tim/k3s-ansible
1
0
Fork 1
mirror of https://github.com/techno-tim/k3s-ansible.git synced 2025-12-27 03:03:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: tim:dfe4b8ac8ff276cf7d2db50f5362b8b19771f8db
Branches Tags
tim:master tim:dependabot/pip/ansible-core-2.19.5 tim:dependabot/github_actions/actions/upload-artifact-5.0.0 tim:dependabot/github_actions/zgosalvez/github-actions-ensure-sha-pinned-actions-4.0.0 tim:dependabot/pip/pyyaml-6.0.3 tim:dependabot/github_actions/actions/cache-4.3.0 tim:dependabot/github_actions/actions/setup-python-6.0.0 tim:dependabot/github_actions/actions/checkout-5.0.0 tim:dependabot/pip/molecule-plugins-vagrant--23.7.0
tim:v1.30.2+k3s2+tt1 tim:v1.29.2+k3s1+tt1 tim:v1.29.0+k3s1+tt3 tim:v1.29.0+k3s1+tt2 tim:v1.29.0+k3s1 tim:v1.28.5+k3s1 tim:v1.27.9+k3s1 tim:v1.26.12+k3s1 tim:v1.25.16+k3s4 tim:v1.25.9+k3s1 tim:v1.24.11+k3s1 tim:v1.24.9+k3s1 tim:v1.24.8+k3s1 tim:v1.24.7+k3s1 tim:v1.24.6+k3s1 tim:v1.24.4+k3s1 tim:v1.24.3+k3s1 tim:v1.23.4+k3s1
...
compare: tim:e9abd4d1d95628b64be91d38c7542c8560fe3a65
Branches Tags
tim:dependabot/pip/ansible-core-2.19.5 tim:dependabot/github_actions/actions/upload-artifact-5.0.0 tim:dependabot/github_actions/zgosalvez/github-actions-ensure-sha-pinned-actions-4.0.0 tim:dependabot/pip/pyyaml-6.0.3 tim:dependabot/github_actions/actions/cache-4.3.0 tim:dependabot/github_actions/actions/setup-python-6.0.0 tim:dependabot/github_actions/actions/checkout-5.0.0 tim:master tim:dependabot/pip/molecule-plugins-vagrant--23.7.0
tim:v1.30.2+k3s2+tt1 tim:v1.29.2+k3s1+tt1 tim:v1.29.0+k3s1+tt3 tim:v1.29.0+k3s1+tt2 tim:v1.29.0+k3s1 tim:v1.28.5+k3s1 tim:v1.27.9+k3s1 tim:v1.26.12+k3s1 tim:v1.25.16+k3s4 tim:v1.25.9+k3s1 tim:v1.24.11+k3s1 tim:v1.24.9+k3s1 tim:v1.24.8+k3s1 tim:v1.24.7+k3s1 tim:v1.24.6+k3s1 tim:v1.24.4+k3s1 tim:v1.24.3+k3s1 tim:v1.23.4+k3s1

4 Commits
dfe4b8ac8f ... e9abd4d1d9

Author SHA1 Message Date
Christian Berendt
e9abd4d1d9 Merge 53b2154124 into 03ae8de0d5 2024-09-29 21:41:44 +02:00
Christian Berendt
53b2154124 Merge branch 'master' into cilium_bgp_neighbors 2024-09-29 21:41:42 +02:00
Christian Berendt
5dcfb06c23 k3s_server_post: add cilium_bgp_neighbors parameter 
With the cilium_bgp_neighbors parameter it is possible to define
multiple BGP peer ASN & address pairs for Cilium.

Sample:

```
cilium_bgp_neighbors:
  - peer_address: 192.168.128.10
    peer_asn: 64512
  - peer_address: 192.168.128.11
    peer_asn: 64512
  - peer_address: 192.168.128.12
    peer_asn: 64512
```

It is possible to merge further lists with cilium_bgp_neighbors__*
parameters.

Sample:

```
cilium_bgp_neighbors__extra:
  - peer_address: 192.168.128.10
    peer_asn: 64512
cilium_bgp_neighbors:
  - peer_address: 192.168.128.11
    peer_asn: 64512
  - peer_address: 192.168.128.12
    peer_asn: 64512
```

This will result in the following list of BGP peer ASN & address pairs:

```
- peer_address: 192.168.128.10
  peer_asn: 64512
- peer_address: 192.168.128.11
  peer_asn: 64512
- peer_address: 192.168.128.12
  peer_asn: 64512
```

Signed-off-by: Christian Berendt <berendt@osism.tech>
 2024-09-29 21:40:16 +02:00
dependabot[bot]
03ae8de0d5 chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#580) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](692973e3d9...d632683dd7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-29 14:35:36 -05:00
7 changed files with 33 additions and 4 deletions
Expand all files Collapse all files

2
.github/workflows/cache.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
steps: steps:
- name: Check out the codebase - name: Check out the codebase
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7 uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # 4.2.0
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}

4
.github/workflows/lint.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
steps: steps:
- name: Check out the codebase - name: Check out the codebase
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7 uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # 4.2.0
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}
@@ -45,7 +45,7 @@ jobs:
runs-on: self-hosted runs-on: self-hosted
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7 uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # 4.2.0
- name: Ensure SHA pinned actions - name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@0901cf7b71c7ea6261ec69a3dc2bd3f9264f893e # 3.0.12 uses: zgosalvez/github-actions-ensure-sha-pinned-actions@0901cf7b71c7ea6261ec69a3dc2bd3f9264f893e # 3.0.12
with: with:

2
.github/workflows/test.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
steps: steps:
- name: Check out the codebase - name: Check out the codebase
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7 uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # 4.2.0
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}

2
roles/k3s_server_post/defaults/main.yml
View File

@@ -15,6 +15,8 @@ cilium_bgp: false
cilium_exportPodCIDR: true # noqa var-naming cilium_exportPodCIDR: true # noqa var-naming
cilium_bgp_my_asn: 64513 cilium_bgp_my_asn: 64513
cilium_bgp_peer_asn: 64512 cilium_bgp_peer_asn: 64512
cilium_bgp_neighbors: []
cilium_bgp_neighbors_groups: ['k3s_all']
cilium_bgp_lb_cidr: 192.168.31.0/24 cilium_bgp_lb_cidr: 192.168.31.0/24
cilium_hubble: true cilium_hubble: true
cilium_mode: native cilium_mode: native

8
roles/k3s_server_post/meta/main.yml
View File

@@ -66,6 +66,14 @@ argument_specs:
description: BGP peer address description: BGP peer address
default: ~ default: ~
cilium_bgp_neighbors:
description: List of BGP peer ASN & address pairs
default: []
cilium_bgp_neighbors_groups:
description: Inventory group in which to search for additional cilium_bgp_neighbors parameters to merge.
default: ['k3s_all']
cilium_bgp_lb_cidr: cilium_bgp_lb_cidr:
description: BGP load balancer IP range description: BGP load balancer IP range
default: 192.168.31.0/24 default: 192.168.31.0/24

5
roles/k3s_server_post/tasks/cilium.yml
View File

@@ -221,6 +221,11 @@
- name: Configure Cilium BGP - name: Configure Cilium BGP
when: cilium_bgp when: cilium_bgp
block: block:
- name: Set _cilium_bgp_neighbors fact
ansible.builtin.set_fact:
_cilium_bgp_neighbors: "{{ lookup('community.general.merge_variables', '^cilium_bgp_neighbors__.+$', initial_value=cilium_bgp_neighbors, groups=cilium_bgp_neighbors_groups) }}" # yamllint disable-line rule:line-length
when: cilium_bgp_neighbors | length > 0
- name: Copy BGP manifests to first master - name: Copy BGP manifests to first master
ansible.builtin.template: ansible.builtin.template:
src: cilium.crs.j2 src: cilium.crs.j2

14
roles/k3s_server_post/templates/cilium.crs.j2
View File

@@ -7,6 +7,19 @@ spec: # CiliumBGPPeeringPolicySpec
- localASN: {{ cilium_bgp_my_asn }} - localASN: {{ cilium_bgp_my_asn }}
exportPodCIDR: {{ cilium_exportPodCIDR | default('true') }} exportPodCIDR: {{ cilium_exportPodCIDR | default('true') }}
neighbors: # []CiliumBGPNeighbor neighbors: # []CiliumBGPNeighbor
{% if _cilium_bgp_neighbors | length > 0 %}
{% for item in _cilium_bgp_neighbors %}
- peerAddress: '{{ item.peer_address + "/32"}}'
peerASN: {{ item.peer_asn }}
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
{% endfor %}
{% else %}
- peerAddress: '{{ cilium_bgp_peer_address + "/32"}}' - peerAddress: '{{ cilium_bgp_peer_address + "/32"}}'
peerASN: {{ cilium_bgp_peer_asn }} peerASN: {{ cilium_bgp_peer_asn }}
eBGPMultihopTTL: 10 eBGPMultihopTTL: 10
@@ -16,6 +29,7 @@ spec: # CiliumBGPPeeringPolicySpec
gracefulRestart: gracefulRestart:
enabled: true enabled: true
restartTimeSeconds: 120 restartTimeSeconds: 120
{% endif %}
serviceSelector: serviceSelector:
matchExpressions: matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']} - {key: somekey, operator: NotIn, values: ['never-used-value']}