mirror of
https://github.com/PyratLabs/ansible-role-k3s.git
synced 2025-01-02 18:28:19 +01:00
Merge pull request #185 from PyratLabs/feat/alpine-support
This commit is contained in:
Xan Manning
GitHub
commit
78cf2c1866
@ -14,12 +14,12 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
|
||||
&& python3 -m pip install pip --upgrade \
|
||||
&& python3 -m pip install -r /tmp/molecule/requirements.txt
|
||||
|
||||
RUN useradd -m vscode && \
|
||||
RUN useradd -s /bin/bash -m vscode && \
|
||||
usermod -aG docker vscode && \
|
||||
echo 'vscode ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/vscode && \
|
||||
echo 'source /etc/bash_completion.d/git-prompt' >> /home/vscode/.bashrc && \
|
||||
echo 'sudo chown vscode /var/run/docker-host.sock' >> /home/vscode/.bashrc && \
|
||||
echo 'export PS1="${PS1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc
|
||||
echo 'export PS1="${PS1:0:-1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc
|
||||
|
||||
RUN ln -s /var/run/docker-host.sock /var/run/docker.sock
|
||||
|
||||
|
||||
29
.github/workflows/ci.yml
vendored
29
.github/workflows/ci.yml
vendored
@ -20,26 +20,35 @@ jobs:
|
||||
name: Molecule
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
- distro: debian10
|
||||
- distro: geerlingguy/docker-debian11-ansible:latest
|
||||
scenario: default
|
||||
- distro: ubuntu2004
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-ubuntu2204-ansible:latest
|
||||
scenario: default
|
||||
- distro: amazonlinux2
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-amazonlinux2-ansible:latest
|
||||
scenario: default
|
||||
- distro: ubuntu1804
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-ubuntu2004-ansible:latest
|
||||
scenario: default
|
||||
- distro: fedora33
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora35-ansible:latest
|
||||
scenario: nodeploy
|
||||
- distro: fedora32
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora34-ansible:latest
|
||||
scenario: highavailabilitydb
|
||||
- distro: fedora31
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora33-ansible:latest
|
||||
scenario: autodeploy
|
||||
- distro: debian11
|
||||
- distro: xanmanning/docker-alpine-ansible:3.16
|
||||
scenario: highavailabilityetcd
|
||||
- distro: rockylinux8
|
||||
prebuilt: 'false'
|
||||
- distro: geerlingguy/docker-rockylinux8-ansible:latest
|
||||
scenario: highavailabilityetcd
|
||||
prebuilt: 'true'
|
||||
|
||||
steps:
|
||||
- name: Checkout codebase
|
||||
@ -62,3 +71,5 @@ jobs:
|
||||
PY_COLORS: '1'
|
||||
ANSIBLE_FORCE_COLOR: '1'
|
||||
MOLECULE_DISTRO: ${{ matrix.distro }}
|
||||
MOLECULE_PREBUILT: ${{ matrix.prebuilt }}
|
||||
MOLECULE_DOCKER_COMMAND: ${{ matrix.command }}
|
||||
|
||||
@ -6,7 +6,12 @@
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart k3s
|
||||
- name: reload service
|
||||
ansible.builtin.set_fact:
|
||||
k3s_service_reloaded: true
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart k3s systemd
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: restarted
|
||||
@ -19,3 +24,16 @@
|
||||
- k3s_systemd_restart_k3s is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart k3s service
|
||||
ansible.builtin.service:
|
||||
name: k3s
|
||||
state: restarted
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
retries: 3
|
||||
delay: 3
|
||||
register: k3s_service_restart_k3s
|
||||
failed_when:
|
||||
- k3s_service_restart_k3s is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
@ -38,6 +38,9 @@ galaxy_info:
|
||||
# platforms is a list of platforms, and each platform has a name and a list of versions.
|
||||
#
|
||||
platforms:
|
||||
- name: Alpine
|
||||
versions:
|
||||
- all
|
||||
- name: Archlinux
|
||||
versions:
|
||||
- all
|
||||
|
||||
@ -4,22 +4,25 @@
|
||||
become: true
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_release_version: latest
|
||||
k3s_release_version: v1.22
|
||||
k3s_build_cluster: false
|
||||
k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d
|
||||
k3s_install_dir: /opt/k3s/bin
|
||||
k3s_config_file: /opt/k3s/etc/k3s.yaml
|
||||
k3s_config_file: /opt/k3s/etc/k3s_config.yaml
|
||||
k3s_server:
|
||||
data-dir: /var/lib/k3s-io
|
||||
default-local-storage-path: /var/lib/k3s-io/local-storage
|
||||
k3s_agent:
|
||||
snapshotter: native
|
||||
disable:
|
||||
- metrics-server
|
||||
- traefik
|
||||
# k3s_agent:
|
||||
# snapshotter: native
|
||||
k3s_server_manifests_templates:
|
||||
- "molecule/autodeploy/templates/00-ns-monitoring.yml.j2"
|
||||
k3s_server_manifests_urls:
|
||||
- url: https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml
|
||||
filename: 05-metallb-namespace.yml
|
||||
k3s_service_env_vars:
|
||||
GOGC: 10
|
||||
K3S_TEST_VAR: "Hello world!"
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -12,6 +12,7 @@
|
||||
k3s_agent:
|
||||
node-ip: "{{ ansible_default_ipv4.address }}"
|
||||
snapshotter: native
|
||||
k3s_skip_validation: "{{ k3s_service_handler[ansible_service_mgr] == 'service' }}"
|
||||
pre_tasks:
|
||||
- name: Set each node to be a control node
|
||||
ansible.builtin.set_fact:
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -1,12 +1,23 @@
|
||||
---
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
|
||||
- name: Prepare all nodes
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure sudo is installed
|
||||
community.general.apk:
|
||||
name: sudo
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apk'
|
||||
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
tasks:
|
||||
- name: Ensure HAProxy is installed
|
||||
ansible.builtin.package:
|
||||
name: haproxy
|
||||
|
||||
@ -7,5 +7,6 @@
|
||||
k3s_server: "{{ lookup('file', 'k3s_server.yml') | from_yaml }}"
|
||||
k3s_agent: "{{ lookup('file', 'k3s_agent.yml') | from_yaml }}"
|
||||
k3s_airgap: true
|
||||
k3s_release_version: latest
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||
|
||||
@ -26,7 +26,7 @@ lint: |
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +35,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +44,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
||||
@ -38,7 +38,7 @@
|
||||
mode: 0600
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- restart k3s
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
@ -46,9 +46,35 @@
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'systemd'
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
|
||||
- name: Ensure k3s service file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.openrc.j2
|
||||
dest: "{{ k3s_openrc_service_dir }}/k3s"
|
||||
mode: 0744
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s logrotate file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.logrotate.j2
|
||||
dest: "{{ k3s_logrotate_dir }}/k3s"
|
||||
mode: 0640
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
@ -56,26 +82,15 @@
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure secondary controllers are started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
register: ensure_secondary_controllers_started
|
||||
failed_when:
|
||||
- ensure_secondary_controllers_started is not succeeded
|
||||
- not ansible_check_mode
|
||||
until: ensure_secondary_controllers_started is succeeded
|
||||
retries: "{{ ansible_play_hosts | length }}"
|
||||
delay: 5
|
||||
include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- not k3s_primary_control_node
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- import_tasks: post_checks_control_plane.yml
|
||||
when: not k3s_skip_validation
|
||||
|
||||
@ -6,6 +6,6 @@
|
||||
dest: "{{ k3s_config_dir }}/registries.yaml"
|
||||
mode: 0600
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
15
tasks/ensure_control_plane_started_openrc.yml
Normal file
15
tasks/ensure_control_plane_started_openrc.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s control plane server is started
|
||||
ansible.builtin.service:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
register: k3s_service_start_k3s
|
||||
until: k3s_service_start_k3s is succeeded
|
||||
retries: 3
|
||||
delay: 3
|
||||
failed_when:
|
||||
- k3s_service_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
||||
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s control plane server is started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
register: k3s_systemd_start_k3s
|
||||
until: k3s_systemd_start_k3s is succeeded
|
||||
retries: 3
|
||||
delay: 3
|
||||
failed_when:
|
||||
- k3s_systemd_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
||||
@ -22,17 +22,7 @@
|
||||
path: "{{ k3s_token_location }}"
|
||||
register: k3s_token_cluster_check
|
||||
|
||||
- name: Ensure k3s initial control plane server is started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
register: k3s_systemd_start_k3s
|
||||
failed_when:
|
||||
- k3s_systemd_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
- include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
|
||||
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||
or k3s_token_cluster_check.stat.exists
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
- ctr
|
||||
when: not ansible_check_mode
|
||||
notify:
|
||||
- restart k3s
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
@ -23,8 +23,8 @@
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure cluster token is present when pre-defined
|
||||
@ -43,7 +43,7 @@
|
||||
mode: 0600
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- restart k3s
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
when: k3s_control_token is defined
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
@ -51,9 +51,35 @@
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'systemd'
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.openrc.j2
|
||||
dest: "{{ k3s_openrc_service_dir }}/k3s"
|
||||
mode: 0744
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s logrotate file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.logrotate.j2
|
||||
dest: "{{ k3s_logrotate_dir }}/k3s"
|
||||
mode: 0640
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s killall script is present
|
||||
|
||||
@ -4,7 +4,8 @@
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ k3s_install_dir }}/kubectl get nodes"
|
||||
changed_when: false
|
||||
failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or
|
||||
failed_when: >-
|
||||
kubectl_get_nodes_result.stdout.find("was refused") != -1 or
|
||||
kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1
|
||||
register: kubectl_get_nodes_result
|
||||
until:
|
||||
|
||||
@ -38,6 +38,39 @@
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that the target init system is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_service_mgr in k3s_supported_init
|
||||
fail_msg: >-
|
||||
{{ ansible_service_mgr }} is not supported by this role.
|
||||
Supported init systems: {{ k3s_supported_init | join(', ') }}
|
||||
success_msg: "{{ ansible_service_mgr }} is supported"
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Determing if {{ ansible_service_mgr }} is actually openrc
|
||||
ansible.builtin.stat:
|
||||
path: /sbin/openrc-run
|
||||
register: k3s_check_openrc_run
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that {{ ansible_service_mgr }} is actually openrc
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_check_openrc_run.stat.exists
|
||||
fail_msg: >-
|
||||
openrc was not found, cannot install to {{ ansible_service_mgr }}
|
||||
success_msg: "openrc found"
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- include_tasks: pre_checks_version.yml
|
||||
when:
|
||||
- (k3s_release_version is not defined
|
||||
|
||||
5
templates/k3s.logrotate.j2
Normal file
5
templates/k3s.logrotate.j2
Normal file
@ -0,0 +1,5 @@
|
||||
/var/log/k3s.log {
|
||||
missingok
|
||||
notifempty
|
||||
copytruncate
|
||||
}
|
||||
47
templates/k3s.openrc.j2
Normal file
47
templates/k3s.openrc.j2
Normal file
@ -0,0 +1,47 @@
|
||||
#!/sbin/openrc-run
|
||||
|
||||
depend() {
|
||||
after network-online
|
||||
want cgroups
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
rm -f /tmp/k3s.*
|
||||
}
|
||||
|
||||
supervisor=supervise-daemon
|
||||
name="k3s"
|
||||
command="{{ k3s_install_dir }}/k3s"
|
||||
command_args="{% filter regex_replace('\s+', ' ') %}
|
||||
{% filter replace('\n', ' ') %}
|
||||
{% if k3s_debug is defined and k3s_debug %}
|
||||
--debug
|
||||
{% endif %}
|
||||
{% if k3s_control_node %}
|
||||
server
|
||||
{% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %}
|
||||
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
|
||||
{% endif %}
|
||||
{% if k3s_server is defined %}
|
||||
--config {{ k3s_config_file }}
|
||||
{% endif %}
|
||||
{% if not k3s_primary_control_node or k3s_control_token is defined %}
|
||||
--token-file {{ k3s_token_location }}
|
||||
{% endif %}
|
||||
{% else %}
|
||||
agent
|
||||
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
|
||||
--token-file {{ k3s_token_location }}
|
||||
{% if k3s_agent is defined %}
|
||||
--config {{ k3s_config_file }}
|
||||
{% endif %}
|
||||
{% endif %} >>/var/log/k3s.log 2>&1"
|
||||
{% endfilter %}
|
||||
{% endfilter %}
|
||||
|
||||
output_log="/var/log/k3s.log"
|
||||
error_log="/var/log/k3s.log"
|
||||
|
||||
pidfile="/var/run/k3s.pid"
|
||||
respawn_delay=5
|
||||
respawn_max=0
|
||||
@ -20,7 +20,7 @@ After={{ after_unit }}
|
||||
Type={{ 'notify' if k3s_control_node else 'exec' }}
|
||||
{% if k3s_service_env_vars is defined and k3s_service_env_vars is iterable %}
|
||||
{% for env_var in k3s_service_env_vars %}
|
||||
Environment={{ env_var }}={{ k3s_service_env_vars[env_var] }}
|
||||
Environment={{ env_var }}="{{ k3s_service_env_vars[env_var] }}"
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if k3s_service_env_file is defined and k3s_service_env_file %}
|
||||
|
||||
@ -15,6 +15,11 @@ k3s_valid_states:
|
||||
- uninstalled
|
||||
- validated
|
||||
|
||||
# Supported init systems
|
||||
k3s_supported_init:
|
||||
- systemd
|
||||
- openrc
|
||||
|
||||
# Map ansible fact gathering architecture to a release name and suffix in github.
|
||||
k3s_arch_lookup:
|
||||
amd64:
|
||||
@ -84,6 +89,17 @@ k3s_systemd_context: system
|
||||
# management, this should live in /etc/systemd, not /lib/systemd
|
||||
k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"
|
||||
|
||||
# Directory for installing openrc service file
|
||||
k3s_openrc_service_dir: /etc/init.d
|
||||
|
||||
# Directory for installing logrotate config
|
||||
k3s_logrotate_dir: /etc/logrotate.d
|
||||
|
||||
# Service handler
|
||||
k3s_service_handler:
|
||||
systemd: systemd
|
||||
openrc: service
|
||||
|
||||
# Data directory location for k3s
|
||||
k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user