mirror of
https://github.com/PyratLabs/ansible-role-k3s
synced 2025-01-08 18:50:19 +01:00
c447fcec39
- Added option to skip validation checks #47 - Add SELinux support in containerd #48 - Added check for Etcd member count #46 - Moved token to a file #50 - Added Etcd snapshot configuration options #49
288 lines
14 KiB
YAML
288 lines
14 KiB
YAML
---
|
|
|
|
- name: Check k3s_no_flannel against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
|
|
success_msg: "--no-flannel is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--no-flannel is not supported in {{ k3s_release_version }}"
|
|
when: k3s_no_flannel is defined and k3s_no_flannel
|
|
|
|
- name: Check k3s_service_cidr against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
|
|
success_msg: "--service-cidr is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--service-cidr is not supported in {{ k3s_release_version }}"
|
|
when: k3s_service_cidr is defined
|
|
|
|
- name: Check k3s_cluster_dns against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
|
|
success_msg: "--cluster-dns is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--cluster-dns is not supported in {{ k3s_release_version }}"
|
|
when: k3s_cluster_dns is defined and k3s_cluster_dns
|
|
|
|
- name: Check k3s_use_docker against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
|
|
success_msg: "--docker is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--docker is not supported in {{ k3s_release_version }}"
|
|
when: k3s_use_docker is defined and k3s_use_docker
|
|
|
|
- name: Check k3s_no_traefik against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
|
|
success_msg: "--no-deploy traefik is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--no-deploy traefik is not supported in {{ k3s_release_version }}"
|
|
when: k3s_no_traefik is defined and k3s_no_traefik
|
|
|
|
- name: Check k3s_non_root against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
- ansible_user_id != "root"
|
|
- play_hosts | length == 1
|
|
success_msg: "k3s_non_root is supported in {{ k3s_release_version }}"
|
|
fail_msg: "k3s_non_root only works in >= v0.4.0, on a single node and must not be installed as root."
|
|
when: k3s_non_root is defined and k3s_non_root
|
|
|
|
- name: Check k3s_resolv_conf against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.3.0', '>=')
|
|
success_msg: "--resolv-conf is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--resolv-conf is not supported in {{ k3s_release_version }}"
|
|
when: k3s_resolv_conf is defined and k3s_resolv_conf
|
|
|
|
- name: Check k3s_tls_san against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.3.0', '>=')
|
|
success_msg: "--tls-san is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--tls-san is not supported in {{ k3s_release_version }}"
|
|
when: k3s_tls_san is defined and k3s_tls_san
|
|
|
|
- name: Check k3s_flannel_interface against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "--flannel-iface is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--flannel-iface is not supported in {{ k3s_release_version }}"
|
|
when: k3s_flannel_interface is defined and k3s_flannel_interface
|
|
|
|
- name: Check k3s_cluster_domain against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "--cluster-domain is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--cluster-domain is not supported in {{ k3s_release_version }}"
|
|
when: k3s_cluster_domain is defined and k3s_cluster_domain
|
|
|
|
- name: Check k3s_bind_address against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "--bind-address is supported in {{ k3s_release_version }}"
|
|
fail_msg: "--bind-address is not supported in {{ k3s_release_version }}"
|
|
when: k3s_bind_address is defined and k3s_bind_address
|
|
|
|
- name: Check k3s_bind_address against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.5.0', '>=')
|
|
success_msg: "Auto deploy manifests is supported in {{ k3s_release_version }}"
|
|
fail_msg: |
|
|
Auto deploy manifests supported is limited in {{ k3s_release_version }}.
|
|
To disable this message ensure k3s_use_experimental is set to true.
|
|
when: k3s_server_manifests_templates is defined
|
|
and k3s_server_manifests_templates | length > 0
|
|
and (k3s_use_experimental is not defined or not k3s_use_experimental)
|
|
|
|
- name: Check k3s_node_labels against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.6.0', '>=')
|
|
success_msg: "Node Labels supported in {{ k3s_release_version }}"
|
|
fail_msg: "Node Labels are not supported in {{ k3s_release_version }}"
|
|
when: k3s_node_labels is defined and k3s_node_labels
|
|
|
|
- name: Check k3s_node_taints against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.6.0', '>=')
|
|
success_msg: "Node Taints supported in {{ k3s_release_version }}"
|
|
fail_msg: "Node Taints are not supported in {{ k3s_release_version }}"
|
|
when: k3s_node_taints is defined and k3s_node_taints
|
|
|
|
- name: Check k3s_kubelet_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "Kubelet args supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kubelet args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kubelet_args is defined and k3s_kubelet_args | length > 0
|
|
|
|
- name: Check k3s_kube_proxy_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "Kube proxy args supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kube proxy args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kube_proxy_args is defined and k3s_kube_proxy_args | length > 0
|
|
|
|
- name: Check k3s_kube_apiserver_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "Kube API Server supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kube API Server args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kube_apiserver_args is defined and k3s_kube_apiserver_args | length > 0
|
|
|
|
- name: Check k3s_kube_scheduler_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "Kube Scheduler supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kube Scheduler args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kube_scheduler_args is defined and k3s_kube_scheduler_args | length > 0
|
|
|
|
- name: Check k3s_kube_controller_manager_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
|
|
success_msg: "Kube Controller Manager supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kube Controller Manager args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kube_controller_manager_args is defined and k3s_kube_controller_manager_args | length > 0
|
|
|
|
- name: Check k3s_kube_cloud_controller_manager_args against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "Kube Cloud Controller Manager supported in {{ k3s_release_version }}"
|
|
fail_msg: "Kube Cloud Controller Manager args are not supported in {{ k3s_release_version }}"
|
|
when: k3s_kube_cloud_controller_manager_args is defined and k3s_kube_cloud_controller_manager_args | length > 0
|
|
|
|
- name: Check k3s_flannel_backend against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
|
|
success_msg: "Alternate flannel backends supported in {{ k3s_release_version }}"
|
|
fail_msg: "Alternate flannel backends are not supported in {{ k3s_release_version }}"
|
|
when: k3s_flannel_backend is defined and k3s_flannel_backend
|
|
|
|
- name: Check k3s_flannel_backend 'host-gw' configuration against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.17.2', '>=')
|
|
success_msg: "host-gw flannel backend supported in {{ k3s_release_version }}"
|
|
fail_msg: "host-gw flannel backend is not supported in {{ k3s_release_version }}"
|
|
when: k3s_flannel_backend is defined and k3s_flannel_backend == 'host-gw'
|
|
|
|
- name: Check k3s_disable_network_policy against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
|
|
success_msg: "--disable-network-policy supported in {{ k3s_release_version }}"
|
|
fail_msg: "--disable-network-policy not supported in {{ k3s_release_version }}"
|
|
when: k3s_disable_network_policy is defined and k3s_disable_network_policy
|
|
|
|
- name: Check k3s_private_registry against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
|
|
success_msg: "--private-registry supported in {{ k3s_release_version }}"
|
|
fail_msg: "--private-registry not supported in {{ k3s_release_version }}"
|
|
when: k3s_private_registry is defined and k3s_private_registry
|
|
|
|
- name: Check k3s_disable_cloud_controller against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--disable-cloud-controller supported in {{ k3s_release_version }}"
|
|
fail_msg: "--disable-cloud-controller not supported in {{ k3s_release_version }}"
|
|
when: k3s_disable_cloud_controller is defined and k3s_disable_cloud_controller
|
|
|
|
- name: Check k3s_disable_scheduler against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--disable-scheduler supported in {{ k3s_release_version }}"
|
|
fail_msg: "--disable-scheduler not supported in {{ k3s_release_version }}"
|
|
when: k3s_disable_scheduler is defined and k3s_disable_scheduler
|
|
|
|
- name: Check k3s_datastore_endpoint against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
|
|
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
|
|
when: k3s_datastore_endpoint is defined and k3s_datastore_endpoint
|
|
|
|
- name: Check k3s_dqlite_datastore against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.19.0', '<')
|
|
success_msg: "--cluster-init (dqlite) supported in {{ k3s_release_version }}"
|
|
fail_msg: "--cluster-init (dqlite) not supported in {{ k3s_release_version }}"
|
|
when: k3s_dqlite_datastore is defined and k3s_dqlite_datastore
|
|
|
|
- name: Check k3s_etcd_datastore against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.19.1', '>=')
|
|
success_msg: "--cluster-init (etcd) supported in {{ k3s_release_version }}"
|
|
fail_msg: "--cluster-init (etcd) not supported in {{ k3s_release_version }}"
|
|
when: k3s_etcd_datastore is defined and k3s_etcd_datastore
|
|
|
|
- name: Check k3s_datastore_cafile against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
|
|
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
|
|
when: k3s_datastore_cafile is defined and k3s_datastore_cafile
|
|
|
|
- name: Check k3s_datastore_certfile against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
|
|
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
|
|
when: k3s_datastore_certfile is defined and k3s_datastore_certfile
|
|
|
|
- name: Check k3s_datastore_keyfile against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
|
|
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
|
|
when: k3s_datastore_keyfile is defined and k3s_datastore_keyfile
|
|
|
|
- name: Check k3s_default_local_storage_path against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
|
|
success_msg: "Local storage path supported in {{ k3s_release_version }}"
|
|
fail_msg: "Local storage path are not supported in {{ k3s_release_version }}"
|
|
when: k3s_default_local_storage_path is defined and k3s_default_local_storage_path
|
|
|
|
- name: Check k3s_secrets_encryption against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.17.4', '>=')
|
|
success_msg: "Secrets encryption at rest supported in {{ k3s_release_version }}"
|
|
fail_msg: "Secrets encryption at rest is not supported in {{ k3s_release_version }}"
|
|
when: k3s_secrets_encryption is defined and k3s_secrets_encryption
|
|
|
|
- name: Check k3s_enable_selinux against k3s version
|
|
assert:
|
|
that:
|
|
- (k3s_release_version | replace('v', '')) is version_compare('1.17.4', '>=')
|
|
success_msg: "SELinux supported in {{ k3s_release_version }}"
|
|
fail_msg: "SELinux is not supported in {{ k3s_release_version }}"
|
|
when: k3s_enable_selinux is defined and k3s_enable_selinux
|