Add playbook to config insecure registry

pkg/util/entrypoint/entrypoint.go

@@ -24,16 +24,17 @@ const (
 	RemoveNodePB     = "remove-node.yml"
 	UpgradeClusterPB = "upgrade-cluster.yml"
 
-	PingPB          = "ping.yml"
-	RepoPB          = "enable-repo.yml"
-	FirewallPB      = "disable-firewalld.yml"
-	KubeconfigPB    = "kubeconfig.yml"
-	ClusterInfoPB   = "cluster-info.yml"
-	UpdateHostsPB   = "update-hosts.yml"
-	RemovePkgsPB    = "remove-pkgs.yml"
-	PreCheckPB      = "precheck.yml"
-	RenewCertsPB    = "renew-certs.yml"
-	KubeVipConfigPB = "config-for-kube-vip.yml"
+	PingPB                   = "ping.yml"
+	RepoPB                   = "enable-repo.yml"
+	FirewallPB               = "disable-firewalld.yml"
+	KubeconfigPB             = "kubeconfig.yml"
+	ClusterInfoPB            = "cluster-info.yml"
+	UpdateHostsPB            = "update-hosts.yml"
+	RemovePkgsPB             = "remove-pkgs.yml"
+	PreCheckPB               = "precheck.yml"
+	RenewCertsPB             = "renew-certs.yml"
+	KubeVipConfigPB          = "config-for-kube-vip.yml"
+	ConfigInsecureRegistryPB = "config-insecure-registry.yml"
 )
 
 //go:embed entrypoint.sh.template
@@ -60,7 +61,7 @@ func NewActions() *Actions {
 	actions.Playbooks.List = []string{
 		ResetPB, ScalePB, ClusterPB, RemoveNodePB, UpgradeClusterPB,
 		PingPB, RepoPB, FirewallPB, KubeconfigPB, ClusterInfoPB, UpdateHostsPB,
-		RemovePkgsPB, PreCheckPB, RenewCertsPB, KubeVipConfigPB,
+		RemovePkgsPB, PreCheckPB, RenewCertsPB, KubeVipConfigPB, ConfigInsecureRegistryPB,
 	}
 	actions.Playbooks.Dict = map[string]void{}
 	for _, pbItem := range actions.Playbooks.List {

playbooks/config-insecure-registry.yml

@@ -0,0 +1,28 @@
+# Copyright 2023 Authors of kubean-io
+# SPDX-License-Identifier: Apache-2.0
+
+---
+- name: Set additional insecure registiries for container manager
+  hosts: k8s_cluster,etcd
+  become: true
+  any_errors_fatal: "{{ any_errors_fatal | default(true) }}"
+  vars:
+    docker_insecure_registries: []
+    container_manager: containerd
+  tasks:
+    - name: Config for docker insecure registries
+      shell: |-
+        [ ! -f /etc/docker/daemon.json ] && { mkdir -p /etc/docker; echo "{}" > /etc/docker/daemon.json; }
+        python - <<EOF
+        import json
+        with open('/etc/docker/daemon.json', 'r+') as f:
+          data = json.load(f)
+          if "insecure-registries" not in data: data["insecure-registries"]=[]
+          if "{{ item }}" not in data["insecure-registries"]: data["insecure-registries"].append("{{ item }}")
+          f.seek(0)
+          json.dump(data, f, indent=4)
+        EOF
+      with_items: "{{ docker_insecure_registries }}"
+      when:
+        - container_manager == "docker"
+        - docker_insecure_registries | length > 0