diff --git a/ansible/roles/k3s/tasks/clients.yml b/ansible/roles/k3s/tasks/clients.yml new file mode 100644 index 0000000..86484b4 --- /dev/null +++ b/ansible/roles/k3s/tasks/clients.yml @@ -0,0 +1,16 @@ +--- +- name: template k3s server systemd + template: + src: templates/k3s.service.j2 + dest: /etc/systemd/system/k3s.service + owner: root + group: root + mode: 0644 + +- name: enable and start k3s + systemd: + daemon_reload: yes + enabled: yes + name: k3s + state: started +... diff --git a/ansible/roles/k3s/tasks/get_k3s.yml b/ansible/roles/k3s/tasks/get_k3s.yml new file mode 100644 index 0000000..21abf0a --- /dev/null +++ b/ansible/roles/k3s/tasks/get_k3s.yml @@ -0,0 +1,25 @@ +--- +- name: check k3s version + shell: + cmd: "k3s --version | grep k3s | cut -d' ' -f3" + args: + executable: /bin/bash + changed_when: False + register: installed_k3s_version + check_mode: False + +- name: get k3s + get_url: + url: "https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s-arm64" + dest: /usr/local/bin/k3s + mode: 0755 + owner: root + group: root + when: installed_k3s_version.stdout != k3s_version + +- name: link k3s + file: + src: /usr/local/bin/k3s + dest: /usr/local/bin/kubernetes + state: link +... diff --git a/ansible/roles/k3s/tasks/main.yml b/ansible/roles/k3s/tasks/main.yml new file mode 100644 index 0000000..cc6d954 --- /dev/null +++ b/ansible/roles/k3s/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- include: get_k3s.yml +- include: server.yml + when: k3s_role == "server" +- include: clients.yml + when: k3s_role == "client" +... diff --git a/ansible/roles/k3s/tasks/server.yml b/ansible/roles/k3s/tasks/server.yml new file mode 100644 index 0000000..1890432 --- /dev/null +++ b/ansible/roles/k3s/tasks/server.yml @@ -0,0 +1,25 @@ +--- +- name: template k3s server systemd + template: + src: templates/k3s.service.j2 + dest: /etc/systemd/system/k3s.service + owner: root + group: root + mode: 0644 + +- name: enable and start k3s + systemd: + daemon_reload: yes + enabled: yes + name: k3s + state: started + +- name: get k3s token + slurp: + src: /var/lib/rancher/k3s/server/node-token + register: registered_k3s_node_token + +- name: set k3s token var + set_fact: + k3s_node_token: "{{ registered_k3s_node_token.content | b64decode | trim }}" +... diff --git a/ansible/roles/k3s/templates/k3s.service.j2 b/ansible/roles/k3s/templates/k3s.service.j2 new file mode 100644 index 0000000..c1a885a --- /dev/null +++ b/ansible/roles/k3s/templates/k3s.service.j2 @@ -0,0 +1,23 @@ +[Unit] +Description=k3s +Wants=network-online.target +After=network-online.target + +[Service] +ExecReload=/bin/kill -HUP $MAINPID +{% if k3s_role == 'server' %} +ExecStart=/usr/local/bin/k3s server --write-kubeconfig-mode 644 --disable servicelb --disable traefik +{% else %} +ExecStart=/usr/local/bin/k3s agent --server https://hardtack1.minhas.io:6443 --token {{ hostvars['hardtack1.minhas.io'].k3s_node_token }} +{% endif %} +KillMode=process +KillSignal=SIGINT +LimitNOFILE=infinity +LimitNPROC=infinity +Restart=on-failure +RestartSec=2 +StartLimitBurst=3 +TasksMax=infinity + +[Install] +WantedBy=multi-user.target