23 14:11 rdxmb

@rdxmb - I realized my edit to that blog post may have not taken effect; there's a newer/simpler way to do it correctly using Ansible's ansible.builtin.deb822_repository module. This only works in Ansible 2.15+, so the role meta version requirement would need to be bumped too if we go that route. But it seems like that would be the cleanest method.

geerlingguy avatar Nov 07 '23 17:11 geerlingguy

to be honest, I didn't realize the upgrade on your blog post.

Maybe I will have a look at deb822_repository, at the moment this PR works for my environment.

rdxmb avatar Nov 07 '23 18:11 rdxmb

I opened a similar PR, #153, because I had a miserable time getting deb822_repository to work for me. I finally did, but I want to make clear that my PR is largely untested (I'm not actually using this project) and there is some cleanup work that needs to be done as part of the migration if you're working with an existing cluster.

ndouglas avatar Mar 01 '24 16:03 ndouglas

@geerlingguy Can we get either this PR in or make some progress on #153? The current repos have been deprecated since August 2023 and this role has been broken in its current state since January 31st...

rhino5oh avatar Mar 05 '24 15:03 rhino5oh

Merging this for now — I would like to move to deb822_repository at some point of course :)

geerlingguy avatar Mar 05 '24 19:03 geerlingguy

@geerlingguy Thank you! Can you tag the repo with these changes as well?

rhino5oh avatar Mar 06 '24 03:03 rhino5oh

I just realized that this PR did not update the yum repository as well, which should have probably be done at the same time. I can try to work up a PR for that....even one that attempts to use deb822_repository, since it looks like https://github.com/geerlingguy/ansible-role-kubernetes/pull/153 doesn't update the yum repo either

rhino5oh avatar Mar 06 '24 03:03 rhino5oh

@rhino5oh - oh haha, that makes sense, and I would gladly merge a PR updating yum/dnf too!

geerlingguy avatar Mar 06 '24 04:03 geerlingguy

I've pushed a commit that should hopefully fix yum.

geerlingguy avatar Mar 06 '24 04:03 geerlingguy