Commit Graph

33 Commits

Author SHA1 Message Date
laszlojau
8120b7c0d1
Update firewall rules (#329)
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
2024-05-30 10:05:43 -07:00
Derek Nola
ddc664a7f6
Apply noqa and fix line lenght limit. ansible-lint production profile (#326)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-05-03 09:38:01 -07:00
dreamingdeer
33c15e7c2f
feat add custom registries_config_yaml for private-registry (#319)
* feat add custom registries_config_yaml for private-registry

Signed-off-by: dreamingdeer <dreamingdeer@yandex.ru>
Co-authored-by: dreamingdeer <dreamingdeer@yandex.ru>
2024-04-02 12:24:23 -07:00
Derek Nola
6c14e5d923
Add a minimum ansible core check (#308)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-19 10:05:10 -07:00
laszlojau
9c8ba5c155
Set firewall rules for custom CIDR ranges (#293)
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
2024-02-22 09:34:36 -08:00
Derek Nola
1c11767619
Only setup/cleanup yaml config for servers (#272)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-12-06 13:55:32 -08:00
Jon S. Stumpf
4d6e60281e
Role tweaks (#268)
* Limited boolean values to true/false;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

* Moved ArchLinux prereq task to be a handler;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

* Standardized task name for adding cgroup support;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

* Have backrefs: follow path:;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

* Addressed ansible-lint errors;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

* Fixed #264, task 7: Copy K3s service file;

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>

---------

Signed-off-by: Jon S. Stumpf <jon.stumpf@gmail.com>
2023-12-04 09:46:45 -08:00
Derek Nola
7fcf82ac64
Rework iptables old version checks (#255)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-16 12:43:45 -08:00
Derek Nola
1e633c5ad1
Rework Role Structure (#254)
* Add more defaults
* Rename roles, covert download to airgap role
* Remove unnecessary gather_facts

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-16 12:03:07 -08:00
Derek Nola
52941b749b
Airgap Support (#253)
* Initial airgap support
* Support any of the compressed image formats
* Add airgap section to README
* Support Airgap SElinux RPM install

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-14 14:36:15 -08:00
Derek Nola
46a842a551
Support K3s config yaml (#252)
* Support K3s config yaml

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-13 14:09:15 -08:00
Derek Nola
e01a8a2a8a
Extra Manifest delpoyment (#244)
* Allow additional manifests to be deployed

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-10 12:13:39 -08:00
Derek Nola
9d918c9da0 Handle apparmor for Debian 11 when parser not present
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-10 11:03:58 -08:00
Derek Nola
bfd030290d Add apparmor-parser support for SUSE
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-10 11:03:58 -08:00
Derek Nola
e9a283b48c
Minimal Firewall Exceptions (#242)
* Add rules to UFW firewall for basic K3s funtionality

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add firewalld exceptions

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-09 19:21:46 -08:00
Derek Nola
fd4e8bf70b
Allow SELinuix on RHEL family (#241)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-09 19:19:00 -08:00
Derek Nola
45289ba7d9
Add support for Rocky, bump default install version (#238)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-09 12:56:38 -08:00
Derek Nola
fd6f288b20
Fix K3s Path, Alternative folder in HA (#233)
* Readd #143 fix

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add PR template

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-09 09:17:20 -08:00
Derek Nola
20afd4f19e
Simplify K3s service startup for HA
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-08 15:16:28 -08:00
Derek Nola
9ecdc933ca
Add Vagrantfile for local testing
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-08 13:42:11 -08:00
Assaf Sapir
057b3bfc07
Add archlinux (aarch64) support (#146)
* Add archlinux (aarch64) support

Signed-off-by: Assaf Sapir <meijin007@gmail.com>
2023-11-08 10:31:51 -08:00
Nicholas Malcolm
8484c015d6 Fix k3s_server_location only working on default
- K3s has some absolute paths set in various places which cannot be
  changed. Using a symbolic link was the easiest fix. This is nice for
  running K3S on SBC that must boot to SD but K3S data should be stored
  on a faster drive.
- Other changes are for making the site playbook replayable without
  resetting the cluster. Ideally you can rerun it to check existing
  nodes or to add new ones.

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-08 10:23:56 -08:00
Nicholas Malcolm
df67c61ba5 Add HA option, change to yaml inventory, cleanup
- HA option for multiple server nodes using embedded etcd
- Switch to yaml inventory file for easier editing and combining vars
- Update to full ansible module names
- Change master/node names to server/agent
- Cleanup small linting errors
- Add reboot playbook which staggers reboot to keep HA cluster up
- Move playbooks to playbook directory

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-08 10:23:56 -08:00
Derek Nola
1031ea3ce2 Comply with ansible-lint
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-11-07 14:00:07 -08:00
Razurac
8474a8b4e8
Update pre_req tasks (#128)
On Rhel 8.4 ansible_distribution is set to RedHat so the current when condition will fail
Added "RedHat" to the when condition.

Signed-off-by: Razurac <a.zelch@t-online.de>
2023-11-07 09:54:32 -08:00
clambin
402f83553e don't try to set ipv6 forward if ipv6 not enabled
Signed-off-by: clambin <christophe.lambin@gmail.com>
2021-07-10 15:13:08 +02:00
Lennart Jern
ca7c25b81c Fix linting errors 2020-09-22 21:08:35 +03:00
guofeng zhang
1971b5741c Fixes: #56 2020-07-14 23:14:20 +08:00
Julien DOCHE
12aad6598a Add /usr/local/bin to secure_path, Add br_netfilter on centos
Signed-off-by: Julien DOCHE <julien.doche@gmail.com>
2020-05-13 16:20:54 +02:00
Jeff Geerling
e47af78bfd Fixes #3: Fix linting issues, add ansible-lint and yamllint configuration. 2020-05-12 16:00:32 -05:00
Jeff Geerling
de1e73843a Fixes #9: Make sure both iptables and ip6tables are configured correctly. 2020-05-12 15:25:01 -05:00
James Harrington
ed56b606b8 Fix indentation 2019-10-27 23:34:34 -04:00
Matthias Riegler
2b10d43fa1 CentOS/RHEL compatibility for Ansible roles
- Setting IPv4 & IPv6 forwarding
- Setting `sysctl:net.bridge.bridge-nf-call-iptables` and `bridge-nf-call-ip6tables` to enabled since it is disabled by default on some CentOS systems
2019-09-29 00:19:18 +02:00