From d2a34546cfbfb50d92f0380e6379297af3f9def3 Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sat, 25 Jul 2020 12:27:39 +0100 Subject: [PATCH 1/4] Potential fix for #35 --- tasks/build/install-k3s.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index 80ea3e8..c4f75a8 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -1,10 +1,11 @@ --- -- name: Ensure k3s is symlinked into the installation destination on the contol plane +- name: Ensure k3s is hard linked into the installation destination on the contol plane file: src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/k3s" - state: link + state: hard + force: true when: (k3s_control_node and k3s_controller_count | length == 1) or (k3s_primary_control_node and k3s_controller_count | length > 1) notify: @@ -44,11 +45,12 @@ mode: 0700 become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}" -- name: Ensure k3s is symlinked into the installation destinations across all nodes +- name: Ensure k3s is hard linked into the installation destinations across all nodes file: src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/{{ item }}" - state: link + state: hard + force: true notify: - restart k3s loop: From 809e9cd73cb06ffc2230f3e534e799b6459f0b31 Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sat, 25 Jul 2020 14:03:53 +0100 Subject: [PATCH 2/4] Releasable feature for hardlinks --- README.md | 43 +++++++++++++++++++++++++++++++++++ defaults/main.yml | 3 +++ molecule/default/playbook.yml | 2 ++ tasks/build/install-k3s.yml | 12 +++++----- 4 files changed, 54 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e9fc42d..4b4534d 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,7 @@ consistency. | `k3s_build_cluster` | When multiple `play_hosts` are available, attempt to cluster. Read notes below. | `true` | | `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s | | `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` | +| `k3s_install_hard_links` | Install using hard links rather than symbolic links. | `false` | | `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` | | `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] | | `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` | @@ -117,6 +118,48 @@ k3s_release_version: v1.18 # latest v1.18 release k3s_release_version: v1.17-testing # latest v1.17 testing release ``` +#### Important node about `k3s_install_hard_links` + +If you are using the [system-upgrade-controller](https://github.com/rancher/system-upgrade-controller) +you will need to use hard links rather than symbolic links as the controller +will not be able to follow symbolic links. This option has been added however +is not enabled by default to avoid breaking existing installations. + +To enable the use of hard links, ensure `k3s_install_hard_links` is set +to `true`. + +```yaml +k3s_install_hard_links: true +``` + +The result of this can be seen by running the following in `k3s_install_dir`: + +`ls -larthi | grep -E 'k3s|ctr|ctl' | grep -vE ".sh$" | sort` + +Symbolic Links: + +```text +[root@node1 bin]# ls -larthi | grep -E 'k3s|ctr|ctl' | grep -vE ".sh$" | sort +3277823 -rwxr-xr-x 1 root root 52M Jul 25 12:50 k3s-v1.18.4+k3s1 +3279565 lrwxrwxrwx 1 root root 31 Jul 25 12:52 k3s -> /usr/local/bin/k3s-v1.18.6+k3s1 +3279644 -rwxr-xr-x 1 root root 51M Jul 25 12:52 k3s-v1.18.6+k3s1 +3280079 lrwxrwxrwx 1 root root 31 Jul 25 12:52 ctr -> /usr/local/bin/k3s-v1.18.6+k3s1 +3280080 lrwxrwxrwx 1 root root 31 Jul 25 12:52 crictl -> /usr/local/bin/k3s-v1.18.6+k3s1 +3280081 lrwxrwxrwx 1 root root 31 Jul 25 12:52 kubectl -> /usr/local/bin/k3s-v1.18.6+k3s1 +``` + +Hard Links: + +```text +[root@node1 bin]# ls -larthi | grep -E 'k3s|ctr|ctl' | grep -vE ".sh$" | sort +3277823 -rwxr-xr-x 1 root root 52M Jul 25 12:50 k3s-v1.18.4+k3s1 +3279644 -rwxr-xr-x 5 root root 51M Jul 25 12:52 crictl +3279644 -rwxr-xr-x 5 root root 51M Jul 25 12:52 ctr +3279644 -rwxr-xr-x 5 root root 51M Jul 25 12:52 k3s +3279644 -rwxr-xr-x 5 root root 51M Jul 25 12:52 k3s-v1.18.6+k3s1 +3279644 -rwxr-xr-x 5 root root 51M Jul 25 12:52 kubectl +``` + #### Important note about `k3s_build_cluster` If you set `k3s_build_cluster` to `false`, this role will install each play diff --git a/defaults/main.yml b/defaults/main.yml index d55e44e..05a106d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -19,6 +19,9 @@ k3s_github_url: https://github.com/rancher/k3s # Installation directory for k3s k3s_install_dir: /usr/local/bin +# Install using hard links rather than symbolic links +k3s_install_hard_links: false + # Path for additional Kubernetes Manifests # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests k3s_server_manifests_dir: /var/lib/rancher/k3s/server/manifests diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index 394481e..c3454bd 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -4,5 +4,7 @@ become: true vars: molecule_is_test: true + k3s_release_version: v1.18.6+k3s1 + k3s_install_hard_links: true roles: - role: xanmanning.k3s diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index c4f75a8..7e5c945 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -1,11 +1,11 @@ --- -- name: Ensure k3s is hard linked into the installation destination on the contol plane +- name: Ensure k3s is linked into the installation destination on the contol plane file: src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/k3s" - state: hard - force: true + state: "{{ 'hard' if k3s_install_hard_links else 'link' }}" + force: "{{ k3s_install_hard_links }}" when: (k3s_control_node and k3s_controller_count | length == 1) or (k3s_primary_control_node and k3s_controller_count | length > 1) notify: @@ -45,12 +45,12 @@ mode: 0700 become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}" -- name: Ensure k3s is hard linked into the installation destinations across all nodes +- name: Ensure k3s is linked into the installation destinations across all nodes file: src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/{{ item }}" - state: hard - force: true + state: "{{ 'hard' if k3s_install_hard_links else 'link' }}" + force: "{{ k3s_install_hard_links }}" notify: - restart k3s loop: From d53102dda38f911b59a4638d6b87df17acb01aac Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sat, 25 Jul 2020 17:39:01 +0100 Subject: [PATCH 3/4] Check mode support added --- README.md | 2 ++ tasks/build/configure-k3s-cluster.yml | 12 +++++++++--- tasks/build/download-k3s.yml | 4 ++++ tasks/build/get-version.yml | 4 ++++ tasks/build/install-k3s.yml | 5 +++-- tasks/build/preconfigure-k3s.yml | 4 ++++ tasks/teardown/drain-and-remove-nodes.yml | 1 + 7 files changed, 27 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index e9fc42d..869da77 100644 --- a/README.md +++ b/README.md @@ -21,8 +21,10 @@ This role has been tested on Ansible 2.7.0+ against the following Linux Distribu - Fedora 29 - Fedora 30 - Fedora 31 + - Fedora 32 - openSUSE Leap 15 - Ubuntu 18.04 LTS + - Ubuntu 20.04 LTS ## Disclaimer diff --git a/tasks/build/configure-k3s-cluster.yml b/tasks/build/configure-k3s-cluster.yml index f99c8f6..027fe3e 100644 --- a/tasks/build/configure-k3s-cluster.yml +++ b/tasks/build/configure-k3s-cluster.yml @@ -5,13 +5,19 @@ path: "/var/lib/rancher/k3s/server/node-token" register: k3s_slurped_control_token delegate_to: "{{ k3s_control_delegate }}" - when: k3s_control_token is not defined + when: k3s_control_token is not defined and not ansible_check_mode become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" - name: Ensure NODE_TOKEN is formatted correctly for use in templates set_fact: k3s_control_token: "{{ k3s_slurped_control_token.content | b64decode }}" - when: k3s_control_token is not defined + when: k3s_control_token is not defined and not ansible_check_mode + +- name: Ensure dummy NODE_TOKEN is defined for ansible_check_mode + set_fact: + k3s_control_token: "{{ k3s_control_delegate | to_uuid }}" + check_mode: false + when: k3s_control_token is not defined and ansible_check_mode - name: Ensure k3s service unit file is present template: @@ -54,5 +60,5 @@ and kubectl_get_nodes_result.stdout.find("NotReady") == -1 retries: 30 delay: 20 - when: k3s_control_node and not k3s_no_flannel + when: k3s_control_node and not k3s_no_flannel and not ansible_check_mode become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/download-k3s.yml b/tasks/build/download-k3s.yml index b5c8606..fc9061a 100644 --- a/tasks/build/download-k3s.yml +++ b/tasks/build/download-k3s.yml @@ -4,17 +4,20 @@ set_fact: k3s_arch: "{{ k3s_arch_lookup[ansible_architecture].arch }}" k3s_arch_suffix: "{{ k3s_arch_lookup[ansible_architecture].suffix }}" + check_mode: false - name: Ensure URLs are set as facts for downloading binaries set_fact: k3s_binary_url: "{{ k3s_github_download_url }}/{{ k3s_release_version }}/k3s{{ k3s_arch_suffix }}" k3s_hash_url: "{{ k3s_github_download_url }}/{{ k3s_release_version }}/sha256sum-{{ k3s_arch }}.txt" + check_mode: false - name: Ensure the k3s hashsum is downloaded uri: url: "{{ k3s_hash_url }}" return_content: true register: k3s_hash_sum_raw + check_mode: false - name: Ensure sha256sum is set from hashsum variable set_fact: @@ -23,6 +26,7 @@ reject('search', 'images') | first).split() | first }}" changed_when: false + check_mode: false - name: Ensure installation directory exists file: diff --git a/tasks/build/get-version.yml b/tasks/build/get-version.yml index d5f86a1..e791a83 100644 --- a/tasks/build/get-version.yml +++ b/tasks/build/get-version.yml @@ -3,11 +3,13 @@ - name: Ensure k3s_release_version is set to default if false set_fact: k3s_release_version: "{{ k3s_release_channel }}" + check_mode: false when: k3s_release_version is defined and not k3s_release_version - name: Ensure the default release channel is set set_fact: k3s_release_channel: "{{ k3s_release_version | default('stable') }}" + check_mode: false - name: Get the latest release version from k3s.io uri: @@ -15,10 +17,12 @@ return_content: true body_format: json register: k3s_latest_release + check_mode: false - name: Ensure the release version is set as a fact set_fact: k3s_release_version: "{{ item.latest }}" loop: "{{ k3s_latest_release.json.data }}" + check_mode: false when: item.name == k3s_release_channel and item.type == "channel" diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index 80ea3e8..3ba0e60 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -5,8 +5,8 @@ src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/k3s" state: link - when: (k3s_control_node and k3s_controller_count | length == 1) - or (k3s_primary_control_node and k3s_controller_count | length > 1) + when: ((k3s_control_node and k3s_controller_count | length == 1) + or (k3s_primary_control_node and k3s_controller_count | length > 1)) and not ansible_check_mode notify: - restart k3s become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" @@ -56,6 +56,7 @@ - kubectl - crictl - ctr + when: not ansible_check_mode become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" - name: Ensure k3s control plane is started diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/build/preconfigure-k3s.yml index 30e7af9..56a4684 100644 --- a/tasks/build/preconfigure-k3s.yml +++ b/tasks/build/preconfigure-k3s.yml @@ -48,6 +48,7 @@ create: true regexp: "^{{ item }} @@@ {{ hostvars[item].ansible_host | default(hostvars[item].ansible_fqdn) }}" loop: "{{ play_hosts }}" + check_mode: false when: hostvars[item].k3s_control_node is defined - name: Delegate a master control plane node @@ -55,16 +56,19 @@ - name: Lookup control node from file command: "grep '{{ 'P_True' if (k3s_controller_count | length > 1) else 'C_True' }}' /tmp/inventory.txt" changed_when: false + check_mode: false register: k3s_control_delegate_raw - name: Ensure control node is delegated to for obtaining a token set_fact: k3s_control_delegate: "{{ k3s_control_delegate_raw.stdout.split(' @@@ ')[0] }}" + check_mode: false when: k3s_control_delegate is not defined - name: Ensure the control node address is registered in Ansible set_fact: k3s_control_node_address: "{{ hostvars[k3s_control_delegate].ansible_host | default(hostvars[k3s_control_delegate].ansible_fqdn) }}" + check_mode: false when: k3s_control_node_address is not defined when: k3s_control_node_address is not defined diff --git a/tasks/teardown/drain-and-remove-nodes.yml b/tasks/teardown/drain-and-remove-nodes.yml index 2700599..f6407b0 100644 --- a/tasks/teardown/drain-and-remove-nodes.yml +++ b/tasks/teardown/drain-and-remove-nodes.yml @@ -41,3 +41,4 @@ when: k3s_check_kubectl.stat.exists is defined and k3s_check_kubectl.stat.exists and k3s_control_delegate is defined + and not ansible_check_mode From 0bfbaa302efac1de619052ddd3a345c625d90996 Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sat, 25 Jul 2020 20:42:26 +0100 Subject: [PATCH 4/4] Fix uninstall --- templates/k3s-uninstall.sh.j2 | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/templates/k3s-uninstall.sh.j2 b/templates/k3s-uninstall.sh.j2 index 94ea5ea..71a66f9 100644 --- a/templates/k3s-uninstall.sh.j2 +++ b/templates/k3s-uninstall.sh.j2 @@ -30,8 +30,11 @@ K3SSVC=$(ls /etc/systemd/system/k3s*.service || true) if [[ "${K3SSVC}" != "" ]] ; then for unit in /etc/systemd/system/k3s*.service ; do + unit_name="$(basename "${unit}")" + systemctl stop "${unit_name}" [ -f "${unit}" ] && rm -f "${unit}" done + systemctl daemon-reload fi K3SINIT=$(ls /etc/init.d/k3s* || true) @@ -42,17 +45,17 @@ if [[ "${K3SINIT}" != "" ]] ; then fi for cmd in {kubectl,crictl,ctr} ; do - if [ -L "{{ k3s_install_dir }}/${cmd}" ]; then + if [ -f "{{ k3s_install_dir }}/${cmd}" ]; then rm -f "{{ k3s_install_dir }}/${cmd}" fi done +for bin in {{ k3s_install_dir }}/k3s*; do + [ -f "${bin}" ] && rm -f "${bin}" +done + [ -d /etc/rancher/k3s ] && rm -rf /etc/rancher/k3s [ -d /var/lib/rancher/k3s ] && rm -rf /var/lib/rancher/k3s [ -d /var/lib/kubelet ] && rm -rf /var/lib/kubelet -for bin in {{ k3s_install_dir }}/k3s*; do - [ -f "${bin}" ] && rm -f "${bin}" -done - [ -f /usr/local/bin/k3s-killall.sh ] && rm -f /usr/local/bin/k3s-killall.sh