From c743df868bc48a15f40dbc033ac11ffefafbf890 Mon Sep 17 00:00:00 2001 From: Xan Manning Date: Tue, 15 Sep 2020 18:10:25 +0100 Subject: [PATCH] Fixing ansible-linting, exclude name check for Travis-CI This release also fixes: - #38 : removing the --disable-agent option. Please use node taints. - #39 : clarified where jmespath should be installed in README.md --- .ansible-lint | 2 ++ README.md | 3 +-- defaults/main.yml | 3 --- molecule/default/playbook-docker-altport-wireguard.yml | 1 - molecule/default/playbook-no-deploy.yml | 1 - tasks/build/configure-k3s-cluster.yml | 1 + tasks/build/download-k3s.yml | 1 + tasks/build/install-k3s.yml | 5 ++++- tasks/build/preconfigure-k3s-auto-deploying-manifests.yml | 2 ++ tasks/build/preconfigure-k3s.yml | 1 + tasks/state-installed.yml | 6 ------ tasks/state-uninstalled.yml | 6 ------ templates/k3s.service.j2 | 2 +- 13 files changed, 13 insertions(+), 21 deletions(-) create mode 100644 .ansible-lint diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..327f909 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,2 @@ +skip_list: + - '106' diff --git a/README.md b/README.md index 197fec6..86c53ef 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Kubernetes") as either a standalone server or cluster. ## Requirements -The control host requires the following Python dependencies: +The host you're running Ansible from requires the following Python dependencies: - `jmespath >= 0.9.0` @@ -58,7 +58,6 @@ consistency. | `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` | | `k3s_use_unsupported_config` | Allow the use of unsupported configurations in k3s. | `false` | | `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` | -| `k3s_control_workers` | Are control hosts also workers? | `true` | | `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 | | `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 | | `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ | diff --git a/defaults/main.yml b/defaults/main.yml index 05a106d..0d39def 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -56,9 +56,6 @@ k3s_datastore_endpoint: false # Use DQLite for HA Datastore? (EXPERIMENTAL) k3s_dqlite_datastore: false -# Are control hosts also worker nodes? -k3s_control_workers: true - # HTTPS Listening port k3s_https_port: 6443 diff --git a/molecule/default/playbook-docker-altport-wireguard.yml b/molecule/default/playbook-docker-altport-wireguard.yml index 1db8114..a88a3c4 100644 --- a/molecule/default/playbook-docker-altport-wireguard.yml +++ b/molecule/default/playbook-docker-altport-wireguard.yml @@ -8,6 +8,5 @@ k3s_https_port: 26443 k3s_flannel_backend: wireguard k3s_cluster_domain: examplecluster.local - k3s_control_workers: false roles: - role: xanmanning.k3s diff --git a/molecule/default/playbook-no-deploy.yml b/molecule/default/playbook-no-deploy.yml index 9a16a04..28e4f48 100644 --- a/molecule/default/playbook-no-deploy.yml +++ b/molecule/default/playbook-no-deploy.yml @@ -14,7 +14,6 @@ k3s_disable_scheduler: true k3s_disable_cloud_controller: true k3s_disable_network_policy: true - k3s_control_workers: false k3s_node_labels: - foo: bar - hello: world diff --git a/tasks/build/configure-k3s-cluster.yml b/tasks/build/configure-k3s-cluster.yml index 027fe3e..d68fe09 100644 --- a/tasks/build/configure-k3s-cluster.yml +++ b/tasks/build/configure-k3s-cluster.yml @@ -23,6 +23,7 @@ template: src: k3s.service.j2 dest: "{{ k3s_systemd_unit_directory }}/k3s.service" + mode: 0644 become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}" notify: - reload systemd diff --git a/tasks/build/download-k3s.yml b/tasks/build/download-k3s.yml index fc9061a..e897d49 100644 --- a/tasks/build/download-k3s.yml +++ b/tasks/build/download-k3s.yml @@ -32,6 +32,7 @@ file: path: "{{ k3s_install_dir }}" state: directory + mode: 0755 - name: Ensure k3s binary is downloaded get_url: diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index 7382902..fbc45ff 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -6,6 +6,7 @@ dest: "{{ k3s_install_dir }}/k3s" state: "{{ 'hard' if k3s_install_hard_links else 'link' }}" force: "{{ k3s_install_hard_links }}" + mode: 0755 when: ((k3s_control_node and k3s_controller_count | length == 1) or (k3s_primary_control_node and k3s_controller_count | length > 1)) and not ansible_check_mode notify: @@ -16,12 +17,13 @@ file: path: "{{ k3s_systemd_unit_directory }}" state: directory - recurse: true + mode: 0755 - name: Ensure k3s service unit file is present on control plane template: src: k3s.service.j2 dest: "{{ k3s_systemd_unit_directory }}/k3s.service" + mode: 0644 when: (k3s_control_node and k3s_controller_count | length == 1) or (k3s_primary_control_node and k3s_controller_count | length > 1) notify: @@ -51,6 +53,7 @@ dest: "{{ k3s_install_dir }}/{{ item }}" state: "{{ 'hard' if k3s_install_hard_links else 'link' }}" force: "{{ k3s_install_hard_links }}" + mode: 0755 notify: - restart k3s loop: diff --git a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml index 8ba4666..494eb20 100644 --- a/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml +++ b/tasks/build/preconfigure-k3s-auto-deploying-manifests.yml @@ -4,6 +4,7 @@ file: state: directory path: "{{ k3s_server_manifests_dir }}" + mode: 0755 when: k3s_server_manifests_templates | length > 0 # https://rancher.com/docs/k3s/latest/en/advanced/#auto-deploying-manifests @@ -11,4 +12,5 @@ template: src: "{{ item }}" dest: "{{ k3s_server_manifests_dir }}/{{ item | basename | replace('.j2','') }}" + mode: 0644 loop: "{{ k3s_server_manifests_templates }}" diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/build/preconfigure-k3s.yml index 56a4684..053dc4b 100644 --- a/tasks/build/preconfigure-k3s.yml +++ b/tasks/build/preconfigure-k3s.yml @@ -47,6 +47,7 @@ P_{{ hostvars[item].k3s_primary_control_node | default(False) }} create: true regexp: "^{{ item }} @@@ {{ hostvars[item].ansible_host | default(hostvars[item].ansible_fqdn) }}" + mode: 0600 loop: "{{ play_hosts }}" check_mode: false when: hostvars[item].k3s_control_node is defined diff --git a/tasks/state-installed.yml b/tasks/state-installed.yml index 559ef3c..ad9c8a5 100644 --- a/tasks/state-installed.yml +++ b/tasks/state-installed.yml @@ -17,21 +17,15 @@ - include_tasks: build/install-docker-prerequisites-{{ ansible_os_family | lower }}.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and (k3s_non_root is not defined or not k3s_non_root) - import_tasks: build/install-docker.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap'] and (k3s_non_root is not defined or not k3s_non_root) - include_tasks: build/install-docker-{{ ansible_distribution | replace(" ", "-") | lower }}.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap'] and (k3s_non_root is not defined or not k3s_non_root) diff --git a/tasks/state-uninstalled.yml b/tasks/state-uninstalled.yml index 7324168..334f41e 100644 --- a/tasks/state-uninstalled.yml +++ b/tasks/state-uninstalled.yml @@ -8,22 +8,16 @@ - import_tasks: teardown/uninstall-docker.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap'] and (k3s_non_root is not defined or not k3s_non_root) - include_tasks: teardown/uninstall-docker-{{ ansible_distribution | replace(" ", "-") | lower }}.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap'] and (k3s_non_root is not defined or not k3s_non_root) - include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) and (k3s_non_root is not defined or not k3s_non_root) - import_tasks: validate/check-uninstalled.yml diff --git a/templates/k3s.service.j2 b/templates/k3s.service.j2 index 72e8191..bed09db 100644 --- a/templates/k3s.service.j2 +++ b/templates/k3s.service.j2 @@ -11,7 +11,7 @@ ExecStartPre=-/sbin/modprobe overlay {% filter replace('\n', ' ') %} ExecStart={{ k3s_install_dir }}/k3s {% if k3s_control_node %} - server{{ ' --disable-agent' if not k3s_control_workers else '' }} + server {% if k3s_bind_address is defined %} --bind-address {{ k3s_bind_address }} {% endif %}