libretic/ansible-role-k3s
6
0
Fork 0
mirror of https://github.com/PyratLabs/ansible-role-k3s synced 2024-09-20 00:51:32 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #170 from PyratLabs/v3_release

Browse source 
V3 Release
This commit is contained in:
Xan Manning 2022-01-02 22:21:45 +00:00 committed by GitHub
commit 473f3943d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
78 changed files with 346 additions and 828 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
CHANGELOG.md
View file

@ -14,6 +14,26 @@
---
-->
## 2022-01-02, v3.0.0
### Notable changes
- feat: Flattened task filesystem
- feat: Moved some tasks into `vars/` as templated variables
- feat: Airgap installation method added #165
### Breaking changes
- Minimum `python` version on targets is 3.6
- `k3s_become_for_all` renamed to `k3s_become`
- `k3s_become_for_*` removed.
### Contributors
- [crutonjohn](https://github.com/crutonjohn)
---
## 2021-12-23, v2.12.1
### Notable changes

33
README.md
View file

@ -1,10 +1,17 @@
# Ansible Role: k3s (v2.x)
# Ansible Role: k3s (v3.x)
Ansible role for installing [K3S](https://k3s.io/) ("Lightweight
Kubernetes") as either a standalone server or cluster.
[![CI](https://github.com/PyratLabs/ansible-role-k3s/workflows/CI/badge.svg?event=push)](https://github.com/PyratLabs/ansible-role-k3s/actions?query=workflow%3ACI)
## Help Wanted!
Hi! :wave: [@xanmanning](https://github.com/xanmanning) is looking for a new
maintainer to work on this Ansible role. This is because I don't have as much
free time any more and I no longer write Ansible regularly as part of my day
job. If you're interested, get in touch.
## Release notes
Please see [Releases](https://github.com/PyratLabs/ansible-role-k3s/releases)
@ -14,6 +21,7 @@ and [CHANGELOG.md](CHANGELOG.md).
The host you're running Ansible from requires the following Python dependencies:
- `python >= 3.6.0`
- `ansible >= 2.9.16` or `ansible-base >= 2.10.4`
You can install dependencies using the requirements.txt file in this repository:
@ -24,8 +32,7 @@ This role has been tested against the following Linux Distributions:
- Amazon Linux 2
- Archlinux
- CentOS 8
- CentOS 7
- Debian 10
- Debian 11
- Fedora 31
- Fedora 32
- Fedora 33
@ -33,7 +40,7 @@ This role has been tested against the following Linux Distributions:
- RockyLinux 8
- Ubuntu 20.04 LTS
:warning: The v2 releases of this role only supports `k3s >= v1.19`, for
:warning: The v3 releases of this role only supports `k3s >= v1.19`, for
`k3s < v1.19` please consider updating or use the v1.x releases of this role.
Before upgrading, see [CHANGELOG](CHANGELOG.md) for notifications of breaking
@ -130,7 +137,6 @@ The `k3s_server` dictionary variable will contain flags from the above
```yaml
k3s_server:
datastore-endpoint: postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable
docker: true
cluster-cidr: 172.20.0.0/16
flannel-backend: 'none' # This needs to be in quotes
disable:
@ -181,18 +187,11 @@ configuration.
The below variables are used to change the way the role executes in Ansible,
particularly with regards to privilege escalation.
| Variable | Description | Default Value |
|-------------------------------------|---------------------------------------------------------------------|---------------|
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` |
| `k3s_become_for_all` | Escalate user privileges for all tasks. Overrides all of the below. | `false` |
| `k3s_become_for_systemd` | Escalate user privileges for systemd tasks. | NULL |
| `k3s_become_for_install_dir` | Escalate user privileges for creating installation directories. | NULL |
| `k3s_become_for_directory_creation` | Escalate user privileges for creating application directories. | NULL |
| `k3s_become_for_usr_local_bin` | Escalate user privileges for writing to `/usr/local/bin`. | NULL |
| `k3s_become_for_package_install` | Escalate user privileges for installing k3s. | NULL |
| `k3s_become_for_kubectl` | Escalate user privileges for running `kubectl`. | NULL |
| `k3s_become_for_uninstall` | Escalate user privileges for uninstalling k3s. | NULL |
| Variable | Description | Default Value |
|-----------------------|----------------------------------------------------------------|---------------|
| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` |
| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` |
| `k3s_become` | Escalate user privileges for tasks that need root permissions. | `false` |
#### Important note about `k3s_release_version`

11
defaults/main.yml
View file

@ -127,15 +127,8 @@ k3s_agent: {}
# Ansible Controller configuration
##
# Use become privileges for
k3s_become_for_all: false
k3s_become_for_systemd: null
k3s_become_for_install_dir: null
k3s_become_for_directory_creation: null
k3s_become_for_usr_local_bin: null
k3s_become_for_package_install: null
k3s_become_for_kubectl: null
k3s_become_for_uninstall: null
# Use become privileges?
k3s_become: false
# Private registry configuration.
# Rancher k3s documentation: https://rancher.com/docs/k3s/latest/en/installation/private-registry/

15
handlers/main.yml
View file

@ -4,7 +4,7 @@
ansible.builtin.systemd:
daemon_reload: true
scope: "{{ k3s_systemd_context }}"
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: restart k3s
ansible.builtin.systemd:
@ -18,15 +18,4 @@
failed_when:
- k3s_systemd_restart_k3s is not success
- not ansible_check_mode
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
- name: restart docker
ansible.builtin.systemd:
name: docker
state: restarted
enabled: true
register: k3s_systemd_restart_docker
failed_when:
- k3s_systemd_restart_docker is not success
- not ansible_check_mode
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

14
molecule/docker/converge.yml
View file

@ -1,14 +0,0 @@
---
- name: Converge
hosts: all
become: true
vars:
molecule_is_test: true
k3s_server:
https-listen-port: 26443
cluster-domain: examplecluster.local
k3s_agent:
docker: true
snapshotter: native
roles:
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"

60
molecule/docker/molecule.yml
View file

@ -1,60 +0,0 @@
---
dependency:
name: galaxy
driver:
name: docker
scenario:
test_sequence:
- dependency
- lint
- cleanup
- destroy
- syntax
- create
- prepare
- check
- converge
- idempotence
- side_effect
- verify
- cleanup
- destroy
lint: |
set -e
yamllint -s .
ansible-lint --exclude molecule/
platforms:
- name: node1
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: ${MOLECULE_PREBUILT:-true}
networks:
- name: k3snet
- name: node2
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: ${MOLECULE_PREBUILT:-true}
networks:
- name: k3snet
- name: node3
image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: ${MOLECULE_PREBUILT:-true}
networks:
- name: k3snet
provisioner:
name: ansible
options:
verbose: true
verifier:
name: ansible

10
molecule/docker/prepare.yml
View file

@ -1,10 +0,0 @@
---
- name: Prepare
hosts: all
tasks:
- name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt:
name: iptables
state: present
update_cache: true
when: ansible_pkg_mgr == 'apt'

13
tasks/build/docker/amazon/install.yml
View file

@ -1,13 +0,0 @@
---
- name: Ensure docker is installed using amazon-linux-extras
ansible.builtin.command:
cmd: amazon-linux-extras install docker
args:
creates: /etc/docker
notify:
- restart docker
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Flush Handlers
meta: flush_handlers

1
tasks/build/docker/archlinux/install-prerequisites.yml
View file

@ -1 +0,0 @@
---

16
tasks/build/docker/archlinux/install.yml
View file

@ -1,16 +0,0 @@
---
- name: Ensure docker is installed using Pacman
community.general.pacman:
name: docker
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Flush Handlers
meta: flush_handlers

29
tasks/build/docker/debian/install-prerequisites.yml
View file

@ -1,29 +0,0 @@
---
- name: Ensure Docker prerequisites are installed
ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if k3s_os_distribution == 'debian' else 'gnupg-agent' }}"
- software-properties-common
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure Docker APT key is present
ansible.builtin.apt_key:
url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
state: present
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure Docker repository is installed and configured
ansible.builtin.apt_repository:
filename: docker-ce
repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable"
update_cache: true
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"

16
tasks/build/docker/install.yml
View file

@ -1,16 +0,0 @@
---
- name: Ensure docker is installed
ansible.builtin.package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: present
register: ensure_docker_installed
until: ensure_docker_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"

16
tasks/build/docker/opensuse-leap/install.yml
View file

@ -1,16 +0,0 @@
---
- name: Ensure docker is installed using Zypper
community.general.zypper:
name: docker
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Flush Handlers
meta: flush_handlers

56
tasks/build/docker/redhat/install-prerequisites.yml
View file

@ -1,56 +0,0 @@
---
- name: Ensure python-dnf is installed
ansible.builtin.package:
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
state: present
register: ensure_python_dnf_installed
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
until: ensure_python_dnf_installed is succeeded
retries: 3
delay: 10
when: ansible_pkg_mgr == 'dnf'
- name: Ensure Docker prerequisites are installed
ansible.builtin.yum:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Check to see if Docker repository is available for this distribution
ansible.builtin.uri:
url: "https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}"
register: k3s_redhat_repo_check
failed_when: false
changed_when: false
- name: Ensure Docker repository is installed and configured
ansible.builtin.yum_repository:
name: docker-ce
description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
enabled: true
gpgcheck: true
state: present
when:
- k3s_os_distribution not in ['amazon']
- k3s_redhat_repo_check.status == 200
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure Docker repository is installed and configured from file
ansible.builtin.command:
cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
args:
creates: /etc/yum.repos.d/docker-ce.repo
when:
- k3s_os_distribution not in ['amazon']
- k3s_redhat_repo_check.status != 200
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"

1
tasks/build/docker/suse/install-prerequisites.yml
View file

@ -1 +0,0 @@
---

16
tasks/build/docker/suse/install.yml
View file

@ -1,16 +0,0 @@
---
- name: Ensure docker is installed using Zypper
community.general.zypper:
name: docker
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker
become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
- name: Flush Handlers
meta: flush_handlers

18
tasks/build/preconfigure-k3s-agent-config-yaml-d.yml
View file

@ -1,18 +0,0 @@
---
- name: Ensure that the config.yaml.d directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_config_yaml_d_dir }}"
mode: 0755
when: k3s_agent_config_yaml_d_files | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://github.com/k3s-io/k3s/pull/3162
- name: Ensure configuration files are copied to agents
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_agent_config_yaml_d_files }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"

19
tasks/build/preconfigure-k3s-auto-deploying-manifests-urls.yml
View file

@ -1,19 +0,0 @@
---
- name: Ensure that the manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_manifests_dir }}"
mode: 0755
when: k3s_server_manifests_urls | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
- name: Ensure auto-deploying manifests are downloaded to the primary controller
ansible.builtin.get_url:
url: "{{ item.url }}"
dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}"
mode: 0644
loop: "{{ k3s_server_manifests_urls }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
when: not ansible_check_mode

18
tasks/build/preconfigure-k3s-auto-deploying-manifests.yml
View file

@ -1,18 +0,0 @@
---
- name: Ensure that the manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_manifests_dir }}"
mode: 0755
when: k3s_server_manifests_templates | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
- name: Ensure auto-deploying manifests are copied to the primary controller
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_manifests_templates }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"

18
tasks/build/preconfigure-k3s-server-config-yaml-d.yml
View file

@ -1,18 +0,0 @@
---
- name: Ensure that the config.yaml.d directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_config_yaml_d_dir }}"
mode: 0755
when: k3s_server_config_yaml_d_files | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://github.com/k3s-io/k3s/pull/3162
- name: Ensure configuration files are copied to controllers
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_config_yaml_d_files }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"

19
tasks/build/preconfigure-k3s-static-pod-manifests-urls.yml
View file

@ -1,19 +0,0 @@
---
- name: Ensure that the pod-manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_pod_manifests_dir }}"
mode: 0755
when: k3s_server_pod_manifests_urls | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
- name: Ensure auto-deploying manifests are downloaded to the primary controller
ansible.builtin.get_url:
url: "{{ item.url }}"
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}"
mode: 0644
loop: "{{ k3s_server_pod_manifests_urls }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
when: not ansible_check_mode

18
tasks/build/preconfigure-k3s-static-pod-manifests.yml
View file

@ -1,18 +0,0 @@
---
- name: Ensure that the pod-manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_pod_manifests_dir }}"
mode: 0755
when: k3s_server_pod_manifests_templates | length > 0
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
# https://github.com/k3s-io/k3s/pull/1691
- name: Ensure static pod manifests are copied to controllers
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_pod_manifests_templates }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"

0
tasks/build/get-systemd-context.yml → tasks/determine_systemd_context.yml
View file

16
tasks/build/configure-k3s-cluster.yml → tasks/ensure_cluster.yml
View file

@ -8,7 +8,7 @@
when:
- k3s_control_token is not defined
- not ansible_check_mode
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure cluster token is formatted correctly for use in templates
ansible.builtin.set_fact:
@ -26,14 +26,14 @@
path: "{{ k3s_token_location | dirname }}"
state: directory
mode: 0755
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s cluster token file is present
ansible.builtin.template:
src: cluster-token.j2
dest: "{{ k3s_token_location }}"
mode: 0600
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
notify:
- restart k3s
@ -42,7 +42,7 @@
src: k3s.service.j2
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
mode: 0644
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
notify:
- reload systemd
- restart k3s
@ -55,7 +55,7 @@
notify:
- reload systemd
- restart k3s
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure secondary controllers are started
ansible.builtin.systemd:
@ -72,13 +72,13 @@
when:
- k3s_control_node
- not k3s_primary_control_node
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- import_tasks: ../validate/state/control-plane.yml
- import_tasks: post_checks_control_plane.yml
when: not k3s_skip_validation
- name: Flush Handlers
meta: flush_handlers
- import_tasks: ../validate/state/nodes.yml
- import_tasks: post_checks_nodes.yml
when: not k3s_skip_validation

2
tasks/build/containerd/registries.yml → tasks/ensure_containerd_registries.yml
View file

@ -8,4 +8,4 @@
notify:
- reload systemd
- restart k3s
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

2
tasks/build/install-k3s-directories.yml → tasks/ensure_directories.yml
View file

@ -5,7 +5,7 @@
path: "{{ directory.path }}"
state: directory
mode: "{{ directory.mode | default(755) }}"
become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
when:
- directory.path is defined
- directory.path | length > 0

2
tasks/build/download-k3s.yml → tasks/ensure_downloads.yml
View file

@ -48,4 +48,4 @@
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
checksum: "sha256:{{ k3s_hash_sum }}"
mode: 0755
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

8
tasks/teardown/drain-and-remove-nodes.yml → tasks/ensure_drain_and_remove_nodes.yml
View file

@ -4,7 +4,7 @@
ansible.builtin.stat:
path: "{{ k3s_install_dir }}/kubectl"
register: k3s_check_kubectl
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Clean up nodes that are in an uninstalled state
block:
@ -17,7 +17,7 @@
delegate_to: "{{ k3s_control_delegate }}"
run_once: true
register: kubectl_get_nodes_result
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure uninstalled nodes are drained
ansible.builtin.command:
@ -34,7 +34,7 @@
- hostvars[item].k3s_state is defined
- hostvars[item].k3s_state == 'uninstalled'
loop: "{{ ansible_play_hosts }}"
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure uninstalled nodes are removed
ansible.builtin.command:
@ -47,7 +47,7 @@
- hostvars[item].k3s_state is defined
- hostvars[item].k3s_state == 'uninstalled'
loop: "{{ ansible_play_hosts }}"
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
when:
- k3s_check_kubectl.stat.exists is defined

8
tasks/build/install-k3s.yml → tasks/ensure_installed.yml
View file

@ -1,11 +1,11 @@
---
- include_tasks: install-k3s-directories.yml
- include_tasks: ensure_directories.yml
loop: "{{ k3s_ensure_directories_exist }}"
loop_control:
loop_var: directory
- include_tasks: install-k3s-node.yml
- include_tasks: ensure_installed_node.yml
when:
- ((k3s_control_node and k3s_controller_list | length == 1)
or (k3s_primary_control_node and k3s_controller_list | length > 1))
@ -14,7 +14,7 @@
- name: Flush Handlers
meta: flush_handlers
- include_tasks: install-k3s-node.yml
- include_tasks: ensure_installed_node.yml
when: k3s_build_cluster
- name: Determine if the systems are already clustered
@ -35,4 +35,4 @@
when: (k3s_control_node and k3s_controller_list | length == 1)
or (k3s_primary_control_node and k3s_controller_list | length > 1)
or k3s_token_cluster_check.stat.exists
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

10
tasks/build/install-k3s-node.yml → tasks/ensure_installed_node.yml
View file

@ -15,7 +15,7 @@
when: not ansible_check_mode
notify:
- restart k3s
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s config file exists
ansible.builtin.template:
@ -25,7 +25,7 @@
notify:
- reload systemd
- restart k3s
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s service unit file is present
ansible.builtin.template:
@ -35,14 +35,14 @@
notify:
- reload systemd
- restart k3s
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s killall script is present
ansible.builtin.template:
src: k3s-killall.sh.j2
dest: "/usr/local/bin/k3s-killall.sh"
mode: 0700
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
when:
- k3s_runtime_config is defined
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)
@ -52,7 +52,7 @@
src: k3s-uninstall.sh.j2
dest: "/usr/local/bin/k3s-uninstall.sh"
mode: 0700
become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
when:
- k3s_runtime_config is defined
- ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless)

62
tasks/ensure_k3s_auto_deploy.yml Normal file
View file

@ -0,0 +1,62 @@
---
- name: Ensure that the manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_manifests_dir }}"
mode: 0755
when: >-
k3s_server_manifests_templates | length > 0
or k3s_server_manifests_urls | length > 0
become: "{{ k3s_become }}"
- name: Ensure that the pod-manifests directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_server_pod_manifests_dir }}"
mode: 0755
when: >-
k3s_server_pod_manifests_templates | length > 0
or k3s_server_pod_manifests_urls | length > 0
become: "{{ k3s_become }}"
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
- name: Ensure auto-deploying manifests are copied to the primary controller
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_manifests_templates }}"
become: "{{ k3s_become }}"
when:
- k3s_server_manifests_templates | length > 0
- name: Ensure auto-deploying manifests are downloaded to the primary controller
ansible.builtin.get_url:
url: "{{ item.url }}"
dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}"
mode: 0644
loop: "{{ k3s_server_manifests_urls }}"
become: "{{ k3s_become }}"
when:
- not ansible_check_mode
- k3s_server_manifests_urls | length > 0
# https://github.com/k3s-io/k3s/pull/1691
- name: Ensure static pod manifests are copied to controllers
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_pod_manifests_templates }}"
become: "{{ k3s_become }}"
# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests
- name: Ensure auto-deploying manifests are downloaded to the primary controller
ansible.builtin.get_url:
url: "{{ item.url }}"
dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}"
mode: 0644
loop: "{{ k3s_server_pod_manifests_urls }}"
become: "{{ k3s_become }}"
when: not ansible_check_mode

31
tasks/ensure_k3s_config_files.yml Normal file
View file

@ -0,0 +1,31 @@
---
- name: Ensure that the config.yaml.d directory exists
ansible.builtin.file:
state: directory
path: "{{ k3s_config_yaml_d_dir }}"
mode: 0755
when: >-
k3s_server_config_yaml_d_files | length > 0
or k3s_agent_config_yaml_d_files | length > 0
become: "{{ k3s_become }}"
# https://github.com/k3s-io/k3s/pull/3162
- name: Ensure configuration files are copied to controllers
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_server_config_yaml_d_files }}"
become: "{{ k3s_become }}"
when: k3s_control_node
# https://github.com/k3s-io/k3s/pull/3162
- name: Ensure configuration files are copied to agents
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}"
mode: 0644
loop: "{{ k3s_agent_config_yaml_d_files }}"
become: "{{ k3s_become }}"
when: not k3s_control_node

7
tasks/build/preconfigure-k3s.yml → tasks/ensure_pre_configuration.yml
View file

@ -127,10 +127,3 @@
when: k3s_registration_address is not defined
or k3s_control_delegate is not defined
- name: Ensure k3s_runtime_config is set for agents
ansible.builtin.set_fact:
k3s_runtime_config: "{{ (k3s_agent | default({})) }}"
when:
- k3s_agent is defined
- (k3s_control_node is not defined or not k3s_control_node)

4
tasks/operate/start-k3s.yml → tasks/ensure_started.yml
View file

@ -6,7 +6,7 @@
state: started
enabled: "{{ k3s_start_on_boot }}"
when: k3s_non_root is not defined or not k3s_non_root
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s service is started
ansible.builtin.systemd:
@ -17,4 +17,4 @@
when:
- k3s_non_root is defined
- k3s_non_root
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

4
tasks/operate/stop-k3s.yml → tasks/ensure_stopped.yml
View file

@ -6,7 +6,7 @@
state: stopped
enabled: "{{ k3s_start_on_boot }}"
when: k3s_non_root is not defined or not k3s_non_root
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure k3s service is started
ansible.builtin.systemd:
@ -17,4 +17,4 @@
when:
- k3s_non_root is defined
- k3s_non_root
become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

20
tasks/teardown/uninstall-k3s.yml → tasks/ensure_uninstalled.yml
View file

@ -10,20 +10,13 @@
path: /usr/local/bin/k3s-uninstall.sh
register: check_k3s_uninstall_script
- name: Check to see if docker is present
ansible.builtin.command:
cmd: which docker
failed_when: false
changed_when: false
register: check_k3s_docker_path
- name: Run k3s-killall.sh
ansible.builtin.command:
cmd: /usr/local/bin/k3s-killall.sh
register: k3s_killall
changed_when: k3s_killall.rc == 0
when: check_k3s_killall_script.stat.exists
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Run k3s-uninstall.sh
ansible.builtin.command:
@ -33,7 +26,7 @@
register: k3s_uninstall
changed_when: k3s_uninstall.rc == 0
when: check_k3s_uninstall_script.stat.exists
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"
- name: Ensure hard links are removed
ansible.builtin.file:
@ -46,11 +39,4 @@
when:
- k3s_install_hard_links
- not ansible_check_mode
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
- name: Clean up Docker
ansible.builtin.command:
cmd: docker system prune -a --force
when:
- ("docker" in k3s_runtime_config and k3s_runtime_config.docker)
- check_k3s_docker_path.rc == 0
become: "{{ k3s_become }}"

2
tasks/build/airgap-k3s.yml → tasks/ensure_uploads.yml
View file

@ -12,4 +12,4 @@
# TODO: allow airgap to bypass version post-fix
dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"
mode: 0755
become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

4
tasks/main.yml
View file

@ -1,5 +1,5 @@
---
- import_tasks: validate/pre-flight.yml
- import_tasks: pre_checks.yml
- include_tasks: state-{{ (k3s_state | lower) | default('installed') }}.yml
- include_tasks: state_{{ (k3s_state | lower) | default('installed') }}.yml

0
tasks/validate/state/control-plane.yml → tasks/post_checks_control_plane.yml
View file

2
tasks/validate/state/nodes.yml → tasks/post_checks_nodes.yml
View file

@ -17,4 +17,4 @@
- ("flannel-backend" not in k3s_runtime_config
or k3s_runtime_config["flannel-backend"] != "none")
- not ansible_check_mode
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

12
tasks/validate/state/uninstalled.yml → tasks/post_checks_uninstalled.yml
View file

@ -9,18 +9,6 @@
changed_when: false
register: check_k3s_process
- name: Check that docker is not running
ansible.builtin.command:
cmd: pgrep docker
failed_when:
- check_k3s_docker_process.rc == 0
- not ansible_check_mode
changed_when: false
register: check_k3s_docker_process
when:
- k3s_runtime_config.docker is defined
- k3s_runtime_config.docker
- name: Fail if k3s binaries have not been removed
ansible.builtin.stat:
path: "{{ k3s_install_dir }}/{{ item }}"

90
tasks/pre_checks.yml Normal file
View file

@ -0,0 +1,90 @@
---
- name: Check that k3s_state is a supported value
ansible.builtin.assert:
that:
- k3s_state in k3s_valid_states
fail_msg: "k3s_state not valid. Check README.md for details."
success_msg: "k3s_state is valid."
when: k3s_state is defined
- name: Check that Ansible v{{ ansible_version.string }} is supported by this role
ansible.builtin.assert:
that:
- ansible_version.string is version_compare(k3s_ansible_min_version, '>=')
fail_msg: >-
Ansible v{{ ansible_version.string }} is not supported by this role.
Please install >= v{{ k3s_ansible_min_version }}.
success_msg: "Ansible v{{ ansible_version.string }} is supported."
become: false
delegate_to: localhost
run_once: true
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- name: Check that Python v{{ ansible_python_version }} is supported by this role
ansible.builtin.assert:
that:
- ansible_python_version is version_compare(k3s_python_min_version, '>=')
fail_msg: >-
Python v{{ ansible_python_version }} is not supported by this role.
Please install >= v{{ k3s_python_min_version }}.
success_msg: "Python v{{ ansible_python_version }} is supported."
become: false
delegate_to: localhost
run_once: true
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: pre_checks_version.yml
when:
- (k3s_release_version is not defined
or not k3s_release_version
or k3s_release_version is not regex('\\+k3s[1-9]$'))
- not k3s_airgap
- include_tasks: pre_checks_cgroups.yml
loop: "{{ k3s_cgroup_subsys }}"
loop_control:
loop_var: cgroup
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: pre_checks_packages.yml
loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}"
loop_control:
loop_var: package
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- k3s_check_packages[k3s_os_distribution_version] is defined
- include_tasks: pre_checks_issue_data.yml
when:
- pyratlabs_issue_controller_dump is defined
- pyratlabs_issue_controller_dump
- import_tasks: pre_checks_variables.yml
when:
- not k3s_skip_validation
- import_tasks: pre_checks_experimental_variables.yml
when:
- not k3s_skip_validation
- import_tasks: pre_checks_unsupported_rootless.yml
when:
- k3s_runtime_config.rootless is defined
- k3s_runtime_config.rootless
- not k3s_skip_validation
- import_tasks: ensure_pre_configuration.yml
- import_tasks: pre_checks_control_node_count.yml
when:
- k3s_build_cluster is defined
- k3s_build_cluster
- not k3s_skip_validation

0
tasks/validate/environment/remote/cgroups.yml → tasks/pre_checks_cgroups.yml
View file

2
tasks/validate/configuration/cluster-init.yml → tasks/pre_checks_cluster.yml
View file

@ -16,4 +16,4 @@
failed_when:
- not k3s_check_cluster_token.stat.exists
- not ansible_check_mode
become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
become: "{{ k3s_become }}"

0
tasks/validate/configuration/control-node-count.yml → tasks/pre_checks_control_node_count.yml
View file

0
tasks/validate/configuration/experimental-variables.yml → tasks/pre_checks_experimental_variables.yml
View file

4
tasks/validate/environment/local/issue-data.yml → tasks/pre_checks_issue_data.yml
View file

@ -80,6 +80,8 @@
- name: Fail the play
ansible.builtin.fail:
msg: "Please include the output of {{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report."
msg: >-
Please include the output of
{{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report.
delegate_to: localhost
run_once: true

0
tasks/validate/environment/remote/packages.yml → tasks/pre_checks_packages.yml
View file

0
tasks/validate/configuration/unsupported-rootless.yml → tasks/pre_checks_unsupported_rootless.yml
View file

0
tasks/validate/configuration/variables.yml → tasks/pre_checks_variables.yml
View file

1
tasks/build/get-version.yml → tasks/pre_checks_version.yml
View file

@ -1,6 +1,5 @@
---
# TODO: Prevent or circumvent versioning when k3s_airgap
- name: Ensure k3s_release_version is set to default if false
ansible.builtin.set_fact:
k3s_release_version: "{{ k3s_release_channel }}"

94
tasks/state-installed.yml
View file

@ -1,94 +0,0 @@
---
- import_tasks: build/preconfigure-k3s.yml
- import_tasks: teardown/drain-and-remove-nodes.yml
- import_tasks: build/get-version.yml
when:
- k3s_release_version is not defined
or not k3s_release_version
or k3s_release_version is not regex('\\+k3s[1-9]$')
- not k3s_airgap
- import_tasks: validate/main.yml
when: not k3s_skip_validation
- import_tasks: build/get-systemd-context.yml
- name: Ensure docker installation tasks are run
block:
- include_tasks: build/docker/{{ k3s_os_family }}/install-prerequisites.yml
- import_tasks: build/docker/install.yml
when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
- include_tasks: build/docker/{{ k3s_os_distribution }}/install.yml
when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
when:
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
- name: Flush Handlers
meta: flush_handlers
- import_tasks: build/download-k3s.yml
when:
- not k3s_airgap
- import_tasks: build/airgap-k3s.yml
when:
- k3s_airgap
- import_tasks: build/preconfigure-k3s-auto-deploying-manifests.yml
when:
- k3s_primary_control_node
- k3s_server_manifests_templates | length > 0
- import_tasks: build/preconfigure-k3s-auto-deploying-manifests-urls.yml
when:
- k3s_primary_control_node
- k3s_server_manifests_urls | length > 0
- import_tasks: build/preconfigure-k3s-static-pod-manifests.yml
when:
- k3s_control_node
- k3s_server_pod_manifests_templates | length > 0
- import_tasks: build/preconfigure-k3s-static-pod-manifests-urls.yml
when:
- k3s_control_node
- k3s_server_pod_manifests_urls | length > 0
- import_tasks: build/preconfigure-k3s-server-config-yaml-d.yml
when:
- k3s_control_node
- k3s_server_config_yaml_d_files | length > 0
- import_tasks: build/preconfigure-k3s-agent-config-yaml-d.yml
when:
- not k3s_control_node
- k3s_agent_config_yaml_d_files | length > 0
- import_tasks: build/install-k3s.yml
- name: Ensure containerd installation tasks are run
block:
- include_tasks: build/containerd/registries.yml
when:
- k3s_registries is defined
- (k3s_runtime_config.docker is not defined or not k3s_runtime_config.docker)
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
- include_tasks: validate/configuration/cluster-init.yml
when:
- k3s_control_delegate is defined
- k3s_control_delegate == inventory_hostname
- import_tasks: build/configure-k3s-cluster.yml
when:
- k3s_build_cluster is defined
- k3s_build_cluster
- k3s_registration_address is defined

5
tasks/state-restarted.yml
View file

@ -1,5 +0,0 @@
---
- import_tasks: operate/stop-k3s.yml
- import_tasks: operate/start-k3s.yml

3
tasks/state-started.yml
View file

@ -1,3 +0,0 @@
---
- import_tasks: operate/start-k3s.yml

3
tasks/state-stopped.yml
View file

@ -1,3 +0,0 @@
---
- import_tasks: operate/stop-k3s.yml

25
tasks/state-uninstalled.yml
View file

@ -1,25 +0,0 @@
---
- import_tasks: build/preconfigure-k3s.yml
- import_tasks: teardown/drain-and-remove-nodes.yml
- import_tasks: teardown/uninstall-k3s.yml
- name: Ensure docker uninstall tasks are run
block:
- import_tasks: teardown/docker/uninstall.yml
when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
- include_tasks: teardown/docker/{{ k3s_os_distribution }}/uninstall.yml
when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux']
- include_tasks: teardown/docker/{{ k3s_os_family }}/uninstall-prerequisites.yml
when:
- ('docker' in k3s_runtime_config and k3s_runtime_config.docker)
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
- import_tasks: validate/state/uninstalled.yml
when: not k3s_skip_validation

7
tasks/state-validated.yml
View file

@ -1,7 +0,0 @@
---
- import_tasks: validate/pre-flight.yml
- import_tasks: validate/main.yml
- import_tasks: validate/post-install.yml

6
tasks/state-downloaded.yml → tasks/state_downloaded.yml
View file

@ -1,12 +1,12 @@
---
- import_tasks: build/get-version.yml
- import_tasks: pre_checks_version.yml
when:
- k3s_release_version is not defined or not k3s_release_version
- not k3s_airgap
- import_tasks: build/download-k3s.yml
- import_tasks: ensure_downloads.yml
when: not k3s_airgap
- import_tasks: build/airgap-k3s.yml
- import_tasks: ensure_uploads.yml
when: k3s_airgap

38
tasks/state_installed.yml Normal file
View file

@ -0,0 +1,38 @@
---
- import_tasks: ensure_drain_and_remove_nodes.yml
- import_tasks: determine_systemd_context.yml
- name: Flush Handlers
meta: flush_handlers
- import_tasks: ensure_downloads.yml
when: not k3s_airgap
- import_tasks: ensure_uploads.yml
when: k3s_airgap
- import_tasks: ensure_k3s_auto_deploy.yml
when:
- k3s_primary_control_node
- import_tasks: ensure_k3s_config_files.yml
- import_tasks: ensure_installed.yml
- include_tasks: ensure_containerd_registries.yml
when:
- k3s_registries is defined
- ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless)
- include_tasks: pre_checks_cluster.yml
when:
- k3s_control_delegate is defined
- k3s_control_delegate == inventory_hostname
- import_tasks: ensure_cluster.yml
when:
- k3s_build_cluster is defined
- k3s_build_cluster
- k3s_registration_address is defined

5
tasks/state_restarted.yml Normal file
View file

@ -0,0 +1,5 @@
---
- import_tasks: ensure_stopped.yml
- import_tasks: ensure_started.yml

3
tasks/state_started.yml Normal file
View file

@ -0,0 +1,3 @@
---
- import_tasks: ensure_started.yml

3
tasks/state_stopped.yml Normal file
View file

@ -0,0 +1,3 @@
---
- import_tasks: ensure_stopped.yml

10
tasks/state_uninstalled.yml Normal file
View file

@ -0,0 +1,10 @@
---
- import_tasks: ensure_pre_configuration.yml
- import_tasks: ensure_drain_and_remove_nodes.yml
- import_tasks: ensure_uninstalled.yml
- import_tasks: post_checks_uninstalled.yml
when: not k3s_skip_validation

5
tasks/state_validated.yml Normal file
View file

@ -0,0 +1,5 @@
---
- import_tasks: post_checks_control_plane.yml
- import_tasks: post_checks_nodes.yml

8
tasks/teardown/docker/amazon/uninstall.yml
View file

@ -1,8 +0,0 @@
---
- name: Ensure docker is uninstalled using amazon-linux-extras
ansible.builtin.command:
cmd: amazon-linux-extras uninstall docker
register: uninstall_docker_from_amazon_linux
changed_when: uninstall_docker_from_amazon_linux.rc == 0
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

11
tasks/teardown/docker/archlinux/uninstall.yml
View file

@ -1,11 +0,0 @@
---
- name: Ensure docker is uninstalled using Pacman
community.general.pacman:
name: docker
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

15
tasks/teardown/docker/debian/uninstall-prerequisites.yml
View file

@ -1,15 +0,0 @@
---
- name: Ensure Docker repository is uninstalled
ansible.builtin.apt_repository:
filename: docker-ce
repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable"
update_cache: false
state: absent
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
- name: Ensure Docker APT key is uninstalled
ansible.builtin.apt_key:
url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
state: absent
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

11
tasks/teardown/docker/opensuse-leap/uninstall.yml
View file

@ -1,11 +0,0 @@
---
- name: Ensure docker is installed using Zypper
community.general.zypper:
name: docker
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

13
tasks/teardown/docker/redhat/uninstall-prerequisites.yml
View file

@ -1,13 +0,0 @@
---
- name: Ensure Docker repository is removed
ansible.builtin.yum_repository:
name: docker-ce
description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg
enabled: false
gpgcheck: true
state: absent
when: k3s_os_distribution not in ['amazon']
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

1
tasks/teardown/docker/suse/uninstall-prerequisites.yml
View file

@ -1 +0,0 @@
---

11
tasks/teardown/docker/suse/uninstall.yml
View file

@ -1,11 +0,0 @@
---
- name: Ensure docker is uninstalled using Zypper
community.general.zypper:
name: docker
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

14
tasks/teardown/docker/uninstall.yml
View file

@ -1,14 +0,0 @@
---
- name: Ensure docker is uninstalled
ansible.builtin.package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10
become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"

13
tasks/validate/environment/local/packages.yml
View file

@ -1,13 +0,0 @@
---
- name: Check that Ansible v{{ ansible_version.string }} is supported by this role
ansible.builtin.assert:
that:
- ansible_version.string is version_compare(k3s_ansible_min_version, '>=')
fail_msg: >-
Ansible v{{ ansible_version.string }} is not supported by this role.
Please install >= v{{ k3s_ansible_min_version }}.
success_msg: "Ansible v{{ ansible_version.string }} is supported."
become: false
delegate_to: localhost
run_once: true

24
tasks/validate/main.yml
View file

@ -1,24 +0,0 @@
---
- include_tasks: environment/remote/packages.yml
loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}"
loop_control:
loop_var: package
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- k3s_check_packages[k3s_os_distribution_version] is defined
- import_tasks: configuration/variables.yml
- import_tasks: configuration/experimental-variables.yml
- import_tasks: configuration/unsupported-rootless.yml
when:
- k3s_runtime_config.rootless is defined
- k3s_runtime_config.rootless
- import_tasks: configuration/control-node-count.yml
when:
- k3s_build_cluster is defined
- k3s_build_cluster

5
tasks/validate/post-install.yml
View file

@ -1,5 +0,0 @@
---
- import_tasks: state/control-plane.yml
- import_tasks: state/nodes.yml

27
tasks/validate/pre-flight.yml
View file

@ -1,27 +0,0 @@
---
- name: Check that k3s_state is a supported value
ansible.builtin.assert:
that:
- k3s_state in k3s_valid_states
fail_msg: "k3s_state not valid. Check README.md for details."
success_msg: "k3s_state is valid."
when: k3s_state is defined
- import_tasks: environment/local/packages.yml
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: environment/remote/cgroups.yml
loop: "{{ k3s_cgroup_subsys }}"
loop_control:
loop_var: cgroup
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: environment/local/issue-data.yml
when:
- pyratlabs_issue_controller_dump is defined
- pyratlabs_issue_controller_dump

64
test_versions.sh
View file

@ -1,64 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
ANSIBLE_RELEASE_FEED="$(curl -Ssl https://api.github.com/repos/ansible/ansible/tags?per_page=50)"
TMPDIR="$(mktemp -d /tmp/molecule.XXXXX)"
function ansible_releases {
local RELEASE_LIST_ALL
RELEASE_LIST_ALL="$(echo "${ANSIBLE_RELEASE_FEED}" | grep -E "\"name\": \"v[0-9]+\.[0-9]+\.[0-9]+\"")"
for RELEASE in ${RELEASE_LIST_ALL} ; do
echo "${RELEASE}" | grep -v "name" | sed -E 's/"v([0-9]+\.[0-9]+\.[0-9]+)",/\1/g' || true
done
}
function build_requirements {
local TEST_REQUIREMENTS
local REQUIREMENTS
local ANSIBLE_VERSION
ANSIBLE_VERSION="${1:-true}"
if [ "${ANSIBLE_VERSION}" == "true" ] ; then
echo "Something went wrong!"
exit 1
fi
TEST_REQUIREMENTS=$(<molecule/requirements.txt)
REQUIREMENTS=$(echo "${TEST_REQUIREMENTS}" | grep -v "requirements.txt" || true)
if [[ "${ANSIBLE_VERSION}" =~ "^v2\.10" ]] ; then
echo -e "ansible==${ANSIBLE_VERSION}\nansible-base==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
else
echo -e "ansible==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
fi
}
function make_venv {
local MOLECULE_RESULT
python3 -m venv "${TMPDIR}/${1:-ansible}"
source "${TMPDIR}/${1:-ansible}/bin/activate"
pip3 install -r "${TMPDIR}/version_requirements.txt" || true
MOLECULE_RESULT=$(molecule test | grep -E "CRITICAL|fatal:" || echo ":heavy_check_mark:")
if [ "${MOLECULE_RESULT}" != ":heavy_check_mark:" ] ; then
MOLECULE_RESULT=":x:"
fi
deactivate
echo -n "${MOLECULE_RESULT}" | tee -a /tmp/molecule_tests.md
}
function main {
echo "| Version | Result |" | tee /tmp/molecule_tests.md
echo "| --------- | ------------------ |" | tee -a /tmp/molecule_tests.md
for TEST_ANSIBLE in $(ansible_releases) ; do
echo -n "| ${TEST_ANSIBLE} | " | tee -a /tmp/molecule_tests.md
build_requirements "${TEST_ANSIBLE}" > "${TMPDIR}/version_requirements.txt"
make_venv "${TEST_ANSIBLE}"
echo " |" | tee -a /tmp/molecule_tests.md
done
}
main

20
vars/main.yml
View file

@ -3,6 +3,7 @@
# Minimum supported versions
k3s_min_version: 1.19.3
k3s_ansible_min_version: 2.9.16
k3s_python_min_version: 3.6
# Valid states for this role
k3s_valid_states:
@ -55,14 +56,26 @@ k3s_api_releases: "{{ k3s_api_url }}/v1-release/channels"
# Download location for releases
k3s_github_download_url: "{{ k3s_github_url }}/releases/download"
# Generate a runtime config dictionary for validation
k3s_runtime_config: "{{ (k3s_server | default({})) | combine (k3s_agent | default({})) }}"
# Generate a runtime config dictionary
k3s_runtime_config: "{{
(k3s_control_node is defined and k3s_control_node)
| ternary(
(k3s_server | default({})) | combine (k3s_agent | default({})),
(k3s_agent | default({})),
(k3s_server | default({})) | combine (k3s_agent | default({})))
}}"
# Determine if a cluster should be built
k3s_conf_build_cluster: "{{
not ((ansible_play_hosts_all | length < 2)
and k3s_registration_address is not defined)
}}"
# Empty array for counting the number of control plane nodes
k3s_controller_list: []
# Control plane port default
k3s_control_plane_port: 6443
k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}"
# Default to the "system" systemd context, this will be "user" when running rootless
k3s_systemd_context: system
@ -161,6 +174,7 @@ k3s_deprecated_config:
correction: "docker: false"
when: 1.20.0
# cgroup checks
k3s_cgroup_subsys:
- name: memory
documentation: |