From 9707bc8a58e62d896db45c16bb70162f07663061 Mon Sep 17 00:00:00 2001 From: Techno Tim Date: Mon, 14 Aug 2023 12:30:42 -0500 Subject: [PATCH 01/12] fix(docs): updated kube-vip url (#341) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ff3f1e7a..cdb24fd0 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ This playbook will build an HA Kubernetes cluster with `k3s`, `kube-vip` and MetalLB via `ansible`. -This is based on the work from [this fork](https://github.com/212850a/k3s-ansible) which is based on the work from [k3s-io/k3s-ansible](https://github.com/k3s-io/k3s-ansible). It uses [kube-vip](https://kube-vip.chipzoller.dev/) to create a load balancer for control plane, and [metal-lb](https://metallb.universe.tf/installation/) for its service `LoadBalancer`. +This is based on the work from [this fork](https://github.com/212850a/k3s-ansible) which is based on the work from [k3s-io/k3s-ansible](https://github.com/k3s-io/k3s-ansible). It uses [kube-vip](https://kube-vip.io/) to create a load balancer for control plane, and [metal-lb](https://metallb.universe.tf/installation/) for its service `LoadBalancer`. If you want more context on how this works, see: From a9904d15629294f9974eddb08fe5f0cd181cc78b Mon Sep 17 00:00:00 2001 From: Marek Pilch <47844572+marpi82@users.noreply.github.com> Date: Tue, 15 Aug 2023 00:37:20 +0200 Subject: [PATCH 02/12] =?UTF-8?q?fixes:=20ERROR!=20The=20requested=20handl?= =?UTF-8?q?er=20<'Reboot=20containers'=20/=20'Reboot=20se=E2=80=A6=20(#348?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fixes: ERROR! The requested handler <'Reboot containers' / 'Reboot server' / 'Reboot>' was not found in either the main handlers list nor in the listening handlers list * Update main.yml --- roles/lxc/handlers/main.yml | 1 + roles/proxmox_lxc/handlers/main.yml | 2 ++ roles/raspberrypi/handlers/main.yml | 1 + 3 files changed, 4 insertions(+) diff --git a/roles/lxc/handlers/main.yml b/roles/lxc/handlers/main.yml index 7d73985d..6450e4c7 100644 --- a/roles/lxc/handlers/main.yml +++ b/roles/lxc/handlers/main.yml @@ -2,3 +2,4 @@ - name: Reboot server become: true reboot: + listen: reboot server diff --git a/roles/proxmox_lxc/handlers/main.yml b/roles/proxmox_lxc/handlers/main.yml index 565c882c..0d5d983d 100644 --- a/roles/proxmox_lxc/handlers/main.yml +++ b/roles/proxmox_lxc/handlers/main.yml @@ -5,7 +5,9 @@ set_fact: proxmox_lxc_filtered_ids: >- {{ proxmox_lxc_filtered_files | map("split", "/") | map("last") | map("split", ".") | map("first") }} + listen: reboot containers - name: Reboot container command: "pct reboot {{ item }}" loop: "{{ proxmox_lxc_filtered_ids }}" changed_when: true + listen: reboot containers diff --git a/roles/raspberrypi/handlers/main.yml b/roles/raspberrypi/handlers/main.yml index ac385a78..93e74596 100644 --- a/roles/raspberrypi/handlers/main.yml +++ b/roles/raspberrypi/handlers/main.yml @@ -1,3 +1,4 @@ --- - name: Reboot reboot: + listen: reboot From 0607eb8aa4cc2ac7f115aced3688fdaecf419dc1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Aug 2023 13:27:35 -0500 Subject: [PATCH 03/12] chore(deps): bump ansible-core from 2.15.2 to 2.15.3 (#349) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.15.2 to 2.15.3. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](https://github.com/ansible/ansible/compare/v2.15.2...v2.15.3) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 0604a64a..d09c3309 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ # ansible-compat==3.0.1 # via molecule -ansible-core==2.15.2 +ansible-core==2.15.3 # via # -r requirements.in # ansible-compat From 2e318e0862bd98f737d3ded3166a6ecf027a5aa3 Mon Sep 17 00:00:00 2001 From: Techno Tim Date: Fri, 18 Aug 2023 08:59:08 -0500 Subject: [PATCH 04/12] feat(k3s): Updated to v1.25.12+k3s1 (#351) --- inventory/sample/group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 9a45c30b..e0ca5616 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -1,5 +1,5 @@ --- -k3s_version: v1.25.9+k3s1 +k3s_version: v1.25.12+k3s1 # this is the user that has ssh access to these machines ansible_user: ansibleuser systemd_dir: /etc/systemd/system From fb3128a783b02406f365a603d6220d002bf8fef4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 13:48:59 -0500 Subject: [PATCH 05/12] chore(deps): bump ansible-core from 2.15.3 to 2.15.4 (#362) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.15.3 to 2.15.4. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](https://github.com/ansible/ansible/compare/v2.15.3...v2.15.4) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d09c3309..de83955f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ # ansible-compat==3.0.1 # via molecule -ansible-core==2.15.3 +ansible-core==2.15.4 # via # -r requirements.in # ansible-compat From 70ddf7b63c1d59e277d8f03ada834dafa88ce931 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Sep 2023 12:39:15 -0500 Subject: [PATCH 06/12] chore(deps): bump netaddr from 0.8.0 to 0.9.0 (#365) Bumps [netaddr](https://github.com/drkjam/netaddr) from 0.8.0 to 0.9.0. - [Changelog](https://github.com/netaddr/netaddr/blob/master/CHANGELOG) - [Commits](https://github.com/drkjam/netaddr/commits) --- updated-dependencies: - dependency-name: netaddr dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index de83955f..7df266a3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -86,7 +86,7 @@ molecule==4.0.4 # molecule-vagrant molecule-vagrant==1.0.0 # via -r requirements.in -netaddr==0.8.0 +netaddr==0.9.0 # via -r requirements.in nodeenv==1.7.0 # via pre-commit From 38e773315b1a071cc89de659d74569591c9782f9 Mon Sep 17 00:00:00 2001 From: johnnyrun Date: Mon, 9 Oct 2023 17:00:31 +0200 Subject: [PATCH 07/12] sysctl tags (#373) * sysctl tags * lost tag --------- Co-authored-by: Gianni Co-authored-by: Gianni Carabelli --- roles/prereq/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index b85ae0df..2afb28c9 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -15,6 +15,7 @@ value: "1" state: present reload: yes + tags: sysctl - name: Enable IPv6 forwarding ansible.posix.sysctl: @@ -22,6 +23,7 @@ value: "1" state: present reload: yes + tags: sysctl - name: Enable IPv6 router advertisements ansible.posix.sysctl: @@ -29,6 +31,7 @@ value: "2" state: present reload: yes + tags: sysctl - name: Add br_netfilter to /etc/modules-load.d/ copy: @@ -53,6 +56,7 @@ loop: - net.bridge.bridge-nf-call-iptables - net.bridge.bridge-nf-call-ip6tables + tags: sysctl - name: Add /usr/local/bin to sudo secure_path lineinfile: From a64e882fb7be53b2338ab958758abb33f6b7b41a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 15:39:23 +0000 Subject: [PATCH 08/12] chore(deps): bump pre-commit-hooks from 4.4.0 to 4.5.0 (#379) Bumps [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases) - [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md) - [Commits](https://github.com/pre-commit/pre-commit-hooks/compare/v4.4.0...v4.5.0) --- updated-dependencies: - dependency-name: pre-commit-hooks dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7df266a3..30cb1d43 100644 --- a/requirements.txt +++ b/requirements.txt @@ -103,7 +103,7 @@ pluggy==1.0.0 # via molecule pre-commit==2.21.0 # via -r requirements.in -pre-commit-hooks==4.4.0 +pre-commit-hooks==4.5.0 # via -r requirements.in pyasn1==0.4.8 # via From 9b6d551dd66a091a11c4fcc4ef40289a431b68fc Mon Sep 17 00:00:00 2001 From: balazshasprai <87380244+balazshasprai@users.noreply.github.com> Date: Fri, 13 Oct 2023 06:14:47 +0200 Subject: [PATCH 09/12] Expand secure_path with support for Suse (#381) --- roles/prereq/defaults/main.yml | 4 ++++ roles/prereq/tasks/main.yml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 roles/prereq/defaults/main.yml diff --git a/roles/prereq/defaults/main.yml b/roles/prereq/defaults/main.yml new file mode 100644 index 00000000..e469b0bb --- /dev/null +++ b/roles/prereq/defaults/main.yml @@ -0,0 +1,4 @@ +--- +secure_path: + RedHat: '/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin' + Suse: '/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin' diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 2afb28c9..2fffe06e 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -60,10 +60,10 @@ - name: Add /usr/local/bin to sudo secure_path lineinfile: - line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin' + line: 'Defaults secure_path = {{ secure_path[ansible_os_family] }}' regexp: "Defaults(\\s)*secure_path(\\s)*=" state: present insertafter: EOF path: /etc/sudoers validate: 'visudo -cf %s' - when: ansible_os_family == "RedHat" + when: ansible_os_family in [ "RedHat", "Suse" ] From 505c2eeff203f3b58f41c7dade16efd00601e8c1 Mon Sep 17 00:00:00 2001 From: balazshasprai <87380244+balazshasprai@users.noreply.github.com> Date: Wed, 18 Oct 2023 05:33:30 +0200 Subject: [PATCH 10/12] Add option for custom registries / mirrors (#382) --- inventory/sample/group_vars/all.yml | 40 +++++++++++++++++++ roles/k3s_custom_registries/defaults/main.yml | 6 +++ roles/k3s_custom_registries/tasks/main.yml | 17 ++++++++ site.yml | 3 ++ 4 files changed, 66 insertions(+) create mode 100644 roles/k3s_custom_registries/defaults/main.yml create mode 100644 roles/k3s_custom_registries/tasks/main.yml diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index e0ca5616..4b1f2da7 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -81,3 +81,43 @@ proxmox_lxc_ct_ids: - 202 - 203 - 204 + +# Only enable this if you have set up your own container registry to act as a mirror / pull-through cache +# (harbor / nexus / docker's official registry / etc). +# Can be beneficial for larger dev/test environments (for example if you're getting rate limited by docker hub), +# or air-gapped environments where your nodes don't have internet access after the initial setup +# (which is still needed for downloading the k3s binary and such). +# k3s's documentation about private registries here: https://docs.k3s.io/installation/private-registry +custom_registries: false +# The registries can be authenticated or anonymous, depending on your registry server configuration. +# If they allow anonymous access, simply remove the following bit from custom_registries_yaml +# configs: +# "registry.domain.com": +# auth: +# username: yourusername +# password: yourpassword +# The following is an example that pulls all images used in this playbook through your private registries. +# It also allows you to pull your own images from your private registry, without having to use imagePullSecrets +# in your deployments. +# If all you need is your own images and you don't care about caching the docker/quay/ghcr.io images, +# you can just remove those from the mirrors: section. +custom_registries_yaml: | + mirrors: + docker.io: + endpoint: + - "https://registry.domain.com/v2/dockerhub" + quay.io: + endpoint: + - "https://registry.domain.com/v2/quayio" + ghcr.io: + endpoint: + - "https://registry.domain.com/v2/ghcrio" + registry.domain.com: + endpoint: + - "https://registry.domain.com" + + configs: + "registry.domain.com": + auth: + username: yourusername + password: yourpassword diff --git a/roles/k3s_custom_registries/defaults/main.yml b/roles/k3s_custom_registries/defaults/main.yml new file mode 100644 index 00000000..704aec7e --- /dev/null +++ b/roles/k3s_custom_registries/defaults/main.yml @@ -0,0 +1,6 @@ +--- +# Indicates whether custom registries for k3s should be configured +# Possible values: +# - present +# - absent +state: present diff --git a/roles/k3s_custom_registries/tasks/main.yml b/roles/k3s_custom_registries/tasks/main.yml new file mode 100644 index 00000000..dfe48c2e --- /dev/null +++ b/roles/k3s_custom_registries/tasks/main.yml @@ -0,0 +1,17 @@ +--- + +- name: Create directory /etc/rancher/k3s + file: + path: "/etc/{{ item }}" + state: directory + mode: '0755' + loop: + - rancher + - rancher/k3s + +- name: Insert registries into /etc/rancher/k3s/registries.yaml + blockinfile: + path: /etc/rancher/k3s/registries.yaml + block: "{{ custom_registries_yaml }}" + mode: '0600' + create: true diff --git a/site.yml b/site.yml index 8f249825..33653a93 100644 --- a/site.yml +++ b/site.yml @@ -20,6 +20,9 @@ become: true - role: raspberrypi become: true + - role: k3s_custom_registries + become: true + when: custom_registries - name: Setup k3s servers hosts: master From 95b2836dfcef6da5b1085d1e538592b6a72103d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Hasprai?= Date: Thu, 19 Oct 2023 00:07:07 +0200 Subject: [PATCH 11/12] Add option to disable MetalLB, for use w/ ext LBs (#383) * Add option to disable MetalLB, for use w/ ext LBs * Add option to disable MetalLB, for use w/ ext LBs - add defaults * Skip MetalLB with tags instead of flag --- roles/k3s_server/tasks/main.yml | 1 + roles/k3s_server_post/tasks/main.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 0a8c4b5c..a1796ac8 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -17,6 +17,7 @@ - name: Deploy metallb manifest include_tasks: metallb.yml + tags: metallb - name: Init cluster inside the transient k3s-init service command: diff --git a/roles/k3s_server_post/tasks/main.yml b/roles/k3s_server_post/tasks/main.yml index 84a79dba..f88dc086 100644 --- a/roles/k3s_server_post/tasks/main.yml +++ b/roles/k3s_server_post/tasks/main.yml @@ -1,6 +1,7 @@ --- - name: Deploy metallb pool include_tasks: metallb.yml + tags: metallb - name: Remove tmp directory used for manifests file: From e880f08d26989299cdd1b8a39f7e1f7c8a85f163 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Hasprai?= Date: Sat, 21 Oct 2023 02:18:36 +0200 Subject: [PATCH 12/12] Add option for install behind http_proxy (#384) * Add option for install behind http_proxy * Tidy up http_proxy usage --- inventory/sample/group_vars/all.yml | 6 ++++++ roles/k3s_agent/tasks/http_proxy.yml | 18 ++++++++++++++++++ roles/k3s_agent/tasks/main.yml | 4 ++++ roles/k3s_agent/templates/http_proxy.conf.j2 | 4 ++++ roles/k3s_server/tasks/http_proxy.yml | 18 ++++++++++++++++++ roles/k3s_server/tasks/main.yml | 4 ++++ roles/k3s_server/templates/http_proxy.conf.j2 | 4 ++++ roles/reset/tasks/main.yml | 9 +++++++++ site.yml | 5 +++++ 9 files changed, 72 insertions(+) create mode 100644 roles/k3s_agent/tasks/http_proxy.yml create mode 100644 roles/k3s_agent/templates/http_proxy.conf.j2 create mode 100644 roles/k3s_server/tasks/http_proxy.yml create mode 100644 roles/k3s_server/templates/http_proxy.conf.j2 diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 4b1f2da7..43fa3f45 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -121,3 +121,9 @@ custom_registries_yaml: | auth: username: yourusername password: yourpassword + +# Only enable and configure these if you access the internet through a proxy +# proxy_env: +# HTTP_PROXY: "http://proxy.domain.local:3128" +# HTTPS_PROXY: "http://proxy.domain.local:3128" +# NO_PROXY: "*.domain.local,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" diff --git a/roles/k3s_agent/tasks/http_proxy.yml b/roles/k3s_agent/tasks/http_proxy.yml new file mode 100644 index 00000000..f0a68f6a --- /dev/null +++ b/roles/k3s_agent/tasks/http_proxy.yml @@ -0,0 +1,18 @@ +--- + +- name: Create k3s.service.d directory + file: + path: '{{ systemd_dir }}/k3s.service.d' + state: directory + owner: root + group: root + mode: '0755' + + +- name: Copy K3s http_proxy conf file + template: + src: "http_proxy.conf.j2" + dest: "{{ systemd_dir }}/k3s.service.d/http_proxy.conf" + owner: root + group: root + mode: '0755' diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml index 0ce8e08d..395c1ac0 100644 --- a/roles/k3s_agent/tasks/main.yml +++ b/roles/k3s_agent/tasks/main.yml @@ -1,5 +1,9 @@ --- +- name: Deploy K3s http_proxy conf + include_tasks: http_proxy.yml + when: proxy_env is defined + - name: Copy K3s service file template: src: "k3s.service.j2" diff --git a/roles/k3s_agent/templates/http_proxy.conf.j2 b/roles/k3s_agent/templates/http_proxy.conf.j2 new file mode 100644 index 00000000..6591d45e --- /dev/null +++ b/roles/k3s_agent/templates/http_proxy.conf.j2 @@ -0,0 +1,4 @@ +[Service] +Environment=HTTP_PROXY={{ proxy_env.HTTP_PROXY }} +Environment=HTTPS_PROXY={{ proxy_env.HTTPS_PROXY }} +Environment=NO_PROXY={{ proxy_env.NO_PROXY }} diff --git a/roles/k3s_server/tasks/http_proxy.yml b/roles/k3s_server/tasks/http_proxy.yml new file mode 100644 index 00000000..f0a68f6a --- /dev/null +++ b/roles/k3s_server/tasks/http_proxy.yml @@ -0,0 +1,18 @@ +--- + +- name: Create k3s.service.d directory + file: + path: '{{ systemd_dir }}/k3s.service.d' + state: directory + owner: root + group: root + mode: '0755' + + +- name: Copy K3s http_proxy conf file + template: + src: "http_proxy.conf.j2" + dest: "{{ systemd_dir }}/k3s.service.d/http_proxy.conf" + owner: root + group: root + mode: '0755' diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index a1796ac8..030dc223 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -12,6 +12,10 @@ failed_when: false changed_when: false +- name: Deploy K3s http_proxy conf + include_tasks: http_proxy.yml + when: proxy_env is defined + - name: Deploy vip manifest include_tasks: vip.yml diff --git a/roles/k3s_server/templates/http_proxy.conf.j2 b/roles/k3s_server/templates/http_proxy.conf.j2 new file mode 100644 index 00000000..6591d45e --- /dev/null +++ b/roles/k3s_server/templates/http_proxy.conf.j2 @@ -0,0 +1,4 @@ +[Service] +Environment=HTTP_PROXY={{ proxy_env.HTTP_PROXY }} +Environment=HTTPS_PROXY={{ proxy_env.HTTPS_PROXY }} +Environment=NO_PROXY={{ proxy_env.NO_PROXY }} diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index cd3bf720..d75c9ffc 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -46,6 +46,15 @@ - /var/lib/rancher/ - /var/lib/cni/ +- name: Remove K3s http_proxy files + file: + name: "{{ item }}" + state: absent + with_items: + - "{{ systemd_dir }}/k3s.service.d" + - "{{ systemd_dir }}/k3s-node.service.d" + when: proxy_env is defined + - name: Reload daemon_reload systemd: daemon_reload: yes diff --git a/site.yml b/site.yml index 33653a93..6dde6b1a 100644 --- a/site.yml +++ b/site.yml @@ -3,6 +3,7 @@ hosts: proxmox gather_facts: true become: yes + environment: "{{ proxy_env | default({}) }}" roles: - role: proxmox_lxc when: proxmox_lxc_configure @@ -10,6 +11,7 @@ - name: Prepare k3s nodes hosts: k3s_cluster gather_facts: yes + environment: "{{ proxy_env | default({}) }}" roles: - role: lxc become: true @@ -26,18 +28,21 @@ - name: Setup k3s servers hosts: master + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_server become: true - name: Setup k3s agents hosts: node + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_agent become: true - name: Configure k3s cluster hosts: master + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_server_post become: true