mirror of
https://github.com/PyratLabs/ansible-role-k3s
synced 2025-01-05 17:20:19 +01:00
c447fcec39
- Added option to skip validation checks #47 - Add SELinux support in containerd #48 - Added check for Etcd member count #46 - Moved token to a file #50 - Added Etcd snapshot configuration options #49
214 lines
8 KiB
Django/Jinja
214 lines
8 KiB
Django/Jinja
[Unit]
|
|
Description=Lightweight Kubernetes
|
|
Documentation=https://k3s.io
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
Type={{ 'notify' if k3s_control_node else 'exec' }}
|
|
ExecStartPre=-/sbin/modprobe br_netfilter
|
|
ExecStartPre=-/sbin/modprobe overlay
|
|
{% filter regex_replace('\s+', ' ') %}
|
|
{% filter replace('\n', ' ') %}
|
|
ExecStart={{ k3s_install_dir }}/k3s
|
|
{% if k3s_debug is defined and k3s_debug %}
|
|
--debug
|
|
{% endif %}
|
|
{% if k3s_control_node %}
|
|
server
|
|
{% if k3s_bind_address is defined %}
|
|
--bind-address {{ k3s_bind_address }}
|
|
{% endif %}
|
|
{% if k3s_non_root is defined and k3s_non_root %}
|
|
--rootless
|
|
{% endif %}
|
|
{% if k3s_https_port != 6443 %}
|
|
--https-listen-port {{ k3s_https_port }}
|
|
{% endif %}
|
|
{% if k3s_disable_scheduler %}
|
|
--disable-scheduler
|
|
{% endif %}
|
|
{% if k3s_disable_cloud_controller %}
|
|
--disable-cloud-controller
|
|
{% endif %}
|
|
{% if k3s_disable_network_policy %}
|
|
--disable-network-policy
|
|
{% endif %}
|
|
{% if k3s_no_flannel %}
|
|
{% if (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=') %}
|
|
--flannel-backend none
|
|
{% else %}
|
|
--no-flannel
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if k3s_cluster_cidr is defined %}
|
|
--cluster-cidr {{ k3s_cluster_cidr }}
|
|
{% endif %}
|
|
{% if k3s_service_cidr is defined %}
|
|
--service-cidr {{ k3s_service_cidr }}
|
|
{% endif %}
|
|
{% if k3s_flannel_backend is defined and not k3s_no_flannel %}
|
|
--flannel-backend {{ k3s_flannel_backend }}
|
|
{% endif %}
|
|
{% if k3s_private_registry is defined and k3s_private_registry %}
|
|
--private-registry {{ k3s_private_registry }}
|
|
{% endif %}
|
|
{% if k3s_no_coredns is defined or k3s_no_traefik is defined or k3s_no_servicelb is defined %}
|
|
{% if k3s_no_coredns or k3s_no_traefik or k3s_no_servicelb %}
|
|
{{ ' --disable coredns' if k3s_no_coredns else '' }}{{ ' --disable servicelb' if k3s_no_servicelb else '' }}{{ ' --disable traefik' if k3s_no_traefik else '' }}{{ ' --disable local-storage' if k3s_no_local_storage else '' }}{{ ' --disable metrics-server' if k3s_no_metrics_server else '' }}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if not k3s_no_local_storage and k3s_default_local_storage_path is defined and k3s_default_local_storage_path %}
|
|
--default-local-storage-path {{ k3s_default_local_storage_path }}
|
|
{% endif %}
|
|
{% if k3s_cluster_dns is defined and k3s_cluster_dns %}
|
|
--cluster-dns {{ k3s_cluster_dns }}
|
|
{% endif %}
|
|
{% if k3s_cluster_domain is defined and k3s_cluster_domain != "cluster.local" %}
|
|
--cluster-domain {{ k3s_cluster_domain }}
|
|
{% endif %}
|
|
{% if k3s_datastore_endpoint is defined and k3s_datastore_endpoint %}
|
|
--datastore-endpoint "{{ k3s_datastore_endpoint }}"
|
|
{% if k3s_datastore_cafile is defined and k3s_datastore_cafile %}
|
|
--datastore-cafile {{ k3s_datastore_cafile }}
|
|
{% endif %}
|
|
{% if k3s_datastore_certfile is defined and k3s_datastore_certfile %}
|
|
--datastore-certfile {{ k3s_datastore_certfile }}
|
|
{% endif %}
|
|
{% if k3s_datastore_keyfile is defined and k3s_datastore_keyfile %}
|
|
--datastore-keyfile {{ k3s_datastore_keyfile }}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if (k3s_dqlite_datastore is defined and k3s_dqlite_datastore) or (k3s_etcd_datastore is defined and k3s_etcd_datastore) %}
|
|
{% if k3s_primary_control_node is defined and k3s_primary_control_node %}
|
|
--cluster-init
|
|
{% else %}
|
|
--server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
|
|
--token-file {{ k3s_token_location }}/cluster-token
|
|
{% endif %}
|
|
{% if k3s_etcd_disable_snapshots %}
|
|
--etcd-disable-snapshots
|
|
{% else %}
|
|
{% if k3s_etcd_snapshot_schedule_cron is defined %}
|
|
--etcd-snapshot-schedule-cron "{{ k3s_etcd_snapshot_schedule_cron }}"
|
|
{% endif %}
|
|
{% if k3s_etcd_snapshot_retention is defined %}
|
|
--etcd-snapshot-retention {{ k3s_etcd_snapshot_retention }}
|
|
{% endif %}
|
|
{% if k3s_etcd_snapshot_directory is defined %}
|
|
--etcd-snapshot-dir {{ k3s_etcd_snapshot_directory }}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if k3s_secrets_encryption is defined and k3s_secrets_encryption %}
|
|
--secrets-encryption
|
|
{% endif %}
|
|
{% if k3s_kube_apiserver_args is defined and k3s_kube_apiserver_args is iterable %}
|
|
{% for arg in k3s_kube_apiserver_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kube-apiserver-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_kube_scheduler_args is defined and k3s_kube_scheduler_args is iterable %}
|
|
{% for arg in k3s_kube_scheduler_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kube-scheduler-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_kube_controller_manager_args is defined and k3s_kube_controller_manager_args is iterable %}
|
|
{% for arg in k3s_kube_controller_manager_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kube-controller-manager-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_kube_cloud_controller_manager_args is defined and k3s_kube_cloud_controller_manager_args is iterable %}
|
|
{% for arg in k3s_kube_cloud_controller_manager_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kube-cloud-controller-manager-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% else %}
|
|
agent
|
|
--server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
|
|
--token-file {{ k3s_token_location }}/cluster-token
|
|
{% endif %}
|
|
{% if k3s_enable_selinux %}
|
|
--selinux
|
|
{% endif %}
|
|
{% if k3s_resolv_conf is defined and k3s_resolv_conf %}
|
|
--resolv-conf {{ k3s_resolv_conf }}
|
|
{% endif %}
|
|
{% if k3s_tls_san is defined and k3s_tls_san %}
|
|
--tls-san {{ k3s_tls_san }}
|
|
{% endif %}
|
|
{% if k3s_node_data_dir is defined %}
|
|
--data-dir {{ k3s_node_data_dir }}
|
|
{% endif %}
|
|
{% if k3s_use_docker %}
|
|
--docker
|
|
{% endif %}
|
|
{% if k3s_flannel_interface is defined and not k3s_no_flannel %}
|
|
--flannel-iface {{ k3s_flannel_interface }}
|
|
{% endif %}
|
|
{% if k3s_node_name is defined %}
|
|
--node-name {{ k3s_node_name }}
|
|
{% endif %}
|
|
{% if k3s_node_id is defined %}
|
|
--with-node-id {{ k3s_node_id }}
|
|
{% endif %}
|
|
{% if k3s_node_ip_address is defined %}
|
|
--node-ip {{ k3s_node_ip_address }}
|
|
{% endif %}
|
|
{% if k3s_node_external_address is defined %}
|
|
--node-external-ip {{ k3s_node_external_address }}
|
|
{% endif %}
|
|
{% if k3s_write_kubeconfig_mode is defined %}
|
|
--write-kubeconfig-mode {{ k3s_write_kubeconfig_mode }}
|
|
{% endif %}
|
|
{% if k3s_node_labels is defined and k3s_node_labels is iterable %}
|
|
{% for label in k3s_node_labels %}
|
|
{% for key, value in label.items() %}
|
|
--node-label {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_node_taints is defined and k3s_node_taints is iterable %}
|
|
{% for taint in k3s_node_taints %}
|
|
{% for key, value in taint.items() %}
|
|
--node-taint {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_kubelet_args is defined and k3s_kubelet_args is iterable %}
|
|
{% for arg in k3s_kubelet_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kubelet-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if k3s_kube_proxy_args is defined and k3s_kube_proxy_args is iterable %}
|
|
{% for arg in k3s_kube_proxy_args %}
|
|
{% for key, value in arg.items() %}
|
|
--kube-proxy-arg {{ key }}={{ value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% endfilter %}
|
|
{% endfilter %}
|
|
|
|
KillMode=process
|
|
Delegate=yes
|
|
LimitNOFILE=1048576
|
|
LimitNPROC=infinity
|
|
LimitCORE=infinity
|
|
TasksMax=infinity
|
|
TimeoutStartSec=0
|
|
Restart=always
|
|
RestartSec=5s
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|