mirror of
https://github.com/techno-tim/k3s-ansible.git
synced 2025-12-25 18:23:05 +01:00
e7ba494a00
Small tweak to reduce delta from head Set calico option to be disabled by default Add rescue blocks in case updating existing Refactor items and update comments Refactor and consolidate calico.yml into block Refactor to use template for Calico CRs Revert use_calico to false Template blockSize Align default cidr in template with all.yml sample Apply upstream version tags Revert to current ver tags. Upstream's don't work. Update template address detection Add Tigera Operator/Calico CNI option
52 lines
2.1 KiB
YAML
52 lines
2.1 KiB
YAML
---
|
|
- name: Apply overrides
|
|
hosts: all
|
|
tasks:
|
|
- name: Override host variables (1/2)
|
|
ansible.builtin.set_fact:
|
|
# See:
|
|
# https://github.com/flannel-io/flannel/blob/67d603aaf45ef80f5dd39f43714fc5e6f8a637eb/Documentation/troubleshooting.md#Vagrant
|
|
container_iface: eth1
|
|
|
|
# In this scenario, we have multiple interfaces that the VIP could be
|
|
# broadcasted on. Since we have assigned a dedicated private network
|
|
# here, let's make sure that it is used.
|
|
kube_vip_iface: eth1
|
|
|
|
# The test VMs might be a bit slow, so we give them more time to join the cluster:
|
|
retry_count: 45
|
|
|
|
# IPv6 configuration
|
|
# ######################################################################
|
|
|
|
# The API server will be reachable on IPv6 only
|
|
apiserver_endpoint: fdad:bad:ba55::333
|
|
|
|
# We give MetalLB address space for both IPv4 and IPv6
|
|
metal_lb_ip_range:
|
|
- fdad:bad:ba55::1b:0/112
|
|
- 192.168.123.80-192.168.123.90
|
|
|
|
# k3s_node_ip is by default set to the IPv4 address of container_iface.
|
|
# We want IPv6 addresses here of course, so we just specify them
|
|
# manually below.
|
|
k3s_node_ip: "{{ node_ipv4 }},{{ node_ipv6 }}"
|
|
|
|
- name: Override host variables (2/2)
|
|
# Since "extra_args" depends on "k3s_node_ip" and "container_iface" we have
|
|
# to set this AFTER overriding the both of them.
|
|
ansible.builtin.set_fact:
|
|
# A few extra server args are necessary:
|
|
# - the network policy needs to be disabled.
|
|
# - we need to manually specify the subnets for services and pods, as
|
|
# the default has IPv4 ranges only.
|
|
extra_server_args: >-
|
|
{{ extra_args }}
|
|
--tls-san {{ apiserver_endpoint }}
|
|
{{ '--node-taint node-role.kubernetes.io/master=true:NoSchedule' if k3s_master_taint else '' }}
|
|
--disable servicelb
|
|
--disable traefik
|
|
--disable-network-policy
|
|
--cluster-cidr=10.42.0.0/16,fdad:bad:ba55:4200::/56
|
|
--service-cidr=10.43.0.0/16,fdad:bad:ba55:4300::/108
|