Compare commits
4 Commits
1e1b244af5
...
4830cb12b6
Author | SHA1 | Date |
---|---|---|
Przemysław Sztoch | 4830cb12b6 | |
Przemyslaw Sztoch | 58e1d34434 | |
Przemyslaw Sztoch | 1cae275268 | |
Przemyslaw Sztoch | 77013c13c1 |
|
@ -60,7 +60,7 @@ Setting up a loadbalancer or VIP beforehand to use as the API endpoint is possib
|
|||
Start provisioning of the cluster using the following command:
|
||||
|
||||
```bash
|
||||
ansible-playbook playbook/site.yml -i inventory.yml
|
||||
ansible-playbook playbooks/site.yml -i inventory.yml
|
||||
```
|
||||
|
||||
## Upgrading
|
||||
|
@ -68,7 +68,7 @@ ansible-playbook playbook/site.yml -i inventory.yml
|
|||
A playbook is provided to upgrade K3s on all nodes in the cluster. To use it, update `k3s_version` with the desired version in `inventory.yml` and run:
|
||||
|
||||
```bash
|
||||
ansible-playbook playbook/upgrade.yml -i inventory.yml
|
||||
ansible-playbook playbooks/upgrade.yml -i inventory.yml
|
||||
```
|
||||
|
||||
## Airgap Install
|
||||
|
@ -77,7 +77,7 @@ Airgap installation is supported via the `airgap_dir` variable. This variable sh
|
|||
|
||||
An example folder for an x86_64 cluster:
|
||||
```bash
|
||||
$ ls ./playbook/my-airgap/
|
||||
$ ls ./playbooks/my-airgap/
|
||||
total 248M
|
||||
-rwxr-xr-x 1 $USER $USER 58M Nov 14 11:28 k3s
|
||||
-rw-r--r-- 1 $USER $USER 190M Nov 14 11:30 k3s-airgap-images-amd64.tar.gz
|
||||
|
|
|
@ -19,7 +19,7 @@ k3s_cluster:
|
|||
extra_server_args: ""
|
||||
extra_agent_args: ""
|
||||
|
||||
# Optional vars
|
||||
# Optional vars
|
||||
# cluster_context: k3s-ansible
|
||||
# api_port: 6443
|
||||
# k3s_server_location: /var/lib/rancher/k3s
|
||||
|
@ -29,12 +29,13 @@ k3s_cluster:
|
|||
# List of locally available manifests to apply to the cluster, useful for PVCs or Traefik modifications.
|
||||
# extra_manifests: [ '/path/to/manifest1.yaml', '/path/to/manifest2.yaml' ]
|
||||
# airgap_dir: /tmp/k3s-airgap-images
|
||||
# user_kubectl: true, by default kubectl is symlinked and configured for use by ansible_user. Set to false to only kubectl via root user.
|
||||
# user_kubectl: true, by default kubectl is symlinked and configured for use by ansible_user.
|
||||
# Set to false to only kubectl via root user.
|
||||
# server_config_yaml: |
|
||||
# This is now an inner yaml file. Maintain the indentation.
|
||||
# YAML here will be placed as the content of /etc/rancher/k3s/config.yaml
|
||||
# See https://docs.k3s.io/installation/configuration#configuration-file
|
||||
# This is now an inner yaml file. Maintain the indentation.
|
||||
# YAML here will be placed as the content of /etc/rancher/k3s/config.yaml
|
||||
# See https://docs.k3s.io/installation/configuration#configuration-file
|
||||
# registries_config_yaml: |
|
||||
# Containerd can be configured to connect to private registries and use them to pull images as needed by the kubelet.
|
||||
# YAML here will be placed as the content of /etc/rancher/k3s/registries.yaml
|
||||
# See https://docs.k3s.io/installation/private-registry
|
||||
# Containerd can be configured to connect to private registries and use them to pull images as needed
|
||||
# by the kubelet. YAML here will be placed as the content of /etc/rancher/k3s/registries.yaml
|
||||
# See https://docs.k3s.io/installation/private-registry
|
||||
|
|
|
@ -73,7 +73,7 @@
|
|||
- name: If firewalld enabled, open api port
|
||||
ansible.posix.firewalld:
|
||||
port: "{{ api_port }}/tcp"
|
||||
zone: trusted
|
||||
zone: internal
|
||||
state: enabled
|
||||
permanent: true
|
||||
immediate: true
|
||||
|
@ -82,11 +82,26 @@
|
|||
when: groups['server'] | length > 1
|
||||
ansible.posix.firewalld:
|
||||
port: "2379-2381/tcp"
|
||||
zone: trusted
|
||||
zone: internal
|
||||
state: enabled
|
||||
permanent: true
|
||||
immediate: true
|
||||
|
||||
- name: If firewalld enabled, open inbound ports
|
||||
ansible.posix.firewalld:
|
||||
port: "{{ item }}"
|
||||
zone: internal
|
||||
state: enabled
|
||||
permanent: true
|
||||
immediate: true
|
||||
with_items:
|
||||
- 8472/udp
|
||||
- 10250/tcp
|
||||
- 51820/udp
|
||||
- 51821/udp
|
||||
- 5001/tcp
|
||||
- 6443/tcp
|
||||
|
||||
- name: If firewalld enabled, allow default CIDRs
|
||||
ansible.posix.firewalld:
|
||||
source: "{{ item }}"
|
||||
|
|
Loading…
Reference in New Issue