mirror of
https://github.com/PyratLabs/ansible-role-k3s.git
synced 2024-09-27 04:03:43 +02:00
Compare commits
165 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
19c24bd503 | ||
|
0c0d3bb38d | ||
|
cfd9400edf | ||
|
6b258763be | ||
|
b87991cc28 | ||
|
37fda0a953 | ||
|
37cca2e487 | ||
|
41b938c8e7 | ||
|
cc64737bdc | ||
|
3f1d2da21b | ||
|
44635027ce | ||
|
de1bd094e5 | ||
|
0cc1e48902 | ||
|
13db5d26f8 | ||
|
3f200f2bd7 | ||
|
404491c938 | ||
|
75b40675d8 | ||
|
80e4debcd4 | ||
|
c28e03b97f | ||
|
01616dcd96 | ||
|
8410d2c402 | ||
|
a6b209abdb | ||
|
e9ddc8738a | ||
|
1d29570fc9 | ||
|
561d67cd08 | ||
|
dae3eb928e | ||
|
21fe3bccbf | ||
|
25a17b8511 | ||
|
d38f344937 | ||
|
78cf2c1866 | ||
|
e774918812 | ||
|
6f1cb8e904 | ||
|
e6cb2a91e8 | ||
|
5bebced657 | ||
|
c1341eb62c | ||
|
13ed1336d9 | ||
|
5f560137f4 | ||
|
910b611058 | ||
|
f3640e5c9f | ||
|
291b7763b4 | ||
|
86a9f25325 | ||
|
503e3ccc3f | ||
|
818676e449 | ||
|
87551613d4 | ||
|
03bc3aec5b | ||
|
e20195fe56 | ||
|
4387b3d12e | ||
|
dc0f8c3a83 | ||
|
d1f61bf866 | ||
|
6550071e43 | ||
|
594606d420 | ||
|
1475d1724d | ||
|
80eca60031 | ||
|
424145881c | ||
|
3be9eff967 | ||
|
410a5bf009 | ||
|
252b87bf65 | ||
|
1fa910f931 | ||
|
2e5dd3cc07 | ||
|
e7693c5d2f | ||
|
4f0bb3f9a7 | ||
|
473f3943d2 | ||
|
7e9292c01b | ||
|
a88d27d2ae | ||
|
377565de96 | ||
|
3be75a8296 | ||
|
b9b2a8e054 | ||
|
59af276c72 | ||
|
2f7d6af51d | ||
|
20468734a0 | ||
|
e983629167 | ||
|
0873fc4977 | ||
|
0fa1ef29a9 | ||
|
e457854046 | ||
|
cc8ba00de2 | ||
|
592b294ad8 | ||
|
9349c9456d | ||
|
582a696918 | ||
|
987bc700a1 | ||
|
d9d8bbeece | ||
|
5288de9db1 | ||
|
df51a8aaec | ||
|
a4cbc4d68d | ||
|
41a13ca2f7 | ||
|
ce4ad4dc0b | ||
|
58f4de5481 | ||
|
c287bef9cd | ||
|
59f0a2152e | ||
|
191d51bce6 | ||
|
2a282c0ae2 | ||
|
677db09b4a | ||
|
4c20fd3f0b | ||
|
1eaeba67b5 | ||
|
09abfd2cba | ||
|
ccfa561be0 | ||
|
0c77eb143d | ||
|
4269e25e6b | ||
|
dd341f6f10 | ||
|
01b914985a | ||
|
0f143962a1 | ||
|
80f591cba4 | ||
|
dd3c460bfa | ||
|
825ed3ad37 | ||
|
f7c0c8783a | ||
|
8243baa3d9 | ||
|
25d40cec52 | ||
|
779968ca0a | ||
|
b8727a1c92 | ||
|
4bcf3ea9c4 | ||
|
e88f3bb056 | ||
|
29658aeb2e | ||
|
33a18bb517 | ||
|
ea413afa3a | ||
|
da13cc696a | ||
|
db3f7da362 | ||
|
765fbf2e9b | ||
|
c47688e05c | ||
|
3274c7e6e0 | ||
|
25ca0ed8f7 | ||
|
0384dfcb4f | ||
|
207fbbd41a | ||
|
9db46b536d | ||
|
83290e050c | ||
|
189f2baf23 | ||
|
077c9a3fd6 | ||
|
1780b5a20f | ||
|
cc86f35d9b | ||
|
dc2bd28e10 | ||
|
f198b45d58 | ||
|
c0ec5ca930 | ||
|
8c0c586607 | ||
|
3b26d24212 | ||
|
ba113bcd05 | ||
|
e90448f40b | ||
|
4e713918a7 | ||
|
3b5c6e6ff5 | ||
|
d2968d5f42 | ||
|
4b42a9bf49 | ||
|
142b40f428 | ||
|
05e62b6344 | ||
|
0c084531d2 | ||
|
b8539cd82e | ||
|
2da5738452 | ||
|
8dab5e6f26 | ||
|
7607bfb7a9 | ||
|
f46450319b | ||
|
10d11c63ec | ||
|
3006716f66 | ||
|
730edbf6cb | ||
|
e5b9e5a78a | ||
|
c36c026783 | ||
|
e7374757fa | ||
|
51de880c0f | ||
|
b7210af4e9 | ||
|
2e629838f1 | ||
|
7f0eb60a14 | ||
|
32c68ea949 | ||
|
d834ca15b0 | ||
|
6bff9b9981 | ||
|
da7d8c67d9 | ||
|
1bbba04230 | ||
|
82085cb80b | ||
|
07fe0e2964 | ||
|
2243766695 | ||
|
ef99954177 |
@ -2,3 +2,4 @@
|
||||
|
||||
skip_list:
|
||||
- role-name
|
||||
- name[template]
|
||||
|
26
.devcontainer/Dockerfile
Normal file
26
.devcontainer/Dockerfile
Normal file
@ -0,0 +1,26 @@
|
||||
ARG VARIANT=focal
|
||||
FROM ubuntu:${VARIANT}
|
||||
|
||||
COPY molecule/requirements.txt /tmp/molecule/requirements.txt
|
||||
COPY requirements.txt /tmp/requirements.txt
|
||||
|
||||
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
|
||||
&& apt-get -y install curl git python3-dev python3-pip \
|
||||
python3-venv shellcheck sudo unzip docker.io jq \
|
||||
&& curl -L \
|
||||
"https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
|
||||
-o /usr/bin/kubectl \
|
||||
&& chmod +x /usr/bin/kubectl \
|
||||
&& python3 -m pip install pip --upgrade \
|
||||
&& python3 -m pip install -r /tmp/molecule/requirements.txt
|
||||
|
||||
RUN useradd -s /bin/bash -m vscode && \
|
||||
usermod -aG docker vscode && \
|
||||
echo 'vscode ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/vscode && \
|
||||
echo 'source /etc/bash_completion.d/git-prompt' >> /home/vscode/.bashrc && \
|
||||
echo 'sudo chown vscode /var/run/docker-host.sock' >> /home/vscode/.bashrc && \
|
||||
echo 'export PS1="${PS1:0:-1}\[\033[38;5;196m\]$(__git_ps1)\[$(tput sgr0)\] "' >> /home/vscode/.bashrc
|
||||
|
||||
RUN ln -s /var/run/docker-host.sock /var/run/docker.sock
|
||||
|
||||
USER vscode
|
28
.devcontainer/devcontainer.json
Normal file
28
.devcontainer/devcontainer.json
Normal file
@ -0,0 +1,28 @@
|
||||
{
|
||||
"name": "Ubuntu",
|
||||
"build": {
|
||||
"context": "..",
|
||||
"dockerfile": "Dockerfile",
|
||||
"args": { "VARIANT": "focal" }
|
||||
},
|
||||
|
||||
"settings": {
|
||||
"terminal.integrated.profiles.linux": {
|
||||
"bash (login)": {
|
||||
"path": "/bin/bash",
|
||||
"args": ["-l"]
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
"extensions": [
|
||||
"ms-azuretools.vscode-docker",
|
||||
"redhat.vscode-yaml"
|
||||
],
|
||||
|
||||
"mounts": [
|
||||
"source=/var/run/docker.sock,target=/var/run/docker-host.sock,type=bind"
|
||||
],
|
||||
|
||||
"remoteUser": "vscode"
|
||||
}
|
57
.github/workflows/ci.yml
vendored
57
.github/workflows/ci.yml
vendored
@ -16,32 +16,62 @@ defaults:
|
||||
working-directory: "xanmanning.k3s"
|
||||
|
||||
jobs:
|
||||
ansible-lint:
|
||||
name: Ansible Lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout codebase
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
path: "xanmanning.k3s"
|
||||
|
||||
- name: Set up Python 3
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: "3.x"
|
||||
|
||||
- name: Install test dependencies
|
||||
run: pip3 install -r molecule/lint-requirements.txt
|
||||
|
||||
- name: Run yamllint
|
||||
run: yamllint -s .
|
||||
|
||||
- name: Run ansible-lint
|
||||
run: ansible-lint --exclude molecule/ --exclude meta/
|
||||
|
||||
molecule:
|
||||
name: Molecule
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-20.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
- distro: debian10
|
||||
- distro: geerlingguy/docker-debian11-ansible:latest
|
||||
scenario: default
|
||||
- distro: ubuntu2004
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-ubuntu2204-ansible:latest
|
||||
scenario: default
|
||||
- distro: amazonlinux2
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-amazonlinux2-ansible:latest
|
||||
scenario: default
|
||||
- distro: centos7
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-ubuntu2004-ansible:latest
|
||||
scenario: default
|
||||
- distro: ubuntu1804
|
||||
scenario: default
|
||||
- distro: fedora31
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora35-ansible:latest
|
||||
scenario: nodeploy
|
||||
- distro: fedora29
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora34-ansible:latest
|
||||
scenario: highavailabilitydb
|
||||
- distro: fedora30
|
||||
prebuilt: 'true'
|
||||
- distro: geerlingguy/docker-fedora33-ansible:latest
|
||||
scenario: autodeploy
|
||||
- distro: debian9
|
||||
- distro: xanmanning/docker-alpine-ansible:3.16
|
||||
scenario: highavailabilityetcd
|
||||
- distro: centos8
|
||||
prebuilt: 'false'
|
||||
- distro: geerlingguy/docker-rockylinux9-ansible:latest
|
||||
scenario: highavailabilityetcd
|
||||
prebuilt: 'true'
|
||||
|
||||
steps:
|
||||
- name: Checkout codebase
|
||||
@ -59,7 +89,10 @@ jobs:
|
||||
|
||||
- name: Run Molecule tests
|
||||
run: molecule test --scenario-name "${{ matrix.scenario }}"
|
||||
# continue-on-error: true
|
||||
env:
|
||||
PY_COLORS: '1'
|
||||
ANSIBLE_FORCE_COLOR: '1'
|
||||
MOLECULE_DISTRO: ${{ matrix.distro }}
|
||||
MOLECULE_PREBUILT: ${{ matrix.prebuilt }}
|
||||
MOLECULE_DOCKER_COMMAND: ${{ matrix.command }}
|
||||
|
252
CHANGELOG.md
252
CHANGELOG.md
@ -14,6 +14,252 @@
|
||||
---
|
||||
-->
|
||||
|
||||
## 2023-05-17, v3.4.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: resolve ansible lint warnings and fix molecule tests in github actions
|
||||
|
||||
### Contributors
|
||||
|
||||
- [dbrennand](https://github.com/dbrennand)
|
||||
|
||||
---
|
||||
|
||||
## 2023-03-11, v3.4.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- refactor: add `until: 1.23.15` to `secrets-encryption` from `k3s_experimental_config` as it is no longer experimental. Fixes #200.
|
||||
- docs(fix): typo in `CONTRIBUTING.md`
|
||||
|
||||
### Contributors
|
||||
|
||||
- [dbrennand](https://github.com/dbrennand)
|
||||
|
||||
---
|
||||
|
||||
## 2022-11-15, v3.3.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: length indentation in registry.yaml
|
||||
|
||||
---
|
||||
|
||||
## 2022-09-11, v3.3.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: `no_log` removed from `ansible.builtin.uri` tasks
|
||||
- feat: `k3s_skip_post_checks` option added
|
||||
|
||||
---
|
||||
|
||||
## 2022-06-17, v3.2.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- feature: added support for alpine #182
|
||||
- fix: `k3s_control_token` not working #187
|
||||
|
||||
## 2022-05-02, v3.1.2
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: molecule tests
|
||||
|
||||
---
|
||||
|
||||
## 2022-02-18, v3.1.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: support nftables for debian 11
|
||||
|
||||
### Contributors
|
||||
|
||||
- [eaglesemanation](https://github.com/eaglesemanation)
|
||||
|
||||
---
|
||||
|
||||
## 2022-01-30, v3.1.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- feat: use basename of url for items in `k3s_server_manifests_urls` and
|
||||
`k3s_server_pod_manifests_urls` if filename is not provided #177
|
||||
|
||||
### Contributors
|
||||
|
||||
- [kossmac](https://github.com/kossmac)
|
||||
|
||||
---
|
||||
|
||||
## 2022-01-06, v3.0.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: adding become to pre checks packages #173
|
||||
|
||||
### Contributors
|
||||
|
||||
- [xlejo](https://github.com/xlejo)
|
||||
|
||||
---
|
||||
|
||||
## 2022-01-02, v3.0.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- feat: Flattened task filesystem
|
||||
- feat: Moved some tasks into `vars/` as templated variables
|
||||
- feat: Airgap installation method added #165
|
||||
|
||||
### Breaking changes
|
||||
|
||||
- Minimum `python` version on targets is 3.6
|
||||
- `k3s_become_for_all` renamed to `k3s_become`
|
||||
- `k3s_become_for_*` removed.
|
||||
|
||||
### Contributors
|
||||
|
||||
- [crutonjohn](https://github.com/crutonjohn)
|
||||
|
||||
---
|
||||
|
||||
## 2021-12-23, v2.12.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Fix typo in systemd unit file
|
||||
|
||||
### Contributors
|
||||
|
||||
- [andrewchen5678](https://github.com/andrewchen5678)
|
||||
|
||||
---
|
||||
|
||||
## 2021-12-20, v2.12.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Fix RockyLinux HA etcd tests
|
||||
- add Debian 11 test
|
||||
- Fix Snapshotter in Molecule tests
|
||||
- Added missing documentation for `k3s_api_url`
|
||||
- Added option to change K3s updates API url
|
||||
- Custom environment variables in systemd unit files
|
||||
- Debian Bullseye support
|
||||
- Fix HA etcd cluster startup
|
||||
- Fix rootless for Debian
|
||||
|
||||
### Contributors
|
||||
|
||||
- [janar153](https://github.com/janar153)
|
||||
|
||||
---
|
||||
|
||||
## 2021-10-10, v2.11.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- docs: fixed references to `write-kubeconfig-mode` to set correct permissions #157
|
||||
- fix: Flag --delete-local-data has been deprecated #159
|
||||
|
||||
---
|
||||
|
||||
## 2021-09-08, v2.11.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- docs: example of IPv6 configuration
|
||||
- feat: checks for s3 backup configuration
|
||||
- feat: implement config.yaml.d
|
||||
|
||||
### Contributors
|
||||
|
||||
- [onedr0p](https://github.com/onedr0p)
|
||||
|
||||
---
|
||||
|
||||
## 2021-08-18, v2.10.6
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Fix: Define registration address from node-ip #142
|
||||
|
||||
---
|
||||
|
||||
## 2021-08-14, v2.10.5
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Add advertised address #139
|
||||
|
||||
### Contributors
|
||||
|
||||
- [@abelfodil](https://github.com/abelfodil)
|
||||
|
||||
---
|
||||
|
||||
## 2021-07-24, v2.10.4
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Updated systemd template to use token when joining a cluster #138
|
||||
|
||||
---
|
||||
|
||||
## 2021-07-21, v2.10.3
|
||||
|
||||
### Notable changes
|
||||
|
||||
- fix: typo #133
|
||||
- fix: restore clustering and avoid failure with jinja2_native=true #135
|
||||
- fix: do ignore etcd member count when uninstalling #136
|
||||
|
||||
### Contributors
|
||||
|
||||
- [@Yaro](https://github.com/Yajo)
|
||||
|
||||
---
|
||||
|
||||
## 2021-06-22, v2.10.2
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Role is now tested against RockyLinux
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-30, v2.10.1
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Case insensitive control node lookup #126
|
||||
|
||||
### Contributors
|
||||
|
||||
- [@mrobinsn](https://github.com/mrobinsn)
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-27, v2.10.0
|
||||
|
||||
### Notable changes
|
||||
|
||||
- Only deploy templates on primary controller #119
|
||||
- Allow control plane static pods #120
|
||||
- Add support for specifying URLs in templates #124
|
||||
|
||||
### Contributors
|
||||
|
||||
- [@bjw-s](https://github.com/bjw-s)
|
||||
- [@onedr0p](https://github.com/onedr0p)
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-14, v2.9.1
|
||||
|
||||
<!-- Today was a better day... <3 -->
|
||||
@ -23,6 +269,8 @@
|
||||
- Documentation, remove references to deprecated configuration techniques #115
|
||||
- Bugfix: Templating issue.
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-13, v2.9.0
|
||||
|
||||
<!-- a shit day... -->
|
||||
@ -35,6 +283,7 @@
|
||||
|
||||
- [@anjia0532](https://github.com/anjia0532)
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-06, v2.8.5
|
||||
|
||||
@ -46,6 +295,7 @@
|
||||
|
||||
- [@angelnu](https://github.com/angelnu)
|
||||
|
||||
---
|
||||
|
||||
## 2021-05-01, v2.8.4
|
||||
|
||||
@ -57,6 +307,8 @@
|
||||
|
||||
- [@anjia0532](https://github.com/anjia0532)
|
||||
|
||||
---
|
||||
|
||||
## 2021-04-18, v2.8.3
|
||||
|
||||
### Notable changes
|
||||
|
@ -7,7 +7,7 @@ them requiring you to be able to write code. Below is a list of suggested
|
||||
contributions welcomed by the community:
|
||||
|
||||
- Submit bug reports in GitHub issues
|
||||
- Comment on bug reports with futher information or suggestions
|
||||
- Comment on bug reports with further information or suggestions
|
||||
- Suggest new features
|
||||
- Create Pull Requests fixing bugs or adding new features
|
||||
- Update and improve documentation
|
||||
|
109
README.md
109
README.md
@ -1,10 +1,17 @@
|
||||
# Ansible Role: k3s (v2.x)
|
||||
# Ansible Role: k3s (v3.x)
|
||||
|
||||
Ansible role for installing [K3S](https://k3s.io/) ("Lightweight
|
||||
Kubernetes") as either a standalone server or cluster.
|
||||
|
||||
[![CI](https://github.com/PyratLabs/ansible-role-k3s/workflows/CI/badge.svg?event=push)](https://github.com/PyratLabs/ansible-role-k3s/actions?query=workflow%3ACI)
|
||||
|
||||
## Help Wanted!
|
||||
|
||||
Hi! :wave: [@xanmanning](https://github.com/xanmanning) is looking for a new
|
||||
maintainer to work on this Ansible role. This is because I don't have as much
|
||||
free time any more and I no longer write Ansible regularly as part of my day
|
||||
job. If you're interested, get in touch.
|
||||
|
||||
## Release notes
|
||||
|
||||
Please see [Releases](https://github.com/PyratLabs/ansible-role-k3s/releases)
|
||||
@ -14,6 +21,7 @@ and [CHANGELOG.md](CHANGELOG.md).
|
||||
|
||||
The host you're running Ansible from requires the following Python dependencies:
|
||||
|
||||
- `python >= 3.6.0` - [See Notes below](#important-note-about-python).
|
||||
- `ansible >= 2.9.16` or `ansible-base >= 2.10.4`
|
||||
|
||||
You can install dependencies using the requirements.txt file in this repository:
|
||||
@ -21,21 +29,19 @@ You can install dependencies using the requirements.txt file in this repository:
|
||||
|
||||
This role has been tested against the following Linux Distributions:
|
||||
|
||||
- Alpine Linux
|
||||
- Amazon Linux 2
|
||||
- Archlinux
|
||||
- CentOS 8
|
||||
- CentOS 7
|
||||
- Debian 9
|
||||
- Debian 10
|
||||
- Fedora 29
|
||||
- Fedora 30
|
||||
- Debian 11
|
||||
- Fedora 31
|
||||
- Fedora 32
|
||||
- Fedora 33
|
||||
- openSUSE Leap 15
|
||||
- Ubuntu 18.04 LTS
|
||||
- RockyLinux 8
|
||||
- Ubuntu 20.04 LTS
|
||||
|
||||
:warning: The v2 releases of this role only supports `k3s >= v1.19`, for
|
||||
:warning: The v3 releases of this role only supports `k3s >= v1.19`, for
|
||||
`k3s < v1.19` please consider updating or use the v1.x releases of this role.
|
||||
|
||||
Before upgrading, see [CHANGELOG](CHANGELOG.md) for notifications of breaking
|
||||
@ -62,16 +68,23 @@ Below are variables that are set against all of the play hosts for environment
|
||||
consistency. These are generally cluster-level configuration.
|
||||
|
||||
| Variable | Description | Default Value |
|
||||
|----------------------------------|---------------------------------------------------------------------------------|--------------------------------|
|
||||
|--------------------------------------|--------------------------------------------------------------------------------------------|--------------------------------|
|
||||
| `k3s_state` | State of k3s: installed, started, stopped, downloaded, uninstalled, validated. | installed |
|
||||
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for stable. | `false` |
|
||||
| `k3s_airgap` | Boolean to enable air-gapped installations | `false` |
|
||||
| `k3s_config_file` | Location of the k3s configuration file. | `/etc/rancher/k3s/config.yaml` |
|
||||
| `k3s_build_cluster` | When multiple play hosts are available, attempt to cluster. Read notes below. | `true` |
|
||||
| `k3s_registration_address` | Fixed registration address for nodes. IP or FQDN. | NULL |
|
||||
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/k3s-io/k3s |
|
||||
| `k3s_api_url` | URL for K3S updates API. | https://update.k3s.io |
|
||||
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
|
||||
| `k3s_install_hard_links` | Install using hard links rather than symbolic links. | `false` |
|
||||
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
|
||||
| `k3s_server_config_yaml_d_files` | A flat list of templates to supplement the `k3s_server` configuration. | [] |
|
||||
| `k3s_agent_config_yaml_d_files` | A flat list of templates to supplement the `k3s_agent` configuration. | [] |
|
||||
| `k3s_server_manifests_urls` | A list of URLs to deploy on the primary control plane. Read notes below. | [] |
|
||||
| `k3s_server_manifests_templates` | A flat list of templates to deploy on the primary control plane. | [] |
|
||||
| `k3s_server_pod_manifests_urls` | A list of URLs for installing static pod manifests on the control plane. Read notes below. | [] |
|
||||
| `k3s_server_pod_manifests_templates` | A flat list of templates for installing static pod manifests on the control plane. | [] |
|
||||
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
|
||||
| `k3s_use_unsupported_config` | Allow the use of unsupported configurations in k3s. | `false` |
|
||||
| `k3s_etcd_datastore` | Enable etcd embedded datastore (read notes below). | `false` |
|
||||
@ -85,16 +98,22 @@ is run. Use this with caution, please refer to the [systemd documentation](https
|
||||
for more information.
|
||||
|
||||
| Variable | Description | Default Value |
|
||||
|------------------------|----------------------------------------------------------------|---------------|
|
||||
|------------------------|----------------------------------------------------------------------|---------------|
|
||||
| `k3s_start_on_boot` | Start k3s on boot. | `true` |
|
||||
| `k3s_service_requires` | List of required systemd units to k3s service unit. | [] |
|
||||
| `k3s_service_wants` | List of "wanted" systemd unit to k3s (weaker than "requires"). | []\* |
|
||||
| `k3s_service_before` | Start k3s before a defined list of systemd units. | [] |
|
||||
| `k3s_service_after` | Start k3s after a defined list of systemd units. | []\* |
|
||||
| `k3s_service_env_vars` | Dictionary of environment variables to use within systemd unit file. | {} |
|
||||
| `k3s_service_env_file` | Location on host of a environment file to include. | `false`\*\* |
|
||||
|
||||
\* The systemd unit template **always** specifies `network-online.target` for
|
||||
`wants` and `after`.
|
||||
|
||||
\*\* The file must already exist on the target host, this role will not create
|
||||
nor manage the file. You can manage this file outside of the role with
|
||||
pre-tasks in your Ansible playbook.
|
||||
|
||||
### Group/Host Variables
|
||||
|
||||
Below are variables that are set against individual or groups of play hosts.
|
||||
@ -119,7 +138,6 @@ The `k3s_server` dictionary variable will contain flags from the above
|
||||
```yaml
|
||||
k3s_server:
|
||||
datastore-endpoint: postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable
|
||||
docker: true
|
||||
cluster-cidr: 172.20.0.0/16
|
||||
flannel-backend: 'none' # This needs to be in quotes
|
||||
disable:
|
||||
@ -171,17 +189,41 @@ The below variables are used to change the way the role executes in Ansible,
|
||||
particularly with regards to privilege escalation.
|
||||
|
||||
| Variable | Description | Default Value |
|
||||
|-------------------------------------|---------------------------------------------------------------------|---------------|
|
||||
|------------------------|----------------------------------------------------------------|---------------|
|
||||
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
|
||||
| `k3s_skip_env_checks` | Skill all tasks that check environment configuration. | `false` |
|
||||
| `k3s_become_for_all` | Escalate user privileges for all tasks. Overrides all of the below. | `false` |
|
||||
| `k3s_become_for_systemd` | Escalate user privileges for systemd tasks. | NULL |
|
||||
| `k3s_become_for_install_dir` | Escalate user privileges for creating installation directories. | NULL |
|
||||
| `k3s_become_for_directory_creation` | Escalate user privileges for creating application directories. | NULL |
|
||||
| `k3s_become_for_usr_local_bin` | Escalate user privileges for writing to `/usr/local/bin`. | NULL |
|
||||
| `k3s_become_for_package_install` | Escalate user privileges for installing k3s. | NULL |
|
||||
| `k3s_become_for_kubectl` | Escalate user privileges for running `kubectl`. | NULL |
|
||||
| `k3s_become_for_uninstall` | Escalate user privileges for uninstalling k3s. | NULL |
|
||||
| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` |
|
||||
| `k3s_skip_post_checks` | Skip all tasks that check post execution state. | `false` |
|
||||
| `k3s_become` | Escalate user privileges for tasks that need root permissions. | `false` |
|
||||
|
||||
#### Important note about Python
|
||||
|
||||
From v3 of this role, Python 3 is required on the target system as well as on
|
||||
the Ansible controller. This is to ensure consistent behaviour for Ansible
|
||||
tasks as Python 2 is now EOL.
|
||||
|
||||
If target systems have both Python 2 and Python 3 installed, it is most likely
|
||||
that Python 2 will be selected by default. To ensure Python 3 is used on a
|
||||
target with both versions of Python, ensure `ansible_python_interpreter` is
|
||||
set in your inventory. Below is an example inventory:
|
||||
|
||||
```yaml
|
||||
---
|
||||
|
||||
k3s_cluster:
|
||||
hosts:
|
||||
kube-0:
|
||||
ansible_user: ansible
|
||||
ansible_host: 10.10.9.2
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
kube-1:
|
||||
ansible_user: ansible
|
||||
ansible_host: 10.10.9.3
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
kube-2:
|
||||
ansible_user: ansible
|
||||
ansible_host: 10.10.9.4
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
```
|
||||
|
||||
#### Important note about `k3s_release_version`
|
||||
|
||||
@ -295,6 +337,29 @@ ensure a majority in the event of a network partition. If you want to use 2
|
||||
members or an even number of members, please set `k3s_use_unsupported_config`
|
||||
to `true`.
|
||||
|
||||
#### Important note about `k3s_server_manifests_urls` and `k3s_server_pod_manifests_urls`
|
||||
|
||||
To deploy server manifests and server pod manifests from URL, you need to
|
||||
specify a `url` and optionally a `filename` (if none provided basename is used). Below is an example of how to deploy the
|
||||
Tigera operator for Calico and kube-vip.
|
||||
|
||||
```yaml
|
||||
---
|
||||
|
||||
k3s_server_manifests_urls:
|
||||
- url: https://docs.projectcalico.org/archive/v3.19/manifests/tigera-operator.yaml
|
||||
filename: tigera-operator.yaml
|
||||
|
||||
k3s_server_pod_manifests_urls:
|
||||
- url: https://raw.githubusercontent.com/kube-vip/kube-vip/main/example/deploy/0.1.4.yaml
|
||||
filename: kube-vip.yaml
|
||||
|
||||
```
|
||||
|
||||
#### Important note about `k3s_airgap`
|
||||
|
||||
When deploying k3s in an air gapped environment you should provide the `k3s` binary in `./files/`. The binary will not be downloaded from Github and will subsequently not be verified using the provided sha256 sum, nor able to verify the version that you are running. All risks and burdens associated are assumed by the user in this scenario.
|
||||
|
||||
## Dependencies
|
||||
|
||||
No dependencies on other roles.
|
||||
|
@ -12,10 +12,13 @@ k3s_state: installed
|
||||
# k3s_release_version: v1.19.3
|
||||
k3s_release_version: false
|
||||
|
||||
# Loction of the k3s configuration file
|
||||
k3s_config_file: /etc/rancher/k3s/config.yaml
|
||||
# Location of the k3s configuration file
|
||||
k3s_config_file: "/etc/rancher/k3s/config.yaml"
|
||||
|
||||
# When multiple ansible_play_hosts_all are present, attempt to cluster the nodes.
|
||||
# Location of the k3s configuration directory
|
||||
k3s_config_yaml_d_dir: "/etc/rancher/k3s/config.yaml.d"
|
||||
|
||||
# When multiple ansible_play_hosts are present, attempt to cluster the nodes.
|
||||
# Using false will create multiple standalone nodes.
|
||||
# (default: true)
|
||||
k3s_build_cluster: true
|
||||
@ -23,21 +26,49 @@ k3s_build_cluster: true
|
||||
# URL for GitHub project
|
||||
k3s_github_url: https://github.com/k3s-io/k3s
|
||||
|
||||
# URL for K3s updates API
|
||||
k3s_api_url: https://update.k3s.io
|
||||
|
||||
# Install K3s in Air Gapped scenarios
|
||||
k3s_airgap: false
|
||||
|
||||
# Skip all tasks that validate configuration
|
||||
k3s_skip_validation: false
|
||||
|
||||
# Skip all tasks that check environment configuration
|
||||
k3s_skip_env_checks: false
|
||||
|
||||
# Skip post-checks
|
||||
k3s_skip_post_checks: false
|
||||
|
||||
# Installation directory for k3s
|
||||
k3s_install_dir: /usr/local/bin
|
||||
|
||||
# Install using hard links rather than symbolic links
|
||||
k3s_install_hard_links: false
|
||||
|
||||
# A list of templates used for preconfigure the cluster.
|
||||
# A list of templates used for configuring the server.
|
||||
k3s_server_config_yaml_d_files: []
|
||||
|
||||
# A list of templates used for configuring the agent.
|
||||
k3s_agent_config_yaml_d_files: []
|
||||
|
||||
# A list of templates used for pre-configuring the cluster.
|
||||
k3s_server_manifests_templates: []
|
||||
|
||||
# A list of URLs used for pre-configuring the cluster.
|
||||
k3s_server_manifests_urls: []
|
||||
# - url: https://some/url/to/manifest.yml
|
||||
# filename: manifest.yml
|
||||
|
||||
# A list of templates used for installing static pod manifests on the control plane.
|
||||
k3s_server_pod_manifests_templates: []
|
||||
|
||||
# A list of URLs used for installing static pod manifests on the control plane.
|
||||
k3s_server_pod_manifests_urls: []
|
||||
# - url: https://some/url/to/manifest.yml
|
||||
# filename: manifest.yml
|
||||
|
||||
# Use experimental features in k3s?
|
||||
k3s_use_experimental: false
|
||||
|
||||
@ -66,6 +97,17 @@ k3s_service_before: []
|
||||
# Start k3s after a defined list of systemd units.
|
||||
k3s_service_after: []
|
||||
|
||||
# Dictionary of environment variables to use within systemd unit file
|
||||
# Some examples below
|
||||
k3s_service_env_vars: {}
|
||||
# PATH: /opt/k3s/bin
|
||||
# GOGC: 10
|
||||
|
||||
# Location on host of a environment file to include. This must already exist on
|
||||
# the target as this role will not populate this file.
|
||||
k3s_service_env_file: false
|
||||
|
||||
|
||||
##
|
||||
# Server Configuration
|
||||
##
|
||||
@ -88,15 +130,8 @@ k3s_agent: {}
|
||||
# Ansible Controller configuration
|
||||
##
|
||||
|
||||
# Use become privileges for
|
||||
k3s_become_for_all: false
|
||||
k3s_become_for_systemd: null
|
||||
k3s_become_for_install_dir: null
|
||||
k3s_become_for_directory_creation: null
|
||||
k3s_become_for_usr_local_bin: null
|
||||
k3s_become_for_package_install: null
|
||||
k3s_become_for_kubectl: null
|
||||
k3s_become_for_uninstall: null
|
||||
# Use become privileges?
|
||||
k3s_become: false
|
||||
|
||||
# Private registry configuration.
|
||||
# Rancher k3s documentation: https://rancher.com/docs/k3s/latest/en/installation/private-registry/
|
||||
|
@ -33,6 +33,7 @@ minimum configuration.
|
||||
- [Provision multiple standalone k3s nodes](configuration/multiple-standalone-k3s-nodes.md)
|
||||
- [Set node labels and component arguments](configuration/node-labels-and-component-args.md)
|
||||
- [Use an alternate CNI](configuration/use-an-alternate-cni.md)
|
||||
- [IPv4/IPv6 Dual-Stack config](configuration/ipv4-ipv6-dual-stack.md)
|
||||
- [Start K3S after another service](configuration/systemd-config.md)
|
||||
|
||||
### Operations
|
||||
|
21
documentation/configuration/ipv4-ipv6-dual-stack.md
Normal file
21
documentation/configuration/ipv4-ipv6-dual-stack.md
Normal file
@ -0,0 +1,21 @@
|
||||
# IPv4 and IPv6 Dual-stack config
|
||||
|
||||
If you need to run your K3S cluster with both IPv4 and IPv6 address ranges
|
||||
you will need to configure the `k3s_server.cluster-cidr` and
|
||||
`k3s_server.service-cidr` values specifying both ranges.
|
||||
|
||||
:hand: if you are using `k3s<1.23` you will need to use a different CNI as
|
||||
dual-stack support is not available in Flannel.
|
||||
|
||||
Below is a noddy example:
|
||||
|
||||
```yaml
|
||||
---
|
||||
|
||||
k3s_server:
|
||||
# Using Calico on k3s<1.23 so Flannel needs to be disabled.
|
||||
flannel-backend: 'none'
|
||||
# Format: ipv4/cidr,ipv6/cidr
|
||||
cluster-cidr: 10.42.0.0/16,fc00:a0::/64
|
||||
service-cidr: 10.43.0.0/16,fc00:a1::/64
|
||||
```
|
@ -84,7 +84,7 @@ Here is our playbook for the k3s cluster (`cluster.yml`):
|
||||
- name: Build a cluster with a single control node
|
||||
hosts: k3s_cluster
|
||||
vars:
|
||||
k3s_become_for_all: true
|
||||
k3s_become: true
|
||||
roles:
|
||||
- role: xanmanning.k3s
|
||||
```
|
||||
@ -118,7 +118,7 @@ workloads by running the following:
|
||||
|
||||
:hand: Note we are using `sudo` because we need to be root to access the
|
||||
kube config for this node. This behavior can be changed with specifying
|
||||
`write-kubeconfig-mode: 0644` in `k3s_server`.
|
||||
`write-kubeconfig-mode: '0644'` in `k3s_server`.
|
||||
|
||||
**Get Nodes**:
|
||||
|
||||
|
@ -90,7 +90,7 @@ Here is our playbook for the k3s cluster (`ha_cluster.yml`):
|
||||
- name: Build a cluster with HA control plane
|
||||
hosts: k3s_cluster
|
||||
vars:
|
||||
k3s_become_for_all: true
|
||||
k3s_become: true
|
||||
k3s_etcd_datastore: true
|
||||
k3s_use_experimental: true # Note this is required for k3s < v1.19.5+k3s1
|
||||
roles:
|
||||
@ -126,7 +126,7 @@ ready to execute our Kubernetes workloads by running the following:
|
||||
|
||||
:hand: Note we are using `sudo` because we need to be root to access the
|
||||
kube config for this node. This behavior can be changed with specifying
|
||||
`write-kubeconfig-mode: 0644` in `k3s_server`.
|
||||
`write-kubeconfig-mode: '0644'` in `k3s_server`.
|
||||
|
||||
**Get Nodes**:
|
||||
|
||||
|
@ -66,7 +66,7 @@ Here is our playbook for a single node k3s cluster (`single_node.yml`):
|
||||
- name: Build a single node k3s cluster
|
||||
hosts: kube-0
|
||||
vars:
|
||||
k3s_become_for_all: true
|
||||
k3s_become: true
|
||||
roles:
|
||||
- role: xanmanning.k3s
|
||||
```
|
||||
@ -96,7 +96,7 @@ ready to execute our Kubernetes workloads by running the following:
|
||||
|
||||
:hand: Note we are using `sudo` because we need to be root to access the
|
||||
kube config for this node. This behavior can be changed with specifying
|
||||
`write-kubeconfig-mode: 0644` in `k3s_server`.
|
||||
`write-kubeconfig-mode: '0644'` in `k3s_server`.
|
||||
|
||||
**Get Nodes**:
|
||||
|
||||
|
@ -1,12 +1,17 @@
|
||||
---
|
||||
|
||||
- name: reload systemd
|
||||
- name: Reload systemd
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: true
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart k3s
|
||||
- name: Reload service
|
||||
ansible.builtin.set_fact:
|
||||
k3s_service_reloaded: true
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Restart k3s systemd
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: restarted
|
||||
@ -18,15 +23,17 @@
|
||||
failed_when:
|
||||
- k3s_systemd_restart_k3s is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: restart docker
|
||||
ansible.builtin.systemd:
|
||||
name: docker
|
||||
- name: Restart k3s service
|
||||
ansible.builtin.service:
|
||||
name: k3s
|
||||
state: restarted
|
||||
enabled: true
|
||||
register: k3s_systemd_restart_docker
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
retries: 3
|
||||
delay: 3
|
||||
register: k3s_service_restart_k3s
|
||||
failed_when:
|
||||
- k3s_systemd_restart_docker is not success
|
||||
- k3s_service_restart_k3s is not success
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
@ -38,6 +38,9 @@ galaxy_info:
|
||||
# platforms is a list of platforms, and each platform has a name and a list of versions.
|
||||
#
|
||||
platforms:
|
||||
- name: Alpine
|
||||
versions:
|
||||
- all
|
||||
- name: Archlinux
|
||||
versions:
|
||||
- all
|
||||
|
@ -4,14 +4,25 @@
|
||||
become: true
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_release_version: latest
|
||||
k3s_release_version: v1.22
|
||||
k3s_build_cluster: false
|
||||
k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d
|
||||
k3s_install_dir: /opt/k3s/bin
|
||||
k3s_config_file: /opt/k3s/etc/k3s.yaml
|
||||
k3s_config_file: /opt/k3s/etc/k3s_config.yaml
|
||||
k3s_server:
|
||||
data-dir: /var/lib/k3s-io
|
||||
default-local-storage-path: /var/lib/k3s-io/local-storage
|
||||
disable:
|
||||
- metrics-server
|
||||
- traefik
|
||||
# k3s_agent:
|
||||
# snapshotter: native
|
||||
k3s_server_manifests_templates:
|
||||
- "molecule/autodeploy/templates/00-ns-monitoring.yml.j2"
|
||||
k3s_server_manifests_urls:
|
||||
- url: https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml
|
||||
filename: 05-metallb-namespace.yml
|
||||
k3s_service_env_vars:
|
||||
K3S_TEST_VAR: "Hello world!"
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
@ -3,8 +3,10 @@
|
||||
hosts: node*
|
||||
become: true
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
|
@ -4,6 +4,8 @@
|
||||
become: true
|
||||
vars:
|
||||
pyratlabs_issue_controller_dump: true
|
||||
# k3s_agent:
|
||||
# snapshotter: native
|
||||
pre_tasks:
|
||||
- name: Ensure k3s_debug is set
|
||||
ansible.builtin.set_fact:
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
@ -2,7 +2,9 @@
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
@ -8,3 +8,5 @@
|
||||
molecule_is_test: true
|
||||
k3s_install_hard_links: true
|
||||
k3s_release_version: stable
|
||||
# k3s_agent:
|
||||
# snapshotter: native
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
@ -2,7 +2,9 @@
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_server:
|
||||
https-listen-port: 26443
|
||||
cluster-domain: examplecluster.local
|
||||
k3s_agent:
|
||||
docker: true
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
@ -1,60 +0,0 @@
|
||||
---
|
||||
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- check
|
||||
- converge
|
||||
- idempotence
|
||||
- side_effect
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||
networks:
|
||||
- name: k3snet
|
||||
provisioner:
|
||||
name: ansible
|
||||
options:
|
||||
verbose: true
|
||||
verifier:
|
||||
name: ansible
|
@ -1,8 +0,0 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
@ -6,8 +6,12 @@
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_registration_address: loadbalancer
|
||||
k3s_control_token: 55ba04e5-e17d-4535-9170-3e4245453f4d
|
||||
k3s_server:
|
||||
datastore-endpoint: "postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable"
|
||||
# k3s_agent:
|
||||
# snapshotter: native
|
||||
k3s_service_env_file: /tmp/k3s.env
|
||||
pre_tasks:
|
||||
- name: Set each node to be a control node
|
||||
ansible.builtin.set_fact:
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -61,7 +56,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: loadbalancer
|
||||
image: geerlingguy/docker-centos8-ansible:latest
|
||||
image: geerlingguy/docker-rockylinux8-ansible:latest
|
||||
pre_build_image: true
|
||||
ports:
|
||||
- "6443:6443"
|
||||
|
@ -33,7 +33,16 @@
|
||||
- name: Prepare nodes
|
||||
hosts: node*
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure environment file exists for k3s_service_env_file
|
||||
ansible.builtin.lineinfile:
|
||||
path: /tmp/k3s.env
|
||||
line: "THISHOST={{ ansible_hostname }}"
|
||||
mode: 0644
|
||||
create: true
|
||||
|
@ -5,10 +5,17 @@
|
||||
become: true
|
||||
vars:
|
||||
molecule_is_test: true
|
||||
k3s_release_version: "v1.21"
|
||||
k3s_use_experimental: true
|
||||
k3s_etcd_datastore: true
|
||||
k3s_server:
|
||||
secrets-encryption: true
|
||||
k3s_agent:
|
||||
node-ip: "{{ ansible_default_ipv4.address }}"
|
||||
snapshotter: native
|
||||
selinux: "{{ ansible_os_family | lower == 'redhat' }}"
|
||||
k3s_skip_validation: "{{ k3s_service_handler[ansible_service_mgr] == 'service' }}"
|
||||
# k3s_skip_post_checks: "{{ ansible_os_family | lower == 'redhat' }}"
|
||||
pre_tasks:
|
||||
- name: Set each node to be a control node
|
||||
ansible.builtin.set_fact:
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -53,7 +48,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: loadbalancer
|
||||
image: geerlingguy/docker-centos8-ansible:latest
|
||||
image: geerlingguy/docker-rockylinux8-ansible:latest
|
||||
pre_build_image: true
|
||||
ports:
|
||||
- "6443:6443"
|
||||
|
@ -1,12 +1,23 @@
|
||||
---
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
|
||||
- name: Prepare all nodes
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure sudo is installed
|
||||
community.general.apk:
|
||||
name: sudo
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apk'
|
||||
|
||||
- name: Prepare Load Balancer
|
||||
hosts: loadbalancer
|
||||
tasks:
|
||||
- name: Ensure HAProxy is installed
|
||||
ansible.builtin.package:
|
||||
name: haproxy
|
||||
@ -33,7 +44,16 @@
|
||||
- name: Prepare nodes
|
||||
hosts: node*
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Ensure iproute is installed
|
||||
ansible.builtin.dnf:
|
||||
name: iproute
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'dnf'
|
||||
|
4
molecule/lint-requirements.txt
Normal file
4
molecule/lint-requirements.txt
Normal file
@ -0,0 +1,4 @@
|
||||
-r ../requirements.txt
|
||||
|
||||
yamllint>=1.25.0
|
||||
ansible-lint>=4.3.5
|
1
molecule/nodeploy/.gitignore
vendored
Normal file
1
molecule/nodeploy/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
files/*
|
@ -6,5 +6,7 @@
|
||||
molecule_is_test: true
|
||||
k3s_server: "{{ lookup('file', 'k3s_server.yml') | from_yaml }}"
|
||||
k3s_agent: "{{ lookup('file', 'k3s_agent.yml') | from_yaml }}"
|
||||
k3s_airgap: true
|
||||
k3s_release_version: latest
|
||||
roles:
|
||||
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||
|
@ -6,3 +6,4 @@ node-label:
|
||||
kubelet-arg:
|
||||
- "cloud-provider=external"
|
||||
- "provider-id=azure"
|
||||
# snapshotter: native
|
||||
|
@ -7,7 +7,6 @@ driver:
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- lint
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
@ -20,13 +19,9 @@ scenario:
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
lint: |
|
||||
set -e
|
||||
yamllint -s .
|
||||
ansible-lint --exclude molecule/
|
||||
platforms:
|
||||
- name: node1
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -35,7 +30,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node2
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
@ -44,7 +39,7 @@ platforms:
|
||||
networks:
|
||||
- name: k3snet
|
||||
- name: node3
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
|
@ -2,7 +2,26 @@
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Ensure apt cache is updated
|
||||
- name: Ensure apt cache is updated and iptables is installed
|
||||
ansible.builtin.apt:
|
||||
name: iptables
|
||||
state: present
|
||||
update_cache: true
|
||||
when: ansible_pkg_mgr == 'apt'
|
||||
|
||||
- name: Prepare air-gapped installation
|
||||
delegate_to: localhost
|
||||
run_once: true
|
||||
block:
|
||||
|
||||
- name: Ensure files directory exists
|
||||
ansible.builtin.file:
|
||||
path: ./files
|
||||
state: directory
|
||||
mode: 0750
|
||||
|
||||
- name: Ensure k3s is downloaded for air-gap installation
|
||||
ansible.builtin.get_url:
|
||||
url: https://github.com/k3s-io/k3s/releases/download/v1.22.5%2Bk3s1/k3s
|
||||
dest: ./files/k3s
|
||||
mode: 0755
|
||||
|
@ -1,6 +1,4 @@
|
||||
-r ../requirements.txt
|
||||
|
||||
molecule[docker]>=3.2
|
||||
molecule-plugins[docker]
|
||||
docker>=4.3.1
|
||||
yamllint>=1.25.0
|
||||
ansible-lint>=4.3.5
|
||||
|
@ -1 +1 @@
|
||||
ansible>=2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3
|
||||
ansible>=2.10.7
|
||||
|
@ -1,86 +0,0 @@
|
||||
---
|
||||
|
||||
- name: "Ensure cluster token is captured from {{ k3s_control_delegate }}"
|
||||
ansible.builtin.slurp:
|
||||
path: "{{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}/server/token"
|
||||
register: k3s_slurped_cluster_token
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
when:
|
||||
- k3s_control_token is not defined
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure cluster token is formatted correctly for use in templates
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_token: "{{ k3s_slurped_cluster_token.content | b64decode }}"
|
||||
when: k3s_control_token is not defined and not ansible_check_mode
|
||||
|
||||
- name: Ensure dummy cluster token is defined for ansible_check_mode
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_token: "{{ k3s_control_delegate | to_uuid }}"
|
||||
check_mode: false
|
||||
when: k3s_control_token is not defined and ansible_check_mode
|
||||
|
||||
- name: Ensure the cluster token file location exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ k3s_token_location | dirname }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure k3s cluster token file is present on workers and secondary control nodes
|
||||
ansible.builtin.template:
|
||||
src: cluster-token.j2
|
||||
dest: "{{ k3s_token_location }}"
|
||||
mode: 0600
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
when: (k3s_control_node and not k3s_primary_control_node)
|
||||
or not k3s_control_node
|
||||
notify:
|
||||
- restart k3s
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
src: config.yaml.j2
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure secondary controllers are started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
register: ensure_secondary_controllers_started
|
||||
failed_when:
|
||||
- ensure_secondary_controllers_started is not succeeded
|
||||
- not ansible_check_mode
|
||||
until: ensure_secondary_controllers_started is succeeded
|
||||
retries: "{{ ansible_play_hosts_all | length }}"
|
||||
delay: 5
|
||||
when:
|
||||
- k3s_control_node
|
||||
- not k3s_primary_control_node
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- import_tasks: ../validate/state/control-plane.yml
|
||||
when: not k3s_skip_validation
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- import_tasks: ../validate/state/nodes.yml
|
||||
when: not k3s_skip_validation
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using amazon-linux-extras
|
||||
ansible.builtin.command:
|
||||
cmd: amazon-linux-extras install docker
|
||||
args:
|
||||
creates: /etc/docker
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1 +0,0 @@
|
||||
---
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Pacman
|
||||
community.general.pacman:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,29 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure Docker prerequisites are installed
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
|
||||
- software-properties-common
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker APT key is present
|
||||
ansible.builtin.apt_key:
|
||||
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
|
||||
state: present
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker repository is installed and configured
|
||||
ansible.builtin.apt_repository:
|
||||
filename: docker-ce
|
||||
repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
|
||||
update_cache: true
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
state: present
|
||||
register: ensure_docker_installed
|
||||
until: ensure_docker_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,56 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure python-dnf is installed
|
||||
ansible.builtin.package:
|
||||
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
|
||||
state: present
|
||||
register: ensure_python_dnf_installed
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
until: ensure_python_dnf_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: ansible_pkg_mgr == 'dnf'
|
||||
|
||||
- name: Ensure Docker prerequisites are installed
|
||||
ansible.builtin.yum:
|
||||
name:
|
||||
- yum-utils
|
||||
- device-mapper-persistent-data
|
||||
- lvm2
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Check to see if Docker repository is available for this distribution
|
||||
ansible.builtin.uri:
|
||||
url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}"
|
||||
register: k3s_redhat_repo_check
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
|
||||
- name: Ensure Docker repository is installed and configured
|
||||
ansible.builtin.yum_repository:
|
||||
name: docker-ce
|
||||
description: Docker CE Repository
|
||||
baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
|
||||
gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
|
||||
enabled: true
|
||||
gpgcheck: true
|
||||
state: present
|
||||
when:
|
||||
- ansible_distribution | lower not in ['amazon']
|
||||
- k3s_redhat_repo_check.status == 200
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure Docker repository is installed and configured from file
|
||||
ansible.builtin.command:
|
||||
cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
|
||||
args:
|
||||
creates: /etc/yum.repos.d/docker-ce.repo
|
||||
when:
|
||||
- ansible_distribution | lower not in ['amazon']
|
||||
- k3s_redhat_repo_check.status != 200
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
@ -1 +0,0 @@
|
||||
---
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is installed using Zypper
|
||||
community.general.zypper:
|
||||
name: docker
|
||||
state: present
|
||||
register: ensure_docker_prerequisites_installed
|
||||
until: ensure_docker_prerequisites_installed is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
notify:
|
||||
- restart docker
|
||||
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
@ -1,58 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s is linked into the installation destination
|
||||
ansible.builtin.file:
|
||||
src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
dest: "{{ k3s_install_dir }}/{{ item }}"
|
||||
state: "{{ 'hard' if k3s_install_hard_links else 'link' }}"
|
||||
force: "{{ k3s_install_hard_links }}"
|
||||
mode: 0755
|
||||
loop:
|
||||
- k3s
|
||||
- kubectl
|
||||
- crictl
|
||||
- ctr
|
||||
when: not ansible_check_mode
|
||||
notify:
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
src: config.yaml.j2
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Ensure k3s killall script is present
|
||||
ansible.builtin.template:
|
||||
src: k3s-killall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-killall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- name: Ensure k3s uninstall script is present
|
||||
ansible.builtin.template:
|
||||
src: k3s-uninstall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-uninstall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
@ -1,32 +0,0 @@
|
||||
---
|
||||
|
||||
- include_tasks: install-k3s-directories.yml
|
||||
loop: "{{ k3s_ensure_directories_exist }}"
|
||||
loop_control:
|
||||
loop_var: directory
|
||||
|
||||
- include_tasks: install-k3s-node.yml
|
||||
when:
|
||||
- ((k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1))
|
||||
- not ansible_check_mode
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- include_tasks: install-k3s-node.yml
|
||||
when: k3s_build_cluster
|
||||
|
||||
- name: Ensure k3s initial control plane server is started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
register: k3s_systemd_start_k3s
|
||||
failed_when:
|
||||
- k3s_systemd_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: k3s_server_manifests_templates | length > 0
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_templates }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
108
tasks/ensure_cluster.yml
Normal file
108
tasks/ensure_cluster.yml
Normal file
@ -0,0 +1,108 @@
|
||||
---
|
||||
|
||||
- name: "Ensure cluster token is captured from {{ k3s_control_delegate }}"
|
||||
ansible.builtin.slurp:
|
||||
path: "{{ k3s_runtime_config['data-dir'] | default(k3s_data_dir) }}/server/token"
|
||||
register: k3s_slurped_cluster_token
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
when:
|
||||
- k3s_control_token is not defined
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure cluster token is formatted correctly for use in templates
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_token_content: "{{ k3s_control_token | default(k3s_slurped_cluster_token.content | b64decode) }}"
|
||||
when:
|
||||
- k3s_control_token is not defined
|
||||
- not ansible_check_mode
|
||||
|
||||
- name: Ensure dummy cluster token is defined for ansible_check_mode
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_token_content: "{{ k3s_control_delegate | to_uuid }}"
|
||||
check_mode: false
|
||||
when:
|
||||
- ansible_check_mode
|
||||
|
||||
- name: Ensure the cluster token file location exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ k3s_token_location | dirname }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s cluster token file is present
|
||||
ansible.builtin.template:
|
||||
src: cluster-token.j2
|
||||
dest: "{{ k3s_token_location }}"
|
||||
mode: 0600
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'systemd'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
|
||||
- name: Ensure k3s service file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.openrc.j2
|
||||
dest: "{{ k3s_openrc_service_dir }}/k3s"
|
||||
mode: 0744
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s logrotate file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.logrotate.j2
|
||||
dest: "{{ k3s_logrotate_dir }}/k3s"
|
||||
mode: 0640
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
src: config.yaml.j2
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure secondary controllers are started
|
||||
ansible.builtin.include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- not k3s_primary_control_node
|
||||
|
||||
- name: Run control plane post checks
|
||||
ansible.builtin.import_tasks: post_checks_control_plane.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_post_checks
|
||||
|
||||
- name: Flush Handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Run node post checks
|
||||
ansible.builtin.import_tasks: post_checks_nodes.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_post_checks
|
@ -6,6 +6,6 @@
|
||||
dest: "{{ k3s_config_dir }}/registries.yaml"
|
||||
mode: 0600
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart k3s
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
15
tasks/ensure_control_plane_started_openrc.yml
Normal file
15
tasks/ensure_control_plane_started_openrc.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s control plane server is started
|
||||
ansible.builtin.service:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
register: k3s_service_start_k3s
|
||||
until: k3s_service_start_k3s is succeeded
|
||||
retries: 3
|
||||
delay: 3
|
||||
failed_when:
|
||||
- k3s_service_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s control plane server is started
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
scope: "{{ k3s_systemd_context }}"
|
||||
register: k3s_systemd_start_k3s
|
||||
until: k3s_systemd_start_k3s is succeeded
|
||||
retries: 3
|
||||
delay: 3
|
||||
failed_when:
|
||||
- k3s_systemd_start_k3s is not succeeded
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become }}"
|
@ -5,7 +5,7 @@
|
||||
path: "{{ directory.path }}"
|
||||
state: directory
|
||||
mode: "{{ directory.mode | default(755) }}"
|
||||
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- directory.path is defined
|
||||
- directory.path | length > 0
|
@ -48,4 +48,4 @@
|
||||
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
checksum: "sha256:{{ k3s_hash_sum }}"
|
||||
mode: 0755
|
||||
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -4,11 +4,15 @@
|
||||
ansible.builtin.stat:
|
||||
path: "{{ k3s_install_dir }}/kubectl"
|
||||
register: k3s_check_kubectl
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Clean up nodes that are in an uninstalled state
|
||||
when:
|
||||
- k3s_check_kubectl.stat.exists is defined
|
||||
- k3s_check_kubectl.stat.exists
|
||||
- k3s_control_delegate is defined
|
||||
- not ansible_check_mode
|
||||
block:
|
||||
|
||||
- name: Gather a list of nodes
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ k3s_install_dir }}/kubectl get nodes"
|
||||
@ -17,40 +21,34 @@
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
run_once: true
|
||||
register: kubectl_get_nodes_result
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure uninstalled nodes are drained
|
||||
- name: Ensure uninstalled nodes are drained # noqa no-changed-when
|
||||
ansible.builtin.command:
|
||||
cmd: >-
|
||||
{{ k3s_install_dir }}/kubectl drain {{ item }}
|
||||
{{ k3s_install_dir }}/kubectl drain {{ hostvars[item].ansible_hostname }}
|
||||
--ignore-daemonsets
|
||||
--delete-local-data
|
||||
--{{ k3s_drain_command[ansible_version.string is version_compare('1.22', '>=')] }}
|
||||
--force
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
run_once: true
|
||||
when:
|
||||
- kubectl_get_nodes_result.stdout is defined
|
||||
- item in kubectl_get_nodes_result.stdout
|
||||
- hostvars[item].ansible_hostname in kubectl_get_nodes_result.stdout
|
||||
- hostvars[item].k3s_state is defined
|
||||
- hostvars[item].k3s_state == 'uninstalled'
|
||||
loop: "{{ ansible_play_hosts_all }}"
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure uninstalled nodes are removed
|
||||
- name: Ensure uninstalled nodes are removed # noqa no-changed-when
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ k3s_install_dir }}/kubectl delete node {{ item }}"
|
||||
cmd: "{{ k3s_install_dir }}/kubectl delete node {{ hostvars[item].ansible_hostname }}"
|
||||
delegate_to: "{{ k3s_control_delegate }}"
|
||||
run_once: true
|
||||
when:
|
||||
- kubectl_get_nodes_result.stdout is defined
|
||||
- item in kubectl_get_nodes_result.stdout
|
||||
- hostvars[item].ansible_hostname in kubectl_get_nodes_result.stdout
|
||||
- hostvars[item].k3s_state is defined
|
||||
- hostvars[item].k3s_state == 'uninstalled'
|
||||
loop: "{{ ansible_play_hosts_all }}"
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
when:
|
||||
- k3s_check_kubectl.stat.exists is defined
|
||||
- k3s_check_kubectl.stat.exists
|
||||
- k3s_control_delegate is defined
|
||||
- not ansible_check_mode
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
become: "{{ k3s_become }}"
|
32
tasks/ensure_installed.yml
Normal file
32
tasks/ensure_installed.yml
Normal file
@ -0,0 +1,32 @@
|
||||
---
|
||||
|
||||
- name: Ensure directories exist
|
||||
ansible.builtin.include_tasks: ensure_directories.yml
|
||||
loop: "{{ k3s_ensure_directories_exist }}"
|
||||
loop_control:
|
||||
loop_var: directory
|
||||
|
||||
- name: Ensure installed node
|
||||
ansible.builtin.include_tasks: ensure_installed_node.yml
|
||||
when:
|
||||
- ((k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1))
|
||||
- not ansible_check_mode
|
||||
|
||||
- name: Flush Handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Ensure installed node | k3s_build_cluster
|
||||
ansible.builtin.include_tasks: ensure_installed_node.yml
|
||||
when: k3s_build_cluster
|
||||
|
||||
- name: Determine if the systems are already clustered
|
||||
ansible.builtin.stat:
|
||||
path: "{{ k3s_token_location }}"
|
||||
register: k3s_token_cluster_check
|
||||
|
||||
- name: Ensure control plane started with {{ ansible_service_mgr }}
|
||||
ansible.builtin.include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
|
||||
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||
or k3s_token_cluster_check.stat.exists
|
103
tasks/ensure_installed_node.yml
Normal file
103
tasks/ensure_installed_node.yml
Normal file
@ -0,0 +1,103 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s is linked into the installation destination
|
||||
ansible.builtin.file:
|
||||
src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
dest: "{{ k3s_install_dir }}/{{ item }}"
|
||||
state: "{{ 'hard' if k3s_install_hard_links else 'link' }}"
|
||||
force: "{{ k3s_install_hard_links }}"
|
||||
mode: 0755
|
||||
loop:
|
||||
- k3s
|
||||
- kubectl
|
||||
- crictl
|
||||
- ctr
|
||||
when: not ansible_check_mode
|
||||
notify:
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s config file exists
|
||||
ansible.builtin.template:
|
||||
src: config.yaml.j2
|
||||
dest: "{{ k3s_config_file }}"
|
||||
mode: 0644
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure cluster token is present when pre-defined
|
||||
when: k3s_control_token is defined
|
||||
block:
|
||||
- name: Ensure the cluster token file location exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ k3s_token_location | dirname }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s cluster token file is present
|
||||
ansible.builtin.template:
|
||||
src: cluster-token.j2
|
||||
dest: "{{ k3s_token_location }}"
|
||||
mode: 0600
|
||||
become: "{{ k3s_become }}"
|
||||
notify:
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
|
||||
- name: Ensure k3s service unit file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.service.j2
|
||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||
mode: 0644
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'systemd'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.openrc.j2
|
||||
dest: "{{ k3s_openrc_service_dir }}/k3s"
|
||||
mode: 0744
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s logrotate file is present
|
||||
ansible.builtin.template:
|
||||
src: k3s.logrotate.j2
|
||||
dest: "{{ k3s_logrotate_dir }}/k3s"
|
||||
mode: 0640
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
notify:
|
||||
- "Reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
- "Restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s killall script is present
|
||||
ansible.builtin.template:
|
||||
src: k3s-killall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-killall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- name: Ensure k3s uninstall script is present
|
||||
ansible.builtin.template:
|
||||
src: k3s-uninstall.sh.j2
|
||||
dest: "/usr/local/bin/k3s-uninstall.sh"
|
||||
mode: 0700
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_runtime_config is defined
|
||||
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
70
tasks/ensure_k3s_auto_deploy.yml
Normal file
70
tasks/ensure_k3s_auto_deploy.yml
Normal file
@ -0,0 +1,70 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_primary_control_node and
|
||||
(k3s_server_manifests_templates | length > 0
|
||||
or k3s_server_manifests_urls | length > 0)
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure that the pod-manifests directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_server_pod_manifests_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_control_node and
|
||||
(k3s_server_pod_manifests_templates | length > 0
|
||||
or k3s_server_pod_manifests_urls | length > 0)
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are copied to the primary controller
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_templates }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_primary_control_node
|
||||
- k3s_server_manifests_templates | length > 0
|
||||
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_manifests_dir }}/{{ item.filename | default(item.url | basename) }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_manifests_urls }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_primary_control_node
|
||||
- not ansible_check_mode
|
||||
- k3s_server_manifests_urls | length > 0
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/1691
|
||||
- name: Ensure static pod manifests are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_templates }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_control_node
|
||||
|
||||
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
|
||||
- name: Ensure auto-deploying manifests are downloaded to the primary controller
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename | default(item.url | basename) }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_pod_manifests_urls }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when:
|
||||
- k3s_control_node
|
||||
- not ansible_check_mode
|
31
tasks/ensure_k3s_config_files.yml
Normal file
31
tasks/ensure_k3s_config_files.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
|
||||
- name: Ensure that the config.yaml.d directory exists
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ k3s_config_yaml_d_dir }}"
|
||||
mode: 0755
|
||||
when: >-
|
||||
k3s_server_config_yaml_d_files | length > 0
|
||||
or k3s_agent_config_yaml_d_files | length > 0
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to controllers
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2', '') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_server_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when: k3s_control_node
|
||||
|
||||
# https://github.com/k3s-io/k3s/pull/3162
|
||||
- name: Ensure configuration files are copied to agents
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2', '') }}"
|
||||
mode: 0644
|
||||
loop: "{{ k3s_agent_config_yaml_d_files }}"
|
||||
become: "{{ k3s_become }}"
|
||||
when: not k3s_control_node
|
@ -4,17 +4,17 @@
|
||||
ansible.builtin.set_fact:
|
||||
k3s_build_cluster: false
|
||||
when:
|
||||
- ansible_play_hosts_all | length < 2
|
||||
- ansible_play_hosts | length < 2
|
||||
- k3s_registration_address is not defined
|
||||
|
||||
- name: Ensure k3s control node fact is set
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_node: "{{ 'false' if k3s_build_cluster else 'true' }}"
|
||||
k3s_control_node: "{{ not k3s_build_cluster }}"
|
||||
when: k3s_control_node is not defined
|
||||
|
||||
- name: Ensure k3s primary control node fact is set
|
||||
ansible.builtin.set_fact:
|
||||
k3s_primary_control_node: "{{ 'false' if k3s_build_cluster else 'true' }}"
|
||||
k3s_primary_control_node: "{{ not k3s_build_cluster }}"
|
||||
when: k3s_primary_control_node is not defined
|
||||
|
||||
- name: Ensure k3s control plane port is captured
|
||||
@ -22,58 +22,98 @@
|
||||
k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
|
||||
delegate_to: k3s_primary_control_node
|
||||
|
||||
- name: Ensure a count of control nodes is generated from ansible_play_hosts_all
|
||||
- name: Ensure k3s node IP is configured when node-ip is defined
|
||||
ansible.builtin.set_fact:
|
||||
k3s_controller_list: "{{ k3s_controller_list + [ item ] }}"
|
||||
k3s_node_ip: "{{ k3s_runtime_config['node-ip'] }}"
|
||||
when:
|
||||
- k3s_runtime_config['node-ip'] is defined
|
||||
|
||||
- name: Ensure a count of control nodes is generated from ansible_play_hosts
|
||||
ansible.builtin.set_fact:
|
||||
k3s_controller_list: "{{ k3s_controller_list + [item] }}"
|
||||
when:
|
||||
- hostvars[item].k3s_control_node is defined
|
||||
- hostvars[item].k3s_control_node
|
||||
loop: "{{ ansible_play_hosts_all }}"
|
||||
|
||||
- name: Ensure a k3s control node is defined if none are found in ansible_play_hosts_all
|
||||
block:
|
||||
|
||||
- name: Set the control host
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_node: true
|
||||
when: inventory_hostname == ansible_play_hosts_all[0]
|
||||
|
||||
- name: Ensure a count of control nodes is generated
|
||||
ansible.builtin.set_fact:
|
||||
k3s_controller_list: "{{ k3s_controller_list + [ item ] }}"
|
||||
when:
|
||||
- hostvars[item].k3s_control_node is defined
|
||||
- hostvars[item].k3s_control_node
|
||||
loop: "{{ ansible_play_hosts_all }}"
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
|
||||
- name: Ensure a k3s control node is defined if none are found in ansible_play_hosts
|
||||
when:
|
||||
- k3s_controller_list | length < 1
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
block:
|
||||
- name: Set the control host
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_node: true
|
||||
when: inventory_hostname == ansible_play_hosts[0]
|
||||
|
||||
- name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts_all
|
||||
- name: Ensure a count of control nodes is generated
|
||||
ansible.builtin.set_fact:
|
||||
k3s_controller_list: "{{ k3s_controller_list + [item] }}"
|
||||
when:
|
||||
- hostvars[item].k3s_control_node is defined
|
||||
- hostvars[item].k3s_control_node
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
|
||||
- name: Ensure an existing primary k3s control node is defined if multiple are found and at least one is running
|
||||
when:
|
||||
- k3s_controller_list | length >= 1
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_control_delegate is not defined
|
||||
block:
|
||||
- name: Test if control plane is running
|
||||
ansible.builtin.wait_for:
|
||||
port: "{{ k3s_runtime_config['https-listen-port'] | default('6443') }}"
|
||||
host: "{{ k3s_runtime_config['bind-address'] | default('127.0.0.1') }}"
|
||||
timeout: 5
|
||||
register: k3s_control_node_running
|
||||
ignore_errors: true
|
||||
when: k3s_control_node
|
||||
|
||||
- name: List running control planes
|
||||
ansible.builtin.set_fact:
|
||||
k3s_running_controller_list: "{{ k3s_running_controller_list + [item] }}"
|
||||
when:
|
||||
- hostvars[item].k3s_control_node_running is not skipped
|
||||
- hostvars[item].k3s_control_node_running is succeeded
|
||||
loop: "{{ ansible_play_hosts }}"
|
||||
|
||||
- name: Choose first running node as delegate
|
||||
ansible.builtin.set_fact:
|
||||
k3s_control_delegate: "{{ k3s_running_controller_list[0] }}"
|
||||
when: k3s_running_controller_list | length >= 1
|
||||
|
||||
- name: Ensure k3s_primary_control_node is set on the delegate
|
||||
ansible.builtin.set_fact:
|
||||
k3s_primary_control_node: true
|
||||
when:
|
||||
- k3s_control_delegate is defined
|
||||
- inventory_hostname == k3s_control_delegate
|
||||
|
||||
- name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts
|
||||
ansible.builtin.set_fact:
|
||||
k3s_primary_control_node: true
|
||||
when:
|
||||
- k3s_controller_list is defined
|
||||
- k3s_controller_list | length > 1
|
||||
- inventory_hostname == k3s_controller_list[0]
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_control_delegate is not defined
|
||||
|
||||
- name: Ensure ansible_host is mapped to inventory_hostname
|
||||
ansible.builtin.blockinfile:
|
||||
path: /tmp/inventory.txt
|
||||
block: |
|
||||
{% for host in ansible_play_hosts_all %}
|
||||
{% for host in ansible_play_hosts %}
|
||||
{% filter replace('\n', ' ') %}
|
||||
{{ host }}
|
||||
@@@
|
||||
{{ hostvars[host].ansible_host | default(hostvars[host].ansible_fqdn) }}
|
||||
{{ hostvars[host].ansible_host | default(hostvars[host].ansible_fqdn) | string }}
|
||||
@@@
|
||||
C_{{ hostvars[host].k3s_control_node }}
|
||||
C_{{ hostvars[host].k3s_control_node | string }}
|
||||
@@@
|
||||
P_{{ hostvars[host].k3s_primary_control_node | default(False) }}
|
||||
P_{{ hostvars[host].k3s_primary_control_node | default(False) | string }}
|
||||
{% endfilter %}
|
||||
@@@ END:{{ host }}
|
||||
{% endfor %}
|
||||
@ -83,10 +123,12 @@
|
||||
when: k3s_control_node is defined
|
||||
|
||||
- name: Delegate an initializing control plane node
|
||||
when: k3s_registration_address is not defined
|
||||
or k3s_control_delegate is not defined
|
||||
block:
|
||||
- name: Lookup control node from file
|
||||
ansible.builtin.command:
|
||||
cmd: "grep '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt"
|
||||
cmd: "grep -i '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt"
|
||||
changed_when: false
|
||||
check_mode: false
|
||||
register: k3s_control_delegate_raw
|
||||
@ -103,6 +145,15 @@
|
||||
check_mode: false
|
||||
when: k3s_control_node_address is defined
|
||||
|
||||
- name: Ensure the node registration address is defined from node-ip
|
||||
ansible.builtin.set_fact:
|
||||
k3s_registration_address: "{{ hostvars[k3s_control_delegate].k3s_node_ip }}"
|
||||
check_mode: false
|
||||
when:
|
||||
- k3s_registration_address is not defined
|
||||
- k3s_control_node_address is not defined
|
||||
- hostvars[k3s_control_delegate].k3s_node_ip is defined
|
||||
|
||||
- name: Ensure the node registration address is defined
|
||||
ansible.builtin.set_fact:
|
||||
k3s_registration_address: "{{ hostvars[k3s_control_delegate].ansible_host | default(hostvars[k3s_control_delegate].ansible_fqdn) }}"
|
||||
@ -110,20 +161,3 @@
|
||||
when:
|
||||
- k3s_registration_address is not defined
|
||||
- k3s_control_node_address is not defined
|
||||
|
||||
when: k3s_registration_address is not defined
|
||||
or k3s_control_delegate is not defined
|
||||
|
||||
- name: Ensure k3s_runtime_config is set for control plane
|
||||
ansible.builtin.set_fact:
|
||||
k3s_runtime_config: "{{ (k3s_server | default({})) | combine((k3s_agent | default({}))) }}"
|
||||
when:
|
||||
- (k3s_server is defined or k3s_agent is defined)
|
||||
- (k3s_control_node is defined and k3s_control_node)
|
||||
|
||||
- name: Ensure k3s_runtime_config is set for agents
|
||||
ansible.builtin.set_fact:
|
||||
k3s_runtime_config: "{{ (k3s_agent | default({})) }}"
|
||||
when:
|
||||
- k3s_agent is defined
|
||||
- (k3s_control_node is not defined or not k3s_control_node)
|
@ -6,7 +6,7 @@
|
||||
state: started
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
when: k3s_non_root is not defined or not k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service is started
|
||||
ansible.builtin.systemd:
|
||||
@ -17,4 +17,4 @@
|
||||
when:
|
||||
- k3s_non_root is defined
|
||||
- k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -6,9 +6,9 @@
|
||||
state: stopped
|
||||
enabled: "{{ k3s_start_on_boot }}"
|
||||
when: k3s_non_root is not defined or not k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure k3s service is started
|
||||
- name: Ensure k3s service is stopped
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
state: stopped
|
||||
@ -17,4 +17,4 @@
|
||||
when:
|
||||
- k3s_non_root is defined
|
||||
- k3s_non_root
|
||||
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -10,20 +10,13 @@
|
||||
path: /usr/local/bin/k3s-uninstall.sh
|
||||
register: check_k3s_uninstall_script
|
||||
|
||||
- name: Check to see if docker is present
|
||||
ansible.builtin.command:
|
||||
cmd: which docker
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
register: check_k3s_docker_path
|
||||
|
||||
- name: Run k3s-killall.sh
|
||||
ansible.builtin.command:
|
||||
cmd: /usr/local/bin/k3s-killall.sh
|
||||
register: k3s_killall
|
||||
changed_when: k3s_killall.rc == 0
|
||||
when: check_k3s_killall_script.stat.exists
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Run k3s-uninstall.sh
|
||||
ansible.builtin.command:
|
||||
@ -33,7 +26,7 @@
|
||||
register: k3s_uninstall
|
||||
changed_when: k3s_uninstall.rc == 0
|
||||
when: check_k3s_uninstall_script.stat.exists
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Ensure hard links are removed
|
||||
ansible.builtin.file:
|
||||
@ -46,11 +39,4 @@
|
||||
when:
|
||||
- k3s_install_hard_links
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
||||
|
||||
- name: Clean up Docker
|
||||
ansible.builtin.command:
|
||||
cmd: docker system prune -a --force
|
||||
when:
|
||||
- ("docker" in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- check_k3s_docker_path.rc == 0
|
||||
become: "{{ k3s_become }}"
|
15
tasks/ensure_uploads.yml
Normal file
15
tasks/ensure_uploads.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Ensure installation directory exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ k3s_install_dir }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: Ensure k3s binary is copied from controller to target host
|
||||
ansible.builtin.copy:
|
||||
src: k3s
|
||||
# TODO: allow airgap to bypass version post-fix
|
||||
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
|
||||
mode: 0755
|
||||
become: "{{ k3s_become }}"
|
@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
- import_tasks: validate/pre-flight.yml
|
||||
- name: Run pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks.yml
|
||||
|
||||
- include_tasks: state-{{ (k3s_state | lower) | default('installed') }}.yml
|
||||
- name: Ensure state {{ (k3s_state | lower) | default('installed') }}
|
||||
ansible.builtin.include_tasks: state_{{ (k3s_state | lower) | default('installed') }}.yml
|
||||
|
@ -4,17 +4,18 @@
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ k3s_install_dir }}/kubectl get nodes"
|
||||
changed_when: false
|
||||
failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or
|
||||
failed_when: >-
|
||||
kubectl_get_nodes_result.stdout.find("was refused") != -1 or
|
||||
kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1
|
||||
register: kubectl_get_nodes_result
|
||||
until:
|
||||
- kubectl_get_nodes_result.rc == 0
|
||||
- kubectl_get_nodes_result.stdout.find("NotReady") == -1
|
||||
retries: 30
|
||||
delay: 20
|
||||
delay: 5
|
||||
when:
|
||||
- k3s_control_node
|
||||
- ("flannel-backend" not in k3s_runtime_config
|
||||
or k3s_runtime_config["flannel-backend"] != "none")
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -9,18 +9,6 @@
|
||||
changed_when: false
|
||||
register: check_k3s_process
|
||||
|
||||
- name: Check that docker is not running
|
||||
ansible.builtin.command:
|
||||
cmd: pgrep docker
|
||||
failed_when:
|
||||
- check_k3s_docker_process.rc == 0
|
||||
- not ansible_check_mode
|
||||
changed_when: false
|
||||
register: check_k3s_docker_process
|
||||
when:
|
||||
- k3s_runtime_config.docker is defined
|
||||
- k3s_runtime_config.docker
|
||||
|
||||
- name: Fail if k3s binaries have not been removed
|
||||
ansible.builtin.stat:
|
||||
path: "{{ k3s_install_dir }}/{{ item }}"
|
132
tasks/pre_checks.yml
Normal file
132
tasks/pre_checks.yml
Normal file
@ -0,0 +1,132 @@
|
||||
---
|
||||
|
||||
- name: Check that k3s_state is a supported value
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_state in k3s_valid_states
|
||||
fail_msg: "k3s_state not valid. Check README.md for details."
|
||||
success_msg: "k3s_state is valid."
|
||||
when: k3s_state is defined
|
||||
|
||||
- name: Check that Ansible v{{ ansible_version.string }} is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_version.string is version_compare(k3s_ansible_min_version, '>=')
|
||||
fail_msg: >-
|
||||
Ansible v{{ ansible_version.string }} is not supported by this role.
|
||||
Please install >= v{{ k3s_ansible_min_version }}.
|
||||
success_msg: "Ansible v{{ ansible_version.string }} is supported."
|
||||
become: false
|
||||
delegate_to: localhost
|
||||
run_once: true
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that Python v{{ ansible_python_version }} is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_python_version is version_compare(k3s_python_min_version, '>=')
|
||||
fail_msg: >-
|
||||
Python v{{ ansible_python_version }} is not supported by this role.
|
||||
Please install >= v{{ k3s_python_min_version }}.
|
||||
success_msg: "Python v{{ ansible_python_version }} is supported."
|
||||
become: false
|
||||
delegate_to: localhost
|
||||
run_once: true
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that the target init system is supported by this role
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- ansible_service_mgr in k3s_supported_init
|
||||
fail_msg: >-
|
||||
{{ ansible_service_mgr }} is not supported by this role.
|
||||
Supported init systems: {{ k3s_supported_init | join(', ') }}
|
||||
success_msg: "{{ ansible_service_mgr }} is supported"
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Determining if {{ ansible_service_mgr }} is actually openrc
|
||||
ansible.builtin.stat:
|
||||
path: /sbin/openrc-run
|
||||
register: k3s_check_openrc_run
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Check that {{ ansible_service_mgr }} is actually openrc
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_check_openrc_run.stat.exists
|
||||
fail_msg: >-
|
||||
openrc was not found, cannot install to {{ ansible_service_mgr }}
|
||||
success_msg: "openrc found"
|
||||
when:
|
||||
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Run version pre-checks
|
||||
ansible.builtin.include_tasks: pre_checks_version.yml
|
||||
when:
|
||||
- (k3s_release_version is not defined
|
||||
or not k3s_release_version
|
||||
or k3s_release_version is not regex('\\+k3s[1-9]$'))
|
||||
- not k3s_airgap
|
||||
|
||||
- name: Run cgroups pre-checks
|
||||
ansible.builtin.include_tasks: pre_checks_cgroups.yml
|
||||
loop: "{{ k3s_cgroup_subsys }}"
|
||||
loop_control:
|
||||
loop_var: cgroup
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
|
||||
- name: Run packages pre-checks
|
||||
ansible.builtin.include_tasks: pre_checks_packages.yml
|
||||
loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}"
|
||||
loop_control:
|
||||
loop_var: package
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_env_checks
|
||||
- k3s_check_packages[k3s_os_distribution_version] is defined
|
||||
|
||||
- name: Run issue data pre-checks
|
||||
ansible.builtin.include_tasks: pre_checks_issue_data.yml
|
||||
when:
|
||||
- pyratlabs_issue_controller_dump is defined
|
||||
- pyratlabs_issue_controller_dump
|
||||
|
||||
- name: Run variables pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks_variables.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
|
||||
- name: Ensure experimental variables pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks_experimental_variables.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
|
||||
- name: Run unsupported rootless pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks_unsupported_rootless.yml
|
||||
when:
|
||||
- k3s_runtime_config.rootless is defined
|
||||
- k3s_runtime_config.rootless
|
||||
- not k3s_skip_validation
|
||||
|
||||
- name: Run pre-configuration tasks
|
||||
ansible.builtin.import_tasks: ensure_pre_configuration.yml
|
||||
|
||||
- name: Run control node count pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks_control_node_count.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- not k3s_skip_validation
|
@ -16,4 +16,4 @@
|
||||
failed_when:
|
||||
- not k3s_check_cluster_token.stat.exists
|
||||
- not ansible_check_mode
|
||||
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
|
||||
become: "{{ k3s_become }}"
|
@ -43,3 +43,4 @@
|
||||
- k3s_etcd_datastore
|
||||
- not k3s_use_unsupported_config
|
||||
- k3s_control_node
|
||||
- k3s_state != 'uninstalled'
|
@ -50,11 +50,11 @@
|
||||
# End ANSIBLE ROLES
|
||||
|
||||
# Begin PLAY HOSTS
|
||||
{{ ansible_play_hosts_all | to_json }}
|
||||
{{ ansible_play_hosts | to_json }}
|
||||
# End PLAY HOSTS
|
||||
|
||||
# Begin K3S ROLE CONFIG
|
||||
{% for host in ansible_play_hosts_all %}
|
||||
{% for host in ansible_play_hosts %}
|
||||
## {{ host }}
|
||||
{% for config_key in hostvars[host] %}
|
||||
{% if config_key | regex_search('^k3s_') %}
|
||||
@ -66,7 +66,7 @@
|
||||
# End K3S ROLE CONFIG
|
||||
|
||||
# Begin K3S RUNTIME CONFIG
|
||||
{% for host in ansible_play_hosts_all %}
|
||||
{% for host in ansible_play_hosts %}
|
||||
## {{ host }}
|
||||
{% if hostvars[host].k3s_runtime_config is defined %}
|
||||
{{ hostvars[host].k3s_runtime_config }}
|
||||
@ -80,6 +80,8 @@
|
||||
|
||||
- name: Fail the play
|
||||
ansible.builtin.fail:
|
||||
msg: "Please include the output of {{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report."
|
||||
msg: >-
|
||||
Please include the output of
|
||||
{{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report.
|
||||
delegate_to: localhost
|
||||
run_once: true
|
@ -6,6 +6,7 @@
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
register: check_k3s_required_package
|
||||
become: "{{ k3s_become }}"
|
||||
|
||||
- name: Test that checks for {{ package.name }} passed
|
||||
ansible.builtin.assert:
|
||||
@ -18,7 +19,8 @@
|
||||
Documentation: {{ package.documentation }}
|
||||
{% endif %}
|
||||
when:
|
||||
- check_k3s_required_package.rc is defined
|
||||
- (package.until is not defined
|
||||
or k3s_release_version is version_compare(package.until, '>='))
|
||||
or (k3s_release_version | replace('v', '')) is version_compare(package.until, '<'))
|
||||
- (package.from is not defined
|
||||
or k3s_release_version is version_compare(package.from, '>='))
|
||||
or (k3s_release_version | replace('v', '')) is version_compare(package.from, '>='))
|
@ -50,7 +50,7 @@
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- k3s_get_unprivileged_userns_clone['content'] | b64decode | int == 1
|
||||
- k3s_get_max_user_namespaces['content'] | b64decode | int >= 28633
|
||||
- ((k3s_get_max_user_namespaces['content'] | b64decode | int >= 28633) or (k3s_os_family != "redhat"))
|
||||
- k3s_current_user_subuid != "UserNotFound:0:0"
|
||||
- k3s_current_user_subgid != "UserNotFound:0:0"
|
||||
- k3s_current_user_subuid.split(':')[2] | int >= 65536
|
@ -6,6 +6,7 @@
|
||||
- (k3s_release_version | replace('v', '')) is version_compare(k3s_min_version, '>=')
|
||||
success_msg: "{{ k3s_release_version }} is supported by this role."
|
||||
fail_msg: "{{ k3s_release_version }} is not supported by this role, please use xanmanning.k3s v1.x."
|
||||
when: not k3s_airgap
|
||||
|
||||
- name: Check configuration in k3s_server and k3s_agent that needs alternate configuration
|
||||
ansible.builtin.assert:
|
||||
@ -34,6 +35,7 @@
|
||||
{% endif %}
|
||||
loop: "{{ k3s_deprecated_config }}"
|
||||
when:
|
||||
- not k3s_airgap
|
||||
- (item.when is not defined
|
||||
or (item.when is defined and (k3s_release_version | replace('v', '')) is version_compare(item.when, '>=')))
|
||||
- not k3s_use_unsupported_config
|
@ -13,13 +13,12 @@
|
||||
k3s_release_channel: "{{ k3s_release_version | default('stable') }}"
|
||||
check_mode: false
|
||||
|
||||
- name: Get the latest release version from k3s.io
|
||||
- name: "Get the latest release version from {{ k3s_api_releases }}"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ k3s_api_releases }}"
|
||||
return_content: true
|
||||
body_format: json
|
||||
register: k3s_latest_release
|
||||
no_log: true
|
||||
check_mode: false
|
||||
|
||||
- name: Ensure the release version is set as a fact
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/get-version.yml
|
||||
when: k3s_release_version is not defined or not k3s_release_version
|
||||
|
||||
- import_tasks: build/download-k3s.yml
|
@ -1,61 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/preconfigure-k3s.yml
|
||||
|
||||
- import_tasks: teardown/drain-and-remove-nodes.yml
|
||||
|
||||
- import_tasks: build/get-version.yml
|
||||
when: k3s_release_version is not defined
|
||||
or not k3s_release_version
|
||||
or k3s_release_version is not regex('\\+k3s[1-9]$')
|
||||
|
||||
- import_tasks: validate/main.yml
|
||||
when: not k3s_skip_validation
|
||||
|
||||
- import_tasks: build/get-systemd-context.yml
|
||||
|
||||
- name: Ensure docker installation tasks are run
|
||||
block:
|
||||
|
||||
- include_tasks: build/docker/{{ ansible_os_family | lower }}/install-prerequisites.yml
|
||||
|
||||
- import_tasks: build/docker/install.yml
|
||||
when: ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: build/docker/{{ ansible_distribution | replace(" ", "-") | lower }}/install.yml
|
||||
when: ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
when:
|
||||
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- name: Flush Handlers
|
||||
meta: flush_handlers
|
||||
|
||||
- import_tasks: build/download-k3s.yml
|
||||
|
||||
- import_tasks: build/preconfigure-k3s-auto-deploying-manifests.yml
|
||||
when:
|
||||
- k3s_control_node
|
||||
- k3s_server_manifests_templates | length > 0
|
||||
|
||||
- import_tasks: build/install-k3s.yml
|
||||
|
||||
- name: Ensure containerd installation tasks are run
|
||||
block:
|
||||
- include_tasks: build/containerd/registries.yml
|
||||
when:
|
||||
- k3s_registries is defined
|
||||
- (k3s_runtime_config.docker is not defined or not k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- include_tasks: validate/configuration/cluster-init.yml
|
||||
when:
|
||||
- k3s_control_delegate is defined
|
||||
- k3s_control_delegate == inventory_hostname
|
||||
|
||||
- import_tasks: build/configure-k3s-cluster.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_registration_address is defined
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/stop-k3s.yml
|
||||
|
||||
- import_tasks: operate/start-k3s.yml
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/start-k3s.yml
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: operate/stop-k3s.yml
|
@ -1,25 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: build/preconfigure-k3s.yml
|
||||
|
||||
- import_tasks: teardown/drain-and-remove-nodes.yml
|
||||
|
||||
- import_tasks: teardown/uninstall-k3s.yml
|
||||
|
||||
- name: Ensure docker uninstall tasks are run
|
||||
block:
|
||||
|
||||
- import_tasks: teardown/docker/uninstall.yml
|
||||
when: ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: teardown/docker/{{ ansible_distribution | replace(" ", "-") | lower }}/uninstall.yml
|
||||
when: ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
|
||||
|
||||
- include_tasks: teardown/docker/{{ ansible_os_family | lower }}/uninstall-prerequisites.yml
|
||||
|
||||
when:
|
||||
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- import_tasks: validate/state/uninstalled.yml
|
||||
when: not k3s_skip_validation
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
|
||||
- import_tasks: validate/pre-flight.yml
|
||||
|
||||
- import_tasks: validate/main.yml
|
||||
|
||||
- import_tasks: validate/post-install.yml
|
15
tasks/state_downloaded.yml
Normal file
15
tasks/state_downloaded.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Run version pre-checks
|
||||
ansible.builtin.import_tasks: pre_checks_version.yml
|
||||
when:
|
||||
- k3s_release_version is not defined or not k3s_release_version
|
||||
- not k3s_airgap
|
||||
|
||||
- name: Run k3s binary download and install tasks
|
||||
ansible.builtin.import_tasks: ensure_downloads.yml
|
||||
when: not k3s_airgap
|
||||
|
||||
- name: Run k3s binary upload tasks | k3s_airgap
|
||||
ansible.builtin.import_tasks: ensure_uploads.yml
|
||||
when: k3s_airgap
|
49
tasks/state_installed.yml
Normal file
49
tasks/state_installed.yml
Normal file
@ -0,0 +1,49 @@
|
||||
---
|
||||
|
||||
- name: Ensure nodes are drained and removed
|
||||
ansible.builtin.import_tasks: ensure_drain_and_remove_nodes.yml
|
||||
|
||||
- name: Determine systemd context
|
||||
ansible.builtin.import_tasks: determine_systemd_context.yml
|
||||
|
||||
- name: Flush Handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Run k3s binary download and install tasks
|
||||
ansible.builtin.import_tasks: ensure_downloads.yml
|
||||
when: not k3s_airgap
|
||||
|
||||
- name: Run k3s binary upload tasks | k3s_airgap
|
||||
ansible.builtin.import_tasks: ensure_uploads.yml
|
||||
when: k3s_airgap
|
||||
|
||||
- name: Run auto-deploy manifests and pod manifests tasks
|
||||
ansible.builtin.import_tasks: ensure_k3s_auto_deploy.yml
|
||||
|
||||
- name: Ensure k3s configuration files are copied to controllers and agents
|
||||
ansible.builtin.import_tasks: ensure_k3s_config_files.yml
|
||||
|
||||
- name: Run k3s installation tasks
|
||||
ansible.builtin.import_tasks: ensure_installed.yml
|
||||
|
||||
- name: Ensure containerd registries
|
||||
ansible.builtin.include_tasks: ensure_containerd_registries.yml
|
||||
when:
|
||||
- (k3s_registries.mirrors | default(None)) != None or (k3s_registries.configs | default(None) != None)
|
||||
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
|
||||
|
||||
- name: Run cluster pre-checks
|
||||
ansible.builtin.include_tasks: pre_checks_cluster.yml
|
||||
when:
|
||||
- k3s_control_delegate is defined
|
||||
- k3s_control_delegate == inventory_hostname
|
||||
|
||||
- name: Run k3s cluster tasks
|
||||
ansible.builtin.import_tasks: ensure_cluster.yml
|
||||
when:
|
||||
- k3s_build_cluster is defined
|
||||
- k3s_build_cluster
|
||||
- k3s_registration_address is defined
|
||||
|
||||
- name: Flush Handlers
|
||||
ansible.builtin.meta: flush_handlers
|
7
tasks/state_restarted.yml
Normal file
7
tasks/state_restarted.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s is stopped
|
||||
ansible.builtin.import_tasks: ensure_stopped.yml
|
||||
|
||||
- name: Ensure k3s is started
|
||||
ansible.builtin.import_tasks: ensure_started.yml
|
4
tasks/state_started.yml
Normal file
4
tasks/state_started.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s is started
|
||||
ansible.builtin.import_tasks: ensure_started.yml
|
4
tasks/state_stopped.yml
Normal file
4
tasks/state_stopped.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
|
||||
- name: Ensure k3s is stopped
|
||||
ansible.builtin.import_tasks: ensure_stopped.yml
|
16
tasks/state_uninstalled.yml
Normal file
16
tasks/state_uninstalled.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- name: Run pre-configuration tasks
|
||||
ansible.builtin.import_tasks: ensure_pre_configuration.yml
|
||||
|
||||
- name: Ensure nodes are drained and removed
|
||||
ansible.builtin.import_tasks: ensure_drain_and_remove_nodes.yml
|
||||
|
||||
- name: Run uninstall tasks
|
||||
ansible.builtin.import_tasks: ensure_uninstalled.yml
|
||||
|
||||
- name: Run uninstall post checks
|
||||
ansible.builtin.import_tasks: post_checks_uninstalled.yml
|
||||
when:
|
||||
- not k3s_skip_validation
|
||||
- not k3s_skip_post_checks
|
7
tasks/state_validated.yml
Normal file
7
tasks/state_validated.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
|
||||
- name: Run control plane post checks
|
||||
ansible.builtin.import_tasks: post_checks_control_plane.yml
|
||||
|
||||
- name: Run node post checks
|
||||
ansible.builtin.import_tasks: post_checks_nodes.yml
|
@ -1,8 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Ensure docker is uninstalled using amazon-linux-extras
|
||||
ansible.builtin.command:
|
||||
cmd: amazon-linux-extras uninstall docker
|
||||
register: uninstall_docker_from_amazon_linux
|
||||
changed_when: uninstall_docker_from_amazon_linux.rc == 0
|
||||
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user