Added package checks for #72
This commit is contained in:
parent
f72df72c81
commit
6db36d5d95
|
@ -29,9 +29,13 @@
|
|||
- `k3s_runtime_config` defined in `vars/` for validation and overwritten in
|
||||
tasks for control plane and workers.
|
||||
- Removed unused references to GitHub API.
|
||||
- `set_fact` and `command` tasks now use FQCN.
|
||||
- Check of `ansible_version` in environment check.
|
||||
- Introduction of target environment checks for #72.
|
||||
|
||||
### Breaking changes
|
||||
|
||||
- Ansible minimum version is hard set to v2.10.4
|
||||
- `k3s_token_location` has moved to be in `k3s_config_dir` so re-running the
|
||||
role will create a duplicate file here.
|
||||
|
||||
|
|
|
@ -70,7 +70,6 @@ consistency. These are generally cluster-level configuration.
|
|||
| `k3s_build_cluster` | When multiple play hosts are available, attempt to cluster. Read notes below. | `true` |
|
||||
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | NULL |
|
||||
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/k3s-io/k3s |
|
||||
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
|
||||
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
|
||||
| `k3s_install_hard_links` | Install using hard links rather than symbolic links. | `false` |
|
||||
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
|
||||
|
@ -156,6 +155,8 @@ particularly with regards to privilege escalation.
|
|||
|
||||
| Variable | Description | Default Value |
|
||||
|-------------------------------------|---------------------------------------------------------------------|---------------|
|
||||
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
|
||||
| `k3s_skip_env_checks` | Skill all tasks that check environment configuration. | `false` |
|
||||
| `k3s_become_for_all` | Escalate user privileges for all tasks. Overrides all of the below. | `false` |
|
||||
| `k3s_become_for_systemd` | Escalate user privileges for systemd tasks. | NULL |
|
||||
| `k3s_become_for_install_dir` | Escalate user privileges for creating installation directories. | NULL |
|
||||
|
|
|
@ -26,6 +26,9 @@ k3s_github_url: https://github.com/k3s-io/k3s
|
|||
# Skip all tasks that validate configuration
|
||||
k3s_skip_validation: false
|
||||
|
||||
# Skip all tasks that check environment configuration
|
||||
k3s_skip_env_checks: false
|
||||
|
||||
# Installation directory for k3s
|
||||
k3s_install_dir: /usr/local/bin
|
||||
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
- name: Prepare
|
||||
hosts: node*
|
||||
become: true
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
|
@ -6,3 +6,8 @@
|
|||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
||||
|
|
|
@ -6,3 +6,8 @@
|
|||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- name: Prepare
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
|
@ -28,3 +28,16 @@
|
|||
command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
|
||||
args:
|
||||
creates: /var/run/haproxy.pid
|
||||
|
||||
- name: Prepare nodes
|
||||
hosts: node*
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- name: Prepare
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
|
@ -28,3 +28,16 @@
|
|||
command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
|
||||
args:
|
||||
creates: /var/run/haproxy.pid
|
||||
|
||||
- name: Prepare nodes
|
||||
hosts: node*
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iptables is installed
|
||||
ansible.builtin.package:
|
||||
name: iptables
|
||||
state: present
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
|
||||
- name: Check that {{ package.name }} is installed
|
||||
ansible.builtin.command: "which {{ package.name }}"
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
register: check_k3s_required_package
|
||||
|
||||
- name: Test that checks for {{ package.name }} passed
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- check_k3s_required_package.rc == 0
|
||||
success_msg: "Found required package: {{ package.name }}"
|
||||
fail_msg: "Could not find package: {{ package.name }}"
|
||||
when: (package.until is not defined
|
||||
or k3s_release_version is version_compare(package.until, '>='))
|
||||
and (package.from is not defined
|
||||
or k3s_release_version is version_compare(package.from, '>='))
|
|
@ -10,6 +10,14 @@
|
|||
|
||||
- import_tasks: check-environment.yml
|
||||
when: not k3s_skip_validation
|
||||
and not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: check-target-environment-packages.yml
|
||||
loop: "{{ k3s_check_packages }}"
|
||||
loop_control:
|
||||
loop_var: package
|
||||
when: not k3s_skip_validation
|
||||
and not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: issue-data.yml
|
||||
when: pyratlabs_issue_controller_dump is defined and pyratlabs_issue_controller_dump
|
||||
|
|
|
@ -75,6 +75,15 @@ k3s_token_location: "{{ k3s_config_dir }}/cluster-token"
|
|||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
k3s_server_manifests_dir: "{{ k3s_data_dir }}/server/manifests"
|
||||
|
||||
# Packages that we need to check are installed
|
||||
k3s_check_packages:
|
||||
- name: iptables
|
||||
- name: iptables-save
|
||||
- name: iptables-restore
|
||||
# - name: dummy
|
||||
# from: 1.19.2
|
||||
# until: 1.21.0
|
||||
|
||||
# Directories that we need to ensure exist
|
||||
k3s_ensure_directories_exist:
|
||||
- name: Config directory
|
||||
|
|
Loading…
Reference in New Issue