mirror of
https://github.com/techno-tim/k3s-ansible.git
synced 2025-12-28 19:52:40 +01:00
Compare commits
3 Commits
v1.30.2+k3
...
b74da15a8e
| Author | SHA1 | Date | |
|---|---|---|---|
|
b74da15a8e | ||
|
|
16fb511d49 | ||
|
|
62b80237ef |
6
.github/workflows/cache.yml
vendored
6
.github/workflows/cache.yml
vendored
@@ -11,19 +11,19 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Check out the codebase
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7
|
||||
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # 4.1.6
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Set up Python ${{ env.PYTHON_VERSION }}
|
||||
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # 5.1.1
|
||||
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # 5.1.0
|
||||
with:
|
||||
python-version: ${{ env.PYTHON_VERSION }}
|
||||
cache: 'pip' # caching pip dependencies
|
||||
|
||||
- name: Cache Vagrant boxes
|
||||
id: cache-vagrant
|
||||
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0.2
|
||||
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
|
||||
with:
|
||||
lookup-only: true #if it exists, we don't need to restore and can skip the next step
|
||||
path: |
|
||||
|
||||
10
.github/workflows/lint.yml
vendored
10
.github/workflows/lint.yml
vendored
@@ -11,18 +11,18 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Check out the codebase
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7
|
||||
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # 4.1.6
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Set up Python ${{ env.PYTHON_VERSION }}
|
||||
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # 5.1.1
|
||||
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # 5.1.0
|
||||
with:
|
||||
python-version: ${{ env.PYTHON_VERSION }}
|
||||
cache: 'pip' # caching pip dependencies
|
||||
|
||||
- name: Restore Ansible cache
|
||||
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0.2
|
||||
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
|
||||
with:
|
||||
path: ~/.ansible/collections
|
||||
key: ansible-${{ hashFiles('collections/requirements.yml') }}
|
||||
@@ -45,9 +45,9 @@ jobs:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7
|
||||
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # 4.1.6
|
||||
- name: Ensure SHA pinned actions
|
||||
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b88cd0aad2c36a63e42c71f81cb1958fed95ac87 # 3.0.10
|
||||
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@40e45e738b3cad2729f599d8afc6ed02184e1dbd # 3.0.5
|
||||
with:
|
||||
allowlist: |
|
||||
aws-actions/
|
||||
|
||||
8
.github/workflows/test.yml
vendored
8
.github/workflows/test.yml
vendored
@@ -21,7 +21,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Check out the codebase
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7
|
||||
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # 4.1.6
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
@@ -59,13 +59,13 @@ jobs:
|
||||
EOF
|
||||
|
||||
- name: Set up Python ${{ env.PYTHON_VERSION }}
|
||||
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # 5.1.1
|
||||
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # 5.1.0
|
||||
with:
|
||||
python-version: ${{ env.PYTHON_VERSION }}
|
||||
cache: 'pip' # caching pip dependencies
|
||||
|
||||
- name: Restore vagrant Boxes cache
|
||||
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0.2
|
||||
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # 4.0
|
||||
with:
|
||||
path: ~/.vagrant.d/boxes
|
||||
key: vagrant-boxes-${{ hashFiles('**/molecule.yml') }}
|
||||
@@ -118,7 +118,7 @@ jobs:
|
||||
|
||||
- name: Upload log files
|
||||
if: always() # do this even if a step before has failed
|
||||
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # 4.3.4
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
|
||||
with:
|
||||
name: logs
|
||||
path: |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
---
|
||||
k3s_version: v1.30.2+k3s2
|
||||
k3s_version: v1.29.2+k3s1
|
||||
# this is the user that has ssh access to these machines
|
||||
ansible_user: ansibleuser
|
||||
systemd_dir: /etc/systemd/system
|
||||
@@ -13,13 +13,13 @@ flannel_iface: "eth0"
|
||||
# uncomment calico_iface to use tigera operator/calico cni instead of flannel https://docs.tigera.io/calico/latest/about
|
||||
# calico_iface: "eth0"
|
||||
calico_ebpf: false # use eBPF dataplane instead of iptables
|
||||
calico_tag: "v3.28.0" # calico version tag
|
||||
calico_tag: "v3.27.2" # calico version tag
|
||||
|
||||
# uncomment cilium_iface to use cilium cni instead of flannel or calico
|
||||
# ensure v4.19.57, v5.1.16, v5.2.0 or more recent kernel
|
||||
# cilium_iface: "eth0"
|
||||
cilium_mode: "native" # native when nodes on same subnet or using bgp, else set routed
|
||||
cilium_tag: "v1.16.0" # cilium version tag
|
||||
cilium_tag: "v1.15.2" # cilium version tag
|
||||
cilium_hubble: true # enable hubble observability relay and ui
|
||||
|
||||
# if using calico or cilium, you may specify the cluster pod cidr pool
|
||||
@@ -72,7 +72,7 @@ extra_agent_args: >-
|
||||
{{ extra_args }}
|
||||
|
||||
# image tag for kube-vip
|
||||
kube_vip_tag_version: "v0.8.2"
|
||||
kube_vip_tag_version: "v0.7.2"
|
||||
|
||||
# tag for kube-vip-cloud-provider manifest
|
||||
# kube_vip_cloud_provider_tag_version: "main"
|
||||
@@ -93,8 +93,8 @@ metal_lb_mode: "layer2"
|
||||
# metal_lb_bgp_peer_address: "192.168.30.1"
|
||||
|
||||
# image tag for metal lb
|
||||
metal_lb_speaker_tag_version: "v0.14.8"
|
||||
metal_lb_controller_tag_version: "v0.14.8"
|
||||
metal_lb_speaker_tag_version: "v0.14.3"
|
||||
metal_lb_controller_tag_version: "v0.14.3"
|
||||
|
||||
# metallb ip range for load balancer
|
||||
metal_lb_ip_range: "192.168.30.80-192.168.30.90"
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
#
|
||||
ansible-compat==4.1.11
|
||||
# via molecule
|
||||
ansible-core==2.17.2
|
||||
ansible-core==2.16.6
|
||||
# via
|
||||
# -r requirements.in
|
||||
# ansible-compat
|
||||
@@ -96,7 +96,7 @@ platformdirs==4.1.0
|
||||
# via virtualenv
|
||||
pluggy==1.3.0
|
||||
# via molecule
|
||||
pre-commit==3.8.0
|
||||
pre-commit==3.7.0
|
||||
# via -r requirements.in
|
||||
pre-commit-hooks==4.6.0
|
||||
# via -r requirements.in
|
||||
|
||||
8
roles/download/meta/main.yml
Normal file
8
roles/download/meta/main.yml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Manage the downloading of K3S binaries
|
||||
options:
|
||||
k3s_version:
|
||||
description: The desired version of K3S
|
||||
required: true
|
||||
5
roles/k3s_agent/defaults/main.yml
Normal file
5
roles/k3s_agent/defaults/main.yml
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
is_pxe_booted: false
|
||||
extra_agent_args: ""
|
||||
group_name_master: master
|
||||
systemd_dir: /etc/systemd/system
|
||||
29
roles/k3s_agent/meta/main.yml
Normal file
29
roles/k3s_agent/meta/main.yml
Normal file
@@ -0,0 +1,29 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Setup k3s agents
|
||||
options:
|
||||
apiserver_endpoint:
|
||||
description: Virtual ip-address configured on each master
|
||||
required: true
|
||||
|
||||
extra_agent_args:
|
||||
description: Virtual ip-address configured on each master
|
||||
default: Arguments passed to the systemd service
|
||||
|
||||
group_name_master:
|
||||
description: Name of the master group
|
||||
default: master
|
||||
|
||||
proxy_env:
|
||||
type: dict
|
||||
description: Internet proxy configurations
|
||||
default: ~
|
||||
options:
|
||||
HTTP_PROXY:
|
||||
HTTPS_PROXY:
|
||||
NO_PROXY:
|
||||
|
||||
systemd_dir:
|
||||
description: Path to systemd services
|
||||
default: /etc/systemd/system
|
||||
19
roles/k3s_custom_registries/meta/main.yml
Normal file
19
roles/k3s_custom_registries/meta/main.yml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Configure the use of a custom container registry
|
||||
options:
|
||||
custom_registries_yaml:
|
||||
description:
|
||||
- YAML block defining custom registries.
|
||||
- >
|
||||
The following is an example that pulls all images used in
|
||||
this playbook through your private registries.
|
||||
- >
|
||||
It also allows you to pull your own images from your private
|
||||
registry, without having to use imagePullSecrets in your
|
||||
deployments.
|
||||
- >
|
||||
If all you need is your own images and you don't care about
|
||||
caching the docker/quay/ghcr.io images, you can just remove
|
||||
those from the mirrors: section.
|
||||
@@ -2,12 +2,9 @@
|
||||
# If you want to explicitly define an interface that ALL control nodes
|
||||
# should use to propagate the VIP, define it here. Otherwise, kube-vip
|
||||
# will determine the right interface automatically at runtime.
|
||||
kube_vip_iface: null
|
||||
kube_vip_iface: ~
|
||||
|
||||
# Enables ARP broadcasts from Leader
|
||||
kube_vip_arp: true
|
||||
|
||||
# Name of the master group
|
||||
kube_vip_cloud_provider_tag_version: main
|
||||
group_name_master: master
|
||||
|
||||
# yamllint disable rule:line-length
|
||||
@@ -21,3 +18,5 @@ server_init_args: >-
|
||||
--token {{ k3s_token }}
|
||||
{% endif %}
|
||||
{{ extra_server_args | default('') }}
|
||||
|
||||
systemd_dir: /etc/systemd/system
|
||||
|
||||
25
roles/k3s_server/meta/main.yml
Normal file
25
roles/k3s_server/meta/main.yml
Normal file
@@ -0,0 +1,25 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Setup k3s servers
|
||||
options:
|
||||
group_name_master:
|
||||
description: Name of the master group
|
||||
default: master
|
||||
|
||||
kube_vip_cloud_provider_tag_version:
|
||||
description: Tag for kube-vip-cloud-provider manifest when enabled
|
||||
default: main
|
||||
|
||||
kube_vip_lb_ip_range:
|
||||
description: IP range for kube-vip load balancer
|
||||
default: ~
|
||||
|
||||
proxy_env:
|
||||
type: dict
|
||||
description: Internet proxy configurations
|
||||
default: ~
|
||||
options:
|
||||
HTTP_PROXY:
|
||||
HTTPS_PROXY:
|
||||
NO_PROXY:
|
||||
@@ -27,7 +27,7 @@ spec:
|
||||
- manager
|
||||
env:
|
||||
- name: vip_arp
|
||||
value: "{{ 'true' if kube_vip_arp | bool else 'false' }}"
|
||||
value: "true"
|
||||
- name: port
|
||||
value: "6443"
|
||||
{% if kube_vip_iface %}
|
||||
|
||||
@@ -83,23 +83,9 @@
|
||||
loop_control:
|
||||
label: "{{ item.description }}"
|
||||
|
||||
- name: Set metallb webhook service name
|
||||
set_fact:
|
||||
metallb_webhook_service_name: >-
|
||||
{{
|
||||
(
|
||||
(metal_lb_controller_tag_version | regex_replace('^v', ''))
|
||||
is
|
||||
version('0.14.4', '<', version_type='semver')
|
||||
) | ternary(
|
||||
'webhook-service',
|
||||
'metallb-webhook-service'
|
||||
)
|
||||
}}
|
||||
|
||||
- name: Test metallb-system webhook-service endpoint
|
||||
command: >-
|
||||
k3s kubectl -n metallb-system get endpoints {{ metallb_webhook_service_name }}
|
||||
k3s kubectl -n metallb-system get endpoints webhook-service
|
||||
changed_when: false
|
||||
with_items: "{{ groups[group_name_master | default('master')] }}"
|
||||
run_once: true
|
||||
|
||||
2
roles/reset/defaults/main.yml
Normal file
2
roles/reset/defaults/main.yml
Normal file
@@ -0,0 +1,2 @@
|
||||
---
|
||||
systemd_dir: /etc/systemd/system
|
||||
Reference in New Issue
Block a user