Tidy up and refactoring of tasks

- `k3s_config_dir` derived from `k3s_config_file`, reused throughout the role to allow for easy removal of "Rancher" references #73. - `k3s_token_location` has moved to be in `k3s_config_dir`. - Tasks for creating directories now looped to caputure configuration from `k3s_server` and `k3s_agent` and ensure directories exist before k3s starts, see #75. - Server token collected directly from token file, not symlinked file (node-token). - `k3s_runtime_config` defined in `vars/` for validation and overwritten in tasks for control plane and workers. - Removed unused references to GitHub API.
2020-12-19 17:39:31 +00:00 · 2020-12-19 17:39:31 +00:00 · e48e368162
parent ef6c579336
commit e48e368162
13 changed files with 90 additions and 63 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,33 @@
 ---
 -->

+## DATE, v2.4.0
+
+### Notable changes
+
+  - `k3s_config_dir` derived from `k3s_config_file`, reused throughout the role
+    to allow for easy removal of "Rancher" references #73.
+  - `k3s_token_location` has moved to be in `k3s_config_dir`.
+  - Tasks for creating directories now looped to caputure configuration from
+    `k3s_server` and `k3s_agent` and ensure directories exist before k3s
+    starts, see #75.
+  - Server token collected directly from token file, not symlinked file
+    (node-token).
+  - `k3s_runtime_config` defined in `vars/` for validation and overwritten in
+    tasks for control plane and workers.
+  - Removed unused references to GitHub API.
+
+### Breaking changes
+
+  - `k3s_token_location` has moved to be in `k3s_config_dir` so re-running the
+    role will create a duplicate file here.
+
+### Known issues
+
+### Contributors
+
+---
+
 ## 2020-12-19, v2.3.0

 ### Notable changes
--- a/README.md
+++ b/README.md
@ -154,17 +154,16 @@ configuration.
 The below variables are used to change the way the role executes in Ansible,
 particularly with regards to privilege escalation.

-| Variable                         | Description                                                         | Default Value |
-|----------------------------------|---------------------------------------------------------------------|---------------|
-| `k3s_become_for_all`             | Escalate user privileges for all tasks. Overrides all of the below. | `false`       |
-| `k3s_become_for_systemd`         | Escalate user privileges for systemd tasks.                         | NULL          |
-| `k3s_become_for_install_dir`     | Escalate user privileges for creating installation directories.     | NULL          |
-| `k3s_become_for_manifests_dir`   | Escalate user privileges for creating manifests directory.          | NULL          |
-| `k3s_become_for_usr_local_bin`   | Escalate user privileges for writing to `/usr/local/bin`.           | NULL          |
-| `k3s_become_for_data_dir`        | Escalate user privileges for creating data directory.               | NULL          |
-| `k3s_become_for_package_install` | Escalate user privileges for installing k3s.                        | NULL          |
-| `k3s_become_for_kubectl`         | Escalate user privileges for running `kubectl`.                     | NULL          |
-| `k3s_become_for_uninstall`       | Escalate user privileges for uninstalling k3s.                      | NULL          |
+| Variable                            | Description                                                         | Default Value |
+|-------------------------------------|---------------------------------------------------------------------|---------------|
+| `k3s_become_for_all`                | Escalate user privileges for all tasks. Overrides all of the below. | `false`       |
+| `k3s_become_for_systemd`            | Escalate user privileges for systemd tasks.                         | NULL          |
+| `k3s_become_for_install_dir`        | Escalate user privileges for creating installation directories.     | NULL          |
+| `k3s_become_for_directory_creation` | Escalate user privileges for creating application directories.      | NULL          |
+| `k3s_become_for_usr_local_bin`      | Escalate user privileges for writing to `/usr/local/bin`.           | NULL          |
+| `k3s_become_for_package_install`    | Escalate user privileges for installing k3s.                        | NULL          |
+| `k3s_become_for_kubectl`            | Escalate user privileges for running `kubectl`.                     | NULL          |
+| `k3s_become_for_uninstall`          | Escalate user privileges for uninstalling k3s.                      | NULL          |

 #### Important note about `k3s_release_version`

--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -71,9 +71,8 @@ k3s_agent: {}
 k3s_become_for_all: false
 k3s_become_for_systemd: null
 k3s_become_for_install_dir: null
-k3s_become_for_manifests_dir: null
+k3s_become_for_directory_creation: null
 k3s_become_for_usr_local_bin: null
-k3s_become_for_data_dir: null
 k3s_become_for_package_install: null
 k3s_become_for_kubectl: null
 k3s_become_for_uninstall: null
--- a/molecule/autodeploy/converge.yml
+++ b/molecule/autodeploy/converge.yml
@ -5,6 +5,11 @@
  vars:
    molecule_is_test: true
    k3s_build_cluster: false
+    k3s_install_dir: /opt/k3s/bin
+    k3s_config_file: /opt/k3s/etc/k3s.yaml
+    k3s_server:
+      data-dir: /var/lib/k3s-io
+      default-local-storage-path: /var/lib/k3s-io/local-storage
    k3s_server_manifests_templates:
      - "molecule/autodeploy/templates/00-ns-monitoring.yml.j2"
  roles:
--- a/tasks/build/configure-k3s-cluster.yml
+++ b/tasks/build/configure-k3s-cluster.yml
@ -1,25 +1,25 @@
 ---

- name: Ensure NODE_TOKEN is captured from control node
+- name: Ensure cluster token is captured from control node
  ansible.builtin.slurp:
-    path: "{{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}/server/node-token"
-  register: k3s_slurped_control_token
+    path: "{{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}/server/token"
+  register: k3s_slurped_cluster_token
  delegate_to: "{{ k3s_control_delegate }}"
  when: k3s_control_token is not defined and not ansible_check_mode
  become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"

- name: Ensure NODE_TOKEN is formatted correctly for use in templates
+- name: Ensure cluster token is formatted correctly for use in templates
  set_fact:
-    k3s_control_token: "{{ k3s_slurped_control_token.content | b64decode }}"
+    k3s_control_token: "{{ k3s_slurped_cluster_token.content | b64decode }}"
  when: k3s_control_token is not defined and not ansible_check_mode

- name: Ensure dummy NODE_TOKEN is defined for ansible_check_mode
+- name: Ensure dumme cluster token is defined for ansible_check_mode
  set_fact:
    k3s_control_token: "{{ k3s_control_delegate | to_uuid }}"
  check_mode: false
  when: k3s_control_token is not defined and ansible_check_mode

- name: Ensure the cluster NODE_TOKEN file location exists
+- name: Ensure the clustee cluster token file location exists
  ansible.builtin.file:
    path: "{{ k3s_token_location | dirname }}"
    state: directory
--- a/tasks/build/install-k3s-directories.yml
+++ b/tasks/build/install-k3s-directories.yml
@ -0,0 +1,10 @@
+---
+
+- name: Ensure {{ directory.name }} exists
+  ansible.builtin.file:
+    path: "{{ directory.path }}"
+    state: directory
+    mode: "{{ directory.mode | default(0755) }}"
+  become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
+  when: directory.path is defined
+        and directory.path != omit
--- a/tasks/build/install-k3s.yml
+++ b/tasks/build/install-k3s.yml
@ -1,28 +1,9 @@
 ---

- name: Ensure config directory exists
-  ansible.builtin.file:
-    path: "{{ k3s_config_file | dirname }}"
-    state: directory
-    mode: 0755
-  become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
-
- name: Ensure systemd unit file directory exists
-  ansible.builtin.file:
-    path: "{{ k3s_systemd_unit_dir }}"
-    state: directory
-    mode: 0755
-  become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
-
- name: Ensure data directory exists when not using the default
-  ansible.builtin.file:
-    path: "{{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}"
-    state: directory
-    mode: 0755
-  become: "{{ k3s_become_for_data_dir | ternary(true, false, k3s_become_for_all) }}"
-  when: k3s_runtime_config is defined
-        and "data-dir" in k3s_runtime_config
-        and k3s_runtime_config['data-dir'] != k3s_data_dir
+- include_tasks: install-k3s-directories.yml
+  loop: "{{ k3s_ensure_directories_exist }}"
+  loop_control:
+    loop_var: directory

 - include_tasks: install-k3s-node.yml
  when: ((k3s_control_node and k3s_controller_count | length == 1)
--- a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml
+++ b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml
@ -6,7 +6,7 @@
    path: "{{ k3s_server_manifests_dir }}"
    mode: 0755
  when: k3s_server_manifests_templates | length > 0
-  become: "{{ k3s_become_for_manifests_dir | ternary(true, false, k3s_become_for_all) }}"
+  become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"

 # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
 - name: Ensure Auto-Deploying Manifests are copied to controllers
@ -15,4 +15,4 @@
    dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
    mode: 0644
  loop: "{{ k3s_server_manifests_templates }}"
-  become: "{{ k3s_become_for_manifests_dir | ternary(true, false, k3s_become_for_all) }}"
+  become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
--- a/tasks/validate/check-experimental-variables.yml
+++ b/tasks/validate/check-experimental-variables.yml
@ -1,6 +1,6 @@
 ---

- name: Check if any experimental variables are configure and if they are enabled with k3s_use_experimental
+- name: Check if embedded etcd datastore is enabled and marked as experimental
  ansible.builtin.assert:
    that:
      - k3s_use_experimental is defined and k3s_use_experimental
--- a/tasks/validate/generate-check-config.yml
+++ b/tasks/validate/generate-check-config.yml
@ -1,5 +0,0 @@
---
-
- name: Ensure k3s_runtime_config is set for validation
-  set_fact:
-    k3s_runtime_config: "{{ (k3s_server | default({})) | combine (k3s_agent | default({})) }}"
--- a/tasks/validate/pre-flight.yml
+++ b/tasks/validate/pre-flight.yml
@ -8,8 +8,6 @@
    success_msg: "k3s_state is valid."
  when: k3s_state is defined

- import_tasks: generate-check-config.yml
-
 - import_tasks: check-environment.yml
  when: not k3s_skip_validation

--- a/templates/k3s-uninstall.sh.j2
+++ b/templates/k3s-uninstall.sh.j2
@ -37,7 +37,7 @@ for bin in {{ k3s_install_dir }}/k3s*; do
    fi
 done

-rm -rf {{ k3s_config_file | dirname }}
+rm -rf {{ k3s_config_dir }}
 rm -rf /run/k3s
 rm -rf /run/flannel
 rm -rf {{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,6 +1,6 @@
 ---

-# Minimum supported version
+# Minimum supported versions
 k3s_min_version: 1.19.3

 # Valid states for this role
@ -43,15 +43,14 @@ k3s_arch_lookup:
 # Always default to stable channel, this will change with k3s_release_version
 k3s_release_channel: stable

-# Create the API address for the k3s_github_url that has been specified
-k3s_github_api: "{{ k3s_github_url | replace('github.com', 'api.github.com') }}"
-# Create the latest release API link for github. Possibly deprecated with k3s.io updates API
-k3s_github_api_releases: "{{ k3s_github_api | replace('.com', '.com/repos') }}/releases/latest"
 # K3s updates API
 k3s_api_releases: https://update.k3s.io/v1-release/channels
 # Download location for releases
 k3s_github_download_url: "{{ k3s_github_url }}/releases/download"

+# Generate a runtime config dictionary for validation
+k3s_runtime_config: "{{ (k3s_server | default({})) | combine (k3s_agent | default({})) }}"
+
 # Empty array for counting the number of control plane nodes
 k3s_controller_count: []

@ -62,16 +61,30 @@ k3s_systemd_context: system
 # management, this should live in /etc/systemd, not /lib/systemd
 k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"

-# Directory for gathering the k3s token for clustering. I don't see this changing.
-k3s_token_location: "/etc/rancher/cluster-token"
-
 # Data directory location for k3s
-k3s_data_dir: /var/lib/rancher/k3s
+k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"
+
+# Config directroy location for k3s
+k3s_config_dir: "{{ k3s_config_file | dirname }}"
+
+# Directory for gathering the k3s token for clustering. I don't see this changing.
+k3s_token_location: "{{ k3s_config_dir }}/cluster-token"

 # Path for additional Kubernetes Manifests
 # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
 k3s_server_manifests_dir: "{{ k3s_data_dir }}/server/manifests"

+# Directories that we need to ensure exist
+k3s_ensure_directories_exist:
+  - name: Config directory
+    path: "{{ k3s_config_dir }}"
+  - name: Systemd unit file directory
+    path: "{{ k3s_systemd_unit_dir }}"
+  - name: Data directory
+    path: "{{ k3s_data_dir }}"
+  - name: Default local storage path
+    path: "{{ k3s_runtime_config['default-local-storage-path'] | default(omit) }}"
+
 # Config items that should not appear in k3s_server or k3s_agent
 k3s_config_exclude:
  - setting: server