ansible-role-k3s/vars/main.yml
paradon 19c24bd503
Add scan for running control nodes when choosing primary control node (#219)
Signed-off-by: Thomas Matysik <thomas@matysik.co.nz>
2024-01-26 15:15:15 -05:00

210 lines
5.9 KiB
YAML

---
# Minimum supported versions
k3s_min_version: 1.19.3
k3s_ansible_min_version: 2.9.16
k3s_python_min_version: 3.6
# Valid states for this role
k3s_valid_states:
- installed
- started
- stopped
- restarted
- downloaded
- uninstalled
- validated
# Supported init systems
k3s_supported_init:
- systemd
- openrc
# Map ansible fact gathering architecture to a release name and suffix in github.
k3s_arch_lookup:
amd64:
arch: amd64
suffix: ""
x86_64:
arch: amd64
suffix: ""
arm64:
arch: arm64
suffix: "-arm64"
aarch64:
arch: arm64
suffix: "-arm64"
arm:
arch: arm
suffix: "-armhf"
arm6l:
arch: arm
suffix: "-armhf"
armv6l:
arch: arm
suffix: "-armhf"
arm7:
arch: arm
suffix: "-armhf"
armv7l:
arch: arm
suffix: "-armhf"
armhf:
arch: arm
suffix: "-armhf"
# Always default to stable channel, this will change with k3s_release_version
k3s_release_channel: stable
# K3s updates API
k3s_api_releases: "{{ k3s_api_url }}/v1-release/channels"
# Download location for releases
k3s_github_download_url: "{{ k3s_github_url }}/releases/download"
# Generate a runtime config dictionary
k3s_runtime_config: "{{
(k3s_control_node is defined and k3s_control_node)
| ternary((k3s_server | default({})) | combine(k3s_agent | default({})),
(k3s_agent | default({})),
(k3s_server | default({})) | combine(k3s_agent | default({})))
}}"
# Determine if a cluster should be built
k3s_conf_build_cluster: "{{
not ((ansible_play_hosts_all | length < 2)
and k3s_registration_address is not defined)
}}"
# Empty array for counting the number of control plane nodes
k3s_controller_list: []
k3s_running_controller_list: []
# Control plane port default
k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
# Default to the "system" systemd context, this will be "user" when running rootless
k3s_systemd_context: system
# Directory for systemd unit files to be installed. As this role doesn't use package
# management, this should live in /etc/systemd, not /lib/systemd
k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"
# Directory for installing openrc service file
k3s_openrc_service_dir: /etc/init.d
# Directory for installing logrotate config
k3s_logrotate_dir: /etc/logrotate.d
# Service handler
k3s_service_handler:
systemd: systemd
openrc: service
# Data directory location for k3s
k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"
# Config directory location for k3s
k3s_config_dir: "{{ k3s_config_file | dirname }}"
# Directory for gathering the k3s token for clustering. I don't see this changing.
k3s_token_location: "{{ k3s_config_dir }}/cluster-token"
# Path for additional Kubernetes Manifests
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
k3s_server_manifests_dir: "{{ k3s_data_dir }}/server/manifests"
# Path for static pod manifests that are deployed on the control plane
# https://github.com/k3s-io/k3s/pull/1691
k3s_server_pod_manifests_dir: "{{ k3s_data_dir }}/agent/pod-manifests"
# OS formatted strings
k3s_os_distribution: "{{ ansible_distribution | replace(' ', '-') | lower }}"
k3s_os_version: "{{ ansible_distribution_version | replace([' ', '.'], '-') | lower }}"
k3s_os_distribution_version: "{{ k3s_os_distribution }}-{{ k3s_os_version }}"
k3s_os_family: "{{ ansible_os_family | replace(' ', '-') | lower }}"
# Packages that we need to check are installed
k3s_check_packages:
debian-11:
- name: iptables-legacy
from: 1.19.2
until: 1.22.3
documentation: https://rancher.com/docs/k3s/latest/en/advanced/#enabling-legacy-iptables-on-raspbian-buster
# - name: dummy
# from: 1.19.2
# until: 1.21.0
# documentation: https://example.com
# Directories that we need to ensure exist
k3s_ensure_directories_exist:
- name: Config directory
path: "{{ k3s_config_dir }}"
- name: Config.yaml.d directory
path: "{{ k3s_config_yaml_d_dir }}"
- name: Systemd unit file directory
path: "{{ k3s_systemd_unit_dir }}"
- name: Data directory
path: "{{ k3s_data_dir }}"
- name: Default local storage path
path: "{{ k3s_runtime_config['default-local-storage-path'] | default(omit) }}"
- name: Private registry config file
path: "{{ (k3s_runtime_config['private-registry'] | default(omit)) | dirname }}"
# Config items that should not appear in k3s_server or k3s_agent
k3s_config_exclude:
- setting: server
correction: k3s_registration_address
- setting: cluster-init
correction: k3s_etcd_datastore
- setting: token
correction: k3s_control_token
- setting: token-file
correction: k3s_token_location
# Config items and the versions that they were introduced
k3s_config_version_check:
- setting: etcd-s3-bucket
version: 1.20.6 # Prior to this there was very buggy support!
# Config items that should be marked as experimental
k3s_experimental_config:
- setting: selinux
until: 1.19.4
- setting: rootless
- setting: secrets-encryption
until: 1.23.15
- setting: agent-token
- setting: agent-token-file
- setting: cluster-reset
until: 1.19.5
- setting: prefer-bundled-bin
# Config items that should be marked as deprecated
k3s_deprecated_config:
- setting: no-flannel
correction: "flannel-backend: 'none'"
# when: 0.10.2 # Example
- setting: cluster-secret
correction: token
- setting: no-deploy
correction: "disable: VALUE"
- setting: docker
correction: "docker: false"
when: 1.20.0
# cgroup checks
k3s_cgroup_subsys:
- name: memory
documentation: |
If you are running on a Raspberry Pi, see:
https://rancher.com/docs/k3s/latest/en/advanced/#enabling-cgroups-for-raspbian-buster
- name: cpuset
documentation: |
If you are running Alpine Linux, see:
https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-alpine-linux-setup
# Drain command
k3s_drain_command:
true: delete-emptydir-data
false: delete-local-data