ansible-role-k3s/tasks/build/configure-k3s-cluster.yml

---

- name: Ensure NODE_TOKEN is captured from control node
  slurp:
    path: "/var/lib/rancher/k3s/server/node-token"
  register: k3s_slurped_control_token
  delegate_to: "{{ k3s_control_delegate }}"
  when: k3s_control_token is not defined
  become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"

- name: Ensure NODE_TOKEN is formatted correctly for use in templates
  set_fact:
    k3s_control_token: "{{ k3s_slurped_control_token.content | b64decode }}"
  when: k3s_control_token is not defined

- name: Ensure k3s service unit file is present
  template:
    src: k3s.service.j2
    dest: /etc/systemd/system/k3s.service
  become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"
  notify:
    - reload systemd
    - restart k3s

- name: Ensure secondary masters are started
  service:
    name: k3s
    state: started
    enabled: true
  register: ensure_secondary_masters_started
  until: ensure_secondary_masters_started is succeeded
  retries: "{{ play_hosts | length }}"
  delay: 2
  when: k3s_control_node and not k3s_primary_control_node
  become: "{{ k3s_become_for_systemd | ternary(true, false, k3s_become_for_all) }}"

- name: Wait for control plane to be ready to accept connections
  wait_for:
    port: "{{ k3s_https_port }}"
    host: "{{ k3s_bind_address | default('127.0.0.1') }}"
    delay: 5
    sleep: 5
    timeout: 300
  when: k3s_control_node

- meta: flush_handlers

- name: Wait for all nodes to be ready
  command: "{{ k3s_install_dir }}/kubectl get nodes"
  changed_when: false
  failed_when: false
  register: kubectl_get_nodes_result
  until: kubectl_get_nodes_result.rc == 0
         and kubectl_get_nodes_result.stdout.find("NotReady") == -1
  retries: 30
  delay: 20
  when: k3s_control_node and not k3s_no_flannel
  become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"