mirror of
https://github.com/k3s-io/k3s-ansible.git
synced 2025-12-25 00:12:37 +01:00
c10b84f0f4
* Generate token If a token is not explicitly provided, let the first server generate a random one. Such a token is saved on the first server and the playbook can retrieve it from there and store it a a fact. All other servers and agents can use that token later to join the cluster. It will be saved into their environment file as usual. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> * Document that token is (mostly) optional now The token is still required when using Vagrant. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
71 lines
2.4 KiB
YAML
71 lines
2.4 KiB
YAML
---
|
|
- name: Get k3s installed version
|
|
ansible.builtin.command: k3s --version
|
|
register: k3s_version_output
|
|
changed_when: false
|
|
ignore_errors: true
|
|
|
|
- name: Set k3s installed version
|
|
when: k3s_version_output.rc == 0
|
|
ansible.builtin.set_fact:
|
|
installed_k3s_version: "{{ k3s_version_output.stdout_lines[0].split(' ')[2] }}"
|
|
|
|
# If airgapped, all K3s artifacts are already on the node.
|
|
# We should be downloading and installing the newer version only if we are in one of the following cases :
|
|
# - we couldn't get k3s installed version in the first task of this role
|
|
# - the installed version of K3s on the nodes is older than the requested version in ansible vars
|
|
- name: Download artifact only if needed
|
|
when: airgap_dir is undefined and ( k3s_version_output.rc != 0 or installed_k3s_version is version(k3s_version, '<') )
|
|
block:
|
|
- name: Download K3s install script
|
|
ansible.builtin.get_url:
|
|
url: https://get.k3s.io/
|
|
timeout: 120
|
|
dest: /usr/local/bin/k3s-install.sh
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
- name: Download K3s binary
|
|
ansible.builtin.command:
|
|
cmd: /usr/local/bin/k3s-install.sh
|
|
environment:
|
|
INSTALL_K3S_SKIP_START: "true"
|
|
INSTALL_K3S_VERSION: "{{ k3s_version }}"
|
|
INSTALL_K3S_EXEC: "agent"
|
|
changed_when: true
|
|
|
|
- name: Get the token from the first server
|
|
ansible.builtin.set_fact:
|
|
token: "{{ hostvars[groups[server_group][0]].token }}"
|
|
|
|
- name: Delete any existing token from the environment if different from the new one
|
|
ansible.builtin.lineinfile:
|
|
state: absent
|
|
path: "{{ systemd_dir }}/k3s-agent.service.env"
|
|
regexp: "^K3S_TOKEN=\\s*(?!{{ token }}\\s*$)"
|
|
|
|
- name: Add the token for joining the cluster to the environment
|
|
no_log: true # avoid logging the server token
|
|
ansible.builtin.lineinfile:
|
|
path: "{{ systemd_dir }}/k3s-agent.service.env"
|
|
line: "{{ item }}"
|
|
with_items:
|
|
- "K3S_TOKEN={{ token }}"
|
|
|
|
- name: Copy K3s service file
|
|
register: k3s_agent_service
|
|
ansible.builtin.template:
|
|
src: "k3s-agent.service.j2"
|
|
dest: "{{ systemd_dir }}/k3s-agent.service"
|
|
owner: root
|
|
group: root
|
|
mode: "u=rw,g=r,o=r"
|
|
|
|
- name: Enable and check K3s service
|
|
ansible.builtin.systemd:
|
|
name: k3s-agent
|
|
daemon_reload: "{{ true if k3s_agent_service.changed else false }}"
|
|
state: "{{ 'restarted' if k3s_agent_service.changed else 'started' }}"
|
|
enabled: true
|