ansible-role-k3s/templates/k3s.service.j2
ᗪєνιη ᗷυнʟ c447fcec39 A number of enhancements for v1.19 release.
- Added option to skip validation checks #47
  - Add SELinux support in containerd #48
  - Added check for Etcd member count #46
  - Moved token to a file #50
  - Added Etcd snapshot configuration options #49
2020-09-22 20:30:50 +01:00

214 lines
8 KiB
Django/Jinja

[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
Wants=network-online.target
After=network-online.target
[Service]
Type={{ 'notify' if k3s_control_node else 'exec' }}
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
{% filter regex_replace('\s+', ' ') %}
{% filter replace('\n', ' ') %}
ExecStart={{ k3s_install_dir }}/k3s
{% if k3s_debug is defined and k3s_debug %}
--debug
{% endif %}
{% if k3s_control_node %}
server
{% if k3s_bind_address is defined %}
--bind-address {{ k3s_bind_address }}
{% endif %}
{% if k3s_non_root is defined and k3s_non_root %}
--rootless
{% endif %}
{% if k3s_https_port != 6443 %}
--https-listen-port {{ k3s_https_port }}
{% endif %}
{% if k3s_disable_scheduler %}
--disable-scheduler
{% endif %}
{% if k3s_disable_cloud_controller %}
--disable-cloud-controller
{% endif %}
{% if k3s_disable_network_policy %}
--disable-network-policy
{% endif %}
{% if k3s_no_flannel %}
{% if (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=') %}
--flannel-backend none
{% else %}
--no-flannel
{% endif %}
{% endif %}
{% if k3s_cluster_cidr is defined %}
--cluster-cidr {{ k3s_cluster_cidr }}
{% endif %}
{% if k3s_service_cidr is defined %}
--service-cidr {{ k3s_service_cidr }}
{% endif %}
{% if k3s_flannel_backend is defined and not k3s_no_flannel %}
--flannel-backend {{ k3s_flannel_backend }}
{% endif %}
{% if k3s_private_registry is defined and k3s_private_registry %}
--private-registry {{ k3s_private_registry }}
{% endif %}
{% if k3s_no_coredns is defined or k3s_no_traefik is defined or k3s_no_servicelb is defined %}
{% if k3s_no_coredns or k3s_no_traefik or k3s_no_servicelb %}
{{ ' --disable coredns' if k3s_no_coredns else '' }}{{ ' --disable servicelb' if k3s_no_servicelb else '' }}{{ ' --disable traefik' if k3s_no_traefik else '' }}{{ ' --disable local-storage' if k3s_no_local_storage else '' }}{{ ' --disable metrics-server' if k3s_no_metrics_server else '' }}
{% endif %}
{% endif %}
{% if not k3s_no_local_storage and k3s_default_local_storage_path is defined and k3s_default_local_storage_path %}
--default-local-storage-path {{ k3s_default_local_storage_path }}
{% endif %}
{% if k3s_cluster_dns is defined and k3s_cluster_dns %}
--cluster-dns {{ k3s_cluster_dns }}
{% endif %}
{% if k3s_cluster_domain is defined and k3s_cluster_domain != "cluster.local" %}
--cluster-domain {{ k3s_cluster_domain }}
{% endif %}
{% if k3s_datastore_endpoint is defined and k3s_datastore_endpoint %}
--datastore-endpoint "{{ k3s_datastore_endpoint }}"
{% if k3s_datastore_cafile is defined and k3s_datastore_cafile %}
--datastore-cafile {{ k3s_datastore_cafile }}
{% endif %}
{% if k3s_datastore_certfile is defined and k3s_datastore_certfile %}
--datastore-certfile {{ k3s_datastore_certfile }}
{% endif %}
{% if k3s_datastore_keyfile is defined and k3s_datastore_keyfile %}
--datastore-keyfile {{ k3s_datastore_keyfile }}
{% endif %}
{% endif %}
{% if (k3s_dqlite_datastore is defined and k3s_dqlite_datastore) or (k3s_etcd_datastore is defined and k3s_etcd_datastore) %}
{% if k3s_primary_control_node is defined and k3s_primary_control_node %}
--cluster-init
{% else %}
--server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
--token-file {{ k3s_token_location }}/cluster-token
{% endif %}
{% if k3s_etcd_disable_snapshots %}
--etcd-disable-snapshots
{% else %}
{% if k3s_etcd_snapshot_schedule_cron is defined %}
--etcd-snapshot-schedule-cron "{{ k3s_etcd_snapshot_schedule_cron }}"
{% endif %}
{% if k3s_etcd_snapshot_retention is defined %}
--etcd-snapshot-retention {{ k3s_etcd_snapshot_retention }}
{% endif %}
{% if k3s_etcd_snapshot_directory is defined %}
--etcd-snapshot-dir {{ k3s_etcd_snapshot_directory }}
{% endif %}
{% endif %}
{% endif %}
{% if k3s_secrets_encryption is defined and k3s_secrets_encryption %}
--secrets-encryption
{% endif %}
{% if k3s_kube_apiserver_args is defined and k3s_kube_apiserver_args is iterable %}
{% for arg in k3s_kube_apiserver_args %}
{% for key, value in arg.items() %}
--kube-apiserver-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_kube_scheduler_args is defined and k3s_kube_scheduler_args is iterable %}
{% for arg in k3s_kube_scheduler_args %}
{% for key, value in arg.items() %}
--kube-scheduler-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_kube_controller_manager_args is defined and k3s_kube_controller_manager_args is iterable %}
{% for arg in k3s_kube_controller_manager_args %}
{% for key, value in arg.items() %}
--kube-controller-manager-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_kube_cloud_controller_manager_args is defined and k3s_kube_cloud_controller_manager_args is iterable %}
{% for arg in k3s_kube_cloud_controller_manager_args %}
{% for key, value in arg.items() %}
--kube-cloud-controller-manager-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% else %}
agent
--server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
--token-file {{ k3s_token_location }}/cluster-token
{% endif %}
{% if k3s_enable_selinux %}
--selinux
{% endif %}
{% if k3s_resolv_conf is defined and k3s_resolv_conf %}
--resolv-conf {{ k3s_resolv_conf }}
{% endif %}
{% if k3s_tls_san is defined and k3s_tls_san %}
--tls-san {{ k3s_tls_san }}
{% endif %}
{% if k3s_node_data_dir is defined %}
--data-dir {{ k3s_node_data_dir }}
{% endif %}
{% if k3s_use_docker %}
--docker
{% endif %}
{% if k3s_flannel_interface is defined and not k3s_no_flannel %}
--flannel-iface {{ k3s_flannel_interface }}
{% endif %}
{% if k3s_node_name is defined %}
--node-name {{ k3s_node_name }}
{% endif %}
{% if k3s_node_id is defined %}
--with-node-id {{ k3s_node_id }}
{% endif %}
{% if k3s_node_ip_address is defined %}
--node-ip {{ k3s_node_ip_address }}
{% endif %}
{% if k3s_node_external_address is defined %}
--node-external-ip {{ k3s_node_external_address }}
{% endif %}
{% if k3s_write_kubeconfig_mode is defined %}
--write-kubeconfig-mode {{ k3s_write_kubeconfig_mode }}
{% endif %}
{% if k3s_node_labels is defined and k3s_node_labels is iterable %}
{% for label in k3s_node_labels %}
{% for key, value in label.items() %}
--node-label {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_node_taints is defined and k3s_node_taints is iterable %}
{% for taint in k3s_node_taints %}
{% for key, value in taint.items() %}
--node-taint {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_kubelet_args is defined and k3s_kubelet_args is iterable %}
{% for arg in k3s_kubelet_args %}
{% for key, value in arg.items() %}
--kubelet-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if k3s_kube_proxy_args is defined and k3s_kube_proxy_args is iterable %}
{% for arg in k3s_kube_proxy_args %}
{% for key, value in arg.items() %}
--kube-proxy-arg {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% endfilter %}
{% endfilter %}
KillMode=process
Delegate=yes
LimitNOFILE=1048576
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target