kubectl_localhost get wrong binary when ansible host arch is different from deployed cluster

[noama-nv]

What happened?

when enable kubectl_localhost and ansible host arch is x86_64 and deploy a kubernetes cluster on aarch64 systems it copy the binary from the host.

binary from aarch64 host is not got for x86_64 ansible host
error:
kubectl: cannot execute binary file: Exec format error1

https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/client/tasks/main.yml#L90

What did you expect to happen?

when kubectl_localhost enable download correct arch binary to the ansible host

How can we reproduce it (as minimally and precisely as possible)?

1x ansible host x86_64 arch
1x controller node aarch64 arch

deploy kubespray with kubectl_localhost

OS

Ubuntu2204

Version of Ansible

2.17.0

Version of Python

3.11

Version of Kubespray (commit)

master

Network plugin used

calico

Full inventory with variables

Command used to invoke ansible

ansible-playbook -i inventory/arm/hosts.yaml cluster.yml

Output of ansible run

Anything else we need to know

No response

[leeonfu]

beautiful

[tico88612]

/help

[k8s-ci-robot]

@tico88612:
This request has been marked as needing help from a contributor.

Guidelines

Please ensure that the issue body includes answers to the following questions:

• Why are we solving this issue?
• To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
• Does this issue have zero to low barrier of entry?
• How can the assignee reach out to you for help?

For more details on the requirements of such an issue, please see here and ensure that they are met.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.

In response to this:

/help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[leeonfu]

/assign

[leeonfu]

Hi @noama-nv
Through my test, I think yaml for 'https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/client/tasks/main.yml#L90' will not be executed; it should be executed only if kubectl_localhost is true.

roles/kubespray-defaults/defaults/main/main.yml:385:kubectl_localhost: false
roles/kubernetes/client/tasks/main.yml:101: when: kubectl_localhost
roles/kubernetes/client/tasks/main.yml:114: when: kubectl_localhost and kubeconfig_localhost
roles/kubernetes/client/defaults/main.yml:4:kubectl_localhost: false
roles/kubernetes-apps/krew/tasks/main.yml:10: when: kubectl_localhost
~/kubespray$ grep -ri -n kubectl_localhost playbooks/
~/kubespray$ grep -ri -n kubectl_localhost inventory/mycluster/
inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml:251:# kubectl_localhost: false

So do you have any other custom configurations on here?

Br, Leeon

[leeonfu]

Today, I tried the localhost mode again, and I'm really puzzled by how Kubespray has designed this feature. So far, the latest version has been pretty user-unfriendly. It's just not practical for installing a Kubernetes cluster on nodes without internet access.

Specifically, it's unable to install any RPM packages via yum; you need your own local yum repository to get things working properly, which feels pretty clunky. This feature has only managed to support offline installation of Kubernetes-related binaries. If they want to keep this feature, I think the community needs to fully develop this part instead of leaving it as a half-baked solution

ansible-playbook -i inventory/mycluster/inventory.ini cluster.yml -e "{ 'download_localhost': true, 'download_run_once': true }" -vv

Target host information: openEuler-22.03-LTS-aarch64
Official documentation: https://github.com/kubernetes-sigs/kubespray/blob/master/docs/advanced/downloads.md

Text from dowloads.md

There is also a "pull once, push many" mode as well:

• Setting download_run_once: True will make kubespray download container images and binaries only once and then push them to the cluster nodes. The default download delegate node is the first kube_control_plane.

• Set download_localhost: True to make localhost the download delegate. This can be useful if cluster nodes cannot access external addresses. To use this requires that the container runtime is installed and running on the Ansible master and that the current user is either in the docker group or can do passwordless sudo, to be able to use the container runtime. Note: even if download_localhost is false, files will still be copied to the Ansible server (local host) from the delegated download node, and then distributed from the Ansible server to all cluster nodes.