From 34e2af3d479c510265ed84b2b4f3cf5936a2c27e Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sat, 12 Dec 2020 14:27:59 +0000 Subject: [PATCH] Set embedded Etcd as stable, deprecate docker --- CHANGELOG.md | 16 ++++++++++++++++ README.md | 15 +++++++-------- defaults/main.yml | 2 +- documentation/quickstart-ha-cluster.md | 2 +- handlers/main.yml | 6 +++--- molecule/autodeploy/verify.yml | 2 +- molecule/debug/verify.yml | 2 +- molecule/default/prepare-rootless.yml | 6 +++--- molecule/default/prepare.yml | 2 +- molecule/docker/prepare.yml | 2 +- molecule/highavailabilitydb/prepare.yml | 8 ++++---- molecule/highavailabilityetcd/prepare.yml | 8 ++++---- molecule/nodeploy/verify.yml | 2 +- tasks/build/configure-k3s-cluster.yml | 12 ++++++------ tasks/build/download-k3s.yml | 6 +++--- tasks/build/get-version.yml | 2 +- tasks/build/install-docker-archlinux.yml | 2 +- tasks/build/install-docker-opensuse-leap.yml | 2 +- .../install-docker-prerequisites-debian.yml | 6 +++--- .../install-docker-prerequisites-redhat.yml | 8 ++++---- tasks/build/install-docker-suse.yml | 2 +- tasks/build/install-docker.yml | 2 +- tasks/build/install-k3s-node.yml | 10 +++++----- tasks/build/install-k3s.yml | 8 ++++---- ...preconfigure-k3s-auto-deploying-manifests.yml | 4 ++-- tasks/build/preconfigure-k3s.yml | 2 +- tasks/operate/start-k3s.yml | 4 ++-- tasks/operate/stop-k3s.yml | 4 ++-- tasks/teardown/drain-and-remove-nodes.yml | 2 +- tasks/teardown/uninstall-docker-archlinux.yml | 2 +- .../teardown/uninstall-docker-opensuse-leap.yml | 2 +- .../uninstall-docker-prerequisites-debian.yml | 4 ++-- .../uninstall-docker-prerequisites-redhat.yml | 2 +- tasks/teardown/uninstall-docker-suse.yml | 2 +- tasks/teardown/uninstall-docker.yml | 2 +- tasks/teardown/uninstall-k3s.yml | 4 ++-- tasks/validate/check-control-count.yml | 6 +++--- tasks/validate/check-control-plane.yml | 2 +- tasks/validate/check-experimental-variables.yml | 8 ++++---- tasks/validate/check-uninstalled.yml | 14 +++++++------- tasks/validate/check-unsupported-rootless.yml | 12 ++++++------ tasks/validate/check-variables.yml | 13 +++++++------ tasks/validate/pre-flight.yml | 2 +- vars/main.yml | 4 ++++ 44 files changed, 124 insertions(+), 104 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39d6786..ca5c20a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,22 @@ --- --> +## 2020-12-12, v2.2.0 + +### Notable changes + + - Use of FQCNs enforced, minimum Ansible version now v2.10 + - `k3s_etcd_datastore` no longer experimental after K3s version v1.19.5+k3s1 + - Docker marked as deprecated for K3s > v1.20.0+k3s1 + +### Breaking changes + + - Use of FQCNs enforced, minimum Ansible version now v2.10 + - Use of Docker requires `k3s_use_unsupported_config` to be `true` after + v1.20.0+k3s1 + +--- + ## 2020-12-05, v2.1.1 ### Notable changes diff --git a/README.md b/README.md index cd07495..28c2abf 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,7 @@ consistency. These are generally cluster-level configuration. | `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] | | `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` | | `k3s_use_unsupported_config` | Allow the use of unsupported configurations in k3s. | `false` | -| `k3s_etcd_datastore` | Enable etcd embedded datastore (EXPERIMENTAL, read notes below). | `false` | +| `k3s_etcd_datastore` | Enable etcd embedded datastore (read notes below). | `false` | | `k3s_debug` | Enable debug logging on the k3s service. | `false` | ### Ansible Controller Configuration Variables @@ -269,13 +269,12 @@ with a `datastore-endpoint` defined. As this is not a typically supported configuration you will need to set `k3s_use_unsupported_config` to `true`. Since K3s v1.19.1 it is possible to use an embedded Etcd as the backend -database, and this is done by setting `k3s_etcd_datastore` to true. -As this is an experimental feature you will also need to set -`k3s_use_experimental` to `true`. The best practice for Etcd is to define at -least 3 members to ensure quorum is established. In addition to this, an odd -number of members is recommended to ensure a majority in the event of a network -partition. If you want to use 2 members or an even number of members, -please set `k3s_use_unsupported_config` to `true`. +database, and this is done by setting `k3s_etcd_datastore` to `true`. +The best practice for Etcd is to define at least 3 members to ensure quorum is +established. In addition to this, an odd number of members is recommended to +ensure a majority in the event of a network partition. If you want to use 2 +members or an even number of members, please set `k3s_use_unsupported_config` +to `true`. ## Dependencies diff --git a/defaults/main.yml b/defaults/main.yml index 47dd778..aee5d35 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -41,7 +41,7 @@ k3s_use_experimental: false # Allow for unsupported configurations in k3s? k3s_use_unsupported_config: false -# Enable etcd embedded datastore (EXPERIMENTAL) +# Enable etcd embedded datastore k3s_etcd_datastore: false diff --git a/documentation/quickstart-ha-cluster.md b/documentation/quickstart-ha-cluster.md index b7da992..b487b53 100644 --- a/documentation/quickstart-ha-cluster.md +++ b/documentation/quickstart-ha-cluster.md @@ -92,7 +92,7 @@ Here is our playbook for the k3s cluster (`ha_cluster.yml`): vars: k3s_become_for_all: true k3s_etcd_datastore: true - k3s_use_experimental: true # Note this is required for k3s v1.19.4+k3s1 + k3s_use_experimental: true # Note this is required for k3s < v1.19.5+k3s1 roles: - xanmanning.k3s ``` diff --git a/handlers/main.yml b/handlers/main.yml index a0d8db1..f91855c 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,13 +1,13 @@ --- - name: reload systemd - systemd: + ansible.builtin.systemd: daemon_reload: true scope: "{{ k3s_systemd_context }}" become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - name: restart k3s - systemd: + ansible.builtin.systemd: name: k3s state: restarted scope: "{{ k3s_systemd_context }}" @@ -17,7 +17,7 @@ become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - name: restart docker - systemd: + ansible.builtin.systemd: name: docker state: restarted enabled: true diff --git a/molecule/autodeploy/verify.yml b/molecule/autodeploy/verify.yml index a82dd6f..86afba4 100644 --- a/molecule/autodeploy/verify.yml +++ b/molecule/autodeploy/verify.yml @@ -5,5 +5,5 @@ hosts: all tasks: - name: Example assertion - assert: + ansible.builtin.assert: that: true diff --git a/molecule/debug/verify.yml b/molecule/debug/verify.yml index a82dd6f..86afba4 100644 --- a/molecule/debug/verify.yml +++ b/molecule/debug/verify.yml @@ -5,5 +5,5 @@ hosts: all tasks: - name: Example assertion - assert: + ansible.builtin.assert: that: true diff --git a/molecule/default/prepare-rootless.yml b/molecule/default/prepare-rootless.yml index 928a14c..d02d3e5 100644 --- a/molecule/default/prepare-rootless.yml +++ b/molecule/default/prepare-rootless.yml @@ -4,18 +4,18 @@ become: true tasks: - name: Ensure a user group exists - group: + ansible.builtin.group: name: user state: present - name: Ensure a normal user exists - user: + ansible.builtin.user: name: k3suser group: user state: present - name: Ensure a normal user has bin directory - file: + ansible.builtin.file: path: /home/k3suser/bin state: directory owner: k3suser diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 7ad302a..2a1a341 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -3,6 +3,6 @@ hosts: all tasks: - name: Ensure apt cache is updated - apt: + ansible.builtin.apt: update_cache: true when: ansible_pkg_mgr == 'apt' diff --git a/molecule/docker/prepare.yml b/molecule/docker/prepare.yml index 7ad302a..2a1a341 100644 --- a/molecule/docker/prepare.yml +++ b/molecule/docker/prepare.yml @@ -3,6 +3,6 @@ hosts: all tasks: - name: Ensure apt cache is updated - apt: + ansible.builtin.apt: update_cache: true when: ansible_pkg_mgr == 'apt' diff --git a/molecule/highavailabilitydb/prepare.yml b/molecule/highavailabilitydb/prepare.yml index 86d8f25..c6a1537 100644 --- a/molecule/highavailabilitydb/prepare.yml +++ b/molecule/highavailabilitydb/prepare.yml @@ -3,23 +3,23 @@ hosts: loadbalancer tasks: - name: Ensure apt cache is updated - apt: + ansible.builtin.apt: update_cache: true when: ansible_pkg_mgr == 'apt' - name: Ensure HAProxy is installed - package: + ansible.builtin.package: name: haproxy state: present - name: Ensure HAProxy config directory exists - file: + ansible.builtin.file: path: /usr/local/etc/haproxy state: directory mode: 0755 - name: Ensure HAProxy is configured - template: + ansible.builtin.template: src: haproxy-loadbalancer.conf.j2 dest: /usr/local/etc/haproxy/haproxy.cfg mode: 0644 diff --git a/molecule/highavailabilityetcd/prepare.yml b/molecule/highavailabilityetcd/prepare.yml index 86d8f25..c6a1537 100644 --- a/molecule/highavailabilityetcd/prepare.yml +++ b/molecule/highavailabilityetcd/prepare.yml @@ -3,23 +3,23 @@ hosts: loadbalancer tasks: - name: Ensure apt cache is updated - apt: + ansible.builtin.apt: update_cache: true when: ansible_pkg_mgr == 'apt' - name: Ensure HAProxy is installed - package: + ansible.builtin.package: name: haproxy state: present - name: Ensure HAProxy config directory exists - file: + ansible.builtin.file: path: /usr/local/etc/haproxy state: directory mode: 0755 - name: Ensure HAProxy is configured - template: + ansible.builtin.template: src: haproxy-loadbalancer.conf.j2 dest: /usr/local/etc/haproxy/haproxy.cfg mode: 0644 diff --git a/molecule/nodeploy/verify.yml b/molecule/nodeploy/verify.yml index a82dd6f..86afba4 100644 --- a/molecule/nodeploy/verify.yml +++ b/molecule/nodeploy/verify.yml @@ -5,5 +5,5 @@ hosts: all tasks: - name: Example assertion - assert: + ansible.builtin.assert: that: true diff --git a/tasks/build/configure-k3s-cluster.yml b/tasks/build/configure-k3s-cluster.yml index c315bb7..38f666f 100644 --- a/tasks/build/configure-k3s-cluster.yml +++ b/tasks/build/configure-k3s-cluster.yml @@ -1,7 +1,7 @@ --- - name: Ensure NODE_TOKEN is captured from control node - slurp: + ansible.builtin.slurp: path: "{{ k3s_runtime_config['data-dir'] | default ('/var/lib/rancher/k3s') }}/server/node-token" register: k3s_slurped_control_token delegate_to: "{{ k3s_control_delegate }}" @@ -20,14 +20,14 @@ when: k3s_control_token is not defined and ansible_check_mode - name: Ensure the cluster NODE_TOKEN file location exists - file: + ansible.builtin.file: path: "{{ k3s_token_location | dirname }}" state: directory mode: 0755 become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - name: Ensure k3s cluster token file is present on workers and secondary control nodes - template: + ansible.builtin.template: src: cluster-token.j2 dest: "{{ k3s_token_location }}" mode: 0600 @@ -38,7 +38,7 @@ - restart k3s - name: Ensure k3s service unit file is present - template: + ansible.builtin.template: src: k3s.service.j2 dest: "{{ k3s_systemd_unit_dir }}/k3s.service" mode: 0644 @@ -48,7 +48,7 @@ - restart k3s - name: Ensure k3s config file exists - template: + ansible.builtin.template: src: config.yaml.j2 dest: "{{ k3s_config_file }}" mode: 0644 @@ -58,7 +58,7 @@ become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" - name: Ensure secondary controllers are started - service: + ansible.builtin.systemd: name: k3s state: started enabled: true diff --git a/tasks/build/download-k3s.yml b/tasks/build/download-k3s.yml index c8b48c8..950cb9e 100644 --- a/tasks/build/download-k3s.yml +++ b/tasks/build/download-k3s.yml @@ -21,7 +21,7 @@ check_mode: false - name: Ensure the k3s hashsum is downloaded - uri: + ansible.builtin.uri: url: "{{ k3s_hash_url }}" return_content: true register: k3s_hash_sum_raw @@ -37,13 +37,13 @@ check_mode: false - name: Ensure installation directory exists - file: + ansible.builtin.file: path: "{{ k3s_install_dir }}" state: directory mode: 0755 - name: Ensure k3s binary is downloaded - get_url: + ansible.builtin.get_url: url: "{{ k3s_binary_url }}" dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" checksum: "sha256:{{ k3s_hash_sum }}" diff --git a/tasks/build/get-version.yml b/tasks/build/get-version.yml index e791a83..9fba3bb 100644 --- a/tasks/build/get-version.yml +++ b/tasks/build/get-version.yml @@ -12,7 +12,7 @@ check_mode: false - name: Get the latest release version from k3s.io - uri: + ansible.builtin.uri: url: "{{ k3s_api_releases }}" return_content: true body_format: json diff --git a/tasks/build/install-docker-archlinux.yml b/tasks/build/install-docker-archlinux.yml index 5f72243..5ee922c 100644 --- a/tasks/build/install-docker-archlinux.yml +++ b/tasks/build/install-docker-archlinux.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is installed using Pacman - pacman: + community.general.pacman: name: docker state: present register: ensure_docker_prerequisites_installed diff --git a/tasks/build/install-docker-opensuse-leap.yml b/tasks/build/install-docker-opensuse-leap.yml index 520848b..5632524 100644 --- a/tasks/build/install-docker-opensuse-leap.yml +++ b/tasks/build/install-docker-opensuse-leap.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is installed using Zypper - zypper: + community.general.zypper: name: docker state: present register: ensure_docker_prerequisites_installed diff --git a/tasks/build/install-docker-prerequisites-debian.yml b/tasks/build/install-docker-prerequisites-debian.yml index b1dbc03..b60ae5c 100644 --- a/tasks/build/install-docker-prerequisites-debian.yml +++ b/tasks/build/install-docker-prerequisites-debian.yml @@ -1,7 +1,7 @@ --- - name: Ensure Docker prerequisites are installed - apt: + ansible.builtin.apt: name: - apt-transport-https - ca-certificates @@ -16,13 +16,13 @@ become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - name: Ensure Docker APT key is present - apt_key: + ansible.builtin.apt_key: url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg state: present become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - name: Ensure Docker repository is installed and configured - apt_repository: + ansible.builtin.apt_repository: filename: docker-ce repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" update_cache: true diff --git a/tasks/build/install-docker-prerequisites-redhat.yml b/tasks/build/install-docker-prerequisites-redhat.yml index 0c55483..3605e41 100644 --- a/tasks/build/install-docker-prerequisites-redhat.yml +++ b/tasks/build/install-docker-prerequisites-redhat.yml @@ -1,7 +1,7 @@ --- - name: Ensure python-dnf is installed - package: + ansible.builtin.package: name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}" state: present register: ensure_python_dnf_installed @@ -12,7 +12,7 @@ when: ansible_pkg_mgr == 'dnf' - name: Ensure Docker prerequisites are installed - yum: + ansible.builtin.yum: name: - yum-utils - device-mapper-persistent-data @@ -25,14 +25,14 @@ become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - name: Check to see if Docker repository is available for this distribution - uri: + ansible.builtin.uri: url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}" register: k3s_redhat_repo_check failed_when: false changed_when: false - name: Ensure Docker repository is installed and configured - yum_repository: + ansible.builtin.yum_repository: name: docker-ce description: Docker CE Repository baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable diff --git a/tasks/build/install-docker-suse.yml b/tasks/build/install-docker-suse.yml index 520848b..5632524 100644 --- a/tasks/build/install-docker-suse.yml +++ b/tasks/build/install-docker-suse.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is installed using Zypper - zypper: + community.general.zypper: name: docker state: present register: ensure_docker_prerequisites_installed diff --git a/tasks/build/install-docker.yml b/tasks/build/install-docker.yml index d46445b..27fe287 100644 --- a/tasks/build/install-docker.yml +++ b/tasks/build/install-docker.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is installed - package: + ansible.builtin.package: name: - docker-ce - docker-ce-cli diff --git a/tasks/build/install-k3s-node.yml b/tasks/build/install-k3s-node.yml index faddf7b..068085c 100644 --- a/tasks/build/install-k3s-node.yml +++ b/tasks/build/install-k3s-node.yml @@ -1,7 +1,7 @@ --- - name: Ensure k3s is linked into the installation destination - file: + ansible.builtin.file: src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" dest: "{{ k3s_install_dir }}/{{ item }}" state: "{{ 'hard' if k3s_install_hard_links else 'link' }}" @@ -18,7 +18,7 @@ become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" - name: Ensure k3s config file exists - template: + ansible.builtin.template: src: config.yaml.j2 dest: "{{ k3s_config_file }}" mode: 0644 @@ -28,7 +28,7 @@ become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" - name: Ensure k3s service unit file is present - template: + ansible.builtin.template: src: k3s.service.j2 dest: "{{ k3s_systemd_unit_dir }}/k3s.service" mode: 0644 @@ -38,7 +38,7 @@ become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - name: Ensure k3s killall script is present - template: + ansible.builtin.template: src: k3s-killall.sh.j2 dest: "/usr/local/bin/k3s-killall.sh" mode: 0700 @@ -48,7 +48,7 @@ or not k3s_runtime_config.rootless) - name: Ensure k3s uninstall script is present - template: + ansible.builtin.template: src: k3s-uninstall.sh.j2 dest: "/usr/local/bin/k3s-uninstall.sh" mode: 0700 diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index f462258..f1643b9 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -1,21 +1,21 @@ --- - name: Ensure config directory exists - file: + ansible.builtin.file: path: "{{ k3s_config_file | dirname }}" state: directory mode: 0755 become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" - name: Ensure systemd unit file directory exists - file: + ansible.builtin.file: path: "{{ k3s_systemd_unit_dir }}" state: directory mode: 0755 become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - name: Ensure data directory exists when not using the default - file: + ansible.builtin.file: path: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}" state: directory mode: 0755 @@ -34,7 +34,7 @@ when: k3s_build_cluster - name: Ensure k3s control plane is started - systemd: + ansible.builtin.systemd: name: k3s state: started enabled: true diff --git a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml index 494eb20..4cbc958 100644 --- a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml +++ b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml @@ -1,7 +1,7 @@ --- - name: Ensure that the manifests directory exists - file: + ansible.builtin.file: state: directory path: "{{ k3s_server_manifests_dir }}" mode: 0755 @@ -9,7 +9,7 @@ # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests - name: Ensure Auto-Deploying Manifests are copied to controllers - template: + ansible.builtin.template: src: "{{ item }}" dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}" mode: 0644 diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/build/preconfigure-k3s.yml index d56d856..30e3101 100644 --- a/tasks/build/preconfigure-k3s.yml +++ b/tasks/build/preconfigure-k3s.yml @@ -41,7 +41,7 @@ and k3s_build_cluster is defined and k3s_build_cluster - name: Ensure ansible_host is mapped to inventory_hostname - lineinfile: + ansible.builtin.lineinfile: path: /tmp/inventory.txt line: >- {{ item }} diff --git a/tasks/operate/start-k3s.yml b/tasks/operate/start-k3s.yml index d94cd73..980af9b 100644 --- a/tasks/operate/start-k3s.yml +++ b/tasks/operate/start-k3s.yml @@ -1,14 +1,14 @@ --- - name: Ensure k3s service is started - systemd: + ansible.builtin.systemd: name: k3s state: started enabled: true when: k3s_non_root is not defined or not k3s_non_root - name: Ensure k3s service is started - systemd: + ansible.builtin.systemd: name: k3s state: started enabled: true diff --git a/tasks/operate/stop-k3s.yml b/tasks/operate/stop-k3s.yml index 3577bca..d74816e 100644 --- a/tasks/operate/stop-k3s.yml +++ b/tasks/operate/stop-k3s.yml @@ -1,14 +1,14 @@ --- - name: Ensure k3s service is stopped - systemd: + ansible.builtin.systemd: name: k3s state: stopped enabled: false when: k3s_non_root is not defined or not k3s_non_root - name: Ensure k3s service is started - systemd: + ansible.builtin.systemd: name: k3s state: stopped enabled: false diff --git a/tasks/teardown/drain-and-remove-nodes.yml b/tasks/teardown/drain-and-remove-nodes.yml index 19de2e4..1f3f69d 100644 --- a/tasks/teardown/drain-and-remove-nodes.yml +++ b/tasks/teardown/drain-and-remove-nodes.yml @@ -1,7 +1,7 @@ --- - name: Check if kubectl exists - stat: + ansible.builtin.stat: path: "{{ k3s_install_dir }}/kubectl" register: k3s_check_kubectl become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/uninstall-docker-archlinux.yml b/tasks/teardown/uninstall-docker-archlinux.yml index 2dd97fc..507a427 100644 --- a/tasks/teardown/uninstall-docker-archlinux.yml +++ b/tasks/teardown/uninstall-docker-archlinux.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is uninstalled using Pacman - pacman: + community.general.pacman: name: docker state: absent register: ensure_docker_uninstalled diff --git a/tasks/teardown/uninstall-docker-opensuse-leap.yml b/tasks/teardown/uninstall-docker-opensuse-leap.yml index ceac7e7..d025359 100644 --- a/tasks/teardown/uninstall-docker-opensuse-leap.yml +++ b/tasks/teardown/uninstall-docker-opensuse-leap.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is installed using Zypper - zypper: + community.general.zypper: name: docker state: absent register: ensure_docker_uninstalled diff --git a/tasks/teardown/uninstall-docker-prerequisites-debian.yml b/tasks/teardown/uninstall-docker-prerequisites-debian.yml index d1e6544..5b87049 100644 --- a/tasks/teardown/uninstall-docker-prerequisites-debian.yml +++ b/tasks/teardown/uninstall-docker-prerequisites-debian.yml @@ -1,7 +1,7 @@ --- - name: Ensure Docker repository is uninstalled - apt_repository: + ansible.builtin.apt_repository: filename: docker-ce repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" update_cache: false @@ -9,7 +9,7 @@ become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" - name: Ensure Docker APT key is uninstalled - apt_key: + ansible.builtin.apt_key: url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg state: absent become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/uninstall-docker-prerequisites-redhat.yml b/tasks/teardown/uninstall-docker-prerequisites-redhat.yml index fcb30d7..3961c60 100644 --- a/tasks/teardown/uninstall-docker-prerequisites-redhat.yml +++ b/tasks/teardown/uninstall-docker-prerequisites-redhat.yml @@ -1,7 +1,7 @@ --- - name: Ensure Docker repository is removed - yum_repository: + ansible.builtin.yum_repository: name: docker-ce description: Docker CE Repository baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable diff --git a/tasks/teardown/uninstall-docker-suse.yml b/tasks/teardown/uninstall-docker-suse.yml index 18ece61..e967559 100644 --- a/tasks/teardown/uninstall-docker-suse.yml +++ b/tasks/teardown/uninstall-docker-suse.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is uninstalled using Zypper - zypper: + community.general.zypper: name: docker state: absent register: ensure_docker_uninstalled diff --git a/tasks/teardown/uninstall-docker.yml b/tasks/teardown/uninstall-docker.yml index 19edb65..736cd38 100644 --- a/tasks/teardown/uninstall-docker.yml +++ b/tasks/teardown/uninstall-docker.yml @@ -1,7 +1,7 @@ --- - name: Ensure docker is uninstalled - package: + ansible.builtin.package: name: - docker-ce - docker-ce-cli diff --git a/tasks/teardown/uninstall-k3s.yml b/tasks/teardown/uninstall-k3s.yml index 4064bee..757fe38 100644 --- a/tasks/teardown/uninstall-k3s.yml +++ b/tasks/teardown/uninstall-k3s.yml @@ -1,12 +1,12 @@ --- - name: Check to see if k3s-killall.sh exits - stat: + ansible.builtin.stat: path: /usr/local/bin/k3s-killall.sh register: check_k3s_killall_script - name: Check to see if k3s-uninstall.sh exits - stat: + ansible.builtin.stat: path: /usr/local/bin/k3s-uninstall.sh register: check_k3s_uninstall_script diff --git a/tasks/validate/check-control-count.yml b/tasks/validate/check-control-count.yml index 88e3642..498df02 100644 --- a/tasks/validate/check-control-count.yml +++ b/tasks/validate/check-control-count.yml @@ -1,7 +1,7 @@ --- - name: Check the conditions when a single controller is defined - assert: + ansible.builtin.assert: that: - (k3s_controller_count | length == 1) and ("datastore-endpoint" not in k3s_runtime_config or not k3s_runtime_config['datastore-endpoint']) @@ -13,7 +13,7 @@ and k3s_control_node - name: Check the conditions when multiple controllers are defined - assert: + ansible.builtin.assert: that: - (k3s_controller_count | length >= 2) and (("datastore-endpoint" in k3s_runtime_config and k3s_runtime_config['datastore-endpoint']) @@ -24,7 +24,7 @@ and k3s_control_node - name: Check the conditions when embedded etcd is defined - assert: + ansible.builtin.assert: that: - (k3s_controller_count | length >= 3) and (((k3s_controller_count | length) % 2) == 1) diff --git a/tasks/validate/check-control-plane.yml b/tasks/validate/check-control-plane.yml index fa69258..3fbb65d 100644 --- a/tasks/validate/check-control-plane.yml +++ b/tasks/validate/check-control-plane.yml @@ -1,7 +1,7 @@ --- - name: Check that the control plane to is available to accept connections - wait_for: + ansible.builtin.wait_for: port: "{{ k3s_runtime_config['https-listen-port'] | default('6443') }}" host: "{{ k3s_runtime_config['bind-address'] | default('127.0.0.1') }}" delay: 5 diff --git a/tasks/validate/check-experimental-variables.yml b/tasks/validate/check-experimental-variables.yml index d01419b..a04fb63 100644 --- a/tasks/validate/check-experimental-variables.yml +++ b/tasks/validate/check-experimental-variables.yml @@ -1,16 +1,16 @@ --- - name: Check if any experimental variables are configure and if they are enabled with k3s_use_experimental - assert: + ansible.builtin.assert: that: - k3s_use_experimental is defined and k3s_use_experimental success_msg: "Experimental variables are defined and enabled." - fail_msg: "Experimental variables have been configured. If you want to use them ensure you set k3s_use_experimental" - loop: "{{ k3s_experimental_config }}" + fail_msg: "Experimental variable k3s_etcd_datastore has been configured. If you want to use this ensure you set k3s_use_experimental" when: k3s_etcd_datastore is defined and k3s_etcd_datastore + and (k3s_release_version | replace('v', '')) is version_compare("1.19.5", '<') - name: Check if any experimental variables are configure and if they are enabled with k3s_use_experimental - assert: + ansible.builtin.assert: that: - k3s_use_experimental is defined and k3s_use_experimental success_msg: "Experimental variables are defined and enabled." diff --git a/tasks/validate/check-uninstalled.yml b/tasks/validate/check-uninstalled.yml index d1c33ba..1bd77c6 100644 --- a/tasks/validate/check-uninstalled.yml +++ b/tasks/validate/check-uninstalled.yml @@ -7,7 +7,7 @@ register: check_k3s_process - name: Fail if k3s is still running - fail: + ansible.builtin.fail: msg: k3s is still running, uninstall script failed. Please investigate. when: check_k3s_process.rc == 0 @@ -19,12 +19,12 @@ when: ("docker" in k3s_runtime_config and k3s_runtime_config.docker) - name: Fail if docker is still running - fail: + ansible.builtin.fail: msg: docker is still running, uninstall script failed. Please investigate. when: ("docker" in k3s_runtime_config and k3s_runtime_config.docker) - name: Fail if k3s binaries have not been removed - stat: + ansible.builtin.stat: path: "{{ k3s_install_dir }}/{{ item }}" register: check_k3s_binaries_removed failed_when: check_k3s_binaries_removed.stat.exists @@ -35,21 +35,21 @@ - ctr - name: Check k3s-killall.sh is removed - stat: + ansible.builtin.stat: path: /usr/local/bin/k3s-killall.sh register: check_k3s_killall - name: Fail if k3s-killall.sh script still exists - fail: + ansible.builtin.fail: msg: k3s-killall.sh is still running, uninstall script failed. Please investigate. when: check_k3s_killall.stat.exists - name: Check k3s-uninstall.sh is removed - stat: + ansible.builtin.stat: path: /usr/local/bin/k3s-uninstall.sh register: check_k3s_uninstall - name: Fail if k3s-uninstall.sh script still exists - fail: + ansible.builtin.fail: msg: k3s-uninstall.sh is still running, uninstall script failed. Please investigate. when: check_k3s_uninstall.stat.exists diff --git a/tasks/validate/check-unsupported-rootless.yml b/tasks/validate/check-unsupported-rootless.yml index 1fa8c8c..73c01e8 100644 --- a/tasks/validate/check-unsupported-rootless.yml +++ b/tasks/validate/check-unsupported-rootless.yml @@ -7,12 +7,12 @@ register: k3s_check_newuidmap_installed - name: Check if /proc/sys/kernel/unprivileged_userns_clone exists - stat: + ansible.builtin.stat: path: /proc/sys/kernel/unprivileged_userns_clone register: k3s_check_unprivileged_userns_exists - name: Get the value of /proc/sys/kernel/unprivileged_userns_clone - slurp: + ansible.builtin.slurp: src: /proc/sys/kernel/unprivileged_userns_clone register: k3s_get_unprivileged_userns_clone when: k3s_check_unprivileged_userns_exists.stat.exists @@ -24,17 +24,17 @@ when: not k3s_check_unprivileged_userns_exists.stat.exists - name: Get the value of /proc/sys/user/max_user_namespaces - slurp: + ansible.builtin.slurp: src: /proc/sys/user/max_user_namespaces register: k3s_get_max_user_namespaces - name: Get the contents of /etc/subuid - slurp: + ansible.builtin.slurp: src: /etc/subuid register: k3s_get_subuid - name: Get the contents of /etc/subgid - slurp: + ansible.builtin.slurp: src: /etc/subgid register: k3s_get_subgid @@ -46,7 +46,7 @@ | select('search', ansible_user_id) | first | default('UserNotFound:0:0') }}" - name: Check user namespaces kernel parameters are adequate - assert: + ansible.builtin.assert: that: - k3s_get_unprivileged_userns_clone['content'] | b64decode | int == 1 - k3s_get_max_user_namespaces['content'] | b64decode | int >= 28633 diff --git a/tasks/validate/check-variables.yml b/tasks/validate/check-variables.yml index 5f495e0..eb77f8c 100644 --- a/tasks/validate/check-variables.yml +++ b/tasks/validate/check-variables.yml @@ -1,14 +1,14 @@ --- - name: "Check that k3s_release_version >= {{ k3s_min_version }}" - assert: + ansible.builtin.assert: that: - (k3s_release_version | replace('v', '')) is version_compare(k3s_min_version, '>=') success_msg: "{{ k3s_release_version }} is supported by this role." fail_msg: "{{ k3s_release_version }} is not supported by this role, please use xanmanning.k3s v1.x." - name: Check configuration in k3s_server and k3s_agent that needs special configuration - assert: + ansible.builtin.assert: that: - (item.setting not in k3s_runtime_config) success_msg: "{{ item.setting }} not found in server/agent config" @@ -16,17 +16,18 @@ loop: "{{ k3s_config_exclude }}" - name: Check configuration in k3s_server and k3s_agent for deprecated configuration - assert: + ansible.builtin.assert: that: - (item.setting not in k3s_runtime_config) success_msg: "{{ item.setting }} not found in server/agent config" fail_msg: "{{ item.setting }} found in server/agent config. Please set {{ item.correction }} to use this option." loop: "{{ k3s_deprecated_config }}" - when: item.when is not defined - or (item.when is defined and (k3s_release_version | replace('v', '')) is version_compare(item.when, '>=')) + when: (item.when is not defined + or (item.when is defined and (k3s_release_version | replace('v', '')) is version_compare(item.when, '>='))) + and not k3s_use_unsupported_config - name: Check configuration in k3s_server and k3s_agent against release version - assert: + ansible.builtin.assert: that: - (k3s_release_version | replace('v', '')) is version_compare(item.version, '>=') success_msg: "{{ item.setting }} is supported by {{ k3s_release_version }}" diff --git a/tasks/validate/pre-flight.yml b/tasks/validate/pre-flight.yml index d4b3744..8d553a5 100644 --- a/tasks/validate/pre-flight.yml +++ b/tasks/validate/pre-flight.yml @@ -1,7 +1,7 @@ --- - name: Check to see if k3s_state is a supported value - assert: + ansible.builtin.assert: that: - k3s_state in k3s_valid_states fail_msg: "k3s_state not valid. Check README.md for details." diff --git a/vars/main.yml b/vars/main.yml index 8375875..046f567 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -94,6 +94,7 @@ k3s_experimental_config: - setting: agent-token - setting: agent-token-file - setting: cluster-reset + until: 1.19.5 # Config items that should be marked as deprecated k3s_deprecated_config: @@ -104,3 +105,6 @@ k3s_deprecated_config: correction: token - setting: no-deploy correction: "disable: VALUE" + - setting: docker + correction: "docker: false" + when: 1.20.0