diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 7cbf942..25f84d5 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -14,12 +14,12 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ && python3 -m pip install pip --upgrade \ && python3 -m pip install -r /tmp/molecule/requirements.txt -RUN useradd -m vscode && \ +RUN useradd -s /bin/bash -m vscode && \ usermod -aG docker vscode && \ echo 'vscode ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/vscode && \ echo 'source /etc/bash_completion.d/git-prompt' >> /home/vscode/.bashrc && \ echo 'sudo chown vscode /var/run/docker-host.sock' >> /home/vscode/.bashrc && \ - echo 'export PS1="${PS1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc + echo 'export PS1="${PS1:0:-1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc RUN ln -s /var/run/docker-host.sock /var/run/docker.sock diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 49b3f56..bafac6d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,26 +20,35 @@ jobs: name: Molecule runs-on: ubuntu-latest strategy: + fail-fast: false matrix: include: - - distro: debian10 + - distro: geerlingguy/docker-debian11-ansible:latest scenario: default - - distro: ubuntu2004 + prebuilt: 'true' + - distro: geerlingguy/docker-ubuntu2204-ansible:latest scenario: default - - distro: amazonlinux2 + prebuilt: 'true' + - distro: geerlingguy/docker-amazonlinux2-ansible:latest scenario: default - - distro: ubuntu1804 + prebuilt: 'true' + - distro: geerlingguy/docker-ubuntu2004-ansible:latest scenario: default - - distro: fedora33 + prebuilt: 'true' + - distro: geerlingguy/docker-fedora35-ansible:latest scenario: nodeploy - - distro: fedora32 + prebuilt: 'true' + - distro: geerlingguy/docker-fedora34-ansible:latest scenario: highavailabilitydb - - distro: fedora31 + prebuilt: 'true' + - distro: geerlingguy/docker-fedora33-ansible:latest scenario: autodeploy - - distro: debian11 + - distro: xanmanning/docker-alpine-ansible:3.16 scenario: highavailabilityetcd - - distro: rockylinux8 + prebuilt: 'false' + - distro: geerlingguy/docker-rockylinux8-ansible:latest scenario: highavailabilityetcd + prebuilt: 'true' steps: - name: Checkout codebase @@ -62,3 +71,5 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' MOLECULE_DISTRO: ${{ matrix.distro }} + MOLECULE_PREBUILT: ${{ matrix.prebuilt }} + MOLECULE_DOCKER_COMMAND: ${{ matrix.command }} diff --git a/handlers/main.yml b/handlers/main.yml index b2fa402..2fefca3 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -6,7 +6,12 @@ scope: "{{ k3s_systemd_context }}" become: "{{ k3s_become }}" -- name: restart k3s +- name: reload service + ansible.builtin.set_fact: + k3s_service_reloaded: true + become: "{{ k3s_become }}" + +- name: restart k3s systemd ansible.builtin.systemd: name: k3s state: restarted @@ -19,3 +24,16 @@ - k3s_systemd_restart_k3s is not success - not ansible_check_mode become: "{{ k3s_become }}" + +- name: restart k3s service + ansible.builtin.service: + name: k3s + state: restarted + enabled: "{{ k3s_start_on_boot }}" + retries: 3 + delay: 3 + register: k3s_service_restart_k3s + failed_when: + - k3s_service_restart_k3s is not success + - not ansible_check_mode + become: "{{ k3s_become }}" diff --git a/meta/main.yml b/meta/main.yml index d276bf0..89958fb 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -38,6 +38,9 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: + - name: Alpine + versions: + - all - name: Archlinux versions: - all diff --git a/molecule/autodeploy/converge.yml b/molecule/autodeploy/converge.yml index 15df83a..e474928 100644 --- a/molecule/autodeploy/converge.yml +++ b/molecule/autodeploy/converge.yml @@ -4,22 +4,25 @@ become: true vars: molecule_is_test: true - k3s_release_version: latest + k3s_release_version: v1.22 k3s_build_cluster: false k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d k3s_install_dir: /opt/k3s/bin - k3s_config_file: /opt/k3s/etc/k3s.yaml + k3s_config_file: /opt/k3s/etc/k3s_config.yaml k3s_server: data-dir: /var/lib/k3s-io default-local-storage-path: /var/lib/k3s-io/local-storage - k3s_agent: - snapshotter: native + disable: + - metrics-server + - traefik + # k3s_agent: + # snapshotter: native k3s_server_manifests_templates: - "molecule/autodeploy/templates/00-ns-monitoring.yml.j2" k3s_server_manifests_urls: - url: https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml filename: 05-metallb-namespace.yml k3s_service_env_vars: - GOGC: 10 + K3S_TEST_VAR: "Hello world!" roles: - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/autodeploy/molecule.yml b/molecule/autodeploy/molecule.yml index 3e01012..0c283c0 100644 --- a/molecule/autodeploy/molecule.yml +++ b/molecule/autodeploy/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/molecule/debug/molecule.yml b/molecule/debug/molecule.yml index 3e01012..0c283c0 100644 --- a/molecule/debug/molecule.yml +++ b/molecule/debug/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 3e01012..0c283c0 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/molecule/highavailabilitydb/molecule.yml b/molecule/highavailabilitydb/molecule.yml index 2298866..2fd7196 100644 --- a/molecule/highavailabilitydb/molecule.yml +++ b/molecule/highavailabilitydb/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/molecule/highavailabilityetcd/converge.yml b/molecule/highavailabilityetcd/converge.yml index fbe65b4..2762bcb 100644 --- a/molecule/highavailabilityetcd/converge.yml +++ b/molecule/highavailabilityetcd/converge.yml @@ -12,6 +12,7 @@ k3s_agent: node-ip: "{{ ansible_default_ipv4.address }}" snapshotter: native + k3s_skip_validation: "{{ k3s_service_handler[ansible_service_mgr] == 'service' }}" pre_tasks: - name: Set each node to be a control node ansible.builtin.set_fact: diff --git a/molecule/highavailabilityetcd/molecule.yml b/molecule/highavailabilityetcd/molecule.yml index 4fc7ab3..cebb0da 100644 --- a/molecule/highavailabilityetcd/molecule.yml +++ b/molecule/highavailabilityetcd/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/molecule/highavailabilityetcd/prepare.yml b/molecule/highavailabilityetcd/prepare.yml index b350194..18b95ae 100644 --- a/molecule/highavailabilityetcd/prepare.yml +++ b/molecule/highavailabilityetcd/prepare.yml @@ -1,12 +1,23 @@ --- -- name: Prepare Load Balancer - hosts: loadbalancer + +- name: Prepare all nodes + hosts: all tasks: - name: Ensure apt cache is updated ansible.builtin.apt: update_cache: true when: ansible_pkg_mgr == 'apt' + - name: Ensure sudo is installed + community.general.apk: + name: sudo + state: present + update_cache: true + when: ansible_pkg_mgr == 'apk' + +- name: Prepare Load Balancer + hosts: loadbalancer + tasks: - name: Ensure HAProxy is installed ansible.builtin.package: name: haproxy diff --git a/molecule/nodeploy/converge.yml b/molecule/nodeploy/converge.yml index eed5687..d016b35 100644 --- a/molecule/nodeploy/converge.yml +++ b/molecule/nodeploy/converge.yml @@ -7,5 +7,6 @@ k3s_server: "{{ lookup('file', 'k3s_server.yml') | from_yaml }}" k3s_agent: "{{ lookup('file', 'k3s_agent.yml') | from_yaml }}" k3s_airgap: true + k3s_release_version: latest roles: - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/nodeploy/molecule.yml b/molecule/nodeploy/molecule.yml index 3e01012..0c283c0 100644 --- a/molecule/nodeploy/molecule.yml +++ b/molecule/nodeploy/molecule.yml @@ -26,7 +26,7 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -35,7 +35,7 @@ platforms: networks: - name: k3snet - name: node2 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -44,7 +44,7 @@ platforms: networks: - name: k3snet - name: node3 - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" + image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"} command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/tasks/ensure_cluster.yml b/tasks/ensure_cluster.yml index 0046383..767a451 100644 --- a/tasks/ensure_cluster.yml +++ b/tasks/ensure_cluster.yml @@ -38,7 +38,7 @@ mode: 0600 become: "{{ k3s_become }}" notify: - - restart k3s + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" - name: Ensure k3s service unit file is present ansible.builtin.template: @@ -46,9 +46,35 @@ dest: "{{ k3s_systemd_unit_dir }}/k3s.service" mode: 0644 become: "{{ k3s_become }}" + when: + - k3s_service_handler[ansible_service_mgr] == 'systemd' notify: - - reload systemd - - restart k3s + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" + +- name: Ensure k3s service file is present + ansible.builtin.template: + src: k3s.openrc.j2 + dest: "{{ k3s_openrc_service_dir }}/k3s" + mode: 0744 + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + notify: + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" + become: "{{ k3s_become }}" + +- name: Ensure k3s logrotate file is present + ansible.builtin.template: + src: k3s.logrotate.j2 + dest: "{{ k3s_logrotate_dir }}/k3s" + mode: 0640 + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + notify: + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" + become: "{{ k3s_become }}" - name: Ensure k3s config file exists ansible.builtin.template: @@ -56,26 +82,15 @@ dest: "{{ k3s_config_file }}" mode: 0644 notify: - - reload systemd - - restart k3s + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" become: "{{ k3s_become }}" - name: Ensure secondary controllers are started - ansible.builtin.systemd: - name: k3s - state: started - enabled: "{{ k3s_start_on_boot }}" - register: ensure_secondary_controllers_started - failed_when: - - ensure_secondary_controllers_started is not succeeded - - not ansible_check_mode - until: ensure_secondary_controllers_started is succeeded - retries: "{{ ansible_play_hosts | length }}" - delay: 5 + include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml when: - k3s_control_node - not k3s_primary_control_node - become: "{{ k3s_become }}" - import_tasks: post_checks_control_plane.yml when: not k3s_skip_validation diff --git a/tasks/ensure_containerd_registries.yml b/tasks/ensure_containerd_registries.yml index ad6dd64..ef21a0a 100644 --- a/tasks/ensure_containerd_registries.yml +++ b/tasks/ensure_containerd_registries.yml @@ -6,6 +6,6 @@ dest: "{{ k3s_config_dir }}/registries.yaml" mode: 0600 notify: - - reload systemd - - restart k3s + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" become: "{{ k3s_become }}" diff --git a/tasks/ensure_control_plane_started_openrc.yml b/tasks/ensure_control_plane_started_openrc.yml new file mode 100644 index 0000000..fe9326d --- /dev/null +++ b/tasks/ensure_control_plane_started_openrc.yml @@ -0,0 +1,15 @@ +--- + +- name: Ensure k3s control plane server is started + ansible.builtin.service: + name: k3s + state: started + enabled: "{{ k3s_start_on_boot }}" + register: k3s_service_start_k3s + until: k3s_service_start_k3s is succeeded + retries: 3 + delay: 3 + failed_when: + - k3s_service_start_k3s is not succeeded + - not ansible_check_mode + become: "{{ k3s_become }}" diff --git a/tasks/ensure_control_plane_started_systemd.yml b/tasks/ensure_control_plane_started_systemd.yml new file mode 100644 index 0000000..e2855d4 --- /dev/null +++ b/tasks/ensure_control_plane_started_systemd.yml @@ -0,0 +1,16 @@ +--- + +- name: Ensure k3s control plane server is started + ansible.builtin.systemd: + name: k3s + state: started + enabled: "{{ k3s_start_on_boot }}" + scope: "{{ k3s_systemd_context }}" + register: k3s_systemd_start_k3s + until: k3s_systemd_start_k3s is succeeded + retries: 3 + delay: 3 + failed_when: + - k3s_systemd_start_k3s is not succeeded + - not ansible_check_mode + become: "{{ k3s_become }}" diff --git a/tasks/ensure_installed.yml b/tasks/ensure_installed.yml index fd7c26b..fc19ea9 100644 --- a/tasks/ensure_installed.yml +++ b/tasks/ensure_installed.yml @@ -22,17 +22,7 @@ path: "{{ k3s_token_location }}" register: k3s_token_cluster_check -- name: Ensure k3s initial control plane server is started - ansible.builtin.systemd: - name: k3s - state: started - enabled: "{{ k3s_start_on_boot }}" - scope: "{{ k3s_systemd_context }}" - register: k3s_systemd_start_k3s - failed_when: - - k3s_systemd_start_k3s is not succeeded - - not ansible_check_mode +- include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml when: (k3s_control_node and k3s_controller_list | length == 1) or (k3s_primary_control_node and k3s_controller_list | length > 1) or k3s_token_cluster_check.stat.exists - become: "{{ k3s_become }}" diff --git a/tasks/ensure_installed_node.yml b/tasks/ensure_installed_node.yml index 371e394..6584ef8 100644 --- a/tasks/ensure_installed_node.yml +++ b/tasks/ensure_installed_node.yml @@ -14,7 +14,7 @@ - ctr when: not ansible_check_mode notify: - - restart k3s + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" become: "{{ k3s_become }}" - name: Ensure k3s config file exists @@ -23,8 +23,8 @@ dest: "{{ k3s_config_file }}" mode: 0644 notify: - - reload systemd - - restart k3s + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" become: "{{ k3s_become }}" - name: Ensure cluster token is present when pre-defined @@ -43,7 +43,7 @@ mode: 0600 become: "{{ k3s_become }}" notify: - - restart k3s + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" when: k3s_control_token is defined - name: Ensure k3s service unit file is present @@ -51,9 +51,35 @@ src: k3s.service.j2 dest: "{{ k3s_systemd_unit_dir }}/k3s.service" mode: 0644 + when: + - k3s_service_handler[ansible_service_mgr] == 'systemd' notify: - - reload systemd - - restart k3s + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" + become: "{{ k3s_become }}" + +- name: Ensure k3s service file is present + ansible.builtin.template: + src: k3s.openrc.j2 + dest: "{{ k3s_openrc_service_dir }}/k3s" + mode: 0744 + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + notify: + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" + become: "{{ k3s_become }}" + +- name: Ensure k3s logrotate file is present + ansible.builtin.template: + src: k3s.logrotate.j2 + dest: "{{ k3s_logrotate_dir }}/k3s" + mode: 0640 + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + notify: + - "reload {{ k3s_service_handler[ansible_service_mgr] }}" + - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}" become: "{{ k3s_become }}" - name: Ensure k3s killall script is present diff --git a/tasks/post_checks_nodes.yml b/tasks/post_checks_nodes.yml index 8383f9a..5a87485 100644 --- a/tasks/post_checks_nodes.yml +++ b/tasks/post_checks_nodes.yml @@ -4,8 +4,9 @@ ansible.builtin.command: cmd: "{{ k3s_install_dir }}/kubectl get nodes" changed_when: false - failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or - kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1 + failed_when: >- + kubectl_get_nodes_result.stdout.find("was refused") != -1 or + kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1 register: kubectl_get_nodes_result until: - kubectl_get_nodes_result.rc == 0 diff --git a/tasks/pre_checks.yml b/tasks/pre_checks.yml index 91ef579..6ecb8fc 100644 --- a/tasks/pre_checks.yml +++ b/tasks/pre_checks.yml @@ -38,6 +38,39 @@ - not k3s_skip_validation - not k3s_skip_env_checks +- name: Check that the target init system is supported by this role + ansible.builtin.assert: + that: + - ansible_service_mgr in k3s_supported_init + fail_msg: >- + {{ ansible_service_mgr }} is not supported by this role. + Supported init systems: {{ k3s_supported_init | join(', ') }} + success_msg: "{{ ansible_service_mgr }} is supported" + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + +- name: Determing if {{ ansible_service_mgr }} is actually openrc + ansible.builtin.stat: + path: /sbin/openrc-run + register: k3s_check_openrc_run + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + - not k3s_skip_validation + - not k3s_skip_env_checks + +- name: Check that {{ ansible_service_mgr }} is actually openrc + ansible.builtin.assert: + that: + - k3s_check_openrc_run.stat.exists + fail_msg: >- + openrc was not found, cannot install to {{ ansible_service_mgr }} + success_msg: "openrc found" + when: + - k3s_service_handler[ansible_service_mgr] == 'service' + - not k3s_skip_validation + - not k3s_skip_env_checks + - include_tasks: pre_checks_version.yml when: - (k3s_release_version is not defined diff --git a/templates/k3s.logrotate.j2 b/templates/k3s.logrotate.j2 new file mode 100644 index 0000000..3668704 --- /dev/null +++ b/templates/k3s.logrotate.j2 @@ -0,0 +1,5 @@ +/var/log/k3s.log { + missingok + notifempty + copytruncate +} diff --git a/templates/k3s.openrc.j2 b/templates/k3s.openrc.j2 new file mode 100644 index 0000000..98aa22a --- /dev/null +++ b/templates/k3s.openrc.j2 @@ -0,0 +1,47 @@ +#!/sbin/openrc-run + +depend() { + after network-online + want cgroups +} + +start_pre() { + rm -f /tmp/k3s.* +} + +supervisor=supervise-daemon +name="k3s" +command="{{ k3s_install_dir }}/k3s" +command_args="{% filter regex_replace('\s+', ' ') %} +{% filter replace('\n', ' ') %} +{% if k3s_debug is defined and k3s_debug %} + --debug +{% endif %} +{% if k3s_control_node %} + server + {% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %} + --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }} + {% endif %} + {% if k3s_server is defined %} + --config {{ k3s_config_file }} + {% endif %} + {% if not k3s_primary_control_node or k3s_control_token is defined %} + --token-file {{ k3s_token_location }} + {% endif %} +{% else %} + agent + --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }} + --token-file {{ k3s_token_location }} + {% if k3s_agent is defined %} + --config {{ k3s_config_file }} + {% endif %} +{% endif %} >>/var/log/k3s.log 2>&1" +{% endfilter %} +{% endfilter %} + +output_log="/var/log/k3s.log" +error_log="/var/log/k3s.log" + +pidfile="/var/run/k3s.pid" +respawn_delay=5 +respawn_max=0 diff --git a/templates/k3s.service.j2 b/templates/k3s.service.j2 index 77fcd65..fdab38f 100644 --- a/templates/k3s.service.j2 +++ b/templates/k3s.service.j2 @@ -20,7 +20,7 @@ After={{ after_unit }} Type={{ 'notify' if k3s_control_node else 'exec' }} {% if k3s_service_env_vars is defined and k3s_service_env_vars is iterable %} {% for env_var in k3s_service_env_vars %} -Environment={{ env_var }}={{ k3s_service_env_vars[env_var] }} +Environment={{ env_var }}="{{ k3s_service_env_vars[env_var] }}" {% endfor %} {% endif %} {% if k3s_service_env_file is defined and k3s_service_env_file %} diff --git a/vars/main.yml b/vars/main.yml index fd7a21b..303f2a8 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -15,6 +15,11 @@ k3s_valid_states: - uninstalled - validated +# Supported init systems +k3s_supported_init: + - systemd + - openrc + # Map ansible fact gathering architecture to a release name and suffix in github. k3s_arch_lookup: amd64: @@ -84,6 +89,17 @@ k3s_systemd_context: system # management, this should live in /etc/systemd, not /lib/systemd k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}" +# Directory for installing openrc service file +k3s_openrc_service_dir: /etc/init.d + +# Directory for installing logrotate config +k3s_logrotate_dir: /etc/logrotate.d + +# Service handler +k3s_service_handler: + systemd: systemd + openrc: service + # Data directory location for k3s k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"