tim/k3s-ansible
1
0
Fork 1
mirror of https://github.com/techno-tim/k3s-ansible.git synced 2025-12-28 19:52:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: tim:a7bc477dc71bc1535450a0f4d60ac6fcda8cbfb9
Branches Tags
tim:master tim:dependabot/pip/ansible-core-2.19.5 tim:dependabot/github_actions/actions/upload-artifact-5.0.0 tim:dependabot/github_actions/zgosalvez/github-actions-ensure-sha-pinned-actions-4.0.0 tim:dependabot/pip/pyyaml-6.0.3 tim:dependabot/github_actions/actions/cache-4.3.0 tim:dependabot/github_actions/actions/setup-python-6.0.0 tim:dependabot/github_actions/actions/checkout-5.0.0 tim:dependabot/pip/molecule-plugins-vagrant--23.7.0
tim:v1.30.2+k3s2+tt1 tim:v1.29.2+k3s1+tt1 tim:v1.29.0+k3s1+tt3 tim:v1.29.0+k3s1+tt2 tim:v1.29.0+k3s1 tim:v1.28.5+k3s1 tim:v1.27.9+k3s1 tim:v1.26.12+k3s1 tim:v1.25.16+k3s4 tim:v1.25.9+k3s1 tim:v1.24.11+k3s1 tim:v1.24.9+k3s1 tim:v1.24.8+k3s1 tim:v1.24.7+k3s1 tim:v1.24.6+k3s1 tim:v1.24.4+k3s1 tim:v1.24.3+k3s1 tim:v1.23.4+k3s1
..
compare: tim:103436932674d690777ff16610834a3b9ad2d841
Branches Tags
tim:dependabot/pip/ansible-core-2.19.5 tim:dependabot/github_actions/actions/upload-artifact-5.0.0 tim:dependabot/github_actions/zgosalvez/github-actions-ensure-sha-pinned-actions-4.0.0 tim:dependabot/pip/pyyaml-6.0.3 tim:dependabot/github_actions/actions/cache-4.3.0 tim:dependabot/github_actions/actions/setup-python-6.0.0 tim:dependabot/github_actions/actions/checkout-5.0.0 tim:master tim:dependabot/pip/molecule-plugins-vagrant--23.7.0
tim:v1.30.2+k3s2+tt1 tim:v1.29.2+k3s1+tt1 tim:v1.29.0+k3s1+tt3 tim:v1.29.0+k3s1+tt2 tim:v1.29.0+k3s1 tim:v1.28.5+k3s1 tim:v1.27.9+k3s1 tim:v1.26.12+k3s1 tim:v1.25.16+k3s4 tim:v1.25.9+k3s1 tim:v1.24.11+k3s1 tim:v1.24.9+k3s1 tim:v1.24.8+k3s1 tim:v1.24.7+k3s1 tim:v1.24.6+k3s1 tim:v1.24.4+k3s1 tim:v1.24.3+k3s1 tim:v1.23.4+k3s1

1 Commits
a7bc477dc7 ... 1034369326

Author SHA1 Message Date
Dov Benyomin Sohacheski
1034369326 Merge 16fb511d49 into 072f1a321d 2024-06-03 19:57:11 -05:00
12 changed files with 27 additions and 198 deletions
Expand all files Collapse all files

1
roles/k3s_agent/defaults/main.yml
View File

@@ -1,4 +1,5 @@
--- ---
is_pxe_booted: false
extra_agent_args: "" extra_agent_args: ""
group_name_master: master group_name_master: master
systemd_dir: /etc/systemd/system systemd_dir: /etc/systemd/system

9
roles/k3s_agent/meta/main.yml
View File

@@ -8,26 +8,21 @@ argument_specs:
required: true required: true
extra_agent_args: extra_agent_args:
description: Extra arguments for agents nodes description: Virtual ip-address configured on each master
default: Arguments passed to the systemd service
group_name_master: group_name_master:
description: Name of the master group description: Name of the master group
default: master default: master
k3s_token:
description: Token used to communicate between masters
proxy_env: proxy_env:
type: dict type: dict
description: Internet proxy configurations description: Internet proxy configurations
default: ~ default: ~
options: options:
HTTP_PROXY: HTTP_PROXY:
required: true
HTTPS_PROXY: HTTPS_PROXY:
required: true
NO_PROXY: NO_PROXY:
required: true
systemd_dir: systemd_dir:
description: Path to systemd services description: Path to systemd services

2
roles/k3s_agent/templates/k3s.service.j2
View File

@@ -12,7 +12,7 @@ ExecStart=/usr/local/bin/k3s agent \
--server https://{{ apiserver_endpoint | ansible.utils.ipwrap }}:6443 \ --server https://{{ apiserver_endpoint | ansible.utils.ipwrap }}:6443 \
{% if is_pxe_booted | default(false) %}--snapshotter native \ {% if is_pxe_booted | default(false) %}--snapshotter native \
{% endif %}--token {{ hostvars[groups[group_name_master | default('master')][0]]['token'] | default(k3s_token) }} \ {% endif %}--token {{ hostvars[groups[group_name_master | default('master')][0]]['token'] | default(k3s_token) }} \
{{ extra_agent_args }} {{ extra_agent_args | default("") }}
KillMode=process KillMode=process
Delegate=yes Delegate=yes
LimitNOFILE=1048576 LimitNOFILE=1048576

6
roles/k3s_custom_registries/defaults/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# Indicates whether custom registries for k3s should be configured
# Possible values:
# - present
# - absent
state: present

1
roles/k3s_custom_registries/meta/main.yml
View File

@@ -17,4 +17,3 @@ argument_specs:
If all you need is your own images and you don't care about If all you need is your own images and you don't care about
caching the docker/quay/ghcr.io images, you can just remove caching the docker/quay/ghcr.io images, you can just remove
those from the mirrors: section. those from the mirrors: section.
required: true

18
roles/k3s_server/defaults/main.yml
View File

@@ -1,17 +1,11 @@
--- ---
extra_server_args: "" # If you want to explicitly define an interface that ALL control nodes
# should use to propagate the VIP, define it here. Otherwise, kube-vip
group_name_master: master # will determine the right interface automatically at runtime.
kube_vip_iface: ~ kube_vip_iface: ~
kube_vip_cloud_provider_tag_version: main kube_vip_cloud_provider_tag_version: main
kube_vip_tag_version: v0.7.2 group_name_master: master
metal_lb_controller_tag_version: v0.14.3
metal_lb_speaker_tag_version: v0.14.3
metal_lb_type: native
retry_count: 20
# yamllint disable rule:line-length # yamllint disable rule:line-length
server_init_args: >- server_init_args: >-
@@ -23,6 +17,6 @@ server_init_args: >-
{% endif %} {% endif %}
--token {{ k3s_token }} --token {{ k3s_token }}
{% endif %} {% endif %}
{{ extra_server_args }} {{ extra_server_args | default('') }}
systemd_dir: /etc/systemd/system systemd_dir: /etc/systemd/system

60
roles/k3s_server/meta/main.yml
View File

@@ -3,41 +3,10 @@ argument_specs:
main: main:
short_description: Setup k3s servers short_description: Setup k3s servers
options: options:
apiserver_endpoint:
description: Virtual ip-address configured on each master
required: true
cilium_bgp:
description:
- Enable cilium BGP control plane for LB services and pod cidrs.
- Disables the use of MetalLB.
type: bool
default: ~
cilium_iface:
description: The network interface used for when Cilium is enabled
default: ~
extra_server_args:
description: Extra arguments for server nodes
default: ""
group_name_master: group_name_master:
description: Name of the master group description: Name of the master group
default: master default: master
kube_vip_iface:
description:
- Explicitly define an interface that ALL control nodes
- should use to propagate the VIP, define it here.
- Otherwise, kube-vip will determine the right interface
- automatically at runtime.
default: ~
kube_vip_tag_version:
description: Image tag for kube-vip
default: v0.7.2
kube_vip_cloud_provider_tag_version: kube_vip_cloud_provider_tag_version:
description: Tag for kube-vip-cloud-provider manifest when enabled description: Tag for kube-vip-cloud-provider manifest when enabled
default: main default: main
@@ -46,40 +15,11 @@ argument_specs:
description: IP range for kube-vip load balancer description: IP range for kube-vip load balancer
default: ~ default: ~
metal_lb_controller_tag_version:
description: Image tag for MetalLB
default: v0.14.3
metal_lb_speaker_tag_version:
description: Image tag for MetalLB
default: v0.14.3
metal_lb_type:
choices:
- frr
- native
default: native
proxy_env: proxy_env:
type: dict type: dict
description: Internet proxy configurations description: Internet proxy configurations
default: ~ default: ~
options: options:
HTTP_PROXY: HTTP_PROXY:
required: true
HTTPS_PROXY: HTTPS_PROXY:
required: true
NO_PROXY: NO_PROXY:
required: true
retry_count:
description: Amount of retries when verifying that nodes joined
type: int
default: 20
server_init_args:
description: Arguments for server nodes
systemd_dir:
description: Path to systemd services
default: /etc/systemd/system

1
roles/k3s_server/tasks/http_proxy.yml
View File

@@ -1,4 +1,5 @@
--- ---
- name: Create k3s.service.d directory - name: Create k3s.service.d directory
file: file:
path: '{{ systemd_dir }}/k3s.service.d' path: '{{ systemd_dir }}/k3s.service.d'

1
roles/k3s_server/tasks/main.yml
View File

@@ -1,4 +1,5 @@
--- ---
- name: Stop k3s-init - name: Stop k3s-init
systemd: systemd:
name: k3s-init name: k3s-init

22
roles/k3s_server_post/defaults/main.yml
View File

@@ -1,20 +1,6 @@
--- ---
bpf_lb_algorithm: maglev # Timeout to wait for MetalLB services to come up
bpf_lb_mode: hybrid
calico_ebpf: false
calico_tag: v3.27.2
cilium_bgp: false
cilium_exportPodCIDR: true
cilium_hubble: true
cilium_mode: native
cluster_cidr: 10.52.0.0/16
enable_bpf_masquerade: true
kube_proxy_replacement: true
group_name_master: master
metal_lb_mode: layer2
metal_lb_available_timeout: 240s metal_lb_available_timeout: 240s
metal_lb_controller_tag_version: v0.14.3
# Name of the master group
group_name_master: master

94
roles/k3s_server_post/meta/main.yml
View File

@@ -1,94 +0,0 @@
---
argument_specs:
main:
short_description: Configure k3s cluster
options:
apiserver_endpoint:
description: Virtual ip-address configured on each master
required: true
bpf_lb_algorithm:
description: BPF lb algorithm
default: maglev
bpf_lb_mode:
description: BPF lb mode
default: hybrid
calico_ebpf:
description: Use eBPF dataplane instead of iptables
type: bool
default: false
calico_iface:
description: The network interface used for when Calico is enabled
default: ~
calico_tag:
description: Calico version tag
default: v3.27.2
cilium_bgp:
description:
- Enable cilium BGP control plane for LB services and pod cidrs.
- Disables the use of MetalLB.
type: bool
default: false
cilium_exportPodCIDR:
description: Export pod CIDR
type: bool
default: true
cilium_hubble:
description: Enable Cilium Hubble
type: bool
default: true
cilium_iface:
description: The network interface used for when Cilium is enabled
default: ~
cilium_mode:
description: Inner-node communication mode
default: native
choices:
- native
- routed
cluster_cidr:
description: Inner-cluster IP range
default: 10.52.0.0/16
enable_bpf_masquerade:
description: Use IP masquerading
type: bool
default: true
group_name_master:
description: Name of the master group
default: master
kube_proxy_replacement:
description: Replace the native kube-proxy with Cilium
type: bool
default: true
kube_vip_lb_ip_range:
description: IP range for kube-vip load balancer
default: ~
metal_lb_available_timeout:
description: Wait for MetalLB resources
default: 240s
metal_lb_controller_tag_version:
description: Image tag for MetalLB
default: v0.14.3
metal_lb_mode:
description: Metallb mode
default: layer2
choices:
- bgp
- layer2

10
roles/k3s_server_post/tasks/cilium.yml
View File

@@ -172,17 +172,17 @@
{% endif %} {% endif %}
--helm-set k8sServiceHost="127.0.0.1" --helm-set k8sServiceHost="127.0.0.1"
--helm-set k8sServicePort="6444" --helm-set k8sServicePort="6444"
--helm-set routingMode={{ cilium_mode }} --helm-set routingMode={{ cilium_mode | default("native") }}
--helm-set autoDirectNodeRoutes={{ "true" if cilium_mode == "native" else "false" }} --helm-set autoDirectNodeRoutes={{ "true" if cilium_mode == "native" else "false" }}
--helm-set kubeProxyReplacement={{ kube_proxy_replacement }} --helm-set kubeProxyReplacement={{ kube_proxy_replacement | default("true") }}
--helm-set bpf.masquerade={{ enable_bpf_masquerade }} --helm-set bpf.masquerade={{ enable_bpf_masquerade | default("true") }}
--helm-set bgpControlPlane.enabled={{ cilium_bgp | default("false") }} --helm-set bgpControlPlane.enabled={{ cilium_bgp | default("false") }}
--helm-set hubble.enabled={{ "true" if cilium_hubble else "false" }} --helm-set hubble.enabled={{ "true" if cilium_hubble else "false" }}
--helm-set hubble.relay.enabled={{ "true" if cilium_hubble else "false" }} --helm-set hubble.relay.enabled={{ "true" if cilium_hubble else "false" }}
--helm-set hubble.ui.enabled={{ "true" if cilium_hubble else "false" }} --helm-set hubble.ui.enabled={{ "true" if cilium_hubble else "false" }}
{% if kube_proxy_replacement is not false %} {% if kube_proxy_replacement is not false %}
--helm-set bpf.loadBalancer.algorithm={{ bpf_lb_algorithm }} --helm-set bpf.loadBalancer.algorithm={{ bpf_lb_algorithm | default("maglev") }}
--helm-set bpf.loadBalancer.mode={{ bpf_lb_mode }} --helm-set bpf.loadBalancer.mode={{ bpf_lb_mode | default("hybrid") }}
{% endif %} {% endif %}
environment: environment:
KUBECONFIG: "{{ ansible_user_dir }}/.kube/config" KUBECONFIG: "{{ ansible_user_dir }}/.kube/config"