mirror of
https://github.com/PyratLabs/ansible-role-k3s.git
synced 2024-12-22 16:38:02 +01:00
commit
473f3943d2
20
CHANGELOG.md
20
CHANGELOG.md
@ -14,6 +14,26 @@
|
||||
---
|
||||
-->
|
||||
|
||||
## 2022-01-02, v3.0.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- feat: Flattened task filesystem
|
||||
- feat: Moved some tasks into `vars/` as templated variables
|
||||
- feat: Airgap installation method added #165
|
||||
|
||||
### Breaking changes
|
||||
|
||||
- Minimum `python` version on targets is 3.6
|
||||
- `k3s_become_for_all` renamed to `k3s_become`
|
||||
- `k3s_become_for_*` removed.
|
||||
|
||||
### Contributors
|
||||
|
||||
- [crutonjohn](https://github.com/crutonjohn)
|
||||
|
||||
---
|
||||
|
||||
## 2021-12-23, v2.12.1
|
||||
|
||||
### Notable changes
|
||||
|
33
README.md
33
README.md
@ -1,10 +1,17 @@
|
||||
# Ansible Role: k3s (v2.x)
|
||||
# Ansible Role: k3s (v3.x)
|
||||
|
||||
Ansible role for installing [K3S](https://k3s.io/) ("Lightweight
|
||||
Kubernetes") as either a standalone server or cluster.
|
||||
|
||||
[![CI](https://github.com/PyratLabs/ansible-role-k3s/workflows/CI/badge.svg?event=push)](https://github.com/PyratLabs/ansible-role-k3s/actions?query=workflow%3ACI)
|
||||
|
||||
## Help Wanted!
|
||||
|
||||
Hi! :wave: [@xanmanning](https://github.com/xanmanning) is looking for a new
|
||||
maintainer to work on this Ansible role. This is because I don't have as much
|
||||
free time any more and I no longer write Ansible regularly as part of my day
|
||||
job. If you're interested, get in touch.
|
||||
|
||||
## Release notes
|
||||
|
||||
Please see [Releases](https://github.com/PyratLabs/ansible-role-k3s/releases)
|
||||
@ -14,6 +21,7 @@ and [CHANGELOG.md](CHANGELOG.md).
|
||||
|
||||
The host you're running Ansible from requires the following Python dependencies:
|
||||
|
||||
- `python >= 3.6.0`
|
||||
- `ansible >= 2.9.16` or `ansible-base >= 2.10.4`
|
||||
|
||||
You can install dependencies using the requirements.txt file in this repository:
|
||||
@ -24,8 +32,7 @@ This role has been tested against the following Linux Distributions:
|
||||
- Amazon Linux 2
|
||||
- Archlinux
|
||||
- CentOS 8
|
||||
- CentOS 7
|
||||
- Debian 10
|
||||
- Debian 11
|
||||
- Fedora 31
|
||||
- Fedora 32
|
||||
- Fedora 33
|
||||
@ -33,7 +40,7 @@ This role has been tested against the following Linux Distributions:
|
||||
- RockyLinux 8
|
||||
- Ubuntu 20.04 LTS
|
||||
|
||||
:warning: The v2 releases of this role only supports `k3s >= v1.19`, for
|
||||
:warning: The v3 releases of this role only supports `k3s >= v1.19`, for
|
||||
`k3s < v1.19` please consider updating or use the v1.x releases of this role.
|
||||
|
||||
Before upgrading, see [CHANGELOG](CHANGELOG.md) for notifications of breaking
|
||||
@ -130,7 +137,6 @@ The `k3s_server` dictionary variable will contain flags from the above
|
||||
```yaml
|
||||
k3s_server:
|
||||
datastore-endpoint: postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable
|
||||
docker: true
|
||||
cluster-cidr: 172.20.0.0/16
|
||||
flannel-backend: 'none' # This needs to be in quotes
|
||||
disable:
|
||||
@ -181,18 +187,11 @@ configuration.
|
||||
The below variables are used to change the way the role executes in Ansible,
|
||||
particularly with regards to privilege escalation.
|
||||
|
||||
| Variable | Description | Default Value |
|
||||
|-------------------------------------|---------------------------------------------------------------------|---------------|
|
||||
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
|
||||
| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` |
|
||||
| `k3s_become_for_all` | Escalate user privileges for all tasks. Overrides all of the below. | `false` |
|
||||
| `k3s_become_for_systemd` | Escalate user privileges for systemd tasks. | NULL |
|
||||
| `k3s_become_for_install_dir` | Escalate user privileges for creating installation directories. | NULL |
|
||||
| `k3s_become_for_directory_creation` | Escalate user privileges for creating application directories. | NULL |
|
||||
| `k3s_become_for_usr_local_bin` | Escalate user privileges for writing to `/usr/local/bin`. | NULL |
|
||||
| `k3s_become_for_package_install` | Escalate user privileges for installing k3s. | NULL |
|
||||
| `k3s_become_for_kubectl` | Escalate user privileges for running `kubectl`. | NULL |
|
||||
| `k3s_become_for_uninstall` | Escalate user privileges for uninstalling k3s. | NULL |
|
||||
| Variable | Description | Default Value |
|
||||
|-----------------------|----------------------------------------------------------------|---------------|
|
||||
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
|
||||
| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` |
|
||||
| `k3s_become` | Escalate user privileges for tasks that need root permissions. | `false` |
|
||||
|
||||
#### Important note about `k3s_release_version`
|
||||
|
||||
|
@ -127,15 +127,8 @@ k3s_agent: {}
|
||||
# Ansible Controller configuration
|
||||
##
|
||||
|
||||
# Use become privileges for
|
||||
k3s_become_for_all: false
|
||||
k3s_become_for_systemd: null
|
||||
k3s_become_for_install_dir: null
|
||||
k3s_become_for_directory_creation: null
|
||||
k3s_become_for_usr_local_bin: null
|
||||
k3s_become_for_package_install: null
|
||||
k3s_become_for_kubectl: null
|
||||
k3s_become_for_uninstall: null
|
||||
# Use become privileges?
|
||||
k3s_become: false
|
||||
|
||||
# Private registry configuration.
|
||||
# Rancher k3s documentation: https://rancher.com/docs/k3s/latest/en/installation/private-registry/
|
||||
|
@ -4,7 +4,7 @@
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: true
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart k3s
|
||||
ansible.builtin.systemd:
|
||||
@ -18,15 +18,4 @@
|
||||
failed_when:
|
||||
- k3s_systemd_restart_k3s is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: restart docker
|
||||
ansible.builtin.systemd:
|
||||
name: docker
|
||||
state: restarted
|
||||
enabled: true
|
||||
register: k3s_systemd_restart_docker
|
||||
failed_when:
|
||||
- k3s_systemd_restart_docker is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_server:
|
||||
https-listen-port: 26443
|
||||
cluster-domain: examplecluster.local
|
||||
k3s_agent:
|
||||
docker: true
|
||||
snapshotter: native
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
@ -1,60 +0,0 @@
|
||||
---
|
||||
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- check
|
||||
- converge
|
||||
- idempotence
|
||||
- side_effect
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
provisioner:
|
||||
name: ansible
|
||||
options:
|
||||
verbose: true
|
||||
verifier:
|
||||
name: ansible
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using amazon-linux-extras
|
||||
ansible.builtin.command:
|
||||
cmd: amazon-linux-extras install docker
|
||||
args:
|
||||
creates: /etc/docker
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1 +0,0 @@
|
||||
---
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Pacman
|
||||
community.general.pacman:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,29 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure Docker prerequisites are installed
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- "{{ 'gnupg2' if k3s_os_distribution == 'debian' else 'gnupg-agent' }}"
|
||||
- software-properties-common
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker APT key is present
|
||||
ansible.builtin.apt_key:
|
||||
url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
|
||||
state: present
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker repository is installed and configured
|
||||
ansible.builtin.apt_repository:
|
||||
filename: docker-ce
|
||||
repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable"
|
||||
update_cache: true
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
state: present
|
||||
register: ensure_docker_installed
|
||||
until: ensure_docker_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,56 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure python-dnf is installed
|
||||
ansible.builtin.package:
|
||||
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
|
||||
state: present
|
||||
register: ensure_python_dnf_installed
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
until: ensure_python_dnf_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: ansible_pkg_mgr == 'dnf'
|
||||
|
||||
- name: Ensure Docker prerequisites are installed
|
||||
ansible.builtin.yum:
|
||||
name:
|
||||
- yum-utils
|
||||
- device-mapper-persistent-data
|
||||
- lvm2
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Check to see if Docker repository is available for this distribution
|
||||
ansible.builtin.uri:
|
||||
url: "https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}"
|
||||
register: k3s_redhat_repo_check
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
|
||||
- name: Ensure Docker repository is installed and configured
|
||||
ansible.builtin.yum_repository:
|
||||
name: docker-ce
|
||||
description: Docker CE Repository
|
||||
baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable
|
||||
gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
|
||||
enabled: true
|
||||
gpgcheck: true
|
||||
state: present
|
||||
when:
|
||||
- k3s_os_distribution not in ['amazon']
|
||||
- k3s_redhat_repo_check.status == 200
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker repository is installed and configured from file
|
||||
ansible.builtin.command:
|
||||
cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
|
||||
args:
|
||||
creates: /etc/yum.repos.d/docker-ce.repo
|
||||
when:
|
||||
- k3s_os_distribution not in ['amazon']
|
||||
- k3s_redhat_repo_check.status != 200
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1 +0,0 @@
|
||||
---
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the config.yaml.d directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_config_yaml_d_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_agent_config_yaml_d_files | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to agents
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_agent_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,19 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_manifests_urls | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_urls }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
when: not ansible_check_mode
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_manifests_templates | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are copied to the primary controller
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_templates }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the config.yaml.d directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_config_yaml_d_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_config_yaml_d_files | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,19 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the pod-manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_pod_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_pod_manifests_urls | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_urls }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
when: not ansible_check_mode
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the pod-manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_pod_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_pod_manifests_templates | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/1691
|
||||
- name: Ensure static pod manifests are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_templates }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
@ -8,7 +8,7 @@
|
||||
when:
|
||||
- k3s_control_token is not defined
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure cluster token is formatted correctly for use in templates
|
||||
ansible.builtin.set_fact:
|
||||
@ -26,14 +26,14 @@
|
||||
path: "{{ k3s_token_location | dirname }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s cluster token file is present
|
||||
ansible.builtin.template:
|
||||
src: cluster-token.j2
|
||||
dest: "{{ k3s_token_location }}"
|
||||
mode: 0600
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- restart k3s
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
@ -55,7 +55,7 @@
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure secondary controllers are started
|
||||
ansible.builtin.systemd:
|
||||
@ -72,13 +72,13 @@
|
||||
when:
|
||||
- k3s_control_node
|
||||
- not k3s_primary_control_node
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- import_tasks: ../validate/state/control-plane.yml
|
||||
- import_tasks: post_checks_control_plane.yml
|
||||
when: not k3s_skip_validation
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- import_tasks: ../validate/state/nodes.yml
|
||||
- import_tasks: post_checks_nodes.yml
|
||||
when: not k3s_skip_validation
|
@ -8,4 +8,4 @@
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -5,7 +5,7 @@
|
||||
path: "{{ directory.path }}"
|
||||
state: directory
|
||||
mode: "{{ directory.mode | default(755) }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- directory.path is defined
|
||||
- directory.path | length > 0
|
@ -48,4 +48,4 @@
|
||||
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
checksum: "sha256:{{ k3s_hash_sum }}"
|
||||
mode: 0755
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -4,7 +4,7 @@
|
||||
ansible.builtin.stat:
|
||||
path: "{{ k3s_install_dir }}/kubectl"
|
||||
register: k3s_check_kubectl
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Clean up nodes that are in an uninstalled state
|
||||
block:
|
||||
@ -17,7 +17,7 @@
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
run_once: true
|
||||
register: kubectl_get_nodes_result
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure uninstalled nodes are drained
|
||||
ansible.builtin.command:
|
||||
@ -34,7 +34,7 @@
|
||||
- hostvars[item].k3s_state is defined
|
||||
- hostvars[item].k3s_state == 'uninstalled'
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure uninstalled nodes are removed
|
||||
ansible.builtin.command:
|
||||
@ -47,7 +47,7 @@
|
||||
- hostvars[item].k3s_state is defined
|
||||
- hostvars[item].k3s_state == 'uninstalled'
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
when:
|
||||
- k3s_check_kubectl.stat.exists is defined
|
@ -1,11 +1,11 @@
|
||||
---
|
||||
|
||||
- include_tasks: install-k3s-directories.yml
|
||||
- include_tasks: ensure_directories.yml
|
||||
loop: "{{ k3s_ensure_directories_exist }}"
|
||||
loop_control:
|
||||
loop_var: directory
|
||||
|
||||
- include_tasks: install-k3s-node.yml
|
||||
- include_tasks: ensure_installed_node.yml
|
||||
when:
|
||||
- ((k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1))
|
||||
@ -14,7 +14,7 @@
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- include_tasks: install-k3s-node.yml
|
||||
- include_tasks: ensure_installed_node.yml
|
||||
when: k3s_build_cluster
|
||||
|
||||
- name: Determine if the systems are already clustered
|
||||
@ -35,4 +35,4 @@
|
||||
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||
or k3s_token_cluster_check.stat.exists
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -15,7 +15,7 @@
|
||||
when: not ansible_check_mode
|
||||
notify:
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
@ -25,7 +25,7 @@
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
@ -35,14 +35,14 @@
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s killall script is present
|
||||
ansible.builtin.template:
|
||||
src: k3s-killall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-killall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
@ -52,7 +52,7 @@
|
||||
src: k3s-uninstall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-uninstall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
62
tasks/ensure_k3s_auto_deploy.yml
Normal file
62
tasks/ensure_k3s_auto_deploy.yml
Normal file
@ -0,0 +1,62 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_server_manifests_templates | length > 0
|
||||
or k3s_server_manifests_urls | length > 0
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure that the pod-manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_pod_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_server_pod_manifests_templates | length > 0
|
||||
or k3s_server_pod_manifests_urls | length > 0
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are copied to the primary controller
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_templates }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_server_manifests_templates | length > 0
|
||||
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_urls }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- not ansible_check_mode
|
||||
- k3s_server_manifests_urls | length > 0
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/1691
|
||||
- name: Ensure static pod manifests are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_templates }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_urls }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when: not ansible_check_mode
|
31
tasks/ensure_k3s_config_files.yml
Normal file
31
tasks/ensure_k3s_config_files.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the config.yaml.d directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_config_yaml_d_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_server_config_yaml_d_files | length > 0
|
||||
or k3s_agent_config_yaml_d_files | length > 0
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when: k3s_control_node
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to agents
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_agent_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when: not k3s_control_node
|
@ -127,10 +127,3 @@
|
||||
|
||||
when: k3s_registration_address is not defined
|
||||
or k3s_control_delegate is not defined
|
||||
|
||||
- name: Ensure k3s_runtime_config is set for agents
|
||||
ansible.builtin.set_fact:
|
||||
k3s_runtime_config: "{{ (k3s_agent | default({})) }}"
|
||||
when:
|
||||
- k3s_agent is defined
|
||||
- (k3s_control_node is not defined or not k3s_control_node)
|
@ -6,7 +6,7 @@
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
when: k3s_non_root is not defined or not k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service is started
|
||||
ansible.builtin.systemd:
|
||||
@ -17,4 +17,4 @@
|
||||
when:
|
||||
- k3s_non_root is defined
|
||||
- k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -6,7 +6,7 @@
|
||||
state: stopped
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
when: k3s_non_root is not defined or not k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service is started
|
||||
ansible.builtin.systemd:
|
||||
@ -17,4 +17,4 @@
|
||||
when:
|
||||
- k3s_non_root is defined
|
||||
- k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -10,20 +10,13 @@
|
||||
path: /usr/local/bin/k3s-uninstall.sh
|
||||
register: check_k3s_uninstall_script
|
||||
|
||||
- name: Check to see if docker is present
|
||||
ansible.builtin.command:
|
||||
cmd: which docker
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
register: check_k3s_docker_path
|
||||
|
||||
- name: Run k3s-killall.sh
|
||||
ansible.builtin.command:
|
||||
cmd: /usr/local/bin/k3s-killall.sh
|
||||
register: k3s_killall
|
||||
changed_when: k3s_killall.rc == 0
|
||||
when: check_k3s_killall_script.stat.exists
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Run k3s-uninstall.sh
|
||||
ansible.builtin.command:
|
||||
@ -33,7 +26,7 @@
|
||||
register: k3s_uninstall
|
||||
changed_when: k3s_uninstall.rc == 0
|
||||
when: check_k3s_uninstall_script.stat.exists
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure hard links are removed
|
||||
ansible.builtin.file:
|
||||
@ -46,11 +39,4 @@
|
||||
when:
|
||||
- k3s_install_hard_links
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Clean up Docker
|
||||
ansible.builtin.command:
|
||||
cmd: docker system prune -a --force
|
||||
when:
|
||||
- ("docker" in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- check_k3s_docker_path.rc == 0
|
||||
become: "{{ k3s_become }}"
|
@ -12,4 +12,4 @@
|
||||
# TODO: allow airgap to bypass version post-fix
|
||||
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
mode: 0755
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
|
||||
- import_tasks: validate/pre-flight.yml
|
||||
- import_tasks: pre_checks.yml
|
||||
|
||||
- include_tasks: state-{{ (k3s_state | lower) | default('installed') }}.yml
|
||||
- include_tasks: state_{{ (k3s_state | lower) | default('installed') }}.yml
|
||||
|
@ -17,4 +17,4 @@
|
||||
- ("flannel-backend" not in k3s_runtime_config
|
||||
or k3s_runtime_config["flannel-backend"] != "none")
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -9,18 +9,6 @@
|
||||
changed_when: false
|
||||
register: check_k3s_process
|
||||
|
||||
- name: Check that docker is not running
|
||||
ansible.builtin.command:
|
||||
cmd: pgrep docker
|
||||
failed_when:
|
||||
- check_k3s_docker_process.rc == 0
|
||||
- not ansible_check_mode
|
||||
changed_when: false
|
||||
register: check_k3s_docker_process
|
||||
when:
|
||||
- k3s_runtime_config.docker is defined
|
||||
- k3s_runtime_config.docker
|
||||
|
||||
- name: Fail if k3s binaries have not been removed
|
||||
ansible.builtin.stat:
|
||||
path: "{{ k3s_install_dir }}/{{ item }}"
|
90
tasks/pre_checks.yml
Normal file
90
tasks/pre_checks.yml
Normal file
@ -0,0 +1,90 @@
|
||||
---
|
||||
|
||||
- name: Check that k3s_state is a supported value
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_state in k3s_valid_states
|
||||
fail_msg: "k3s_state not valid. Check README.md for details."
|
||||
success_msg: "k3s_state is valid."
|
||||
when: k3s_state is defined
|
||||
|
||||
- name: Check that Ansible v{{ ansible_version.string }} is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_version.string is version_compare(k3s_ansible_min_version, '>=')
|
||||
fail_msg: >-
|
||||
Ansible v{{ ansible_version.string }} is not supported by this role.
|
||||
Please install >= v{{ k3s_ansible_min_version }}.
|
||||
success_msg: "Ansible v{{ ansible_version.string }} is supported."
|
||||
become: false
|
||||
delegate_to: localhost
|
||||
run_once: true
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that Python v{{ ansible_python_version }} is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_python_version is version_compare(k3s_python_min_version, '>=')
|
||||
fail_msg: >-
|
||||
Python v{{ ansible_python_version }} is not supported by this role.
|
||||
Please install >= v{{ k3s_python_min_version }}.
|
||||
success_msg: "Python v{{ ansible_python_version }} is supported."
|
||||
become: false
|
||||
delegate_to: localhost
|
||||
run_once: true
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: pre_checks_version.yml
|
||||
when:
|
||||
- (k3s_release_version is not defined
|
||||
or not k3s_release_version
|
||||
or k3s_release_version is not regex('\\+k3s[1-9]$'))
|
||||
- not k3s_airgap
|
||||
|
||||
- include_tasks: pre_checks_cgroups.yml
|
||||
loop: "{{ k3s_cgroup_subsys }}"
|
||||
loop_control:
|
||||
loop_var: cgroup
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: pre_checks_packages.yml
|
||||
loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}"
|
||||
loop_control:
|
||||
loop_var: package
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
- k3s_check_packages[k3s_os_distribution_version] is defined
|
||||
|
||||
- include_tasks: pre_checks_issue_data.yml
|
||||
when:
|
||||
- pyratlabs_issue_controller_dump is defined
|
||||
- pyratlabs_issue_controller_dump
|
||||
|
||||
- import_tasks: pre_checks_variables.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
|
||||
- import_tasks: pre_checks_experimental_variables.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
|
||||
- import_tasks: pre_checks_unsupported_rootless.yml
|
||||
when:
|
||||
- k3s_runtime_config.rootless is defined
|
||||
- k3s_runtime_config.rootless
|
||||
- not k3s_skip_validation
|
||||
|
||||
- import_tasks: ensure_pre_configuration.yml
|
||||
|
||||
- import_tasks: pre_checks_control_node_count.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- not k3s_skip_validation
|
@ -16,4 +16,4 @@
|
||||
failed_when:
|
||||
- not k3s_check_cluster_token.stat.exists
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -80,6 +80,8 @@
|
||||
|
||||
- name: Fail the play
|
||||
ansible.builtin.fail:
|
||||
msg: "Please include the output of {{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report."
|
||||
msg: >-
|
||||
Please include the output of
|
||||
{{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report.
|
||||
delegate_to: localhost
|
||||
run_once: true
|
@ -1,6 +1,5 @@
|
||||
---
|
||||
|
||||
# TODO: Prevent or circumvent versioning when k3s_airgap
|
||||
- name: Ensure k3s_release_version is set to default if false
|
||||
ansible.builtin.set_fact:
|
||||
k3s_release_version: "{{ k3s_release_channel }}"
|
@ -1,94 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/preconfigure-k3s.yml
|
||||
|
||||
- import_tasks: teardown/drain-and-remove-nodes.yml
|
||||
|
||||
- import_tasks: build/get-version.yml
|
||||
when:
|
||||
- k3s_release_version is not defined
|
||||
or not k3s_release_version
|
||||
or k3s_release_version is not regex('\\+k3s[1-9]$')
|
||||
- not k3s_airgap
|
||||
|
||||
- import_tasks: validate/main.yml
|
||||
when: not k3s_skip_validation
|
||||
|
||||
- import_tasks: build/get-systemd-context.yml
|
||||
|
||||
- name: Ensure docker installation tasks are run
|
||||
block:
|
||||
|
||||
- include_tasks: build/docker/{{ k3s_os_family }}/install-prerequisites.yml
|
||||
|
||||
- import_tasks: build/docker/install.yml
|
||||
when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: build/docker/{{ k3s_os_distribution }}/install.yml
|
||||
when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
when:
|
||||
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- import_tasks: build/download-k3s.yml
|
||||
when:
|
||||
- not k3s_airgap
|
||||
|
||||
- import_tasks: build/airgap-k3s.yml
|
||||
when:
|
||||
- k3s_airgap
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-auto-deploying-manifests.yml
|
||||
when:
|
||||
- k3s_primary_control_node
|
||||
- k3s_server_manifests_templates | length > 0
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-auto-deploying-manifests-urls.yml
|
||||
when:
|
||||
- k3s_primary_control_node
|
||||
- k3s_server_manifests_urls | length > 0
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-static-pod-manifests.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- k3s_server_pod_manifests_templates | length > 0
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-static-pod-manifests-urls.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- k3s_server_pod_manifests_urls | length > 0
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-server-config-yaml-d.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- k3s_server_config_yaml_d_files | length > 0
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-agent-config-yaml-d.yml
|
||||
when:
|
||||
- not k3s_control_node
|
||||
- k3s_agent_config_yaml_d_files | length > 0
|
||||
|
||||
- import_tasks: build/install-k3s.yml
|
||||
|
||||
- name: Ensure containerd installation tasks are run
|
||||
block:
|
||||
- include_tasks: build/containerd/registries.yml
|
||||
when:
|
||||
- k3s_registries is defined
|
||||
- (k3s_runtime_config.docker is not defined or not k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- include_tasks: validate/configuration/cluster-init.yml
|
||||
when:
|
||||
- k3s_control_delegate is defined
|
||||
- k3s_control_delegate == inventory_hostname
|
||||
|
||||
- import_tasks: build/configure-k3s-cluster.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_registration_address is defined
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/stop-k3s.yml
|
||||
|
||||
- import_tasks: operate/start-k3s.yml
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/start-k3s.yml
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/stop-k3s.yml
|
@ -1,25 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/preconfigure-k3s.yml
|
||||
|
||||
- import_tasks: teardown/drain-and-remove-nodes.yml
|
||||
|
||||
- import_tasks: teardown/uninstall-k3s.yml
|
||||
|
||||
- name: Ensure docker uninstall tasks are run
|
||||
block:
|
||||
|
||||
- import_tasks: teardown/docker/uninstall.yml
|
||||
when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: teardown/docker/{{ k3s_os_distribution }}/uninstall.yml
|
||||
when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: teardown/docker/{{ k3s_os_family }}/uninstall-prerequisites.yml
|
||||
|
||||
when:
|
||||
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- import_tasks: validate/state/uninstalled.yml
|
||||
when: not k3s_skip_validation
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: validate/pre-flight.yml
|
||||
|
||||
- import_tasks: validate/main.yml
|
||||
|
||||
- import_tasks: validate/post-install.yml
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/get-version.yml
|
||||
- import_tasks: pre_checks_version.yml
|
||||
when:
|
||||
- k3s_release_version is not defined or not k3s_release_version
|
||||
- not k3s_airgap
|
||||
|
||||
- import_tasks: build/download-k3s.yml
|
||||
- import_tasks: ensure_downloads.yml
|
||||
when: not k3s_airgap
|
||||
|
||||
- import_tasks: build/airgap-k3s.yml
|
||||
- import_tasks: ensure_uploads.yml
|
||||
when: k3s_airgap
|
38
tasks/state_installed.yml
Normal file
38
tasks/state_installed.yml
Normal file
@ -0,0 +1,38 @@
|
||||
---
|
||||
|
||||
- import_tasks: ensure_drain_and_remove_nodes.yml
|
||||
|
||||
- import_tasks: determine_systemd_context.yml
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- import_tasks: ensure_downloads.yml
|
||||
when: not k3s_airgap
|
||||
|
||||
- import_tasks: ensure_uploads.yml
|
||||
when: k3s_airgap
|
||||
|
||||
- import_tasks: ensure_k3s_auto_deploy.yml
|
||||
when:
|
||||
- k3s_primary_control_node
|
||||
|
||||
- import_tasks: ensure_k3s_config_files.yml
|
||||
|
||||
- import_tasks: ensure_installed.yml
|
||||
|
||||
- include_tasks: ensure_containerd_registries.yml
|
||||
when:
|
||||
- k3s_registries is defined
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- include_tasks: pre_checks_cluster.yml
|
||||
when:
|
||||
- k3s_control_delegate is defined
|
||||
- k3s_control_delegate == inventory_hostname
|
||||
|
||||
- import_tasks: ensure_cluster.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_registration_address is defined
|
5
tasks/state_restarted.yml
Normal file
5
tasks/state_restarted.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
|
||||
- import_tasks: ensure_stopped.yml
|
||||
|
||||
- import_tasks: ensure_started.yml
|
3
tasks/state_started.yml
Normal file
3
tasks/state_started.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
- import_tasks: ensure_started.yml
|
3
tasks/state_stopped.yml
Normal file
3
tasks/state_stopped.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
- import_tasks: ensure_stopped.yml
|
10
tasks/state_uninstalled.yml
Normal file
10
tasks/state_uninstalled.yml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- import_tasks: ensure_pre_configuration.yml
|
||||
|
||||
- import_tasks: ensure_drain_and_remove_nodes.yml
|
||||
|
||||
- import_tasks: ensure_uninstalled.yml
|
||||
|
||||
- import_tasks: post_checks_uninstalled.yml
|
||||
when: not k3s_skip_validation
|
5
tasks/state_validated.yml
Normal file
5
tasks/state_validated.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
|
||||
- import_tasks: post_checks_control_plane.yml
|
||||
|
||||
- import_tasks: post_checks_nodes.yml
|
@ -1,8 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is uninstalled using amazon-linux-extras
|
||||
ansible.builtin.command:
|
||||
cmd: amazon-linux-extras uninstall docker
|
||||
register: uninstall_docker_from_amazon_linux
|
||||
changed_when: uninstall_docker_from_amazon_linux.rc == 0
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is uninstalled using Pacman
|
||||
community.general.pacman:
|
||||
name: docker
|
||||
state: absent
|
||||
register: ensure_docker_uninstalled
|
||||
until: ensure_docker_uninstalled is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,15 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure Docker repository is uninstalled
|
||||
ansible.builtin.apt_repository:
|
||||
filename: docker-ce
|
||||
repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable"
|
||||
update_cache: false
|
||||
state: absent
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker APT key is uninstalled
|
||||
ansible.builtin.apt_key:
|
||||
url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
|
||||
state: absent
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: absent
|
||||
register: ensure_docker_uninstalled
|
||||
until: ensure_docker_uninstalled is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure Docker repository is removed
|
||||
ansible.builtin.yum_repository:
|
||||
name: docker-ce
|
||||
description: Docker CE Repository
|
||||
baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable
|
||||
gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
|
||||
enabled: false
|
||||
gpgcheck: true
|
||||
state: absent
|
||||
when: k3s_os_distribution not in ['amazon']
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1 +0,0 @@
|
||||
---
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is uninstalled using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: absent
|
||||
register: ensure_docker_uninstalled
|
||||
until: ensure_docker_uninstalled is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is uninstalled
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
state: absent
|
||||
register: ensure_docker_uninstalled
|
||||
until: ensure_docker_uninstalled is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Check that Ansible v{{ ansible_version.string }} is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_version.string is version_compare(k3s_ansible_min_version, '>=')
|
||||
fail_msg: >-
|
||||
Ansible v{{ ansible_version.string }} is not supported by this role.
|
||||
Please install >= v{{ k3s_ansible_min_version }}.
|
||||
success_msg: "Ansible v{{ ansible_version.string }} is supported."
|
||||
become: false
|
||||
delegate_to: localhost
|
||||
run_once: true
|
@ -1,24 +0,0 @@
|
||||
---
|
||||
|
||||
- include_tasks: environment/remote/packages.yml
|
||||
loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}"
|
||||
loop_control:
|
||||
loop_var: package
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
- k3s_check_packages[k3s_os_distribution_version] is defined
|
||||
|
||||
- import_tasks: configuration/variables.yml
|
||||
|
||||
- import_tasks: configuration/experimental-variables.yml
|
||||
|
||||
- import_tasks: configuration/unsupported-rootless.yml
|
||||
when:
|
||||
- k3s_runtime_config.rootless is defined
|
||||
- k3s_runtime_config.rootless
|
||||
|
||||
- import_tasks: configuration/control-node-count.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: state/control-plane.yml
|
||||
|
||||
- import_tasks: state/nodes.yml
|
@ -1,27 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Check that k3s_state is a supported value
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_state in k3s_valid_states
|
||||
fail_msg: "k3s_state not valid. Check README.md for details."
|
||||
success_msg: "k3s_state is valid."
|
||||
when: k3s_state is defined
|
||||
|
||||
- import_tasks: environment/local/packages.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: environment/remote/cgroups.yml
|
||||
loop: "{{ k3s_cgroup_subsys }}"
|
||||
loop_control:
|
||||
loop_var: cgroup
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: environment/local/issue-data.yml
|
||||
when:
|
||||
- pyratlabs_issue_controller_dump is defined
|
||||
- pyratlabs_issue_controller_dump
|
@ -1,64 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
ANSIBLE_RELEASE_FEED="$(curl -Ssl https://api.github.com/repos/ansible/ansible/tags?per_page=50)"
|
||||
TMPDIR="$(mktemp -d /tmp/molecule.XXXXX)"
|
||||
|
||||
function ansible_releases {
|
||||
local RELEASE_LIST_ALL
|
||||
|
||||
RELEASE_LIST_ALL="$(echo "${ANSIBLE_RELEASE_FEED}" | grep -E "\"name\": \"v[0-9]+\.[0-9]+\.[0-9]+\"")"
|
||||
|
||||
for RELEASE in ${RELEASE_LIST_ALL} ; do
|
||||
echo "${RELEASE}" | grep -v "name" | sed -E 's/"v([0-9]+\.[0-9]+\.[0-9]+)",/\1/g' || true
|
||||
done
|
||||
}
|
||||
|
||||
function build_requirements {
|
||||
local TEST_REQUIREMENTS
|
||||
local REQUIREMENTS
|
||||
local ANSIBLE_VERSION
|
||||
|
||||
ANSIBLE_VERSION="${1:-true}"
|
||||
|
||||
if [ "${ANSIBLE_VERSION}" == "true" ] ; then
|
||||
echo "Something went wrong!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
TEST_REQUIREMENTS=$(<molecule/requirements.txt)
|
||||
REQUIREMENTS=$(echo "${TEST_REQUIREMENTS}" | grep -v "requirements.txt" || true)
|
||||
if [[ "${ANSIBLE_VERSION}" =~ "^v2\.10" ]] ; then
|
||||
echo -e "ansible==${ANSIBLE_VERSION}\nansible-base==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
|
||||
else
|
||||
echo -e "ansible==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
|
||||
fi
|
||||
}
|
||||
|
||||
function make_venv {
|
||||
local MOLECULE_RESULT
|
||||
|
||||
python3 -m venv "${TMPDIR}/${1:-ansible}"
|
||||
source "${TMPDIR}/${1:-ansible}/bin/activate"
|
||||
pip3 install -r "${TMPDIR}/version_requirements.txt" || true
|
||||
MOLECULE_RESULT=$(molecule test | grep -E "CRITICAL|fatal:" || echo ":heavy_check_mark:")
|
||||
if [ "${MOLECULE_RESULT}" != ":heavy_check_mark:" ] ; then
|
||||
MOLECULE_RESULT=":x:"
|
||||
fi
|
||||
deactivate
|
||||
|
||||
echo -n "${MOLECULE_RESULT}" | tee -a /tmp/molecule_tests.md
|
||||
}
|
||||
|
||||
function main {
|
||||
echo "| Version | Result |" | tee /tmp/molecule_tests.md
|
||||
echo "| --------- | ------------------ |" | tee -a /tmp/molecule_tests.md
|
||||
for TEST_ANSIBLE in $(ansible_releases) ; do
|
||||
echo -n "| ${TEST_ANSIBLE} | " | tee -a /tmp/molecule_tests.md
|
||||
build_requirements "${TEST_ANSIBLE}" > "${TMPDIR}/version_requirements.txt"
|
||||
make_venv "${TEST_ANSIBLE}"
|
||||
echo " |" | tee -a /tmp/molecule_tests.md
|
||||
done
|
||||
}
|
||||
|
||||
main
|
@ -3,6 +3,7 @@
|
||||
# Minimum supported versions
|
||||
k3s_min_version: 1.19.3
|
||||
k3s_ansible_min_version: 2.9.16
|
||||
k3s_python_min_version: 3.6
|
||||
|
||||
# Valid states for this role
|
||||
k3s_valid_states:
|
||||
@ -55,14 +56,26 @@ k3s_api_releases: "{{ k3s_api_url }}/v1-release/channels"
|
||||
# Download location for releases
|
||||
k3s_github_download_url: "{{ k3s_github_url }}/releases/download"
|
||||
|
||||
# Generate a runtime config dictionary for validation
|
||||
k3s_runtime_config: "{{ (k3s_server | default({})) | combine (k3s_agent | default({})) }}"
|
||||
# Generate a runtime config dictionary
|
||||
k3s_runtime_config: "{{
|
||||
(k3s_control_node is defined and k3s_control_node)
|
||||
| ternary(
|
||||
(k3s_server | default({})) | combine (k3s_agent | default({})),
|
||||
(k3s_agent | default({})),
|
||||
(k3s_server | default({})) | combine (k3s_agent | default({})))
|
||||
}}"
|
||||
|
||||
# Determine if a cluster should be built
|
||||
k3s_conf_build_cluster: "{{
|
||||
not ((ansible_play_hosts_all | length < 2)
|
||||
and k3s_registration_address is not defined)
|
||||
}}"
|
||||
|
||||
# Empty array for counting the number of control plane nodes
|
||||
k3s_controller_list: []
|
||||
|
||||
# Control plane port default
|
||||
k3s_control_plane_port: 6443
|
||||
k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
|
||||
|
||||
# Default to the "system" systemd context, this will be "user" when running rootless
|
||||
k3s_systemd_context: system
|
||||
@ -161,6 +174,7 @@ k3s_deprecated_config:
|
||||
correction: "docker: false"
|
||||
when: 1.20.0
|
||||
|
||||
# cgroup checks
|
||||
k3s_cgroup_subsys:
|
||||
- name: memory
|
||||
documentation: |
|
||||
|
Loading…
Reference in New Issue
Block a user