mirror of
https://github.com/PyratLabs/ansible-role-k3s
synced 2024-12-05 02:40:19 +01:00
WIP(alpine): trying to find a container image that supports openrc
This commit is contained in:
Xan Manning
parent
f3640e5c9f
commit
910b611058
20 changed files with 246 additions and 66 deletions
5
.github/workflows/ci.yml
vendored
5
.github/workflows/ci.yml
vendored
|
|
@ -42,8 +42,10 @@ jobs:
|
||||||
prebuilt: 'true'
|
prebuilt: 'true'
|
||||||
- distro: geerlingguy/docker-fedora33-ansible:latest
|
- distro: geerlingguy/docker-fedora33-ansible:latest
|
||||||
scenario: autodeploy
|
scenario: autodeploy
|
||||||
- distro: alpine:3.15
|
- distro: nimmis/alpine:3.14
|
||||||
scenario: highavailabilityetcd
|
scenario: highavailabilityetcd
|
||||||
|
command: "init"
|
||||||
|
prebuilt: 'false'
|
||||||
- distro: geerlingguy/docker-rockylinux8-ansible:latest
|
- distro: geerlingguy/docker-rockylinux8-ansible:latest
|
||||||
scenario: highavailabilityetcd
|
scenario: highavailabilityetcd
|
||||||
prebuilt: 'true'
|
prebuilt: 'true'
|
||||||
|
|
@ -70,3 +72,4 @@ jobs:
|
||||||
ANSIBLE_FORCE_COLOR: '1'
|
ANSIBLE_FORCE_COLOR: '1'
|
||||||
MOLECULE_DISTRO: ${{ matrix.distro }}
|
MOLECULE_DISTRO: ${{ matrix.distro }}
|
||||||
MOLECULE_PREBUILT: ${{ matrix.prebuilt }}
|
MOLECULE_PREBUILT: ${{ matrix.prebuilt }}
|
||||||
|
MOLECULE_DOCKER_COMMAND: ${{ matrix.command }}
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,12 @@
|
||||||
scope: "{{ k3s_systemd_context }}"
|
scope: "{{ k3s_systemd_context }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
- name: restart k3s
|
- name: reload service
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
k3s_service_reloaded: true
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
|
- name: restart k3s systemd
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: k3s
|
name: k3s
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
@ -19,3 +24,16 @@
|
||||||
- k3s_systemd_restart_k3s is not success
|
- k3s_systemd_restart_k3s is not success
|
||||||
- not ansible_check_mode
|
- not ansible_check_mode
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
|
- name: restart k3s service
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: k3s
|
||||||
|
state: restarted
|
||||||
|
enabled: "{{ k3s_start_on_boot }}"
|
||||||
|
retries: 3
|
||||||
|
delay: 3
|
||||||
|
register: k3s_service_restart_k3s
|
||||||
|
failed_when:
|
||||||
|
- k3s_service_restart_k3s is not success
|
||||||
|
- not ansible_check_mode
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
provisioner:
|
provisioner:
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
provisioner:
|
provisioner:
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
provisioner:
|
provisioner:
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: database
|
- name: database
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@
|
||||||
k3s_agent:
|
k3s_agent:
|
||||||
node-ip: "{{ ansible_default_ipv4.address }}"
|
node-ip: "{{ ansible_default_ipv4.address }}"
|
||||||
snapshotter: native
|
snapshotter: native
|
||||||
|
k3s_skip_validation: "{{ k3s_service_handler[ansible_service_mgr] == 'service' }}"
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Set each node to be a control node
|
- name: Set each node to be a control node
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: loadbalancer
|
- name: loadbalancer
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,23 @@
|
||||||
---
|
---
|
||||||
- name: Prepare Load Balancer
|
|
||||||
hosts: loadbalancer
|
- name: Prepare all nodes
|
||||||
|
hosts: all
|
||||||
tasks:
|
tasks:
|
||||||
- name: Ensure apt cache is updated
|
- name: Ensure apt cache is updated
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
update_cache: true
|
update_cache: true
|
||||||
when: ansible_pkg_mgr == 'apt'
|
when: ansible_pkg_mgr == 'apt'
|
||||||
|
|
||||||
|
- name: Ensure sudo is installed
|
||||||
|
community.general.apk:
|
||||||
|
name: sudo
|
||||||
|
state: present
|
||||||
|
update_cache: true
|
||||||
|
when: ansible_pkg_mgr == 'apk'
|
||||||
|
|
||||||
|
- name: Prepare Load Balancer
|
||||||
|
hosts: loadbalancer
|
||||||
|
tasks:
|
||||||
- name: Ensure HAProxy is installed
|
- name: Ensure HAProxy is installed
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name: haproxy
|
name: haproxy
|
||||||
|
|
|
||||||
|
|
@ -26,30 +26,30 @@ lint: |
|
||||||
ansible-lint --exclude molecule/
|
ansible-lint --exclude molecule/
|
||||||
platforms:
|
platforms:
|
||||||
- name: node1
|
- name: node1
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node2
|
- name: node2
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
- name: node3
|
- name: node3
|
||||||
image: "${MOLECULE_DISTRO:-ubuntu:focal}"
|
image: ${MOLECULE_DISTRO:-"geerlingguy/docker-rockylinux8-ansible:latest"}
|
||||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||||
privileged: true
|
privileged: true
|
||||||
pre_build_image: ${MOLECULE_PREBUILT:-false}
|
pre_build_image: ${MOLECULE_PREBUILT:-true}
|
||||||
networks:
|
networks:
|
||||||
- name: k3snet
|
- name: k3snet
|
||||||
provisioner:
|
provisioner:
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,7 @@
|
||||||
mode: 0600
|
mode: 0600
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
notify:
|
notify:
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
|
||||||
- name: Ensure k3s service unit file is present
|
- name: Ensure k3s service unit file is present
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
|
|
@ -47,8 +47,8 @@
|
||||||
mode: 0644
|
mode: 0644
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
notify:
|
notify:
|
||||||
- reload systemd
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
|
||||||
- name: Ensure k3s config file exists
|
- name: Ensure k3s config file exists
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
|
|
@ -56,8 +56,8 @@
|
||||||
dest: "{{ k3s_config_file }}"
|
dest: "{{ k3s_config_file }}"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify:
|
notify:
|
||||||
- reload systemd
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
- name: Ensure secondary controllers are started
|
- name: Ensure secondary controllers are started
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,6 @@
|
||||||
dest: "{{ k3s_config_dir }}/registries.yaml"
|
dest: "{{ k3s_config_dir }}/registries.yaml"
|
||||||
mode: 0600
|
mode: 0600
|
||||||
notify:
|
notify:
|
||||||
- reload systemd
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
|
||||||
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
16
tasks/ensure_control_plane_started_systemd.yml
Normal file
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Ensure k3s initial control plane server is started
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: k3s
|
||||||
|
state: started
|
||||||
|
enabled: "{{ k3s_start_on_boot }}"
|
||||||
|
scope: "{{ k3s_systemd_context }}"
|
||||||
|
register: k3s_systemd_start_k3s
|
||||||
|
failed_when:
|
||||||
|
- k3s_systemd_start_k3s is not succeeded
|
||||||
|
- not ansible_check_mode
|
||||||
|
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||||
|
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||||
|
or k3s_token_cluster_check.stat.exists
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
15
tasks/ensure_control_plane_started_sysvinit.yml
Normal file
15
tasks/ensure_control_plane_started_sysvinit.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Ensure k3s initial control plane server is started
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: k3s
|
||||||
|
state: started
|
||||||
|
enabled: "{{ k3s_start_on_boot }}"
|
||||||
|
register: k3s_service_start_k3s
|
||||||
|
failed_when:
|
||||||
|
- k3s_service_start_k3s is not succeeded
|
||||||
|
- not ansible_check_mode
|
||||||
|
when: (k3s_control_node and k3s_controller_list | length == 1)
|
||||||
|
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
||||||
|
or k3s_token_cluster_check.stat.exists
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
|
|
@ -22,17 +22,4 @@
|
||||||
path: "{{ k3s_token_location }}"
|
path: "{{ k3s_token_location }}"
|
||||||
register: k3s_token_cluster_check
|
register: k3s_token_cluster_check
|
||||||
|
|
||||||
- name: Ensure k3s initial control plane server is started
|
- include_tasks: ensure_control_plane_started_{{ ansible_service_mgr }}.yml
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: k3s
|
|
||||||
state: started
|
|
||||||
enabled: "{{ k3s_start_on_boot }}"
|
|
||||||
scope: "{{ k3s_systemd_context }}"
|
|
||||||
register: k3s_systemd_start_k3s
|
|
||||||
failed_when:
|
|
||||||
- k3s_systemd_start_k3s is not succeeded
|
|
||||||
- not ansible_check_mode
|
|
||||||
when: (k3s_control_node and k3s_controller_list | length == 1)
|
|
||||||
or (k3s_primary_control_node and k3s_controller_list | length > 1)
|
|
||||||
or k3s_token_cluster_check.stat.exists
|
|
||||||
become: "{{ k3s_become }}"
|
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
- ctr
|
- ctr
|
||||||
when: not ansible_check_mode
|
when: not ansible_check_mode
|
||||||
notify:
|
notify:
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
- name: Ensure k3s config file exists
|
- name: Ensure k3s config file exists
|
||||||
|
|
@ -23,8 +23,8 @@
|
||||||
dest: "{{ k3s_config_file }}"
|
dest: "{{ k3s_config_file }}"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify:
|
notify:
|
||||||
- reload systemd
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
- name: Ensure cluster token is present when pre-defined
|
- name: Ensure cluster token is present when pre-defined
|
||||||
|
|
@ -51,9 +51,35 @@
|
||||||
src: k3s.service.j2
|
src: k3s.service.j2
|
||||||
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
dest: "{{ k3s_systemd_unit_dir }}/k3s.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
when:
|
||||||
|
- k3s_service_handler[ansible_service_mgr] == 'systemd'
|
||||||
notify:
|
notify:
|
||||||
- reload systemd
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
- restart k3s
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
|
- name: Ensure k3s service file is present
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: k3s.openrc.j2
|
||||||
|
dest: "{{ k3s_openrc_service_dir }}/k3s"
|
||||||
|
mode: 0744
|
||||||
|
when:
|
||||||
|
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||||
|
notify:
|
||||||
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
|
- name: Ensure k3s logrotate file is present
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: k3s.logrotate.j2
|
||||||
|
dest: "{{ k3s_logrotate_dir }}/k3s"
|
||||||
|
mode: 0640
|
||||||
|
when:
|
||||||
|
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||||
|
notify:
|
||||||
|
- "reload {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
|
- "restart k3s {{ k3s_service_handler[ansible_service_mgr] }}"
|
||||||
become: "{{ k3s_become }}"
|
become: "{{ k3s_become }}"
|
||||||
|
|
||||||
- name: Ensure k3s killall script is present
|
- name: Ensure k3s killall script is present
|
||||||
|
|
|
||||||
|
|
@ -38,6 +38,39 @@
|
||||||
- not k3s_skip_validation
|
- not k3s_skip_validation
|
||||||
- not k3s_skip_env_checks
|
- not k3s_skip_env_checks
|
||||||
|
|
||||||
|
- name: Check that the target init system is supported by this role
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- ansible_service_mgr in k3s_supported_init
|
||||||
|
fail_msg: >-
|
||||||
|
{{ ansible_service_mgr }} is not supported by this role.
|
||||||
|
Supported init systems: {{ k3s_supported_init | join(', ') }}
|
||||||
|
success_msg: "{{ ansible_service_mgr }} is supported"
|
||||||
|
when:
|
||||||
|
- not k3s_skip_validation
|
||||||
|
- not k3s_skip_env_checks
|
||||||
|
|
||||||
|
- name: Determing if {{ ansible_service_mgr }} is actually openrc
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: /sbin/openrc-run
|
||||||
|
register: k3s_check_openrc_run
|
||||||
|
when:
|
||||||
|
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||||
|
- not k3s_skip_validation
|
||||||
|
- not k3s_skip_env_checks
|
||||||
|
|
||||||
|
- name: Check that {{ ansible_service_mgr }} is actually openrc
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- k3s_check_openrc_run.stat.exists
|
||||||
|
fail_msg: >-
|
||||||
|
openrc was not found, cannot install to {{ ansible_service_mgr }}
|
||||||
|
success_msg: "openrc found"
|
||||||
|
when:
|
||||||
|
- k3s_service_handler[ansible_service_mgr] == 'service'
|
||||||
|
- not k3s_skip_validation
|
||||||
|
- not k3s_skip_env_checks
|
||||||
|
|
||||||
- include_tasks: pre_checks_version.yml
|
- include_tasks: pre_checks_version.yml
|
||||||
when:
|
when:
|
||||||
- (k3s_release_version is not defined
|
- (k3s_release_version is not defined
|
||||||
|
|
|
||||||
5
templates/k3s.logrotate.j2
Normal file
5
templates/k3s.logrotate.j2
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
/var/log/k3s.log {
|
||||||
|
missingok
|
||||||
|
notifempty
|
||||||
|
copytruncate
|
||||||
|
}
|
||||||
47
templates/k3s.openrc.j2
Normal file
47
templates/k3s.openrc.j2
Normal file
|
|
@ -0,0 +1,47 @@
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
after network-online
|
||||||
|
want cgroups
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
rm -f /tmp/k3s.*
|
||||||
|
}
|
||||||
|
|
||||||
|
supervisor=supervise-daemon
|
||||||
|
name="k3s"
|
||||||
|
command="{{ k3s_install_dir }}/k3s"
|
||||||
|
command_args="{% filter regex_replace('\s+', ' ') %}
|
||||||
|
{% filter replace('\n', ' ') %}
|
||||||
|
{% if k3s_debug is defined and k3s_debug %}
|
||||||
|
--debug
|
||||||
|
{% endif %}
|
||||||
|
{% if k3s_control_node %}
|
||||||
|
server
|
||||||
|
{% if (k3s_etcd_datastore is defined and k3s_etcd_datastore) and (k3s_primary_control_node is not defined or not k3s_primary_control_node) and k3s_controller_list | length > 1 %}
|
||||||
|
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
|
||||||
|
{% endif %}
|
||||||
|
{% if k3s_server is defined %}
|
||||||
|
--config {{ k3s_config_file }}
|
||||||
|
{% endif %}
|
||||||
|
{% if k3s_control_node and not k3s_primary_control_node %}
|
||||||
|
--token-file {{ k3s_token_location }}
|
||||||
|
{% endif %}
|
||||||
|
{% else %}
|
||||||
|
agent
|
||||||
|
--server https://{{ k3s_registration_address }}:{{ k3s_control_plane_port | default(6443) | string }}
|
||||||
|
--token-file {{ k3s_token_location }}
|
||||||
|
{% if k3s_agent is defined %}
|
||||||
|
--config {{ k3s_config_file }}
|
||||||
|
{% endif %}
|
||||||
|
{% endif %} >>/var/log/k3s.log 2>&1"
|
||||||
|
{% endfilter %}
|
||||||
|
{% endfilter %}
|
||||||
|
|
||||||
|
output_log="/var/log/k3s.log"
|
||||||
|
error_log="/var/log/k3s.log"
|
||||||
|
|
||||||
|
pidfile="/var/run/k3s.pid"
|
||||||
|
respawn_delay=5
|
||||||
|
respawn_max=0
|
||||||
|
|
@ -15,6 +15,12 @@ k3s_valid_states:
|
||||||
- uninstalled
|
- uninstalled
|
||||||
- validated
|
- validated
|
||||||
|
|
||||||
|
# Supported init systems
|
||||||
|
k3s_supported_init:
|
||||||
|
- systemd
|
||||||
|
- sysvinit # Possibly what openrc identifies as in Ansible?
|
||||||
|
- openrc
|
||||||
|
|
||||||
# Map ansible fact gathering architecture to a release name and suffix in github.
|
# Map ansible fact gathering architecture to a release name and suffix in github.
|
||||||
k3s_arch_lookup:
|
k3s_arch_lookup:
|
||||||
amd64:
|
amd64:
|
||||||
|
|
@ -84,6 +90,18 @@ k3s_systemd_context: system
|
||||||
# management, this should live in /etc/systemd, not /lib/systemd
|
# management, this should live in /etc/systemd, not /lib/systemd
|
||||||
k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"
|
k3s_systemd_unit_dir: "/etc/systemd/{{ k3s_systemd_context }}"
|
||||||
|
|
||||||
|
# Directory for installing openrc service file
|
||||||
|
k3s_openrc_service_dir: /etc/init.d
|
||||||
|
|
||||||
|
# Directory for installing logrotate config
|
||||||
|
k3s_logrotate_dir: /etc/logrotate.d
|
||||||
|
|
||||||
|
# Service handler
|
||||||
|
k3s_service_handler:
|
||||||
|
systemd: systemd
|
||||||
|
sysvinit: service
|
||||||
|
openrc: service
|
||||||
|
|
||||||
# Data directory location for k3s
|
# Data directory location for k3s
|
||||||
k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"
|
k3s_data_dir: "{{ k3s_runtime_config['data-dir'] | default('/var/lib/rancher/k3s') }}"
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue