ansible-role-k3s/tasks/validate/check-variables.yml
ᗪєνιη ᗷυнʟ c447fcec39 A number of enhancements for v1.19 release.
- Added option to skip validation checks #47
  - Add SELinux support in containerd #48
  - Added check for Etcd member count #46
  - Moved token to a file #50
  - Added Etcd snapshot configuration options #49
2020-09-22 20:30:50 +01:00

288 lines
14 KiB
YAML

---
- name: Check k3s_no_flannel against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
success_msg: "--no-flannel is supported in {{ k3s_release_version }}"
fail_msg: "--no-flannel is not supported in {{ k3s_release_version }}"
when: k3s_no_flannel is defined and k3s_no_flannel
- name: Check k3s_service_cidr against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
success_msg: "--service-cidr is supported in {{ k3s_release_version }}"
fail_msg: "--service-cidr is not supported in {{ k3s_release_version }}"
when: k3s_service_cidr is defined
- name: Check k3s_cluster_dns against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
success_msg: "--cluster-dns is supported in {{ k3s_release_version }}"
fail_msg: "--cluster-dns is not supported in {{ k3s_release_version }}"
when: k3s_cluster_dns is defined and k3s_cluster_dns
- name: Check k3s_use_docker against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
success_msg: "--docker is supported in {{ k3s_release_version }}"
fail_msg: "--docker is not supported in {{ k3s_release_version }}"
when: k3s_use_docker is defined and k3s_use_docker
- name: Check k3s_no_traefik against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.2.0', '>=')
success_msg: "--no-deploy traefik is supported in {{ k3s_release_version }}"
fail_msg: "--no-deploy traefik is not supported in {{ k3s_release_version }}"
when: k3s_no_traefik is defined and k3s_no_traefik
- name: Check k3s_non_root against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
- ansible_user_id != "root"
- play_hosts | length == 1
success_msg: "k3s_non_root is supported in {{ k3s_release_version }}"
fail_msg: "k3s_non_root only works in >= v0.4.0, on a single node and must not be installed as root."
when: k3s_non_root is defined and k3s_non_root
- name: Check k3s_resolv_conf against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.3.0', '>=')
success_msg: "--resolv-conf is supported in {{ k3s_release_version }}"
fail_msg: "--resolv-conf is not supported in {{ k3s_release_version }}"
when: k3s_resolv_conf is defined and k3s_resolv_conf
- name: Check k3s_tls_san against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.3.0', '>=')
success_msg: "--tls-san is supported in {{ k3s_release_version }}"
fail_msg: "--tls-san is not supported in {{ k3s_release_version }}"
when: k3s_tls_san is defined and k3s_tls_san
- name: Check k3s_flannel_interface against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "--flannel-iface is supported in {{ k3s_release_version }}"
fail_msg: "--flannel-iface is not supported in {{ k3s_release_version }}"
when: k3s_flannel_interface is defined and k3s_flannel_interface
- name: Check k3s_cluster_domain against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "--cluster-domain is supported in {{ k3s_release_version }}"
fail_msg: "--cluster-domain is not supported in {{ k3s_release_version }}"
when: k3s_cluster_domain is defined and k3s_cluster_domain
- name: Check k3s_bind_address against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "--bind-address is supported in {{ k3s_release_version }}"
fail_msg: "--bind-address is not supported in {{ k3s_release_version }}"
when: k3s_bind_address is defined and k3s_bind_address
- name: Check k3s_bind_address against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.5.0', '>=')
success_msg: "Auto deploy manifests is supported in {{ k3s_release_version }}"
fail_msg: |
Auto deploy manifests supported is limited in {{ k3s_release_version }}.
To disable this message ensure k3s_use_experimental is set to true.
when: k3s_server_manifests_templates is defined
and k3s_server_manifests_templates | length > 0
and (k3s_use_experimental is not defined or not k3s_use_experimental)
- name: Check k3s_node_labels against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.6.0', '>=')
success_msg: "Node Labels supported in {{ k3s_release_version }}"
fail_msg: "Node Labels are not supported in {{ k3s_release_version }}"
when: k3s_node_labels is defined and k3s_node_labels
- name: Check k3s_node_taints against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.6.0', '>=')
success_msg: "Node Taints supported in {{ k3s_release_version }}"
fail_msg: "Node Taints are not supported in {{ k3s_release_version }}"
when: k3s_node_taints is defined and k3s_node_taints
- name: Check k3s_kubelet_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "Kubelet args supported in {{ k3s_release_version }}"
fail_msg: "Kubelet args are not supported in {{ k3s_release_version }}"
when: k3s_kubelet_args is defined and k3s_kubelet_args | length > 0
- name: Check k3s_kube_proxy_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "Kube proxy args supported in {{ k3s_release_version }}"
fail_msg: "Kube proxy args are not supported in {{ k3s_release_version }}"
when: k3s_kube_proxy_args is defined and k3s_kube_proxy_args | length > 0
- name: Check k3s_kube_apiserver_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "Kube API Server supported in {{ k3s_release_version }}"
fail_msg: "Kube API Server args are not supported in {{ k3s_release_version }}"
when: k3s_kube_apiserver_args is defined and k3s_kube_apiserver_args | length > 0
- name: Check k3s_kube_scheduler_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "Kube Scheduler supported in {{ k3s_release_version }}"
fail_msg: "Kube Scheduler args are not supported in {{ k3s_release_version }}"
when: k3s_kube_scheduler_args is defined and k3s_kube_scheduler_args | length > 0
- name: Check k3s_kube_controller_manager_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.4.0', '>=')
success_msg: "Kube Controller Manager supported in {{ k3s_release_version }}"
fail_msg: "Kube Controller Manager args are not supported in {{ k3s_release_version }}"
when: k3s_kube_controller_manager_args is defined and k3s_kube_controller_manager_args | length > 0
- name: Check k3s_kube_cloud_controller_manager_args against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "Kube Cloud Controller Manager supported in {{ k3s_release_version }}"
fail_msg: "Kube Cloud Controller Manager args are not supported in {{ k3s_release_version }}"
when: k3s_kube_cloud_controller_manager_args is defined and k3s_kube_cloud_controller_manager_args | length > 0
- name: Check k3s_flannel_backend against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
success_msg: "Alternate flannel backends supported in {{ k3s_release_version }}"
fail_msg: "Alternate flannel backends are not supported in {{ k3s_release_version }}"
when: k3s_flannel_backend is defined and k3s_flannel_backend
- name: Check k3s_flannel_backend 'host-gw' configuration against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.17.2', '>=')
success_msg: "host-gw flannel backend supported in {{ k3s_release_version }}"
fail_msg: "host-gw flannel backend is not supported in {{ k3s_release_version }}"
when: k3s_flannel_backend is defined and k3s_flannel_backend == 'host-gw'
- name: Check k3s_disable_network_policy against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
success_msg: "--disable-network-policy supported in {{ k3s_release_version }}"
fail_msg: "--disable-network-policy not supported in {{ k3s_release_version }}"
when: k3s_disable_network_policy is defined and k3s_disable_network_policy
- name: Check k3s_private_registry against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('0.10.0', '>=')
success_msg: "--private-registry supported in {{ k3s_release_version }}"
fail_msg: "--private-registry not supported in {{ k3s_release_version }}"
when: k3s_private_registry is defined and k3s_private_registry
- name: Check k3s_disable_cloud_controller against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--disable-cloud-controller supported in {{ k3s_release_version }}"
fail_msg: "--disable-cloud-controller not supported in {{ k3s_release_version }}"
when: k3s_disable_cloud_controller is defined and k3s_disable_cloud_controller
- name: Check k3s_disable_scheduler against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--disable-scheduler supported in {{ k3s_release_version }}"
fail_msg: "--disable-scheduler not supported in {{ k3s_release_version }}"
when: k3s_disable_scheduler is defined and k3s_disable_scheduler
- name: Check k3s_datastore_endpoint against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
when: k3s_datastore_endpoint is defined and k3s_datastore_endpoint
- name: Check k3s_dqlite_datastore against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
- (k3s_release_version | replace('v', '')) is version_compare('1.19.0', '<')
success_msg: "--cluster-init (dqlite) supported in {{ k3s_release_version }}"
fail_msg: "--cluster-init (dqlite) not supported in {{ k3s_release_version }}"
when: k3s_dqlite_datastore is defined and k3s_dqlite_datastore
- name: Check k3s_etcd_datastore against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.19.1', '>=')
success_msg: "--cluster-init (etcd) supported in {{ k3s_release_version }}"
fail_msg: "--cluster-init (etcd) not supported in {{ k3s_release_version }}"
when: k3s_etcd_datastore is defined and k3s_etcd_datastore
- name: Check k3s_datastore_cafile against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
when: k3s_datastore_cafile is defined and k3s_datastore_cafile
- name: Check k3s_datastore_certfile against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
when: k3s_datastore_certfile is defined and k3s_datastore_certfile
- name: Check k3s_datastore_keyfile against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "--datastore-endpoint supported in {{ k3s_release_version }}"
fail_msg: "--datastore-endpoint not supported in {{ k3s_release_version }}"
when: k3s_datastore_keyfile is defined and k3s_datastore_keyfile
- name: Check k3s_default_local_storage_path against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')
success_msg: "Local storage path supported in {{ k3s_release_version }}"
fail_msg: "Local storage path are not supported in {{ k3s_release_version }}"
when: k3s_default_local_storage_path is defined and k3s_default_local_storage_path
- name: Check k3s_secrets_encryption against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.17.4', '>=')
success_msg: "Secrets encryption at rest supported in {{ k3s_release_version }}"
fail_msg: "Secrets encryption at rest is not supported in {{ k3s_release_version }}"
when: k3s_secrets_encryption is defined and k3s_secrets_encryption
- name: Check k3s_enable_selinux against k3s version
assert:
that:
- (k3s_release_version | replace('v', '')) is version_compare('1.17.4', '>=')
success_msg: "SELinux supported in {{ k3s_release_version }}"
fail_msg: "SELinux is not supported in {{ k3s_release_version }}"
when: k3s_enable_selinux is defined and k3s_enable_selinux