Merge pull request #185 from PyratLabs/feat/alpine-support

This commit is contained in:
Xan Manning 2022-06-17 16:18:52 +01:00 committed by GitHub
commit 78cf2c1866
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 288 additions and 76 deletions

View File

@ -14,12 +14,12 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
&& python3 -m pip install pip --upgrade \ && python3 -m pip install pip --upgrade \
&& python3 -m pip install -r /tmp/molecule/requirements.txt && python3 -m pip install -r /tmp/molecule/requirements.txt
RUN useradd -m vscode && \ RUN useradd -s /bin/bash -m vscode && \
usermod -aG docker vscode && \ usermod -aG docker vscode && \
echo 'vscode ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/vscode && \ echo 'vscode ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/vscode && \
echo 'source /etc/bash_completion.d/git-prompt' >> /home/vscode/.bashrc && \ echo 'source /etc/bash_completion.d/git-prompt' >> /home/vscode/.bashrc && \
echo 'sudo chown vscode /var/run/docker-host.sock' >> /home/vscode/.bashrc && \ echo 'sudo chown vscode /var/run/docker-host.sock' >> /home/vscode/.bashrc && \
echo 'export PS1="${PS1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc echo 'export PS1="${PS1:0:-1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc
RUN ln -s /var/run/docker-host.sock /var/run/docker.sock RUN ln -s /var/run/docker-host.sock /var/run/docker.sock

View File

@ -20,26 +20,35 @@ jobs:
name: Molecule name: Molecule
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false
matrix: matrix:
include: include:
- distro: debian10 - distro: geerlingguy/docker-debian11-ansible:latest
scenario: default scenario: default
- distro: ubuntu2004 prebuilt: 'true'
- distro: geerlingguy/docker-ubuntu2204-ansible:latest
scenario: default scenario: default
- distro: amazonlinux2 prebuilt: 'true'
- distro: geerlingguy/docker-amazonlinux2-ansible:latest
scenario: default scenario: default
- distro: ubuntu1804 prebuilt: 'true'
- distro: geerlingguy/docker-ubuntu2004-ansible:latest
scenario: default scenario: default
- distro: fedora33 prebuilt: 'true'
- distro: geerlingguy/docker-fedora35-ansible:latest
scenario: nodeploy scenario: nodeploy
- distro: fedora32 prebuilt: 'true'
- distro: geerlingguy/docker-fedora34-ansible:latest
scenario: highavailabilitydb scenario: highavailabilitydb
- distro: fedora31 prebuilt: 'true'
- distro: geerlingguy/docker-fedora33-ansible:latest
scenario: autodeploy scenario: autodeploy
- distro: debian11 - distro: xanmanning/docker-alpine-ansible:3.16
scenario: highavailabilityetcd scenario: highavailabilityetcd
- distro: rockylinux8 prebuilt: 'false'
- distro: geerlingguy/docker-rockylinux8-ansible:latest
scenario: highavailabilityetcd scenario: highavailabilityetcd
prebuilt: 'true'
steps: steps:
- name: Checkout codebase - name: Checkout codebase
@ -62,3 +71,5 @@ jobs:
PY_COLORS: '1' PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1' ANSIBLE_FORCE_COLOR: '1'
MOLECULE_DISTRO: ${{ matrix.distro }} MOLECULE_DISTRO: ${{ matrix.distro }}
MOLECULE_PREBUILT: ${{ matrix.prebuilt }}
MOLECULE_DOCKER_COMMAND: ${{ matrix.command }}

View File

@ -6,7 +6,12 @@
scope: "{{ k3s_systemd_context }}" scope: "{{ k3s_systemd_context }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: restart k3s - name: reload service
ansible.builtin.set_fact:
k3s_service_reloaded: true
become: "{{ k3s_become }}"
- name: restart k3s systemd
ansible.builtin.systemd: ansible.builtin.systemd:
name: k3s name: k3s
state: restarted state: restarted
@ -19,3 +24,16 @@
- k3s_systemd_restart_k3s is not success - k3s_systemd_restart_k3s is not success
- not ansible_check_mode - not ansible_check_mode
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: restart k3s service
ansible.builtin.service:
name: k3s
state: restarted
enabled: "{{ k3s_start_on_boot }}"
retries: 3
delay: 3
register: k3s_service_restart_k3s
failed_when:
- k3s_service_restart_k3s is not success
- not ansible_check_mode
become: "{{ k3s_become }}"

View File

@ -38,6 +38,9 @@ galaxy_info:
# platforms is a list of platforms, and each platform has a name and a list of versions. # platforms is a list of platforms, and each platform has a name and a list of versions.
# #
platforms: platforms:
- name: Alpine
versions:
- all
- name: Archlinux - name: Archlinux
versions: versions:
- all - all

View File

@ -4,22 +4,25 @@
become: true become: true
vars: vars:
molecule_is_test: true molecule_is_test: true
k3s_release_version: latest k3s_release_version: v1.22
k3s_build_cluster: false k3s_build_cluster: false
k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d
k3s_install_dir: /opt/k3s/bin k3s_install_dir: /opt/k3s/bin
k3s_config_file: /opt/k3s/etc/k3s.yaml k3s_config_file: /opt/k3s/etc/k3s_config.yaml
k3s_server: k3s_server:
data-dir: /var/lib/k3s-io data-dir: /var/lib/k3s-io
default-local-storage-path: /var/lib/k3s-io/local-storage default-local-storage-path: /var/lib/k3s-io/local-storage
k3s_agent: disable:
snapshotter: native - metrics-server
- traefik
# k3s_agent:
# snapshotter: native
k3s_server_manifests_templates: k3s_server_manifests_templates:
- "molecule/autodeploy/templates/00-ns-monitoring.yml.j2" - "molecule/autodeploy/templates/00-ns-monitoring.yml.j2"
k3s_server_manifests_urls: k3s_server_manifests_urls:
- url: https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml - url: https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml
filename: 05-metallb-namespace.yml filename: 05-metallb-namespace.yml
k3s_service_env_vars: k3s_service_env_vars:
GOGC: 10 K3S_TEST_VAR: "Hello world!"
roles: roles:
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -12,6 +12,7 @@
k3s_agent: k3s_agent:
node-ip: "{{ ansible_default_ipv4.address }}" node-ip: "{{ ansible_default_ipv4.address }}"
snapshotter: native snapshotter: native
k3s_skip_validation: "{{ k3s_service_handler[ansible_service_mgr] == 'service' }}"
pre_tasks: pre_tasks:
- name: Set each node to be a control node - name: Set each node to be a control node
ansible.builtin.set_fact: ansible.builtin.set_fact:

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -1,12 +1,23 @@
--- ---
- name: Prepare Load Balancer
hosts: loadbalancer - name: Prepare all nodes
hosts: all
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated
ansible.builtin.apt: ansible.builtin.apt:
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'
- name: Ensure sudo is installed
community.general.apk:
name: sudo
state: present
update_cache: true
when: ansible_pkg_mgr == 'apk'
- name: Prepare Load Balancer
hosts: loadbalancer
tasks:
- name: Ensure HAProxy is installed - name: Ensure HAProxy is installed
ansible.builtin.package: ansible.builtin.package:
name: haproxy name: haproxy

View File

@ -7,5 +7,6 @@
k3s_server: "{{ lookup('file', 'k3s_server.yml') | from_yaml }}" k3s_server: "{{ lookup('file', 'k3s_server.yml') | from_yaml }}"
k3s_agent: "{{ lookup('file', 'k3s_agent.yml') | from_yaml }}" k3s_agent: "{{ lookup('file', 'k3s_agent.yml') | from_yaml }}"
k3s_airgap: true k3s_airgap: true
k3s_release_version: latest
roles: roles:
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"

View File

@ -26,7 +26,7 @@ lint: |
ansible-lint --exclude molecule/ ansible-lint --exclude molecule/
platforms: platforms:
- name: node1 - name: node1
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -35,7 +35,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node2 - name: node2
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -44,7 +44,7 @@ platforms:
networks: networks:
- name: k3snet - name: k3snet
- name: node3 - name: node3
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest" image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro

View File

@ -38,7 +38,7 @@
mode: 0600 mode: 0600
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
notify: notify:
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
- name: Ensure k3s service unit file is present - name: Ensure k3s service unit file is present
ansible.builtin.template: ansible.builtin.template:
@ -46,9 +46,35 @@
dest: "{{ k3s_systemd_unit_dir }}/k3s.service" dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
mode: 0644 mode: 0644
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
when:
- k3s_service_handler[ansible_service_mgr] == 'systemd'
notify: notify:
- reload systemd - "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
- name: Ensure k3s service file is present
ansible.builtin.template:
src: k3s.openrc.j2
dest: "{{ k3s_openrc_service_dir }}/k3s"
mode: 0744
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
notify:
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}"
- name: Ensure k3s logrotate file is present
ansible.builtin.template:
src: k3s.logrotate.j2
dest: "{{ k3s_logrotate_dir }}/k3s"
mode: 0640
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
notify:
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}"
- name: Ensure k3s config file exists - name: Ensure k3s config file exists
ansible.builtin.template: ansible.builtin.template:
@ -56,26 +82,15 @@
dest: "{{ k3s_config_file }}" dest: "{{ k3s_config_file }}"
mode: 0644 mode: 0644
notify: notify:
- reload systemd - "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: Ensure secondary controllers are started - name: Ensure secondary controllers are started
ansible.builtin.systemd: include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
name: k3s
state: started
enabled: "{{ k3s_start_on_boot }}"
register: ensure_secondary_controllers_started
failed_when:
- ensure_secondary_controllers_started is not succeeded
- not ansible_check_mode
until: ensure_secondary_controllers_started is succeeded
retries: "{{ ansible_play_hosts | length }}"
delay: 5
when: when:
- k3s_control_node - k3s_control_node
- not k3s_primary_control_node - not k3s_primary_control_node
become: "{{ k3s_become }}"
- import_tasks: post_checks_control_plane.yml - import_tasks: post_checks_control_plane.yml
when: not k3s_skip_validation when: not k3s_skip_validation

View File

@ -6,6 +6,6 @@
dest: "{{ k3s_config_dir }}/registries.yaml" dest: "{{ k3s_config_dir }}/registries.yaml"
mode: 0600 mode: 0600
notify: notify:
- reload systemd - "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"

View File

@ -0,0 +1,15 @@
---
- name: Ensure k3s control plane server is started
ansible.builtin.service:
name: k3s
state: started
enabled: "{{ k3s_start_on_boot }}"
register: k3s_service_start_k3s
until: k3s_service_start_k3s is succeeded
retries: 3
delay: 3
failed_when:
- k3s_service_start_k3s is not succeeded
- not ansible_check_mode
become: "{{ k3s_become }}"

View File

@ -0,0 +1,16 @@
---
- name: Ensure k3s control plane server is started
ansible.builtin.systemd:
name: k3s
state: started
enabled: "{{ k3s_start_on_boot }}"
scope: "{{ k3s_systemd_context }}"
register: k3s_systemd_start_k3s
until: k3s_systemd_start_k3s is succeeded
retries: 3
delay: 3
failed_when:
- k3s_systemd_start_k3s is not succeeded
- not ansible_check_mode
become: "{{ k3s_become }}"

View File

@ -22,17 +22,7 @@
path: "{{ k3s_token_location }}" path: "{{ k3s_token_location }}"
register: k3s_token_cluster_check register: k3s_token_cluster_check
- name: Ensure k3s initial control plane server is started - include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
ansible.builtin.systemd:
name: k3s
state: started
enabled: "{{ k3s_start_on_boot }}"
scope: "{{ k3s_systemd_context }}"
register: k3s_systemd_start_k3s
failed_when:
- k3s_systemd_start_k3s is not succeeded
- not ansible_check_mode
when: (k3s_control_node and k3s_controller_list | length == 1) when: (k3s_control_node and k3s_controller_list | length == 1)
or (k3s_primary_control_node and k3s_controller_list | length > 1) or (k3s_primary_control_node and k3s_controller_list | length > 1)
or k3s_token_cluster_check.stat.exists or k3s_token_cluster_check.stat.exists
become: "{{ k3s_become }}"

View File

@ -14,7 +14,7 @@
- ctr - ctr
when: not ansible_check_mode when: not ansible_check_mode
notify: notify:
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: Ensure k3s config file exists - name: Ensure k3s config file exists
@ -23,8 +23,8 @@
dest: "{{ k3s_config_file }}" dest: "{{ k3s_config_file }}"
mode: 0644 mode: 0644
notify: notify:
- reload systemd - "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: Ensure cluster token is present when pre-defined - name: Ensure cluster token is present when pre-defined
@ -43,7 +43,7 @@
mode: 0600 mode: 0600
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
notify: notify:
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
when: k3s_control_token is defined when: k3s_control_token is defined
- name: Ensure k3s service unit file is present - name: Ensure k3s service unit file is present
@ -51,9 +51,35 @@
src: k3s.service.j2 src: k3s.service.j2
dest: "{{ k3s_systemd_unit_dir }}/k3s.service" dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
mode: 0644 mode: 0644
when:
- k3s_service_handler[ansible_service_mgr] == 'systemd'
notify: notify:
- reload systemd - "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- restart k3s - "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}"
- name: Ensure k3s service file is present
ansible.builtin.template:
src: k3s.openrc.j2
dest: "{{ k3s_openrc_service_dir }}/k3s"
mode: 0744
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
notify:
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}"
- name: Ensure k3s logrotate file is present
ansible.builtin.template:
src: k3s.logrotate.j2
dest: "{{ k3s_logrotate_dir }}/k3s"
mode: 0640
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
notify:
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
become: "{{ k3s_become }}" become: "{{ k3s_become }}"
- name: Ensure k3s killall script is present - name: Ensure k3s killall script is present

View File

@ -4,8 +4,9 @@
ansible.builtin.command: ansible.builtin.command:
cmd: "{{ k3s_install_dir }}/kubectl get nodes" cmd: "{{ k3s_install_dir }}/kubectl get nodes"
changed_when: false changed_when: false
failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or failed_when: >-
kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1 kubectl_get_nodes_result.stdout.find("was refused") != -1 or
kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1
register: kubectl_get_nodes_result register: kubectl_get_nodes_result
until: until:
- kubectl_get_nodes_result.rc == 0 - kubectl_get_nodes_result.rc == 0

View File

@ -38,6 +38,39 @@
- not k3s_skip_validation - not k3s_skip_validation
- not k3s_skip_env_checks - not k3s_skip_env_checks
- name: Check that the target init system is supported by this role
ansible.builtin.assert:
that:
- ansible_service_mgr in k3s_supported_init
fail_msg: >-
{{ ansible_service_mgr }} is not supported by this role.
Supported init systems: {{ k3s_supported_init | join(', ') }}
success_msg: "{{ ansible_service_mgr }} is supported"
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- name: Determing if {{ ansible_service_mgr }} is actually openrc
ansible.builtin.stat:
path: /sbin/openrc-run
register: k3s_check_openrc_run
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
- not k3s_skip_validation
- not k3s_skip_env_checks
- name: Check that {{ ansible_service_mgr }} is actually openrc
ansible.builtin.assert:
that:
- k3s_check_openrc_run.stat.exists
fail_msg: >-
openrc was not found, cannot install to {{ ansible_service_mgr }}
success_msg: "openrc found"
when:
- k3s_service_handler[ansible_service_mgr] == 'service'
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: pre_checks_version.yml - include_tasks: pre_checks_version.yml
when: when:
- (k3s_release_version is not defined - (k3s_release_version is not defined

View File

@ -0,0 +1,5 @@
/var/log/k3s.log {
missingok
notifempty
copytruncate
}

47
templates/k3s.openrc.j2 Normal file
View File

@ -0,0 +1,47 @@
#!/sbin/openrc-run
depend() {
after network-online
want cgroups
}
start_pre() {
rm -f /tmp/k3s.*
}
supervisor=supervise-daemon
name="k3s"
command="{{ k3s_install_dir }}/k3s"
command_args="{% filter regex_replace('\s+', ' ') %}
{% filter replace('\n', ' ') %}
{% if k3s_debug is defined and k3s_debug %}
--debug
{% endif %}
{% if k3s_control_node %}
server
{% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %}
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
{% endif %}
{% if k3s_server is defined %}
--config {{ k3s_config_file }}
{% endif %}
{% if not k3s_primary_control_node or k3s_control_token is defined %}
--token-file {{ k3s_token_location }}
{% endif %}
{% else %}
agent
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
--token-file {{ k3s_token_location }}
{% if k3s_agent is defined %}
--config {{ k3s_config_file }}
{% endif %}
{% endif %} >>/var/log/k3s.log 2>&1"
{% endfilter %}
{% endfilter %}
output_log="/var/log/k3s.log"
error_log="/var/log/k3s.log"
pidfile="/var/run/k3s.pid"
respawn_delay=5
respawn_max=0

View File

@ -20,7 +20,7 @@ After={{ after_unit }}
Type={{ 'notify' if k3s_control_node else 'exec' }} Type={{ 'notify' if k3s_control_node else 'exec' }}
{% if k3s_service_env_vars is defined and k3s_service_env_vars is iterable %} {% if k3s_service_env_vars is defined and k3s_service_env_vars is iterable %}
{% for env_var in k3s_service_env_vars %} {% for env_var in k3s_service_env_vars %}
Environment={{ env_var }}={{ k3s_service_env_vars[env_var] }} Environment={{ env_var }}="{{ k3s_service_env_vars[env_var] }}"
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if k3s_service_env_file is defined and k3s_service_env_file %} {% if k3s_service_env_file is defined and k3s_service_env_file %}

View File

@ -15,6 +15,11 @@ k3s_valid_states:
- uninstalled - uninstalled
- validated - validated
# Supported init systems
k3s_supported_init:
- systemd
- openrc
# Map ansible fact gathering architecture to a release name and suffix in github. # Map ansible fact gathering architecture to a release name and suffix in github.
k3s_arch_lookup: k3s_arch_lookup:
amd64: amd64:
@ -84,6 +89,17 @@ k3s_systemd_context: system
# management, this should live in /etc/systemd, not /lib/systemd # management, this should live in /etc/systemd, not /lib/systemd
k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}" k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"
# Directory for installing openrc service file
k3s_openrc_service_dir: /etc/init.d
# Directory for installing logrotate config
k3s_logrotate_dir: /etc/logrotate.d
# Service handler
k3s_service_handler:
systemd: systemd
openrc: service
# Data directory location for k3s # Data directory location for k3s
k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}" k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"