Merge pull request #114 from anjia0532/k3s_private_registry

Support k3s private registry configuration
This commit is contained in:
Xan Manning 2021-05-13 16:56:23 +01:00 committed by GitHub
commit 2b7fd373f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 46 additions and 0 deletions

1
.gitignore vendored
View File

@ -10,3 +10,4 @@ __pycache__
ansible.cfg ansible.cfg
pyratlabs-issue-dump.txt pyratlabs-issue-dump.txt
.cache .cache
/.idea/

View File

@ -76,6 +76,7 @@ consistency. These are generally cluster-level configuration.
| `k3s_use_unsupported_config` | Allow the use of unsupported configurations in k3s. | `false` | | `k3s_use_unsupported_config` | Allow the use of unsupported configurations in k3s. | `false` |
| `k3s_etcd_datastore` | Enable etcd embedded datastore (read notes below). | `false` | | `k3s_etcd_datastore` | Enable etcd embedded datastore (read notes below). | `false` |
| `k3s_debug` | Enable debug logging on the k3s service. | `false` | | `k3s_debug` | Enable debug logging on the k3s service. | `false` |
| `k3s_registries` | Registries configuration file content. | `{ mirrors: {}, configs:{} }` |
### K3S Service Configuration ### K3S Service Configuration

View File

@ -97,3 +97,26 @@ k3s_become_for_usr_local_bin: null
k3s_become_for_package_install: null k3s_become_for_package_install: null
k3s_become_for_kubectl: null k3s_become_for_kubectl: null
k3s_become_for_uninstall: null k3s_become_for_uninstall: null
# Private registry configuration.
# Rancher k3s documentation: https://rancher.com/docs/k3s/latest/en/installation/private-registry/
k3s_registries:
mirrors:
# docker.io:
# endpoint:
# - "https://mycustomreg.com:5000"
configs:
# "mycustomreg:5000":
# auth:
# # this is the registry username
# username: xxxxxx
# # this is the registry password
# password: xxxxxx
# tls:
# # path to the cert file used in the registry
# cert_file:
# # path to the key file used in the registry
# key_file:
# # path to the ca file used in the registry
# ca_file:

View File

@ -0,0 +1,11 @@
---
- name: Ensure containerd registries file exists
ansible.builtin.template:
src: registries.yaml.j2
dest: "{{ k3s_config_dir }}/registries.yaml"
mode: 0600
notify:
- reload systemd
- restart k3s
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"

View File

@ -41,6 +41,14 @@
- import_tasks: build/install-k3s.yml - import_tasks: build/install-k3s.yml
- name: Ensure containerd installation tasks are run
block:
- include_tasks: build/containerd/registries.yml
when:
- k3s_registries is defined
- (k3s_runtime_config.docker is not defined or not k3s_runtime_config.docker)
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
- include_tasks: validate/configuration/cluster-init.yml - include_tasks: validate/configuration/cluster-init.yml
when: when:
- k3s_control_delegate is defined - k3s_control_delegate is defined

View File

@ -0,0 +1,2 @@
---
{{ k3s_registries | to_nice_yaml }}