From 7badfbd7bd31264de5be3519823020c343b5ca98 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jan 2024 20:46:52 -0600 Subject: [PATCH 1/4] chore(deps): bump netaddr from 0.9.0 to 0.10.0 (#411) Bumps [netaddr](https://github.com/drkjam/netaddr) from 0.9.0 to 0.10.0. - [Release notes](https://github.com/drkjam/netaddr/releases) - [Changelog](https://github.com/netaddr/netaddr/blob/master/CHANGELOG) - [Commits](https://github.com/drkjam/netaddr/compare/0.9.0...0.10.0) --- updated-dependencies: - dependency-name: netaddr dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 30cb1d4..9dcf161 100644 --- a/requirements.txt +++ b/requirements.txt @@ -86,7 +86,7 @@ molecule==4.0.4 # molecule-vagrant molecule-vagrant==1.0.0 # via -r requirements.in -netaddr==0.9.0 +netaddr==0.10.0 # via -r requirements.in nodeenv==1.7.0 # via pre-commit From 70e658cf980a88a9c74b1a485403beb84ea1f278 Mon Sep 17 00:00:00 2001 From: Techno Tim Date: Fri, 12 Jan 2024 22:34:23 -0500 Subject: [PATCH 2/4] feat(k3s): Updated to v1.25.16+k3s4 (#407) --- inventory/sample/group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 43fa3f4..5b923f7 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -1,5 +1,5 @@ --- -k3s_version: v1.25.12+k3s1 +k3s_version: v1.25.16+k3s4 # this is the user that has ssh access to these machines ansible_user: ansibleuser systemd_dir: /etc/systemd/system From cddbfc8e40844e880381e8fe60fc9ff4112f74c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Hasprai?= Date: Mon, 15 Jan 2024 19:43:44 +0100 Subject: [PATCH 3/4] Update truthy values to true/false only, #204 (#387) Co-authored-by: Techno Tim --- .yamllint | 2 +- molecule/default/prepare.yml | 2 +- .../verify_from_outside/tasks/test/deploy-example.yml | 2 +- reboot.yml | 2 +- reset.yml | 4 ++-- roles/k3s_agent/tasks/main.yml | 4 ++-- roles/k3s_server/tasks/main.yml | 6 +++--- roles/prereq/tasks/main.yml | 8 ++++---- roles/raspberrypi/tasks/setup/Rocky.yml | 2 +- roles/raspberrypi/tasks/setup/Ubuntu.yml | 2 +- roles/reset/tasks/main.yml | 4 ++-- site.yml | 4 ++-- 12 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.yamllint b/.yamllint index 8f19687..c572b3f 100644 --- a/.yamllint +++ b/.yamllint @@ -6,4 +6,4 @@ rules: max: 120 level: warning truthy: - allowed-values: ['true', 'false', 'yes', 'no'] + allowed-values: ['true', 'false'] diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 17da4dd..044aa79 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -17,6 +17,6 @@ # and security needs. ansible.builtin.systemd: name: firewalld - enabled: no + enabled: false state: stopped become: true diff --git a/molecule/resources/verify_from_outside/tasks/test/deploy-example.yml b/molecule/resources/verify_from_outside/tasks/test/deploy-example.yml index 61c4cec..385c7cc 100644 --- a/molecule/resources/verify_from_outside/tasks/test/deploy-example.yml +++ b/molecule/resources/verify_from_outside/tasks/test/deploy-example.yml @@ -35,7 +35,7 @@ - name: Assert that the nginx welcome page is available ansible.builtin.uri: url: http://{{ ip | ansible.utils.ipwrap }}:{{ port_ }}/ - return_content: yes + return_content: true register: result failed_when: "'Welcome to nginx!' not in result.content" vars: diff --git a/reboot.yml b/reboot.yml index a970665..ffba507 100644 --- a/reboot.yml +++ b/reboot.yml @@ -1,7 +1,7 @@ --- - name: Reboot k3s_cluster hosts: k3s_cluster - gather_facts: yes + gather_facts: true tasks: - name: Reboot the nodes (and Wait upto 5 mins max) become: true diff --git a/reset.yml b/reset.yml index 02d4d89..d09c947 100644 --- a/reset.yml +++ b/reset.yml @@ -1,7 +1,7 @@ --- - name: Reset k3s cluster hosts: k3s_cluster - gather_facts: yes + gather_facts: true roles: - role: reset become: true @@ -17,7 +17,7 @@ - name: Revert changes to Proxmox cluster hosts: proxmox gather_facts: true - become: yes + become: true remote_user: "{{ proxmox_lxc_ssh_user }}" roles: - role: reset_proxmox_lxc diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml index 395c1ac..3146697 100644 --- a/roles/k3s_agent/tasks/main.yml +++ b/roles/k3s_agent/tasks/main.yml @@ -15,6 +15,6 @@ - name: Enable and check K3s service systemd: name: k3s-node - daemon_reload: yes + daemon_reload: true state: restarted - enabled: yes + enabled: true diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 030dc22..60b063d 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -67,9 +67,9 @@ - name: Enable and check K3s service systemd: name: k3s - daemon_reload: yes + daemon_reload: true state: restarted - enabled: yes + enabled: true - name: Wait for node-token wait_for: @@ -110,7 +110,7 @@ copy: src: /etc/rancher/k3s/k3s.yaml dest: "{{ ansible_user_dir }}/.kube/config" - remote_src: yes + remote_src: true owner: "{{ ansible_user_id }}" mode: "u=rw,g=,o=" diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 2fffe06..4dfca57 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -14,7 +14,7 @@ name: net.ipv4.ip_forward value: "1" state: present - reload: yes + reload: true tags: sysctl - name: Enable IPv6 forwarding @@ -22,7 +22,7 @@ name: net.ipv6.conf.all.forwarding value: "1" state: present - reload: yes + reload: true tags: sysctl - name: Enable IPv6 router advertisements @@ -30,7 +30,7 @@ name: net.ipv6.conf.all.accept_ra value: "2" state: present - reload: yes + reload: true tags: sysctl - name: Add br_netfilter to /etc/modules-load.d/ @@ -51,7 +51,7 @@ name: "{{ item }}" value: "1" state: present - reload: yes + reload: true when: ansible_os_family == "RedHat" loop: - net.bridge.bridge-nf-call-iptables diff --git a/roles/raspberrypi/tasks/setup/Rocky.yml b/roles/raspberrypi/tasks/setup/Rocky.yml index b037b1d..7fd8a38 100644 --- a/roles/raspberrypi/tasks/setup/Rocky.yml +++ b/roles/raspberrypi/tasks/setup/Rocky.yml @@ -2,7 +2,7 @@ - name: Enable cgroup via boot commandline if not already enabled for Rocky lineinfile: path: /boot/cmdline.txt - backrefs: yes + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' notify: reboot diff --git a/roles/raspberrypi/tasks/setup/Ubuntu.yml b/roles/raspberrypi/tasks/setup/Ubuntu.yml index 6b1e731..72c77c9 100644 --- a/roles/raspberrypi/tasks/setup/Ubuntu.yml +++ b/roles/raspberrypi/tasks/setup/Ubuntu.yml @@ -2,7 +2,7 @@ - name: Enable cgroup via boot commandline if not already enabled for Ubuntu on a Raspberry Pi lineinfile: path: /boot/firmware/cmdline.txt - backrefs: yes + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' notify: reboot diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index d75c9ff..da4b151 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -3,7 +3,7 @@ systemd: name: "{{ item }}" state: stopped - enabled: no + enabled: false failed_when: false with_items: - k3s @@ -57,7 +57,7 @@ - name: Reload daemon_reload systemd: - daemon_reload: yes + daemon_reload: true - name: Remove tmp directory used for manifests file: diff --git a/site.yml b/site.yml index 6dde6b1..2aa46e7 100644 --- a/site.yml +++ b/site.yml @@ -2,7 +2,7 @@ - name: Prepare Proxmox cluster hosts: proxmox gather_facts: true - become: yes + become: true environment: "{{ proxy_env | default({}) }}" roles: - role: proxmox_lxc @@ -10,7 +10,7 @@ - name: Prepare k3s nodes hosts: k3s_cluster - gather_facts: yes + gather_facts: true environment: "{{ proxy_env | default({}) }}" roles: - role: lxc From 7669fd47218a3c93f11082ec7a8b3d7cb9d9c2a9 Mon Sep 17 00:00:00 2001 From: egandro Date: Fri, 19 Jan 2024 01:35:19 +0100 Subject: [PATCH 4/4] initial galaxy.yml (#388) * initial galaxy.yml * added readme * lint fix * Updated description Co-authored-by: Dov Benyomin Sohacheski * Updated license_file section Co-authored-by: Dov Benyomin Sohacheski * Updated tags section Co-authored-by: Dov Benyomin Sohacheski * Updated dependencies section Co-authored-by: Dov Benyomin Sohacheski * removed extra empty line galaxy created --------- Co-authored-by: Harald Fielker Co-authored-by: Dov Benyomin Sohacheski Co-authored-by: Techno Tim --- .ansible-lint | 3 ++ .yamllint | 2 ++ README.md | 22 ++++++++++++++ galaxy.yml | 81 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 108 insertions(+) create mode 100644 galaxy.yml diff --git a/.ansible-lint b/.ansible-lint index 940e20e..8024244 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -13,5 +13,8 @@ exclude_paths: - 'molecule/**/prepare.yml' - 'molecule/**/reset.yml' + # The file was generated by galaxy ansible - don't mess with it. + - 'galaxy.yml' + skip_list: - 'fqcn-builtins' diff --git a/.yamllint b/.yamllint index c572b3f..a60b44e 100644 --- a/.yamllint +++ b/.yamllint @@ -7,3 +7,5 @@ rules: level: warning truthy: allowed-values: ['true', 'false'] +ignore: + - galaxy.yml diff --git a/README.md b/README.md index cdb24fd..8775d79 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,28 @@ You can find more information about it [here](molecule/README.md). This repo uses `pre-commit` and `pre-commit-hooks` to lint and fix common style and syntax errors. Be sure to install python packages and then run `pre-commit install`. For more information, see [pre-commit](https://pre-commit.com/) +## 🌌 Ansible Galaxy + +This collection can now be used in larger ansible projects. + +Instructions: + +- create or modify a file `collections/requirements.yml` in your project + +```yml +collections: + - name: ansible.utils + - name: community.general + - name: ansible.posix + - name: kubernetes.core + - name: https://github.com/techno-tim/k3s-ansible.git + type: git + version: master +``` + +- install via `ansible-galaxy collection install -r ./collections/requirements.yml` +- every role is now available via the prefix `techno_tim.k3s_ansible.` e.g. `techno_tim.k3s_ansible.lxc` + ## Thanks 🤝 This repo is really standing on the shoulders of giants. Thank you to all those who have contributed and thanks to these repos for code and ideas: diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 0000000..0f9b196 --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,81 @@ +### REQUIRED +# The namespace of the collection. This can be a company/brand/organization or product namespace under which all +# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with +# underscores or numbers and cannot contain consecutive underscores +namespace: techno_tim + +# The name of the collection. Has the same character restrictions as 'namespace' +name: k3s_ansible + +# The version of the collection. Must be compatible with semantic versioning +version: 1.0.0 + +# The path to the Markdown (.md) readme file. This path is relative to the root of the collection +readme: README.md + +# A list of the collection's content authors. Can be just the name or in the format 'Full Name (url) +# @nicks:irc/im.site#channel' +authors: +- your name + + +### OPTIONAL but strongly recommended +# A short summary description of the collection +description: > + The easiest way to bootstrap a self-hosted High Availability Kubernetes + cluster. A fully automated HA k3s etcd install with kube-vip, MetalLB, + and more. + +# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only +# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file' +license: +- Apache-2.0 + + +# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character +# requirements as 'namespace' and 'name' +tags: + - etcd + - high-availability + - k8s + - k3s + - k3s-cluster + - kube-vip + - kubernetes + - metallb + - rancher + +# Collections that this collection requires to be installed for it to be usable. The key of the dict is the +# collection label 'namespace.name'. The value is a version range +# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version +# range specifiers can be set and are separated by ',' +dependencies: + ansible.utils: '*' + ansible.posix: '*' + community.general: '*' + kubernetes.core: '*' + +# The URL of the originating SCM repository +repository: https://github.com/techno-tim/k3s-ansible + +# The URL to any online docs +documentation: https://github.com/techno-tim/k3s-ansible + +# The URL to the homepage of the collection/project +homepage: https://www.youtube.com/watch?v=CbkEWcUZ7zM + +# The URL to the collection issue tracker +issues: https://github.com/techno-tim/k3s-ansible/issues + +# A list of file glob-like patterns used to filter any files or directories that should not be included in the build +# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This +# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry', +# and '.git' are always filtered. Mutually exclusive with 'manifest' +build_ignore: [] + +# A dict controlling use of manifest directives used in building the collection artifact. The key 'directives' is a +# list of MANIFEST.in style +# L(directives,https://packaging.python.org/en/latest/guides/using-manifest-in/#manifest-in-commands). The key +# 'omit_default_directives' is a boolean that controls whether the default directives are used. Mutually exclusive +# with 'build_ignore' +# manifest: null