Merge pull request #138 from PyratLabs/bugfix-token_path_required

Updated systemd template to use token when joining a cluster
This commit is contained in:
Xan Manning 2021-07-24 18:00:09 +01:00 committed by GitHub
commit 3b26d24212
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 21 additions and 22 deletions

View file

@ -15,7 +15,7 @@ k3s_release_version: false
# Loction of the k3s configuration file # Loction of the k3s configuration file
k3s_config_file: /etc/rancher/k3s/config.yaml k3s_config_file: /etc/rancher/k3s/config.yaml
# When multiple ansible_play_hosts_all are present, attempt to cluster the nodes. # When multiple ansible_play_hosts are present, attempt to cluster the nodes.
# Using false will create multiple standalone nodes. # Using false will create multiple standalone nodes.
# (default: true) # (default: true)
k3s_build_cluster: true k3s_build_cluster: true

View file

@ -28,14 +28,12 @@
mode: 0755 mode: 0755
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure k3s cluster token file is present on workers and secondary control nodes - name: Ensure k3s cluster token file is present
ansible.builtin.template: ansible.builtin.template:
src: cluster-token.j2 src: cluster-token.j2
dest: "{{ k3s_token_location }}" dest: "{{ k3s_token_location }}"
mode: 0600 mode: 0600
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
when: (k3s_control_node and not k3s_primary_control_node)
or not k3s_control_node
notify: notify:
- restart k3s - restart k3s
@ -69,7 +67,7 @@
- ensure_secondary_controllers_started is not succeeded - ensure_secondary_controllers_started is not succeeded
- not ansible_check_mode - not ansible_check_mode
until: ensure_secondary_controllers_started is succeeded until: ensure_secondary_controllers_started is succeeded
retries: "{{ ansible_play_hosts_all | length }}" retries: "{{ ansible_play_hosts | length }}"
delay: 5 delay: 5
when: when:
- k3s_control_node - k3s_control_node

View file

@ -4,17 +4,17 @@
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_build_cluster: false k3s_build_cluster: false
when: when:
- ansible_play_hosts_all | length < 2 - ansible_play_hosts | length < 2
- k3s_registration_address is not defined - k3s_registration_address is not defined
- name: Ensure k3s control node fact is set - name: Ensure k3s control node fact is set
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_control_node: "{{ false if k3s_build_cluster else true }}" k3s_control_node: "{{ not k3s_build_cluster }}"
when: k3s_control_node is not defined when: k3s_control_node is not defined
- name: Ensure k3s primary control node fact is set - name: Ensure k3s primary control node fact is set
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_primary_control_node: "{{ false if k3s_build_cluster else true }}" k3s_primary_control_node: "{{ not k3s_build_cluster }}"
when: k3s_primary_control_node is not defined when: k3s_primary_control_node is not defined
- name: Ensure k3s control plane port is captured - name: Ensure k3s control plane port is captured
@ -22,21 +22,21 @@
k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}" k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
delegate_to: k3s_primary_control_node delegate_to: k3s_primary_control_node
- name: Ensure a count of control nodes is generated from ansible_play_hosts_all - name: Ensure a count of control nodes is generated from ansible_play_hosts
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_controller_list: "{{ k3s_controller_list + [ item ] }}" k3s_controller_list: "{{ k3s_controller_list + [ item ] }}"
when: when:
- hostvars[item].k3s_control_node is defined - hostvars[item].k3s_control_node is defined
- hostvars[item].k3s_control_node - hostvars[item].k3s_control_node
loop: "{{ ansible_play_hosts_all }}" loop: "{{ ansible_play_hosts }}"
- name: Ensure a k3s control node is defined if none are found in ansible_play_hosts_all - name: Ensure a k3s control node is defined if none are found in ansible_play_hosts
block: block:
- name: Set the control host - name: Set the control host
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_control_node: true k3s_control_node: true
when: inventory_hostname == ansible_play_hosts_all[0] when: inventory_hostname == ansible_play_hosts[0]
- name: Ensure a count of control nodes is generated - name: Ensure a count of control nodes is generated
ansible.builtin.set_fact: ansible.builtin.set_fact:
@ -44,19 +44,18 @@
when: when:
- hostvars[item].k3s_control_node is defined - hostvars[item].k3s_control_node is defined
- hostvars[item].k3s_control_node - hostvars[item].k3s_control_node
loop: "{{ ansible_play_hosts_all }}" loop: "{{ ansible_play_hosts }}"
when: when:
- k3s_controller_list | length < 1 - k3s_controller_list | length < 1
- k3s_build_cluster is defined - k3s_build_cluster is defined
- k3s_build_cluster - k3s_build_cluster
- name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts_all - name: Ensure a primary k3s control node is defined if multiple are found in ansible_play_hosts
ansible.builtin.set_fact: ansible.builtin.set_fact:
k3s_primary_control_node: true k3s_primary_control_node: true
when: when:
- k3s_controller_list is defined - k3s_controller_list is defined
- k3s_controller_list | length > 1
- inventory_hostname == k3s_controller_list[0] - inventory_hostname == k3s_controller_list[0]
- k3s_build_cluster is defined - k3s_build_cluster is defined
- k3s_build_cluster - k3s_build_cluster
@ -65,7 +64,7 @@
ansible.builtin.blockinfile: ansible.builtin.blockinfile:
path: /tmp/inventory.txt path: /tmp/inventory.txt
block: | block: |
{% for host in ansible_play_hosts_all %} {% for host in ansible_play_hosts %}
{% filter replace('\n', ' ') %} {% filter replace('\n', ' ') %}
{{ host }} {{ host }}
@@@ @@@

View file

@ -33,7 +33,7 @@
- item in kubectl_get_nodes_result.stdout - item in kubectl_get_nodes_result.stdout
- hostvars[item].k3s_state is defined - hostvars[item].k3s_state is defined
- hostvars[item].k3s_state == 'uninstalled' - hostvars[item].k3s_state == 'uninstalled'
loop: "{{ ansible_play_hosts_all }}" loop: "{{ ansible_play_hosts }}"
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure uninstalled nodes are removed - name: Ensure uninstalled nodes are removed
@ -46,7 +46,7 @@
- item in kubectl_get_nodes_result.stdout - item in kubectl_get_nodes_result.stdout
- hostvars[item].k3s_state is defined - hostvars[item].k3s_state is defined
- hostvars[item].k3s_state == 'uninstalled' - hostvars[item].k3s_state == 'uninstalled'
loop: "{{ ansible_play_hosts_all }}" loop: "{{ ansible_play_hosts }}"
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
when: when:

View file

@ -50,11 +50,11 @@
# End ANSIBLE ROLES # End ANSIBLE ROLES
# Begin PLAY HOSTS # Begin PLAY HOSTS
{{ ansible_play_hosts_all | to_json }} {{ ansible_play_hosts | to_json }}
# End PLAY HOSTS # End PLAY HOSTS
# Begin K3S ROLE CONFIG # Begin K3S ROLE CONFIG
{% for host in ansible_play_hosts_all %} {% for host in ansible_play_hosts %}
## {{ host }} ## {{ host }}
{% for config_key in hostvars[host] %} {% for config_key in hostvars[host] %}
{% if config_key | regex_search('^k3s_') %} {% if config_key | regex_search('^k3s_') %}
@ -66,7 +66,7 @@
# End K3S ROLE CONFIG # End K3S ROLE CONFIG
# Begin K3S RUNTIME CONFIG # Begin K3S RUNTIME CONFIG
{% for host in ansible_play_hosts_all %} {% for host in ansible_play_hosts %}
## {{ host }} ## {{ host }}
{% if hostvars[host].k3s_runtime_config is defined %} {% if hostvars[host].k3s_runtime_config is defined %}
{{ hostvars[host].k3s_runtime_config }} {{ hostvars[host].k3s_runtime_config }}

View file

@ -30,11 +30,13 @@ ExecStart={{ k3s_install_dir }}/k3s
server server
{% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %} {% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %}
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }} --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
--token-file {{ k3s_token_location }}
{% endif %} {% endif %}
{% if k3s_server is defined %} {% if k3s_server is defined %}
--config {{ k3s_config_file }} --config {{ k3s_config_file }}
{% endif %} {% endif %}
{% if k3s_control_node and not k3s_primary_control_node %}
--token-file {{ k3s_token_location }}
{% endif %}
{% else %} {% else %}
agent agent
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }} --server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}