From a88d27d2aef7b57479a9942b5d965d081bf008da Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Tue, 22 Jun 2021 20:47:58 +0100 Subject: [PATCH 1/2] feat: Remove Docker install tasks --- README.md | 1 - handlers/main.yml | 11 --- molecule/docker/converge.yml | 14 --- molecule/docker/molecule.yml | 60 ------------ molecule/docker/prepare.yml | 10 -- tasks/build/docker/amazon/install.yml | 13 --- .../archlinux/install-prerequisites.yml | 1 - tasks/build/docker/archlinux/install.yml | 16 ---- .../docker/debian/install-prerequisites.yml | 29 ------ tasks/build/docker/install.yml | 16 ---- tasks/build/docker/opensuse-leap/install.yml | 16 ---- .../docker/redhat/install-prerequisites.yml | 56 ----------- .../docker/suse/install-prerequisites.yml | 1 - tasks/build/docker/suse/install.yml | 16 ---- .../preconfigure-k3s-agent-config-yaml-d.yml | 18 ---- ...gure-k3s-auto-deploying-manifests-urls.yml | 19 ---- ...configure-k3s-auto-deploying-manifests.yml | 18 ---- ...onfigure-k3s-static-pod-manifests-urls.yml | 19 ---- .../preconfigure-k3s-static-pod-manifests.yml | 18 ---- ...text.yml => determine_systemd_context.yml} | 0 ...ure-k3s-cluster.yml => ensure_cluster.yml} | 4 +- ...s.yml => ensure_containerd_registries.yml} | 0 ...directories.yml => ensure_directories.yml} | 0 .../download-k3s.yml => ensure_downloads.yml} | 0 ....yml => ensure_drain_and_remove_nodes.yml} | 0 .../install-k3s.yml => ensure_installed.yml} | 6 +- ...k3s-node.yml => ensure_installed_node.yml} | 0 tasks/ensure_k3s_auto_deploy.yml | 62 ++++++++++++ ...yaml-d.yml => ensure_k3s_config_files.yml} | 15 ++- ...e-k3s.yml => ensure_pre_configuration.yml} | 7 -- .../start-k3s.yml => ensure_started.yml} | 0 .../stop-k3s.yml => ensure_stopped.yml} | 0 ...install-k3s.yml => ensure_uninstalled.yml} | 14 --- .../airgap-k3s.yml => ensure_uploads.yml} | 0 tasks/main.yml | 4 +- ...lane.yml => post_checks_control_plane.yml} | 0 .../state/nodes.yml => post_checks_nodes.yml} | 0 ...talled.yml => post_checks_uninstalled.yml} | 12 --- tasks/pre_checks.yml | 88 +++++++++++++++++ .../cgroups.yml => pre_checks_cgroups.yml} | 0 ...luster-init.yml => pre_checks_cluster.yml} | 0 ....yml => pre_checks_control_node_count.yml} | 0 ... => pre_checks_experimental_variables.yml} | 0 ...sue-data.yml => pre_checks_issue_data.yml} | 4 +- .../packages.yml => pre_checks_packages.yml} | 0 ...ml => pre_checks_unsupported_rootless.yml} | 0 ...variables.yml => pre_checks_variables.yml} | 0 ...get-version.yml => pre_checks_version.yml} | 1 - tasks/state-installed.yml | 94 ------------------- tasks/state-restarted.yml | 5 - tasks/state-started.yml | 3 - tasks/state-stopped.yml | 3 - tasks/state-uninstalled.yml | 25 ----- tasks/state-validated.yml | 7 -- ...te-downloaded.yml => state_downloaded.yml} | 6 +- tasks/state_installed.yml | 40 ++++++++ tasks/state_restarted.yml | 5 + tasks/state_started.yml | 3 + tasks/state_stopped.yml | 3 + tasks/state_uninstalled.yml | 10 ++ tasks/state_validated.yml | 5 + tasks/teardown/docker/amazon/uninstall.yml | 8 -- tasks/teardown/docker/archlinux/uninstall.yml | 11 --- .../docker/debian/uninstall-prerequisites.yml | 15 --- .../docker/opensuse-leap/uninstall.yml | 11 --- .../docker/redhat/uninstall-prerequisites.yml | 13 --- .../docker/suse/uninstall-prerequisites.yml | 1 - tasks/teardown/docker/suse/uninstall.yml | 11 --- tasks/teardown/docker/uninstall.yml | 14 --- tasks/validate/environment/local/packages.yml | 13 --- tasks/validate/main.yml | 24 ----- tasks/validate/post-install.yml | 5 - tasks/validate/pre-flight.yml | 27 ------ vars/main.yml | 20 +++- 74 files changed, 260 insertions(+), 691 deletions(-) delete mode 100644 molecule/docker/converge.yml delete mode 100644 molecule/docker/molecule.yml delete mode 100644 molecule/docker/prepare.yml delete mode 100644 tasks/build/docker/amazon/install.yml delete mode 100644 tasks/build/docker/archlinux/install-prerequisites.yml delete mode 100644 tasks/build/docker/archlinux/install.yml delete mode 100644 tasks/build/docker/debian/install-prerequisites.yml delete mode 100644 tasks/build/docker/install.yml delete mode 100644 tasks/build/docker/opensuse-leap/install.yml delete mode 100644 tasks/build/docker/redhat/install-prerequisites.yml delete mode 100644 tasks/build/docker/suse/install-prerequisites.yml delete mode 100644 tasks/build/docker/suse/install.yml delete mode 100644 tasks/build/preconfigure-k3s-agent-config-yaml-d.yml delete mode 100644 tasks/build/preconfigure-k3s-auto-deploying-manifests-urls.yml delete mode 100644 tasks/build/preconfigure-k3s-auto-deploying-manifests.yml delete mode 100644 tasks/build/preconfigure-k3s-static-pod-manifests-urls.yml delete mode 100644 tasks/build/preconfigure-k3s-static-pod-manifests.yml rename tasks/{build/get-systemd-context.yml => determine_systemd_context.yml} (100%) rename tasks/{build/configure-k3s-cluster.yml => ensure_cluster.yml} (96%) rename tasks/{build/containerd/registries.yml => ensure_containerd_registries.yml} (100%) rename tasks/{build/install-k3s-directories.yml => ensure_directories.yml} (100%) rename tasks/{build/download-k3s.yml => ensure_downloads.yml} (100%) rename tasks/{teardown/drain-and-remove-nodes.yml => ensure_drain_and_remove_nodes.yml} (100%) rename tasks/{build/install-k3s.yml => ensure_installed.yml} (89%) rename tasks/{build/install-k3s-node.yml => ensure_installed_node.yml} (100%) create mode 100644 tasks/ensure_k3s_auto_deploy.yml rename tasks/{build/preconfigure-k3s-server-config-yaml-d.yml => ensure_k3s_config_files.yml} (54%) rename tasks/{build/preconfigure-k3s.yml => ensure_pre_configuration.yml} (95%) rename tasks/{operate/start-k3s.yml => ensure_started.yml} (100%) rename tasks/{operate/stop-k3s.yml => ensure_stopped.yml} (100%) rename tasks/{teardown/uninstall-k3s.yml => ensure_uninstalled.yml} (77%) rename tasks/{build/airgap-k3s.yml => ensure_uploads.yml} (100%) rename tasks/{validate/state/control-plane.yml => post_checks_control_plane.yml} (100%) rename tasks/{validate/state/nodes.yml => post_checks_nodes.yml} (100%) rename tasks/{validate/state/uninstalled.yml => post_checks_uninstalled.yml} (78%) create mode 100644 tasks/pre_checks.yml rename tasks/{validate/environment/remote/cgroups.yml => pre_checks_cgroups.yml} (100%) rename tasks/{validate/configuration/cluster-init.yml => pre_checks_cluster.yml} (100%) rename tasks/{validate/configuration/control-node-count.yml => pre_checks_control_node_count.yml} (100%) rename tasks/{validate/configuration/experimental-variables.yml => pre_checks_experimental_variables.yml} (100%) rename tasks/{validate/environment/local/issue-data.yml => pre_checks_issue_data.yml} (94%) rename tasks/{validate/environment/remote/packages.yml => pre_checks_packages.yml} (100%) rename tasks/{validate/configuration/unsupported-rootless.yml => pre_checks_unsupported_rootless.yml} (100%) rename tasks/{validate/configuration/variables.yml => pre_checks_variables.yml} (100%) rename tasks/{build/get-version.yml => pre_checks_version.yml} (94%) delete mode 100644 tasks/state-installed.yml delete mode 100644 tasks/state-restarted.yml delete mode 100644 tasks/state-started.yml delete mode 100644 tasks/state-stopped.yml delete mode 100644 tasks/state-uninstalled.yml delete mode 100644 tasks/state-validated.yml rename tasks/{state-downloaded.yml => state_downloaded.yml} (56%) create mode 100644 tasks/state_installed.yml create mode 100644 tasks/state_restarted.yml create mode 100644 tasks/state_started.yml create mode 100644 tasks/state_stopped.yml create mode 100644 tasks/state_uninstalled.yml create mode 100644 tasks/state_validated.yml delete mode 100644 tasks/teardown/docker/amazon/uninstall.yml delete mode 100644 tasks/teardown/docker/archlinux/uninstall.yml delete mode 100644 tasks/teardown/docker/debian/uninstall-prerequisites.yml delete mode 100644 tasks/teardown/docker/opensuse-leap/uninstall.yml delete mode 100644 tasks/teardown/docker/redhat/uninstall-prerequisites.yml delete mode 100644 tasks/teardown/docker/suse/uninstall-prerequisites.yml delete mode 100644 tasks/teardown/docker/suse/uninstall.yml delete mode 100644 tasks/teardown/docker/uninstall.yml delete mode 100644 tasks/validate/environment/local/packages.yml delete mode 100644 tasks/validate/main.yml delete mode 100644 tasks/validate/post-install.yml delete mode 100644 tasks/validate/pre-flight.yml diff --git a/README.md b/README.md index fe33a92..404c668 100644 --- a/README.md +++ b/README.md @@ -130,7 +130,6 @@ The `k3s_server` dictionary variable will contain flags from the above ```yaml k3s_server: datastore-endpoint: postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable - docker: true cluster-cidr: 172.20.0.0/16 flannel-backend: 'none' # This needs to be in quotes disable: diff --git a/handlers/main.yml b/handlers/main.yml index 2dd40eb..1a2a8c0 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -19,14 +19,3 @@ - k3s_systemd_restart_k3s is not success - not ansible_check_mode become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" - -- name: restart docker - ansible.builtin.systemd: - name: docker - state: restarted - enabled: true - register: k3s_systemd_restart_docker - failed_when: - - k3s_systemd_restart_docker is not success - - not ansible_check_mode - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" diff --git a/molecule/docker/converge.yml b/molecule/docker/converge.yml deleted file mode 100644 index d374f19..0000000 --- a/molecule/docker/converge.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - vars: - molecule_is_test: true - k3s_server: - https-listen-port: 26443 - cluster-domain: examplecluster.local - k3s_agent: - docker: true - snapshotter: native - roles: - - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/docker/molecule.yml b/molecule/docker/molecule.yml deleted file mode 100644 index 1b313e9..0000000 --- a/molecule/docker/molecule.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- - -dependency: - name: galaxy -driver: - name: docker -scenario: - test_sequence: - - dependency - - lint - - cleanup - - destroy - - syntax - - create - - prepare - - check - - converge - - idempotence - - side_effect - - verify - - cleanup - - destroy -lint: | - set -e - yamllint -s . - ansible-lint --exclude molecule/ -platforms: - - name: node1 - image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} - networks: - - name: k3snet - - name: node2 - image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} - networks: - - name: k3snet - - name: node3 - image: "${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} - networks: - - name: k3snet -provisioner: - name: ansible - options: - verbose: true -verifier: - name: ansible diff --git a/molecule/docker/prepare.yml b/molecule/docker/prepare.yml deleted file mode 100644 index 5ae730a..0000000 --- a/molecule/docker/prepare.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Ensure apt cache is updated and iptables is installed - ansible.builtin.apt: - name: iptables - state: present - update_cache: true - when: ansible_pkg_mgr == 'apt' diff --git a/tasks/build/docker/amazon/install.yml b/tasks/build/docker/amazon/install.yml deleted file mode 100644 index 3197393..0000000 --- a/tasks/build/docker/amazon/install.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Ensure docker is installed using amazon-linux-extras - ansible.builtin.command: - cmd: amazon-linux-extras install docker - args: - creates: /etc/docker - notify: - - restart docker - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Flush Handlers - meta: flush_handlers diff --git a/tasks/build/docker/archlinux/install-prerequisites.yml b/tasks/build/docker/archlinux/install-prerequisites.yml deleted file mode 100644 index ed97d53..0000000 --- a/tasks/build/docker/archlinux/install-prerequisites.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/tasks/build/docker/archlinux/install.yml b/tasks/build/docker/archlinux/install.yml deleted file mode 100644 index 5e63d6c..0000000 --- a/tasks/build/docker/archlinux/install.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Ensure docker is installed using Pacman - community.general.pacman: - name: docker - state: present - register: ensure_docker_prerequisites_installed - until: ensure_docker_prerequisites_installed is succeeded - retries: 3 - delay: 10 - notify: - - restart docker - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Flush Handlers - meta: flush_handlers diff --git a/tasks/build/docker/debian/install-prerequisites.yml b/tasks/build/docker/debian/install-prerequisites.yml deleted file mode 100644 index 8f94823..0000000 --- a/tasks/build/docker/debian/install-prerequisites.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Ensure Docker prerequisites are installed - ansible.builtin.apt: - name: - - apt-transport-https - - ca-certificates - - curl - - "{{ 'gnupg2' if k3s_os_distribution == 'debian' else 'gnupg-agent' }}" - - software-properties-common - state: present - register: ensure_docker_prerequisites_installed - until: ensure_docker_prerequisites_installed is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Ensure Docker APT key is present - ansible.builtin.apt_key: - url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg - state: present - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Ensure Docker repository is installed and configured - ansible.builtin.apt_repository: - filename: docker-ce - repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable" - update_cache: true - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/docker/install.yml b/tasks/build/docker/install.yml deleted file mode 100644 index 27fe287..0000000 --- a/tasks/build/docker/install.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Ensure docker is installed - ansible.builtin.package: - name: - - docker-ce - - docker-ce-cli - - containerd.io - state: present - register: ensure_docker_installed - until: ensure_docker_installed is succeeded - retries: 3 - delay: 10 - notify: - - restart docker - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/docker/opensuse-leap/install.yml b/tasks/build/docker/opensuse-leap/install.yml deleted file mode 100644 index 91b923d..0000000 --- a/tasks/build/docker/opensuse-leap/install.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Ensure docker is installed using Zypper - community.general.zypper: - name: docker - state: present - register: ensure_docker_prerequisites_installed - until: ensure_docker_prerequisites_installed is succeeded - retries: 3 - delay: 10 - notify: - - restart docker - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Flush Handlers - meta: flush_handlers diff --git a/tasks/build/docker/redhat/install-prerequisites.yml b/tasks/build/docker/redhat/install-prerequisites.yml deleted file mode 100644 index 92ea749..0000000 --- a/tasks/build/docker/redhat/install-prerequisites.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- - -- name: Ensure python-dnf is installed - ansible.builtin.package: - name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}" - state: present - register: ensure_python_dnf_installed - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - until: ensure_python_dnf_installed is succeeded - retries: 3 - delay: 10 - when: ansible_pkg_mgr == 'dnf' - -- name: Ensure Docker prerequisites are installed - ansible.builtin.yum: - name: - - yum-utils - - device-mapper-persistent-data - - lvm2 - state: present - register: ensure_docker_prerequisites_installed - until: ensure_docker_prerequisites_installed is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Check to see if Docker repository is available for this distribution - ansible.builtin.uri: - url: "https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}" - register: k3s_redhat_repo_check - failed_when: false - changed_when: false - -- name: Ensure Docker repository is installed and configured - ansible.builtin.yum_repository: - name: docker-ce - description: Docker CE Repository - baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable - gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg - enabled: true - gpgcheck: true - state: present - when: - - k3s_os_distribution not in ['amazon'] - - k3s_redhat_repo_check.status == 200 - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Ensure Docker repository is installed and configured from file - ansible.builtin.command: - cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo - args: - creates: /etc/yum.repos.d/docker-ce.repo - when: - - k3s_os_distribution not in ['amazon'] - - k3s_redhat_repo_check.status != 200 - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/docker/suse/install-prerequisites.yml b/tasks/build/docker/suse/install-prerequisites.yml deleted file mode 100644 index ed97d53..0000000 --- a/tasks/build/docker/suse/install-prerequisites.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/tasks/build/docker/suse/install.yml b/tasks/build/docker/suse/install.yml deleted file mode 100644 index 91b923d..0000000 --- a/tasks/build/docker/suse/install.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Ensure docker is installed using Zypper - community.general.zypper: - name: docker - state: present - register: ensure_docker_prerequisites_installed - until: ensure_docker_prerequisites_installed is succeeded - retries: 3 - delay: 10 - notify: - - restart docker - become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}" - -- name: Flush Handlers - meta: flush_handlers diff --git a/tasks/build/preconfigure-k3s-agent-config-yaml-d.yml b/tasks/build/preconfigure-k3s-agent-config-yaml-d.yml deleted file mode 100644 index 62e29fb..0000000 --- a/tasks/build/preconfigure-k3s-agent-config-yaml-d.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: Ensure that the config.yaml.d directory exists - ansible.builtin.file: - state: directory - path: "{{ k3s_config_yaml_d_dir }}" - mode: 0755 - when: k3s_agent_config_yaml_d_files | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - -# https://github.com/k3s-io/k3s/pull/3162 -- name: Ensure configuration files are copied to agents - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}" - mode: 0644 - loop: "{{ k3s_agent_config_yaml_d_files }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/preconfigure-k3s-auto-deploying-manifests-urls.yml b/tasks/build/preconfigure-k3s-auto-deploying-manifests-urls.yml deleted file mode 100644 index 1249cb2..0000000 --- a/tasks/build/preconfigure-k3s-auto-deploying-manifests-urls.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -- name: Ensure that the manifests directory exists - ansible.builtin.file: - state: directory - path: "{{ k3s_server_manifests_dir }}" - mode: 0755 - when: k3s_server_manifests_urls | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - -# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests -- name: Ensure auto-deploying manifests are downloaded to the primary controller - ansible.builtin.get_url: - url: "{{ item.url }}" - dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}" - mode: 0644 - loop: "{{ k3s_server_manifests_urls }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - when: not ansible_check_mode diff --git a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml deleted file mode 100644 index eb90a01..0000000 --- a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: Ensure that the manifests directory exists - ansible.builtin.file: - state: directory - path: "{{ k3s_server_manifests_dir }}" - mode: 0755 - when: k3s_server_manifests_templates | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - -# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests -- name: Ensure auto-deploying manifests are copied to the primary controller - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}" - mode: 0644 - loop: "{{ k3s_server_manifests_templates }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/preconfigure-k3s-static-pod-manifests-urls.yml b/tasks/build/preconfigure-k3s-static-pod-manifests-urls.yml deleted file mode 100644 index ef75902..0000000 --- a/tasks/build/preconfigure-k3s-static-pod-manifests-urls.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -- name: Ensure that the pod-manifests directory exists - ansible.builtin.file: - state: directory - path: "{{ k3s_server_pod_manifests_dir }}" - mode: 0755 - when: k3s_server_pod_manifests_urls | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - -# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests -- name: Ensure auto-deploying manifests are downloaded to the primary controller - ansible.builtin.get_url: - url: "{{ item.url }}" - dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}" - mode: 0644 - loop: "{{ k3s_server_pod_manifests_urls }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - when: not ansible_check_mode diff --git a/tasks/build/preconfigure-k3s-static-pod-manifests.yml b/tasks/build/preconfigure-k3s-static-pod-manifests.yml deleted file mode 100644 index 0a1fcba..0000000 --- a/tasks/build/preconfigure-k3s-static-pod-manifests.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: Ensure that the pod-manifests directory exists - ansible.builtin.file: - state: directory - path: "{{ k3s_server_pod_manifests_dir }}" - mode: 0755 - when: k3s_server_pod_manifests_templates | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" - -# https://github.com/k3s-io/k3s/pull/1691 -- name: Ensure static pod manifests are copied to controllers - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}" - mode: 0644 - loop: "{{ k3s_server_pod_manifests_templates }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/build/get-systemd-context.yml b/tasks/determine_systemd_context.yml similarity index 100% rename from tasks/build/get-systemd-context.yml rename to tasks/determine_systemd_context.yml diff --git a/tasks/build/configure-k3s-cluster.yml b/tasks/ensure_cluster.yml similarity index 96% rename from tasks/build/configure-k3s-cluster.yml rename to tasks/ensure_cluster.yml index 77e62c2..4e4e8a9 100644 --- a/tasks/build/configure-k3s-cluster.yml +++ b/tasks/ensure_cluster.yml @@ -74,11 +74,11 @@ - not k3s_primary_control_node become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" -- import_tasks: ../validate/state/control-plane.yml +- import_tasks: post_checks_control_plane.yml when: not k3s_skip_validation - name: Flush Handlers meta: flush_handlers -- import_tasks: ../validate/state/nodes.yml +- import_tasks: post_checks_nodes.yml when: not k3s_skip_validation diff --git a/tasks/build/containerd/registries.yml b/tasks/ensure_containerd_registries.yml similarity index 100% rename from tasks/build/containerd/registries.yml rename to tasks/ensure_containerd_registries.yml diff --git a/tasks/build/install-k3s-directories.yml b/tasks/ensure_directories.yml similarity index 100% rename from tasks/build/install-k3s-directories.yml rename to tasks/ensure_directories.yml diff --git a/tasks/build/download-k3s.yml b/tasks/ensure_downloads.yml similarity index 100% rename from tasks/build/download-k3s.yml rename to tasks/ensure_downloads.yml diff --git a/tasks/teardown/drain-and-remove-nodes.yml b/tasks/ensure_drain_and_remove_nodes.yml similarity index 100% rename from tasks/teardown/drain-and-remove-nodes.yml rename to tasks/ensure_drain_and_remove_nodes.yml diff --git a/tasks/build/install-k3s.yml b/tasks/ensure_installed.yml similarity index 89% rename from tasks/build/install-k3s.yml rename to tasks/ensure_installed.yml index 202aaf4..a794802 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/ensure_installed.yml @@ -1,11 +1,11 @@ --- -- include_tasks: install-k3s-directories.yml +- include_tasks: ensure_directories.yml loop: "{{ k3s_ensure_directories_exist }}" loop_control: loop_var: directory -- include_tasks: install-k3s-node.yml +- include_tasks: ensure_installed_node.yml when: - ((k3s_control_node and k3s_controller_list | length == 1) or (k3s_primary_control_node and k3s_controller_list | length > 1)) @@ -14,7 +14,7 @@ - name: Flush Handlers meta: flush_handlers -- include_tasks: install-k3s-node.yml +- include_tasks: ensure_installed_node.yml when: k3s_build_cluster - name: Determine if the systems are already clustered diff --git a/tasks/build/install-k3s-node.yml b/tasks/ensure_installed_node.yml similarity index 100% rename from tasks/build/install-k3s-node.yml rename to tasks/ensure_installed_node.yml diff --git a/tasks/ensure_k3s_auto_deploy.yml b/tasks/ensure_k3s_auto_deploy.yml new file mode 100644 index 0000000..c15bd8b --- /dev/null +++ b/tasks/ensure_k3s_auto_deploy.yml @@ -0,0 +1,62 @@ +--- + +- name: Ensure that the manifests directory exists + ansible.builtin.file: + state: directory + path: "{{ k3s_server_manifests_dir }}" + mode: 0755 + when: >- + k3s_server_manifests_templates | length > 0 + or k3s_server_manifests_urls | length > 0 + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + +- name: Ensure that the pod-manifests directory exists + ansible.builtin.file: + state: directory + path: "{{ k3s_server_pod_manifests_dir }}" + mode: 0755 + when: >- + k3s_server_pod_manifests_templates | length > 0 + or k3s_server_pod_manifests_urls | length > 0 + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + +# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests +- name: Ensure auto-deploying manifests are copied to the primary controller + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}" + mode: 0644 + loop: "{{ k3s_server_manifests_templates }}" + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + when: + - k3s_server_manifests_templates | length > 0 + +- name: Ensure auto-deploying manifests are downloaded to the primary controller + ansible.builtin.get_url: + url: "{{ item.url }}" + dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}" + mode: 0644 + loop: "{{ k3s_server_manifests_urls }}" + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + when: + - not ansible_check_mode + - k3s_server_manifests_urls | length > 0 + +# https://github.com/k3s-io/k3s/pull/1691 +- name: Ensure static pod manifests are copied to controllers + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}" + mode: 0644 + loop: "{{ k3s_server_pod_manifests_templates }}" + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + +# https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests +- name: Ensure auto-deploying manifests are downloaded to the primary controller + ansible.builtin.get_url: + url: "{{ item.url }}" + dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}" + mode: 0644 + loop: "{{ k3s_server_pod_manifests_urls }}" + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + when: not ansible_check_mode diff --git a/tasks/build/preconfigure-k3s-server-config-yaml-d.yml b/tasks/ensure_k3s_config_files.yml similarity index 54% rename from tasks/build/preconfigure-k3s-server-config-yaml-d.yml rename to tasks/ensure_k3s_config_files.yml index efee36d..4f5db82 100644 --- a/tasks/build/preconfigure-k3s-server-config-yaml-d.yml +++ b/tasks/ensure_k3s_config_files.yml @@ -5,7 +5,9 @@ state: directory path: "{{ k3s_config_yaml_d_dir }}" mode: 0755 - when: k3s_server_config_yaml_d_files | length > 0 + when: >- + k3s_server_config_yaml_d_files | length > 0 + or k3s_agent_config_yaml_d_files | length > 0 become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" # https://github.com/k3s-io/k3s/pull/3162 @@ -16,3 +18,14 @@ mode: 0644 loop: "{{ k3s_server_config_yaml_d_files }}" become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + when: k3s_control_node + +# https://github.com/k3s-io/k3s/pull/3162 +- name: Ensure configuration files are copied to agents + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}" + mode: 0644 + loop: "{{ k3s_agent_config_yaml_d_files }}" + become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + when: not k3s_control_node diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/ensure_pre_configuration.yml similarity index 95% rename from tasks/build/preconfigure-k3s.yml rename to tasks/ensure_pre_configuration.yml index ebf6da8..c106c1e 100644 --- a/tasks/build/preconfigure-k3s.yml +++ b/tasks/ensure_pre_configuration.yml @@ -127,10 +127,3 @@ when: k3s_registration_address is not defined or k3s_control_delegate is not defined - -- name: Ensure k3s_runtime_config is set for agents - ansible.builtin.set_fact: - k3s_runtime_config: "{{ (k3s_agent | default({})) }}" - when: - - k3s_agent is defined - - (k3s_control_node is not defined or not k3s_control_node) diff --git a/tasks/operate/start-k3s.yml b/tasks/ensure_started.yml similarity index 100% rename from tasks/operate/start-k3s.yml rename to tasks/ensure_started.yml diff --git a/tasks/operate/stop-k3s.yml b/tasks/ensure_stopped.yml similarity index 100% rename from tasks/operate/stop-k3s.yml rename to tasks/ensure_stopped.yml diff --git a/tasks/teardown/uninstall-k3s.yml b/tasks/ensure_uninstalled.yml similarity index 77% rename from tasks/teardown/uninstall-k3s.yml rename to tasks/ensure_uninstalled.yml index daca722..c488f1b 100644 --- a/tasks/teardown/uninstall-k3s.yml +++ b/tasks/ensure_uninstalled.yml @@ -10,13 +10,6 @@ path: /usr/local/bin/k3s-uninstall.sh register: check_k3s_uninstall_script -- name: Check to see if docker is present - ansible.builtin.command: - cmd: which docker - failed_when: false - changed_when: false - register: check_k3s_docker_path - - name: Run k3s-killall.sh ansible.builtin.command: cmd: /usr/local/bin/k3s-killall.sh @@ -47,10 +40,3 @@ - k3s_install_hard_links - not ansible_check_mode become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" - -- name: Clean up Docker - ansible.builtin.command: - cmd: docker system prune -a --force - when: - - ("docker" in k3s_runtime_config and k3s_runtime_config.docker) - - check_k3s_docker_path.rc == 0 diff --git a/tasks/build/airgap-k3s.yml b/tasks/ensure_uploads.yml similarity index 100% rename from tasks/build/airgap-k3s.yml rename to tasks/ensure_uploads.yml diff --git a/tasks/main.yml b/tasks/main.yml index bcefc18..d6a2bcc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,5 +1,5 @@ --- -- import_tasks: validate/pre-flight.yml +- import_tasks: pre_checks.yml -- include_tasks: state-{{ (k3s_state | lower) | default('installed') }}.yml +- include_tasks: state_{{ (k3s_state | lower) | default('installed') }}.yml diff --git a/tasks/validate/state/control-plane.yml b/tasks/post_checks_control_plane.yml similarity index 100% rename from tasks/validate/state/control-plane.yml rename to tasks/post_checks_control_plane.yml diff --git a/tasks/validate/state/nodes.yml b/tasks/post_checks_nodes.yml similarity index 100% rename from tasks/validate/state/nodes.yml rename to tasks/post_checks_nodes.yml diff --git a/tasks/validate/state/uninstalled.yml b/tasks/post_checks_uninstalled.yml similarity index 78% rename from tasks/validate/state/uninstalled.yml rename to tasks/post_checks_uninstalled.yml index abaa624..8b125fb 100644 --- a/tasks/validate/state/uninstalled.yml +++ b/tasks/post_checks_uninstalled.yml @@ -9,18 +9,6 @@ changed_when: false register: check_k3s_process -- name: Check that docker is not running - ansible.builtin.command: - cmd: pgrep docker - failed_when: - - check_k3s_docker_process.rc == 0 - - not ansible_check_mode - changed_when: false - register: check_k3s_docker_process - when: - - k3s_runtime_config.docker is defined - - k3s_runtime_config.docker - - name: Fail if k3s binaries have not been removed ansible.builtin.stat: path: "{{ k3s_install_dir }}/{{ item }}" diff --git a/tasks/pre_checks.yml b/tasks/pre_checks.yml new file mode 100644 index 0000000..35d5d36 --- /dev/null +++ b/tasks/pre_checks.yml @@ -0,0 +1,88 @@ +--- + +- name: Check that k3s_state is a supported value + ansible.builtin.assert: + that: + - k3s_state in k3s_valid_states + fail_msg: "k3s_state not valid. Check README.md for details." + success_msg: "k3s_state is valid." + when: k3s_state is defined + +- name: Check that Ansible v{{ ansible_version.string }} is supported by this role + ansible.builtin.assert: + that: + - ansible_version.string is version_compare(k3s_ansible_min_version, '>=') + fail_msg: >- + Ansible v{{ ansible_version.string }} is not supported by this role. + Please install >= v{{ k3s_ansible_min_version }}. + success_msg: "Ansible v{{ ansible_version.string }} is supported." + become: false + delegate_to: localhost + run_once: true + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + +- name: Check that Python v{{ ansible_python_version }} is supported by this role + ansible.builtin.assert: + that: + - ansible_python_version is version_compare(k3s_python_min_version, '>=') + fail_msg: >- + Python v{{ ansible_python_version }} is not supported by this role. + Please install >= v{{ k3s_python_min_version }}. + success_msg: "Python v{{ ansible_python_version }} is supported." + become: false + delegate_to: localhost + run_once: true + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + +- include_tasks: pre_checks_version.yml + when: + - (k3s_release_version is not defined + or not k3s_release_version + or k3s_release_version is not regex('\\+k3s[1-9]$')) + - not k3s_airgap + +- include_tasks: pre_checks_cgroups.yml + loop: "{{ k3s_cgroup_subsys }}" + loop_control: + loop_var: cgroup + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + +- include_tasks: pre_checks_packages.yml + loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}" + loop_control: + loop_var: package + when: + - not k3s_skip_validation + - not k3s_skip_env_checks + - k3s_check_packages[k3s_os_distribution_version] is defined + +- include_tasks: pre_checks_issue_data.yml + when: + - pyratlabs_issue_controller_dump is defined + - pyratlabs_issue_controller_dump + +- import_tasks: pre_checks_variables.yml + when: + - not k3s_skip_validation + +- import_tasks: pre_checks_experimental_variables.yml + when: + - not k3s_skip_validation + +- import_tasks: pre_checks_unsupported_rootless.yml + when: + - k3s_runtime_config.rootless is defined + - k3s_runtime_config.rootless + - not k3s_skip_validation + +- import_tasks: pre_checks_control_node_count.yml + when: + - k3s_build_cluster is defined + - k3s_build_cluster + - not k3s_skip_validation diff --git a/tasks/validate/environment/remote/cgroups.yml b/tasks/pre_checks_cgroups.yml similarity index 100% rename from tasks/validate/environment/remote/cgroups.yml rename to tasks/pre_checks_cgroups.yml diff --git a/tasks/validate/configuration/cluster-init.yml b/tasks/pre_checks_cluster.yml similarity index 100% rename from tasks/validate/configuration/cluster-init.yml rename to tasks/pre_checks_cluster.yml diff --git a/tasks/validate/configuration/control-node-count.yml b/tasks/pre_checks_control_node_count.yml similarity index 100% rename from tasks/validate/configuration/control-node-count.yml rename to tasks/pre_checks_control_node_count.yml diff --git a/tasks/validate/configuration/experimental-variables.yml b/tasks/pre_checks_experimental_variables.yml similarity index 100% rename from tasks/validate/configuration/experimental-variables.yml rename to tasks/pre_checks_experimental_variables.yml diff --git a/tasks/validate/environment/local/issue-data.yml b/tasks/pre_checks_issue_data.yml similarity index 94% rename from tasks/validate/environment/local/issue-data.yml rename to tasks/pre_checks_issue_data.yml index 7493875..60421ba 100644 --- a/tasks/validate/environment/local/issue-data.yml +++ b/tasks/pre_checks_issue_data.yml @@ -80,6 +80,8 @@ - name: Fail the play ansible.builtin.fail: - msg: "Please include the output of {{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report." + msg: >- + Please include the output of + {{ playbook_dir }}/pyratlabs-issue-dump.txt in your bug report. delegate_to: localhost run_once: true diff --git a/tasks/validate/environment/remote/packages.yml b/tasks/pre_checks_packages.yml similarity index 100% rename from tasks/validate/environment/remote/packages.yml rename to tasks/pre_checks_packages.yml diff --git a/tasks/validate/configuration/unsupported-rootless.yml b/tasks/pre_checks_unsupported_rootless.yml similarity index 100% rename from tasks/validate/configuration/unsupported-rootless.yml rename to tasks/pre_checks_unsupported_rootless.yml diff --git a/tasks/validate/configuration/variables.yml b/tasks/pre_checks_variables.yml similarity index 100% rename from tasks/validate/configuration/variables.yml rename to tasks/pre_checks_variables.yml diff --git a/tasks/build/get-version.yml b/tasks/pre_checks_version.yml similarity index 94% rename from tasks/build/get-version.yml rename to tasks/pre_checks_version.yml index 921ab85..9969c54 100644 --- a/tasks/build/get-version.yml +++ b/tasks/pre_checks_version.yml @@ -1,6 +1,5 @@ --- -# TODO: Prevent or circumvent versioning when k3s_airgap - name: Ensure k3s_release_version is set to default if false ansible.builtin.set_fact: k3s_release_version: "{{ k3s_release_channel }}" diff --git a/tasks/state-installed.yml b/tasks/state-installed.yml deleted file mode 100644 index a8bf33f..0000000 --- a/tasks/state-installed.yml +++ /dev/null @@ -1,94 +0,0 @@ ---- - -- import_tasks: build/preconfigure-k3s.yml - -- import_tasks: teardown/drain-and-remove-nodes.yml - -- import_tasks: build/get-version.yml - when: - - k3s_release_version is not defined - or not k3s_release_version - or k3s_release_version is not regex('\\+k3s[1-9]$') - - not k3s_airgap - -- import_tasks: validate/main.yml - when: not k3s_skip_validation - -- import_tasks: build/get-systemd-context.yml - -- name: Ensure docker installation tasks are run - block: - - - include_tasks: build/docker/{{ k3s_os_family }}/install-prerequisites.yml - - - import_tasks: build/docker/install.yml - when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux'] - - - include_tasks: build/docker/{{ k3s_os_distribution }}/install.yml - when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux'] - - when: - - ('docker' in k3s_runtime_config and k3s_runtime_config.docker) - - ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless) - -- name: Flush Handlers - meta: flush_handlers - -- import_tasks: build/download-k3s.yml - when: - - not k3s_airgap - -- import_tasks: build/airgap-k3s.yml - when: - - k3s_airgap - -- import_tasks: build/preconfigure-k3s-auto-deploying-manifests.yml - when: - - k3s_primary_control_node - - k3s_server_manifests_templates | length > 0 - -- import_tasks: build/preconfigure-k3s-auto-deploying-manifests-urls.yml - when: - - k3s_primary_control_node - - k3s_server_manifests_urls | length > 0 - -- import_tasks: build/preconfigure-k3s-static-pod-manifests.yml - when: - - k3s_control_node - - k3s_server_pod_manifests_templates | length > 0 - -- import_tasks: build/preconfigure-k3s-static-pod-manifests-urls.yml - when: - - k3s_control_node - - k3s_server_pod_manifests_urls | length > 0 - -- import_tasks: build/preconfigure-k3s-server-config-yaml-d.yml - when: - - k3s_control_node - - k3s_server_config_yaml_d_files | length > 0 - -- import_tasks: build/preconfigure-k3s-agent-config-yaml-d.yml - when: - - not k3s_control_node - - k3s_agent_config_yaml_d_files | length > 0 - -- import_tasks: build/install-k3s.yml - -- name: Ensure containerd installation tasks are run - block: - - include_tasks: build/containerd/registries.yml - when: - - k3s_registries is defined - - (k3s_runtime_config.docker is not defined or not k3s_runtime_config.docker) - - ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless) - -- include_tasks: validate/configuration/cluster-init.yml - when: - - k3s_control_delegate is defined - - k3s_control_delegate == inventory_hostname - -- import_tasks: build/configure-k3s-cluster.yml - when: - - k3s_build_cluster is defined - - k3s_build_cluster - - k3s_registration_address is defined diff --git a/tasks/state-restarted.yml b/tasks/state-restarted.yml deleted file mode 100644 index 85186a8..0000000 --- a/tasks/state-restarted.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -- import_tasks: operate/stop-k3s.yml - -- import_tasks: operate/start-k3s.yml diff --git a/tasks/state-started.yml b/tasks/state-started.yml deleted file mode 100644 index 5441988..0000000 --- a/tasks/state-started.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- - -- import_tasks: operate/start-k3s.yml diff --git a/tasks/state-stopped.yml b/tasks/state-stopped.yml deleted file mode 100644 index af1e1bd..0000000 --- a/tasks/state-stopped.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- - -- import_tasks: operate/stop-k3s.yml diff --git a/tasks/state-uninstalled.yml b/tasks/state-uninstalled.yml deleted file mode 100644 index 3dd2427..0000000 --- a/tasks/state-uninstalled.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- - -- import_tasks: build/preconfigure-k3s.yml - -- import_tasks: teardown/drain-and-remove-nodes.yml - -- import_tasks: teardown/uninstall-k3s.yml - -- name: Ensure docker uninstall tasks are run - block: - - - import_tasks: teardown/docker/uninstall.yml - when: k3s_os_distribution not in ['amazon', 'suse', 'opensuse-leap', 'archlinux'] - - - include_tasks: teardown/docker/{{ k3s_os_distribution }}/uninstall.yml - when: k3s_os_distribution in ['amazon', 'suse', 'opensuse-leap', 'archlinux'] - - - include_tasks: teardown/docker/{{ k3s_os_family }}/uninstall-prerequisites.yml - - when: - - ('docker' in k3s_runtime_config and k3s_runtime_config.docker) - - ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless) - -- import_tasks: validate/state/uninstalled.yml - when: not k3s_skip_validation diff --git a/tasks/state-validated.yml b/tasks/state-validated.yml deleted file mode 100644 index a94e0b3..0000000 --- a/tasks/state-validated.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- import_tasks: validate/pre-flight.yml - -- import_tasks: validate/main.yml - -- import_tasks: validate/post-install.yml diff --git a/tasks/state-downloaded.yml b/tasks/state_downloaded.yml similarity index 56% rename from tasks/state-downloaded.yml rename to tasks/state_downloaded.yml index 60872ca..0fa4aa6 100644 --- a/tasks/state-downloaded.yml +++ b/tasks/state_downloaded.yml @@ -1,12 +1,12 @@ --- -- import_tasks: build/get-version.yml +- import_tasks: pre_checks_version.yml when: - k3s_release_version is not defined or not k3s_release_version - not k3s_airgap -- import_tasks: build/download-k3s.yml +- import_tasks: ensure_downloads.yml when: not k3s_airgap -- import_tasks: build/airgap-k3s.yml +- import_tasks: ensure_uploads.yml when: k3s_airgap diff --git a/tasks/state_installed.yml b/tasks/state_installed.yml new file mode 100644 index 0000000..1517fa5 --- /dev/null +++ b/tasks/state_installed.yml @@ -0,0 +1,40 @@ +--- + +- import_tasks: ensure_pre_configuration.yml + +- import_tasks: ensure_drain_and_remove_nodes.yml + +- import_tasks: determine_systemd_context.yml + +- name: Flush Handlers + meta: flush_handlers + +- import_tasks: ensure_downloads.yml + when: not k3s_airgap + +- import_tasks: ensure_uploads.yml + when: k3s_airgap + +- import_tasks: ensure_k3s_auto_deploy.yml + when: + - k3s_primary_control_node + +- import_tasks: ensure_k3s_config_files.yml + +- import_tasks: ensure_installed.yml + +- include_tasks: ensure_containerd_registries.yml + when: + - k3s_registries is defined + - ('rootless' not in k3s_runtime_config or not k3s_runtime_config.rootless) + +- include_tasks: pre_checks_cluster.yml + when: + - k3s_control_delegate is defined + - k3s_control_delegate == inventory_hostname + +- import_tasks: ensure_cluster.yml + when: + - k3s_build_cluster is defined + - k3s_build_cluster + - k3s_registration_address is defined diff --git a/tasks/state_restarted.yml b/tasks/state_restarted.yml new file mode 100644 index 0000000..aad3186 --- /dev/null +++ b/tasks/state_restarted.yml @@ -0,0 +1,5 @@ +--- + +- import_tasks: ensure_stopped.yml + +- import_tasks: ensure_started.yml diff --git a/tasks/state_started.yml b/tasks/state_started.yml new file mode 100644 index 0000000..c978419 --- /dev/null +++ b/tasks/state_started.yml @@ -0,0 +1,3 @@ +--- + +- import_tasks: ensure_started.yml diff --git a/tasks/state_stopped.yml b/tasks/state_stopped.yml new file mode 100644 index 0000000..d8ddc3a --- /dev/null +++ b/tasks/state_stopped.yml @@ -0,0 +1,3 @@ +--- + +- import_tasks: ensure_stopped.yml diff --git a/tasks/state_uninstalled.yml b/tasks/state_uninstalled.yml new file mode 100644 index 0000000..fea45dc --- /dev/null +++ b/tasks/state_uninstalled.yml @@ -0,0 +1,10 @@ +--- + +- import_tasks: ensure_pre_configuration.yml + +- import_tasks: ensure_drain_and_remove_nodes.yml + +- import_tasks: ensure_uninstalled.yml + +- import_tasks: post_checks_uninstalled.yml + when: not k3s_skip_validation diff --git a/tasks/state_validated.yml b/tasks/state_validated.yml new file mode 100644 index 0000000..b831ee1 --- /dev/null +++ b/tasks/state_validated.yml @@ -0,0 +1,5 @@ +--- + +- import_tasks: post_checks_control_plane.yml + +- import_tasks: post_checks_nodes.yml diff --git a/tasks/teardown/docker/amazon/uninstall.yml b/tasks/teardown/docker/amazon/uninstall.yml deleted file mode 100644 index 3e800fc..0000000 --- a/tasks/teardown/docker/amazon/uninstall.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- - -- name: Ensure docker is uninstalled using amazon-linux-extras - ansible.builtin.command: - cmd: amazon-linux-extras uninstall docker - register: uninstall_docker_from_amazon_linux - changed_when: uninstall_docker_from_amazon_linux.rc == 0 - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/archlinux/uninstall.yml b/tasks/teardown/docker/archlinux/uninstall.yml deleted file mode 100644 index 507a427..0000000 --- a/tasks/teardown/docker/archlinux/uninstall.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: Ensure docker is uninstalled using Pacman - community.general.pacman: - name: docker - state: absent - register: ensure_docker_uninstalled - until: ensure_docker_uninstalled is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/debian/uninstall-prerequisites.yml b/tasks/teardown/docker/debian/uninstall-prerequisites.yml deleted file mode 100644 index 3652abe..0000000 --- a/tasks/teardown/docker/debian/uninstall-prerequisites.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- - -- name: Ensure Docker repository is uninstalled - ansible.builtin.apt_repository: - filename: docker-ce - repo: "deb https://download.docker.com/linux/{{ k3s_os_distribution }} {{ ansible_distribution_release }} stable" - update_cache: false - state: absent - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" - -- name: Ensure Docker APT key is uninstalled - ansible.builtin.apt_key: - url: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg - state: absent - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/opensuse-leap/uninstall.yml b/tasks/teardown/docker/opensuse-leap/uninstall.yml deleted file mode 100644 index d025359..0000000 --- a/tasks/teardown/docker/opensuse-leap/uninstall.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: Ensure docker is installed using Zypper - community.general.zypper: - name: docker - state: absent - register: ensure_docker_uninstalled - until: ensure_docker_uninstalled is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/redhat/uninstall-prerequisites.yml b/tasks/teardown/docker/redhat/uninstall-prerequisites.yml deleted file mode 100644 index 48b6ab9..0000000 --- a/tasks/teardown/docker/redhat/uninstall-prerequisites.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Ensure Docker repository is removed - ansible.builtin.yum_repository: - name: docker-ce - description: Docker CE Repository - baseurl: https://download.docker.com/linux/{{ k3s_os_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable - gpgkey: https://download.docker.com/linux/{{ k3s_os_distribution }}/gpg - enabled: false - gpgcheck: true - state: absent - when: k3s_os_distribution not in ['amazon'] - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/suse/uninstall-prerequisites.yml b/tasks/teardown/docker/suse/uninstall-prerequisites.yml deleted file mode 100644 index ed97d53..0000000 --- a/tasks/teardown/docker/suse/uninstall-prerequisites.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/tasks/teardown/docker/suse/uninstall.yml b/tasks/teardown/docker/suse/uninstall.yml deleted file mode 100644 index e967559..0000000 --- a/tasks/teardown/docker/suse/uninstall.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: Ensure docker is uninstalled using Zypper - community.general.zypper: - name: docker - state: absent - register: ensure_docker_uninstalled - until: ensure_docker_uninstalled is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/teardown/docker/uninstall.yml b/tasks/teardown/docker/uninstall.yml deleted file mode 100644 index 736cd38..0000000 --- a/tasks/teardown/docker/uninstall.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Ensure docker is uninstalled - ansible.builtin.package: - name: - - docker-ce - - docker-ce-cli - - containerd.io - state: absent - register: ensure_docker_uninstalled - until: ensure_docker_uninstalled is succeeded - retries: 3 - delay: 10 - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" diff --git a/tasks/validate/environment/local/packages.yml b/tasks/validate/environment/local/packages.yml deleted file mode 100644 index d0d99b1..0000000 --- a/tasks/validate/environment/local/packages.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Check that Ansible v{{ ansible_version.string }} is supported by this role - ansible.builtin.assert: - that: - - ansible_version.string is version_compare(k3s_ansible_min_version, '>=') - fail_msg: >- - Ansible v{{ ansible_version.string }} is not supported by this role. - Please install >= v{{ k3s_ansible_min_version }}. - success_msg: "Ansible v{{ ansible_version.string }} is supported." - become: false - delegate_to: localhost - run_once: true diff --git a/tasks/validate/main.yml b/tasks/validate/main.yml deleted file mode 100644 index 1ee2a09..0000000 --- a/tasks/validate/main.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- - -- include_tasks: environment/remote/packages.yml - loop: "{{ k3s_check_packages[k3s_os_distribution_version] }}" - loop_control: - loop_var: package - when: - - not k3s_skip_validation - - not k3s_skip_env_checks - - k3s_check_packages[k3s_os_distribution_version] is defined - -- import_tasks: configuration/variables.yml - -- import_tasks: configuration/experimental-variables.yml - -- import_tasks: configuration/unsupported-rootless.yml - when: - - k3s_runtime_config.rootless is defined - - k3s_runtime_config.rootless - -- import_tasks: configuration/control-node-count.yml - when: - - k3s_build_cluster is defined - - k3s_build_cluster diff --git a/tasks/validate/post-install.yml b/tasks/validate/post-install.yml deleted file mode 100644 index d1af608..0000000 --- a/tasks/validate/post-install.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -- import_tasks: state/control-plane.yml - -- import_tasks: state/nodes.yml diff --git a/tasks/validate/pre-flight.yml b/tasks/validate/pre-flight.yml deleted file mode 100644 index 4d3ac2a..0000000 --- a/tasks/validate/pre-flight.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -- name: Check that k3s_state is a supported value - ansible.builtin.assert: - that: - - k3s_state in k3s_valid_states - fail_msg: "k3s_state not valid. Check README.md for details." - success_msg: "k3s_state is valid." - when: k3s_state is defined - -- import_tasks: environment/local/packages.yml - when: - - not k3s_skip_validation - - not k3s_skip_env_checks - -- include_tasks: environment/remote/cgroups.yml - loop: "{{ k3s_cgroup_subsys }}" - loop_control: - loop_var: cgroup - when: - - not k3s_skip_validation - - not k3s_skip_env_checks - -- include_tasks: environment/local/issue-data.yml - when: - - pyratlabs_issue_controller_dump is defined - - pyratlabs_issue_controller_dump diff --git a/vars/main.yml b/vars/main.yml index 5f8906f..7577cd7 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -3,6 +3,7 @@ # Minimum supported versions k3s_min_version: 1.19.3 k3s_ansible_min_version: 2.9.16 +k3s_python_min_version: 3.6 # Valid states for this role k3s_valid_states: @@ -55,14 +56,26 @@ k3s_api_releases: "{{ k3s_api_url }}/v1-release/channels" # Download location for releases k3s_github_download_url: "{{ k3s_github_url }}/releases/download" -# Generate a runtime config dictionary for validation -k3s_runtime_config: "{{ (k3s_server | default({})) | combine (k3s_agent | default({})) }}" +# Generate a runtime config dictionary +k3s_runtime_config: "{{ + (k3s_control_node is defined and k3s_control_node) + | ternary( + (k3s_server | default({})) | combine (k3s_agent | default({})), + (k3s_agent | default({})), + (k3s_server | default({})) | combine (k3s_agent | default({}))) +}}" + +# Determine if a cluster should be built +k3s_conf_build_cluster: "{{ + not ((ansible_play_hosts_all | length < 2) + and k3s_registration_address is not defined) +}}" # Empty array for counting the number of control plane nodes k3s_controller_list: [] # Control plane port default -k3s_control_plane_port: 6443 +k3s_control_plane_port: "{{ k3s_runtime_config['https-listen-port'] | default(6443) }}" # Default to the "system" systemd context, this will be "user" when running rootless k3s_systemd_context: system @@ -161,6 +174,7 @@ k3s_deprecated_config: correction: "docker: false" when: 1.20.0 +# cgroup checks k3s_cgroup_subsys: - name: memory documentation: | From 7e9292c01b97f80ef79f763a67f62925aa3bad74 Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Sun, 2 Jan 2022 21:52:09 +0000 Subject: [PATCH 2/2] fix(become): only one variable neeed for become --- CHANGELOG.md | 20 ++++++++ README.md | 32 ++++++------- defaults/main.yml | 11 +---- handlers/main.yml | 4 +- tasks/ensure_cluster.yml | 12 ++--- tasks/ensure_containerd_registries.yml | 2 +- tasks/ensure_directories.yml | 2 +- tasks/ensure_downloads.yml | 2 +- tasks/ensure_drain_and_remove_nodes.yml | 8 ++-- tasks/ensure_installed.yml | 2 +- tasks/ensure_installed_node.yml | 10 ++-- tasks/ensure_k3s_auto_deploy.yml | 12 ++--- tasks/ensure_k3s_config_files.yml | 6 +-- tasks/ensure_started.yml | 4 +- tasks/ensure_stopped.yml | 4 +- tasks/ensure_uninstalled.yml | 6 +-- tasks/ensure_uploads.yml | 2 +- tasks/post_checks_nodes.yml | 2 +- tasks/pre_checks.yml | 2 + tasks/pre_checks_cluster.yml | 2 +- tasks/state_installed.yml | 2 - test_versions.sh | 64 ------------------------- 22 files changed, 80 insertions(+), 131 deletions(-) delete mode 100755 test_versions.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index faceb20..5929550 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,26 @@ --- --> +## 2022-01-02, v3.0.0 + +### Notable changes + + - feat: Flattened task filesystem + - feat: Moved some tasks into `vars/` as templated variables + - feat: Airgap installation method added #165 + +### Breaking changes + + - Minimum `python` version on targets is 3.6 + - `k3s_become_for_all` renamed to `k3s_become` + - `k3s_become_for_*` removed. + +### Contributors + + - [crutonjohn](https://github.com/crutonjohn) + +--- + ## 2021-12-23, v2.12.1 ### Notable changes diff --git a/README.md b/README.md index 404c668..ab5ab26 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,17 @@ -# Ansible Role: k3s (v2.x) +# Ansible Role: k3s (v3.x) Ansible role for installing [K3S](https://k3s.io/) ("Lightweight Kubernetes") as either a standalone server or cluster. [![CI](https://github.com/PyratLabs/ansible-role-k3s/workflows/CI/badge.svg?event=push)](https://github.com/PyratLabs/ansible-role-k3s/actions?query=workflow%3ACI) +## Help Wanted! + +Hi! :wave: [@xanmanning](https://github.com/xanmanning) is looking for a new +maintainer to work on this Ansible role. This is because I don't have as much +free time any more and I no longer write Ansible regularly as part of my day +job. If you're interested, get in touch. + ## Release notes Please see [Releases](https://github.com/PyratLabs/ansible-role-k3s/releases) @@ -14,6 +21,7 @@ and [CHANGELOG.md](CHANGELOG.md). The host you're running Ansible from requires the following Python dependencies: + - `python >= 3.6.0` - `ansible >= 2.9.16` or `ansible-base >= 2.10.4` You can install dependencies using the requirements.txt file in this repository: @@ -24,8 +32,7 @@ This role has been tested against the following Linux Distributions: - Amazon Linux 2 - Archlinux - CentOS 8 - - CentOS 7 - - Debian 10 + - Debian 11 - Fedora 31 - Fedora 32 - Fedora 33 @@ -33,7 +40,7 @@ This role has been tested against the following Linux Distributions: - RockyLinux 8 - Ubuntu 20.04 LTS -:warning: The v2 releases of this role only supports `k3s >= v1.19`, for +:warning: The v3 releases of this role only supports `k3s >= v1.19`, for `k3s < v1.19` please consider updating or use the v1.x releases of this role. Before upgrading, see [CHANGELOG](CHANGELOG.md) for notifications of breaking @@ -180,18 +187,11 @@ configuration. The below variables are used to change the way the role executes in Ansible, particularly with regards to privilege escalation. -| Variable | Description | Default Value | -|-------------------------------------|---------------------------------------------------------------------|---------------| -| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` | -| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` | -| `k3s_become_for_all` | Escalate user privileges for all tasks. Overrides all of the below. | `false` | -| `k3s_become_for_systemd` | Escalate user privileges for systemd tasks. | NULL | -| `k3s_become_for_install_dir` | Escalate user privileges for creating installation directories. | NULL | -| `k3s_become_for_directory_creation` | Escalate user privileges for creating application directories. | NULL | -| `k3s_become_for_usr_local_bin` | Escalate user privileges for writing to `/usr/local/bin`. | NULL | -| `k3s_become_for_package_install` | Escalate user privileges for installing k3s. | NULL | -| `k3s_become_for_kubectl` | Escalate user privileges for running `kubectl`. | NULL | -| `k3s_become_for_uninstall` | Escalate user privileges for uninstalling k3s. | NULL | +| Variable | Description | Default Value | +|-----------------------|----------------------------------------------------------------|---------------| +| `k3s_skip_validation` | Skip all tasks that validate configuration. | `false` | +| `k3s_skip_env_checks` | Skip all tasks that check environment configuration. | `false` | +| `k3s_become` | Escalate user privileges for tasks that need root permissions. | `false` | #### Important note about `k3s_release_version` diff --git a/defaults/main.yml b/defaults/main.yml index 4a4e96f..dcbc35f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -127,15 +127,8 @@ k3s_agent: {} # Ansible Controller configuration ## -# Use become privileges for -k3s_become_for_all: false -k3s_become_for_systemd: null -k3s_become_for_install_dir: null -k3s_become_for_directory_creation: null -k3s_become_for_usr_local_bin: null -k3s_become_for_package_install: null -k3s_become_for_kubectl: null -k3s_become_for_uninstall: null +# Use become privileges? +k3s_become: false # Private registry configuration. # Rancher k3s documentation: https://rancher.com/docs/k3s/latest/en/installation/private-registry/ diff --git a/handlers/main.yml b/handlers/main.yml index 1a2a8c0..b2fa402 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -4,7 +4,7 @@ ansible.builtin.systemd: daemon_reload: true scope: "{{ k3s_systemd_context }}" - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: restart k3s ansible.builtin.systemd: @@ -18,4 +18,4 @@ failed_when: - k3s_systemd_restart_k3s is not success - not ansible_check_mode - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_cluster.yml b/tasks/ensure_cluster.yml index 4e4e8a9..2939a04 100644 --- a/tasks/ensure_cluster.yml +++ b/tasks/ensure_cluster.yml @@ -8,7 +8,7 @@ when: - k3s_control_token is not defined - not ansible_check_mode - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure cluster token is formatted correctly for use in templates ansible.builtin.set_fact: @@ -26,14 +26,14 @@ path: "{{ k3s_token_location | dirname }}" state: directory mode: 0755 - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s cluster token file is present ansible.builtin.template: src: cluster-token.j2 dest: "{{ k3s_token_location }}" mode: 0600 - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" notify: - restart k3s @@ -42,7 +42,7 @@ src: k3s.service.j2 dest: "{{ k3s_systemd_unit_dir }}/k3s.service" mode: 0644 - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" notify: - reload systemd - restart k3s @@ -55,7 +55,7 @@ notify: - reload systemd - restart k3s - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure secondary controllers are started ansible.builtin.systemd: @@ -72,7 +72,7 @@ when: - k3s_control_node - not k3s_primary_control_node - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - import_tasks: post_checks_control_plane.yml when: not k3s_skip_validation diff --git a/tasks/ensure_containerd_registries.yml b/tasks/ensure_containerd_registries.yml index 55ba034..ad6dd64 100644 --- a/tasks/ensure_containerd_registries.yml +++ b/tasks/ensure_containerd_registries.yml @@ -8,4 +8,4 @@ notify: - reload systemd - restart k3s - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_directories.yml b/tasks/ensure_directories.yml index 051b202..21453b9 100644 --- a/tasks/ensure_directories.yml +++ b/tasks/ensure_directories.yml @@ -5,7 +5,7 @@ path: "{{ directory.path }}" state: directory mode: "{{ directory.mode | default(755) }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - directory.path is defined - directory.path | length > 0 diff --git a/tasks/ensure_downloads.yml b/tasks/ensure_downloads.yml index 076d7c5..4d12fec 100644 --- a/tasks/ensure_downloads.yml +++ b/tasks/ensure_downloads.yml @@ -48,4 +48,4 @@ dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" checksum: "sha256:{{ k3s_hash_sum }}" mode: 0755 - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_drain_and_remove_nodes.yml b/tasks/ensure_drain_and_remove_nodes.yml index e480852..77dffbb 100644 --- a/tasks/ensure_drain_and_remove_nodes.yml +++ b/tasks/ensure_drain_and_remove_nodes.yml @@ -4,7 +4,7 @@ ansible.builtin.stat: path: "{{ k3s_install_dir }}/kubectl" register: k3s_check_kubectl - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Clean up nodes that are in an uninstalled state block: @@ -17,7 +17,7 @@ delegate_to: "{{ k3s_control_delegate }}" run_once: true register: kubectl_get_nodes_result - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure uninstalled nodes are drained ansible.builtin.command: @@ -34,7 +34,7 @@ - hostvars[item].k3s_state is defined - hostvars[item].k3s_state == 'uninstalled' loop: "{{ ansible_play_hosts }}" - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure uninstalled nodes are removed ansible.builtin.command: @@ -47,7 +47,7 @@ - hostvars[item].k3s_state is defined - hostvars[item].k3s_state == 'uninstalled' loop: "{{ ansible_play_hosts }}" - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - k3s_check_kubectl.stat.exists is defined diff --git a/tasks/ensure_installed.yml b/tasks/ensure_installed.yml index a794802..39a7705 100644 --- a/tasks/ensure_installed.yml +++ b/tasks/ensure_installed.yml @@ -35,4 +35,4 @@ when: (k3s_control_node and k3s_controller_list | length == 1) or (k3s_primary_control_node and k3s_controller_list | length > 1) or k3s_token_cluster_check.stat.exists - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_installed_node.yml b/tasks/ensure_installed_node.yml index a303c2e..44511a9 100644 --- a/tasks/ensure_installed_node.yml +++ b/tasks/ensure_installed_node.yml @@ -15,7 +15,7 @@ when: not ansible_check_mode notify: - restart k3s - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s config file exists ansible.builtin.template: @@ -25,7 +25,7 @@ notify: - reload systemd - restart k3s - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s service unit file is present ansible.builtin.template: @@ -35,14 +35,14 @@ notify: - reload systemd - restart k3s - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s killall script is present ansible.builtin.template: src: k3s-killall.sh.j2 dest: "/usr/local/bin/k3s-killall.sh" mode: 0700 - become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - k3s_runtime_config is defined - ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless) @@ -52,7 +52,7 @@ src: k3s-uninstall.sh.j2 dest: "/usr/local/bin/k3s-uninstall.sh" mode: 0700 - become: "{{ k3s_become_for_usr_local_bin | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - k3s_runtime_config is defined - ("rootless" not in k3s_runtime_config or not k3s_runtime_config.rootless) diff --git a/tasks/ensure_k3s_auto_deploy.yml b/tasks/ensure_k3s_auto_deploy.yml index c15bd8b..842d8ce 100644 --- a/tasks/ensure_k3s_auto_deploy.yml +++ b/tasks/ensure_k3s_auto_deploy.yml @@ -8,7 +8,7 @@ when: >- k3s_server_manifests_templates | length > 0 or k3s_server_manifests_urls | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure that the pod-manifests directory exists ansible.builtin.file: @@ -18,7 +18,7 @@ when: >- k3s_server_pod_manifests_templates | length > 0 or k3s_server_pod_manifests_urls | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests - name: Ensure auto-deploying manifests are copied to the primary controller @@ -27,7 +27,7 @@ dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}" mode: 0644 loop: "{{ k3s_server_manifests_templates }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - k3s_server_manifests_templates | length > 0 @@ -37,7 +37,7 @@ dest: "{{ k3s_server_manifests_dir }}/{{ item.filename }}" mode: 0644 loop: "{{ k3s_server_manifests_urls }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: - not ansible_check_mode - k3s_server_manifests_urls | length > 0 @@ -49,7 +49,7 @@ dest: "{{ k3s_server_pod_manifests_dir }}/{{ item | basename | replace('.j2','') }}" mode: 0644 loop: "{{ k3s_server_pod_manifests_templates }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests - name: Ensure auto-deploying manifests are downloaded to the primary controller @@ -58,5 +58,5 @@ dest: "{{ k3s_server_pod_manifests_dir }}/{{ item.filename }}" mode: 0644 loop: "{{ k3s_server_pod_manifests_urls }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: not ansible_check_mode diff --git a/tasks/ensure_k3s_config_files.yml b/tasks/ensure_k3s_config_files.yml index 4f5db82..fe9ae2b 100644 --- a/tasks/ensure_k3s_config_files.yml +++ b/tasks/ensure_k3s_config_files.yml @@ -8,7 +8,7 @@ when: >- k3s_server_config_yaml_d_files | length > 0 or k3s_agent_config_yaml_d_files | length > 0 - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" # https://github.com/k3s-io/k3s/pull/3162 - name: Ensure configuration files are copied to controllers @@ -17,7 +17,7 @@ dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}" mode: 0644 loop: "{{ k3s_server_config_yaml_d_files }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: k3s_control_node # https://github.com/k3s-io/k3s/pull/3162 @@ -27,5 +27,5 @@ dest: "{{ k3s_config_yaml_d_dir }}/{{ item | basename | replace('.j2','') }}" mode: 0644 loop: "{{ k3s_agent_config_yaml_d_files }}" - become: "{{ k3s_become_for_directory_creation | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" when: not k3s_control_node diff --git a/tasks/ensure_started.yml b/tasks/ensure_started.yml index f393d5b..c4b934a 100644 --- a/tasks/ensure_started.yml +++ b/tasks/ensure_started.yml @@ -6,7 +6,7 @@ state: started enabled: "{{ k3s_start_on_boot }}" when: k3s_non_root is not defined or not k3s_non_root - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s service is started ansible.builtin.systemd: @@ -17,4 +17,4 @@ when: - k3s_non_root is defined - k3s_non_root - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_stopped.yml b/tasks/ensure_stopped.yml index d1c97d9..7ba4b94 100644 --- a/tasks/ensure_stopped.yml +++ b/tasks/ensure_stopped.yml @@ -6,7 +6,7 @@ state: stopped enabled: "{{ k3s_start_on_boot }}" when: k3s_non_root is not defined or not k3s_non_root - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure k3s service is started ansible.builtin.systemd: @@ -17,4 +17,4 @@ when: - k3s_non_root is defined - k3s_non_root - become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_uninstalled.yml b/tasks/ensure_uninstalled.yml index c488f1b..b944afd 100644 --- a/tasks/ensure_uninstalled.yml +++ b/tasks/ensure_uninstalled.yml @@ -16,7 +16,7 @@ register: k3s_killall changed_when: k3s_killall.rc == 0 when: check_k3s_killall_script.stat.exists - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Run k3s-uninstall.sh ansible.builtin.command: @@ -26,7 +26,7 @@ register: k3s_uninstall changed_when: k3s_uninstall.rc == 0 when: check_k3s_uninstall_script.stat.exists - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" - name: Ensure hard links are removed ansible.builtin.file: @@ -39,4 +39,4 @@ when: - k3s_install_hard_links - not ansible_check_mode - become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/ensure_uploads.yml b/tasks/ensure_uploads.yml index 17ad87a..a2f8a78 100644 --- a/tasks/ensure_uploads.yml +++ b/tasks/ensure_uploads.yml @@ -12,4 +12,4 @@ # TODO: allow airgap to bypass version post-fix dest: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" mode: 0755 - become: "{{ k3s_become_for_install_dir | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/post_checks_nodes.yml b/tasks/post_checks_nodes.yml index 6e4c16e..8383f9a 100644 --- a/tasks/post_checks_nodes.yml +++ b/tasks/post_checks_nodes.yml @@ -17,4 +17,4 @@ - ("flannel-backend" not in k3s_runtime_config or k3s_runtime_config["flannel-backend"] != "none") - not ansible_check_mode - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/pre_checks.yml b/tasks/pre_checks.yml index 35d5d36..91ef579 100644 --- a/tasks/pre_checks.yml +++ b/tasks/pre_checks.yml @@ -81,6 +81,8 @@ - k3s_runtime_config.rootless - not k3s_skip_validation +- import_tasks: ensure_pre_configuration.yml + - import_tasks: pre_checks_control_node_count.yml when: - k3s_build_cluster is defined diff --git a/tasks/pre_checks_cluster.yml b/tasks/pre_checks_cluster.yml index 8e8bc97..f9435d1 100644 --- a/tasks/pre_checks_cluster.yml +++ b/tasks/pre_checks_cluster.yml @@ -16,4 +16,4 @@ failed_when: - not k3s_check_cluster_token.stat.exists - not ansible_check_mode - become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}" + become: "{{ k3s_become }}" diff --git a/tasks/state_installed.yml b/tasks/state_installed.yml index 1517fa5..ab24c47 100644 --- a/tasks/state_installed.yml +++ b/tasks/state_installed.yml @@ -1,7 +1,5 @@ --- -- import_tasks: ensure_pre_configuration.yml - - import_tasks: ensure_drain_and_remove_nodes.yml - import_tasks: determine_systemd_context.yml diff --git a/test_versions.sh b/test_versions.sh deleted file mode 100755 index 3b5f473..0000000 --- a/test_versions.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -ANSIBLE_RELEASE_FEED="$(curl -Ssl https://api.github.com/repos/ansible/ansible/tags?per_page=50)" -TMPDIR="$(mktemp -d /tmp/molecule.XXXXX)" - -function ansible_releases { - local RELEASE_LIST_ALL - - RELEASE_LIST_ALL="$(echo "${ANSIBLE_RELEASE_FEED}" | grep -E "\"name\": \"v[0-9]+\.[0-9]+\.[0-9]+\"")" - - for RELEASE in ${RELEASE_LIST_ALL} ; do - echo "${RELEASE}" | grep -v "name" | sed -E 's/"v([0-9]+\.[0-9]+\.[0-9]+)",/\1/g' || true - done -} - -function build_requirements { - local TEST_REQUIREMENTS - local REQUIREMENTS - local ANSIBLE_VERSION - - ANSIBLE_VERSION="${1:-true}" - - if [ "${ANSIBLE_VERSION}" == "true" ] ; then - echo "Something went wrong!" - exit 1 - fi - - TEST_REQUIREMENTS=$( "${TMPDIR}/version_requirements.txt" - make_venv "${TEST_ANSIBLE}" - echo " |" | tee -a /tmp/molecule_tests.md - done -} - -main