Add Upgrade Playbook (#236)

* Highlight node reqs. Signed-off-by: Derek Nola <derek.nola@suse.com> * Add upgrade playbook Signed-off-by: Derek Nola <derek.nola@suse.com> * Move PR template Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-09 10:56:47 -08:00 · 2023-11-09 10:56:47 -08:00 · e864933b04
parent fd6f288b20
commit e864933b04
4 changed files with 72 additions and 1 deletions
--- a/.github/workflows/pull_request_template.md
+++ b/.github/workflows/pull_request_template.md
--- a/README.md
+++ b/README.md
@ -22,7 +22,12 @@ on processor architecture:
 ## System requirements

 Deployment environment must have Ansible 2.4.0+
-Server and agent nodes must have passwordless SSH access
+
+All nodes in inventory must have:
+- Passwordless SSH access
+- Root access (or a user with equivalent permissions) 
+
+It is also recommended that all nodes disable firewalls and swap. See [K3s Requirements](https://docs.k3s.io/installation/requirements) for more information.

 ## Usage

@ -59,6 +64,15 @@ Start provisioning of the cluster using the following command:
 ansible-playbook playbook/site.yml -i inventory.yml
 ```

+## Upgrading
+
+A playbook is provided to upgrade k3s on all nodes in the cluster. To use it, update `k3s_version` with the desired version in `inventory.yml` and run:
+
+```bash
+ansible-playbook playbook/upgrade.yml -i inventory.yml
+```
+
+
 ## Kubeconfig

 After successful bringup, the kubeconfig of the cluster is copied to the control-node and set as default (`~/.kube/config`).
--- a/playbook/upgrade.yml
+++ b/playbook/upgrade.yml
@ -0,0 +1,18 @@
+---
+
+# Servers should be restarted sequientally to avoid etcd learner issues
+# Agents have no such limitation
+- name: Upgrade K3s Servers
+  hosts: server
+  gather_facts: true
+  become: true
+  serial: 1
+  roles:
+    - role: upgrade
+
+- name: Upgrade K3s Agents
+  hosts: agent
+  gather_facts: true
+  become: true
+  roles:
+    - role: upgrade
--- a/roles/upgrade/tasks/main.yml
+++ b/roles/upgrade/tasks/main.yml
@ -0,0 +1,39 @@
+---
+- name: Set var defaults
+  when: systemd_dir is undefined
+  ansible.builtin.set_fact:
+    systemd_dir: /etc/systemd/system
+
+# with_fileglob doesn't work with remote_src, it tries to find the file on the
+# local control-plane instead of the remote host. Shell supports wildcards.
+- name: Save current K3s service
+  ansible.builtin.shell:
+    cmd: "cp {{ systemd_dir }}/k3s*.service /tmp/"
+  changed_when: true
+
+- name: Install new K3s Version
+  ansible.builtin.command:
+    cmd: /usr/local/bin/k3s-install.sh
+  environment:
+    INSTALL_K3S_SKIP_START: "true"
+    INSTALL_K3S_VERSION: "{{ k3s_version }}"
+  changed_when: true
+
+- name: Restore K3s service
+  ansible.builtin.shell:
+    cmd: "mv /tmp/k3s*.service {{ systemd_dir }}/"
+  changed_when: true
+
+- name: Restart K3s service [server]
+  when: "'server' in group_names"
+  ansible.builtin.systemd:
+    state: restarted
+    daemon_reload: true
+    name: k3s
+
+- name: Restart K3s service [agent]
+  when: "'agent' in group_names"
+  ansible.builtin.systemd:
+    state: restarted
+    daemon_reload: true
+    name: k3s-agent