Merge pull request #138 from PyratLabs/bugfix-token_path_required

Updated systemd template to use token when joining a cluster
2024-11-05 13:23:30 +01:00 · 2021-07-24 18:00:09 +01:00 · 2021-07-24 18:00:09 +01:00 · 3b26d24212
commit 3b26d24212
parent 4e713918a7 ba113bcd05
6 changed files with 21 additions and 22 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -15,7 +15,7 @@ k3s_release_version: false
 # Loction of the k3s configuration file
 k3s_config_file: /etc/rancher/k3s/config.yaml

-# When multiple ansible_play_hosts_all are present, attempt to cluster the nodes.
+# When multiple ansible_play_hosts are present, attempt to cluster the nodes.
 # Using false will create multiple standalone nodes.
 # (default: true)
 k3s_build_cluster: true
--- a/tasks/build/configure-k3s-cluster.yml
+++ b/tasks/build/configure-k3s-cluster.yml
@ -28,14 +28,12 @@
    mode: 0755
  become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"

- name: Ensure k3s cluster token file is present on workers and secondary control nodes
+- name: Ensure k3s cluster token file is present
  ansible.builtin.template:
    src: cluster-token.j2
    dest: "{{ k3s_token_location }}"
    mode: 0600
  become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
-  when: (k3s_control_node and not k3s_primary_control_node)
-        or not k3s_control_node
  notify:
    - restart k3s

@ -69,7 +67,7 @@
    - ensure_secondary_controllers_started is not succeeded
    - not ansible_check_mode
  until: ensure_secondary_controllers_started is succeeded
-  retries: "{{ ansible_play_hosts_all | length }}"
+  retries: "{{ ansible_play_hosts | length }}"
  delay: 5
  when:
    - k3s_control_node
--- a/tasks/build/preconfigure-k3s.yml
+++ b/tasks/build/preconfigure-k3s.yml
@ -4,17 +4,17 @@
  ansible.builtin.set_fact:
    k3s_build_cluster: false
  when:
-    - ansible_play_hosts_all | length < 2
+    - ansible_play_hosts | length < 2
    - k3s_registration_address is not defined

 - name: Ensure k3s control node fact is set
  ansible.builtin.set_fact:
-    k3s_control_node: "{{ false if k3s_build_cluster else true }}"
+    k3s_control_node: "{{ not k3s_build_cluster }}"
  when: k3s_control_node is not defined

 - name: Ensure k3s primary control node fact is set
  ansible.builtin.set_fact:
-    k3s_primary_control_node: "{{ false if k3s_build_cluster else true }}"
+    k3s_primary_control_node: "{{ not k3s_build_cluster }}"
  when: k3s_primary_control_node is not defined

 - name: Ensure k3s control plane port is captured
@ -22,21 +22,21 @@
    k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
  delegate_to: k3s_primary_control_node

- name: Ensure a count of control nodes is generated from ansible_play_hosts_all
+- name: Ensure a count of control nodes is generated from ansible_play_hosts
  ansible.builtin.set_fact:
    k3s_controller_list: "{{ k3s_controller_list + [ item ] }}"
  when:
    - hostvars[item].k3s_control_node is defined
    - hostvars[item].k3s_control_node
-  loop: "{{ ansible_play_hosts_all }}"
+  loop: "{{ ansible_play_hosts }}"

- name: Ensure a k3s control node is defined if none are found in ansible_play_hosts_all
+- name: Ensure a k3s control node is defined if none are found in ansible_play_hosts
  block:

    - name: Set the control host
      ansible.builtin.set_fact:
        k3s_control_node: true
-      when: inventory_hostname == ansible_play_hosts_all[0]
+      when: inventory_hostname == ansible_play_hosts[0]

    - name: Ensure a count of control nodes is generated
      ansible.builtin.set_fact:
@ -44,19 +44,18 @@
      when:
        - hostvars[item].k3s_control_node is defined
        - hostvars[item].k3s_control_node
-      loop: "{{ ansible_play_hosts_all }}"
+      loop: "{{ ansible_play_hosts }}"

  when:
    - k3s_controller_list | length < 1
    - k3s_build_cluster is defined
    - k3s_build_cluster

- name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts_all
+- name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts
  ansible.builtin.set_fact:
    k3s_primary_control_node: true
  when:
    - k3s_controller_list is defined
-    - k3s_controller_list | length > 1
    - inventory_hostname == k3s_controller_list[0]
    - k3s_build_cluster is defined
    - k3s_build_cluster
@ -65,7 +64,7 @@
  ansible.builtin.blockinfile:
    path: /tmp/inventory.txt
    block: |
-      {% for host in ansible_play_hosts_all %}
+      {% for host in ansible_play_hosts %}
      {% filter replace('\n', ' ') %}
      {{ host }}
      @@@
--- a/tasks/teardown/drain-and-remove-nodes.yml
+++ b/tasks/teardown/drain-and-remove-nodes.yml
@ -33,7 +33,7 @@
        - item in kubectl_get_nodes_result.stdout
        - hostvars[item].k3s_state is defined
        - hostvars[item].k3s_state == 'uninstalled'
-      loop: "{{ ansible_play_hosts_all }}"
+      loop: "{{ ansible_play_hosts }}"
      become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"

    - name: Ensure uninstalled nodes are removed
@ -46,7 +46,7 @@
        - item in kubectl_get_nodes_result.stdout
        - hostvars[item].k3s_state is defined
        - hostvars[item].k3s_state == 'uninstalled'
-      loop: "{{ ansible_play_hosts_all }}"
+      loop: "{{ ansible_play_hosts }}"
      become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"

  when:
--- a/tasks/validate/environment/local/issue-data.yml
+++ b/tasks/validate/environment/local/issue-data.yml
@ -50,11 +50,11 @@
      # End ANSIBLE ROLES

      # Begin PLAY HOSTS
-      {{ ansible_play_hosts_all | to_json }}
+      {{ ansible_play_hosts | to_json }}
      # End PLAY HOSTS

      # Begin K3S ROLE CONFIG
-      {% for host in ansible_play_hosts_all %}
+      {% for host in ansible_play_hosts %}
      ## {{ host }}
      {% for config_key in hostvars[host] %}
      {% if config_key | regex_search('^k3s_') %}
@ -66,7 +66,7 @@
      # End K3S ROLE CONFIG

      # Begin K3S RUNTIME CONFIG
-      {% for host in ansible_play_hosts_all %}
+      {% for host in ansible_play_hosts %}
      ## {{ host }}
      {% if hostvars[host].k3s_runtime_config is defined %}
      {{ hostvars[host].k3s_runtime_config }}
--- a/templates/k3s.service.j2
+++ b/templates/k3s.service.j2
@ -30,11 +30,13 @@ ExecStart={{ k3s_install_dir }}/k3s
    server
    {% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %}
        --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
-        --token-file {{ k3s_token_location }}
    {% endif %}
    {% if k3s_server is defined %}
        --config {{ k3s_config_file }}
    {% endif %}
+    {% if k3s_control_node and not k3s_primary_control_node %}
+        --token-file {{ k3s_token_location }}
+    {% endif %}
 {% else %}
    agent
    --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}