diff --git a/.drone.jsonnet b/.drone.jsonnet
deleted file mode 100644
index 32dbf1a..0000000
--- a/.drone.jsonnet
+++ /dev/null
@@ -1,159 +0,0 @@
-local PipelineLinting = {
- kind: 'pipeline',
- name: 'linting',
- platform: {
- os: 'linux',
- arch: 'amd64',
- },
- steps: [
- {
- name: 'ansible-later',
- image: 'thegeeklab/ansible-later',
- commands: [
- 'ansible-later',
- ],
- },
- {
- name: 'python-format',
- image: 'python:3.9',
- environment: {
- PY_COLORS: 1,
- },
- commands: [
- 'pip install -qq yapf',
- '[ ! -z "$(find . -type f -name *.py)" ] && yapf -rd ./',
- ],
- },
- {
- name: 'python-flake8',
- image: 'python:3.9',
- environment: {
- PY_COLORS: 1,
- },
- commands: [
- 'pip install -qq flake8',
- 'flake8',
- ],
- },
- ],
- trigger: {
- ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
- },
-};
-
-local PipelineDeployment(scenario='rocky9') = {
- kind: 'pipeline',
- name: 'testing-' + scenario,
- platform: {
- os: 'linux',
- arch: 'amd64',
- },
- concurrency: {
- limit: 1,
- },
- workspace: {
- base: '/drone/src',
- path: '${DRONE_REPO_NAME}',
- },
- steps: [
- {
- name: 'ansible-molecule',
- image: 'thegeeklab/molecule:4',
- environment: {
- HCLOUD_TOKEN: { from_secret: 'hcloud_token' },
- },
- commands: [
- 'molecule test -s ' + scenario,
- ],
- },
- ],
- depends_on: [
- 'linting',
- ],
- trigger: {
- ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
- },
-};
-
-local PipelineDocumentation = {
- kind: 'pipeline',
- name: 'documentation',
- platform: {
- os: 'linux',
- arch: 'amd64',
- },
- steps: [
- {
- name: 'generate',
- image: 'thegeeklab/ansible-doctor',
- environment: {
- ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO',
- ANSIBLE_DOCTOR_FORCE_OVERWRITE: true,
- ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/',
- ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book',
- ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}',
- ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/',
- },
- },
- {
- name: 'publish',
- image: 'plugins/gh-pages',
- settings: {
- remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}',
- netrc_machine: 'gitea.rknet.org',
- username: { from_secret: 'gitea_username' },
- password: { from_secret: 'gitea_token' },
- pages_directory: '_docs/',
- target_branch: 'docs',
- },
- when: {
- ref: ['refs/heads/main'],
- },
- },
- ],
- trigger: {
- ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
- },
- depends_on: [
- 'testing-rocky9',
- ],
-};
-
-local PipelineNotification = {
- kind: 'pipeline',
- name: 'notification',
- platform: {
- os: 'linux',
- arch: 'amd64',
- },
- clone: {
- disable: true,
- },
- steps: [
- {
- name: 'matrix',
- image: 'thegeeklab/drone-matrix',
- settings: {
- homeserver: { from_secret: 'matrix_homeserver' },
- roomid: { from_secret: 'matrix_roomid' },
- template: 'Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}',
- username: { from_secret: 'matrix_username' },
- password: { from_secret: 'matrix_password' },
- },
- },
- ],
- depends_on: [
- 'documentation',
- ],
- trigger: {
- status: ['success', 'failure'],
- ref: ['refs/heads/main', 'refs/tags/**'],
- },
-};
-
-[
- PipelineLinting,
- PipelineDeployment(scenario='rocky9'),
- PipelineDocumentation,
- PipelineNotification,
-]
diff --git a/.drone.yml b/.drone.yml
deleted file mode 100644
index 078eb99..0000000
--- a/.drone.yml
+++ /dev/null
@@ -1,153 +0,0 @@
----
-kind: pipeline
-name: linting
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: ansible-later
- image: thegeeklab/ansible-later
- commands:
- - ansible-later
-
- - name: python-format
- image: python:3.9
- commands:
- - pip install -qq yapf
- - "[ ! -z \"$(find . -type f -name *.py)\" ] && yapf -rd ./"
- environment:
- PY_COLORS: 1
-
- - name: python-flake8
- image: python:3.9
- commands:
- - pip install -qq flake8
- - flake8
- environment:
- PY_COLORS: 1
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- - refs/pull/**
-
----
-kind: pipeline
-name: testing-rocky9
-
-platform:
- os: linux
- arch: amd64
-
-concurrency:
- limit: 1
-
-workspace:
- base: /drone/src
- path: ${DRONE_REPO_NAME}
-
-steps:
- - name: ansible-molecule
- image: thegeeklab/molecule:4
- commands:
- - molecule test -s rocky9
- environment:
- HCLOUD_TOKEN:
- from_secret: hcloud_token
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- - refs/pull/**
-
-depends_on:
- - linting
-
----
-kind: pipeline
-name: documentation
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: generate
- image: thegeeklab/ansible-doctor
- environment:
- ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
- ANSIBLE_DOCTOR_FORCE_OVERWRITE: true
- ANSIBLE_DOCTOR_LOG_LEVEL: INFO
- ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/
- ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.}
- ANSIBLE_DOCTOR_TEMPLATE: hugo-book
-
- - name: publish
- image: plugins/gh-pages
- settings:
- netrc_machine: gitea.rknet.org
- pages_directory: _docs/
- password:
- from_secret: gitea_token
- remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}
- target_branch: docs
- username:
- from_secret: gitea_username
- when:
- ref:
- - refs/heads/main
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- - refs/pull/**
-
-depends_on:
- - testing-rocky9
-
----
-kind: pipeline
-name: notification
-
-platform:
- os: linux
- arch: amd64
-
-clone:
- disable: true
-
-steps:
- - name: matrix
- image: thegeeklab/drone-matrix
- settings:
- homeserver:
- from_secret: matrix_homeserver
- password:
- from_secret: matrix_password
- roomid:
- from_secret: matrix_roomid
- template: "Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}"
- username:
- from_secret: matrix_username
-
-trigger:
- ref:
- - refs/heads/main
- - refs/tags/**
- status:
- - success
- - failure
-
-depends_on:
- - documentation
-
----
-kind: signature
-hmac: 2b0cc784b55812ac281219c9c8d789a1414b208a4341a277deb865a8aebad87e
-
-...
diff --git a/.later.yml b/.later.yml
index 0efe5d5..45f5d4e 100644
--- a/.later.yml
+++ b/.later.yml
@@ -10,10 +10,9 @@ ansible:
rules:
exclude_files:
- - molecule/
- "LICENSE*"
- "**/*.md"
- "**/*.ini"
- exclude_filter:
- - LINT0009
+ warning_filter:
+ - ANS126
diff --git a/.markdownlint.yml b/.markdownlint.yml
new file mode 100644
index 0000000..da116c7
--- /dev/null
+++ b/.markdownlint.yml
@@ -0,0 +1,7 @@
+---
+default: True
+MD013: False
+MD041: False
+MD024: False
+MD004:
+ style: dash
diff --git a/.prettierignore b/.prettierignore
index ef05acb..6b1d0bf 100644
--- a/.prettierignore
+++ b/.prettierignore
@@ -1 +1 @@
-.drone*
+LICENSE
diff --git a/.woodpecker/docs.yaml b/.woodpecker/docs.yaml
new file mode 100644
index 0000000..f053ca8
--- /dev/null
+++ b/.woodpecker/docs.yaml
@@ -0,0 +1,47 @@
+---
+when:
+ - event: [pull_request]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+steps:
+ - name: generate
+ image: quay.io/thegeeklab/ansible-doctor
+ environment:
+ ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
+ ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true"
+ ANSIBLE_DOCTOR_LOG_LEVEL: INFO
+ ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME}
+ ANSIBLE_DOCTOR_TEMPLATE: readme
+
+ - name: format
+ image: quay.io/thegeeklab/alpine-tools
+ commands:
+ - prettier -w README.md
+
+ - name: diff
+ image: quay.io/thegeeklab/alpine-tools
+ commands:
+ - git diff --color=always README.md
+
+ - name: publish
+ image: quay.io/thegeeklab/wp-git-action
+ settings:
+ action:
+ - commit
+ - push
+ author_email: ci-bot@rknet.org
+ author_name: ci-bot
+ branch: main
+ message: "[skip ci] automated docs update"
+ netrc_machine: gitea.rknet.org
+ netrc_password:
+ from_secret: gitea_token
+ when:
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+depends_on:
+ - test
diff --git a/.woodpecker/lint.yaml b/.woodpecker/lint.yaml
new file mode 100644
index 0000000..ca4facd
--- /dev/null
+++ b/.woodpecker/lint.yaml
@@ -0,0 +1,30 @@
+---
+when:
+ - event: [pull_request, tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+steps:
+ - name: ansible-later
+ image: quay.io/thegeeklab/ansible-later:4
+ commands:
+ - ansible-later
+ environment:
+ FORCE_COLOR: "1"
+
+ - name: python-format
+ image: docker.io/python:3.12
+ commands:
+ - pip install -qq ruff
+ - ruff format --check --diff .
+ environment:
+ PY_COLORS: "1"
+
+ - name: python-lint
+ image: docker.io/python:3.12
+ commands:
+ - pip install -qq ruff
+ - ruff .
+ environment:
+ PY_COLORS: "1"
diff --git a/.woodpecker/notify.yml b/.woodpecker/notify.yml
new file mode 100644
index 0000000..9957125
--- /dev/null
+++ b/.woodpecker/notify.yml
@@ -0,0 +1,26 @@
+---
+when:
+ - event: [tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+runs_on: [success, failure]
+
+steps:
+ - name: matrix
+ image: quay.io/thegeeklab/wp-matrix
+ settings:
+ homeserver:
+ from_secret: matrix_homeserver
+ password:
+ from_secret: matrix_password
+ roomid:
+ from_secret: matrix_roomid
+ username:
+ from_secret: matrix_username
+ when:
+ - status: [success, failure]
+
+depends_on:
+ - docs
diff --git a/.woodpecker/test.yaml b/.woodpecker/test.yaml
new file mode 100644
index 0000000..a4991f7
--- /dev/null
+++ b/.woodpecker/test.yaml
@@ -0,0 +1,25 @@
+---
+when:
+ - event: [pull_request, tag]
+ - event: [push, manual]
+ branch:
+ - ${CI_REPO_DEFAULT_BRANCH}
+
+variables:
+ - &molecule_base
+ image: quay.io/thegeeklab/molecule:6
+ group: molecule
+ secrets:
+ - source: molecule_hcloud_token
+ target: HCLOUD_TOKEN
+ environment:
+ PY_COLORS: "1"
+
+steps:
+ - name: molecule-default
+ <<: *molecule_base
+ commands:
+ - molecule test -s default
+
+depends_on:
+ - lint
diff --git a/README.md b/README.md
index 482d4eb..0668e18 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1 @@
# xoxys.k3s
-
-[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.k3s?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.k3s)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](LICENSE)
-
-Setup K3s cluster nodes. You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/k3s/).
-
-## License
-
-This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
diff --git a/defaults/main.yml b/defaults/main.yml
index dbdb507..85192ff 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,5 +1,5 @@
---
-k3s_version: 1.27.5+k3s1
+k3s_version: 1.28.6+k3s2
k3s_packages:
- epel-release
diff --git a/handlers/main.yml b/handlers/main.yml
index 8afcd79..f48d8f7 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,20 +1,16 @@
---
- name: Restart K3s service
- service:
+ ansible.builtin.service:
name: k3s
state: restarted
daemon_reload: yes
enabled: yes
listen: __k3s_restart
- become: True
- become_user: root
- name: Restart iscsid service
- service:
+ ansible.builtin.service:
name: iscsid
state: restarted
daemon_reload: yes
enabled: yes
listen: __iscsid_restart
- become: True
- become_user: root
diff --git a/meta/main.yml b/meta/main.yml
index 1ee53ef..f114ac0 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,4 +1,3 @@
-# Standards: 0.2
---
galaxy_info:
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
@@ -6,18 +5,17 @@ galaxy_info:
namespace: xoxys
role_name: k3s
# @meta description: >
- # [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.k3s)
- # [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.k3s?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.k3s)
+ # [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.k3s/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.k3s)
# [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.k3s/src/branch/main/LICENSE)
#
# Setup K3s cluster nodes.
# @end
description: Setup K3s cluster nodes
license: MIT
- min_ansible_version: 2.10
+ min_ansible_version: "2.10"
platforms:
- name: EL
versions:
- - 7
+ - "9"
galaxy_tags: []
dependencies: []
diff --git a/molecule/default b/molecule/default
deleted file mode 120000
index afa9fc6..0000000
--- a/molecule/default
+++ /dev/null
@@ -1 +0,0 @@
-rocky9
\ No newline at end of file
diff --git a/molecule/rocky9/converge.yml b/molecule/default/converge.yml
similarity index 93%
rename from molecule/rocky9/converge.yml
rename to molecule/default/converge.yml
index bff9e93..fdd4f5d 100644
--- a/molecule/rocky9/converge.yml
+++ b/molecule/default/converge.yml
@@ -17,7 +17,7 @@
value: 25000000
k3s_reset: False
k3s_packages_extra:
- - https://github.com/k3s-io/k3s-selinux/releases/download/v1.2.stable.2/k3s-selinux-1.2-2.el8.noarch.rpm
+ - https://github.com/k3s-io/k3s-selinux/releases/download/v1.5.stable.1/k3s-selinux-1.5-1.el9.noarch.rpm
k3s_server_flannel_backend_enabled: False
k3s_server_network_policy_enabled: False
k3s_server_cloud_controller_enabled: True
@@ -25,7 +25,7 @@
k3s_server_manifests_templates:
- "calico-installation.yaml.j2"
k3s_server_manifests_urls:
- - url: https://raw.githubusercontent.com/projectcalico/calico/v3.24.2/manifests/tigera-operator.yaml
+ - url: https://raw.githubusercontent.com/projectcalico/calico/v3.27.2/manifests/tigera-operator.yaml
dest: tigera-operator.yaml
# - url: https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
# dest: hcloud-ccm.yaml
@@ -47,7 +47,7 @@
k3s_iscsi_enabled: True
pre_tasks:
- name: Override host variables
- set_fact:
+ ansible.builtin.set_fact:
k3s_node_ip: "{{ ansible_default_ipv4.address }}"
roles:
- role: xoxys.kernel
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 0000000..e31fb47
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,17 @@
+---
+driver:
+ name: molecule_hetznercloud
+dependency:
+ name: galaxy
+ options:
+ role-file: molecule/requirements.yml
+ requirements-file: molecule/requirements.yml
+platforms:
+ - name: "rocky9-k3s"
+ server_type: "cx11"
+ image: "rocky-9"
+provisioner:
+ name: ansible
+ log: False
+verifier:
+ name: testinfra
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
new file mode 100644
index 0000000..0df1d77
--- /dev/null
+++ b/molecule/default/prepare.yml
@@ -0,0 +1,11 @@
+---
+- name: Prepare
+ hosts: all
+ gather_facts: False
+ tasks:
+ - name: Bootstrap Python for Ansible
+ ansible.builtin.raw: |
+ command -v python3 python ||
+ ((test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
+ echo "Warning: Python not boostrapped due to unknown platform.")
+ changed_when: False
diff --git a/molecule/rocky9/tests/test_default.py b/molecule/default/tests/test_default.py
similarity index 95%
rename from molecule/rocky9/tests/test_default.py
rename to molecule/default/tests/test_default.py
index 45b3b74..532175a 100644
--- a/molecule/rocky9/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -28,7 +28,7 @@ def test_k3s_node_ready(host):
def test_k3s_node_labels(host):
- jsonpth = '{.items[0].metadata.labels}' # noqa
+ jsonpth = "{.items[0].metadata.labels}" # noqa
nodes = host.run(f"k3s kubectl get nodes -o jsonpath='{jsonpth}'").stdout
assert '"node.kubernetes.io/exclude-from-external-load-balancers":"true"' in nodes
diff --git a/molecule/pytest.ini b/molecule/pytest.ini
deleted file mode 100644
index c24fe5b..0000000
--- a/molecule/pytest.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-[pytest]
-filterwarnings =
- ignore::DeprecationWarning
diff --git a/molecule/requirements.yml b/molecule/requirements.yml
index 507c3aa..93481b0 100644
--- a/molecule/requirements.yml
+++ b/molecule/requirements.yml
@@ -1,8 +1,5 @@
---
-collections:
- - name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz
- - name: community.general
-
+collections: []
roles:
- src: https://gitea.rknet.org/ansible/xoxys.kernel
scm: git
diff --git a/molecule/rocky9/create.yml b/molecule/rocky9/create.yml
deleted file mode 100644
index 719600d..0000000
--- a/molecule/rocky9/create.yml
+++ /dev/null
@@ -1,120 +0,0 @@
----
-- name: Create
- hosts: localhost
- connection: local
- gather_facts: false
- no_log: "{{ molecule_no_log }}"
- vars:
- ssh_port: 22
- ssh_user: root
- ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
- tasks:
- - name: Create SSH key
- user:
- name: "{{ lookup('env', 'USER') }}"
- generate_ssh_key: true
- ssh_key_file: "{{ ssh_path }}"
- force: true
- register: generated_ssh_key
-
- - name: Register the SSH key name
- set_fact:
- ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
-
- - name: Register SSH key for test instance(s)
- hcloud_ssh_key:
- name: "{{ ssh_key_name }}"
- public_key: "{{ generated_ssh_key.ssh_public_key }}"
- state: present
-
- - name: Create molecule instance(s)
- hcloud_server:
- name: "{{ item.name }}"
- server_type: "{{ item.server_type }}"
- ssh_keys:
- - "{{ ssh_key_name }}"
- image: "{{ item.image }}"
- location: "{{ item.location | default(omit) }}"
- datacenter: "{{ item.datacenter | default(omit) }}"
- user_data: "{{ item.user_data | default(omit) }}"
- api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
- state: present
- register: server
- loop: "{{ molecule_yml.platforms }}"
- async: 7200
- poll: 0
-
- - name: Wait for instance(s) creation to complete
- async_status:
- jid: "{{ item.ansible_job_id }}"
- register: hetzner_jobs
- until: hetzner_jobs.finished
- retries: 300
- loop: "{{ server.results }}"
-
- - name: Create volume(s)
- hcloud_volume:
- name: "{{ item.name }}"
- server: "{{ item.name }}"
- location: "{{ item.location | default(omit) }}"
- size: "{{ item.volume_size | default(10) }}"
- api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
- state: "present"
- loop: "{{ molecule_yml.platforms }}"
- when: item.volume | default(False) | bool
- register: volumes
- async: 7200
- poll: 0
-
- - name: Wait for volume(s) creation to complete
- async_status:
- jid: "{{ item.ansible_job_id }}"
- register: hetzner_volumes
- until: hetzner_volumes.finished
- retries: 300
- when: volumes.changed
- loop: "{{ volumes.results }}"
-
- # Mandatory configuration for Molecule to function.
-
- - name: Populate instance config dict
- set_fact:
- instance_conf_dict:
- {
- "instance": "{{ item.hcloud_server.name }}",
- "ssh_key_name": "{{ ssh_key_name }}",
- "address": "{{ item.hcloud_server.ipv4_address }}",
- "user": "{{ ssh_user }}",
- "port": "{{ ssh_port }}",
- "identity_file": "{{ ssh_path }}",
- "volume": "{{ item.item.item.volume | default(False) | bool }}",
- }
- loop: "{{ hetzner_jobs.results }}"
- register: instance_config_dict
- when: server.changed | bool
-
- - name: Convert instance config dict to a list
- set_fact:
- instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
- when: server.changed | bool
-
- - name: Dump instance config
- copy:
- content: |
- # Molecule managed
-
- {{ instance_conf | to_nice_yaml(indent=2) }}
- dest: "{{ molecule_instance_config }}"
- when: server.changed | bool
-
- - name: Wait for SSH
- wait_for:
- port: "{{ ssh_port }}"
- host: "{{ item.address }}"
- search_regex: SSH
- delay: 10
- loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
-
- - name: Wait for VM to settle down
- pause:
- seconds: 30
\ No newline at end of file
diff --git a/molecule/rocky9/destroy.yml b/molecule/rocky9/destroy.yml
deleted file mode 100644
index ed0b2ed..0000000
--- a/molecule/rocky9/destroy.yml
+++ /dev/null
@@ -1,78 +0,0 @@
----
-- name: Destroy
- hosts: localhost
- connection: local
- gather_facts: false
- no_log: "{{ molecule_no_log }}"
- tasks:
- - name: Check existing instance config file
- stat:
- path: "{{ molecule_instance_config }}"
- register: cfg
-
- - name: Populate the instance config
- set_fact:
- instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
-
- - name: Destroy molecule instance(s)
- hcloud_server:
- name: "{{ item.instance }}"
- api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
- state: absent
- register: server
- loop: "{{ instance_conf }}"
- async: 7200
- poll: 0
-
- - name: Wait for instance(s) deletion to complete
- async_status:
- jid: "{{ item.ansible_job_id }}"
- register: hetzner_jobs
- until: hetzner_jobs.finished
- retries: 300
- loop: "{{ server.results }}"
-
- - pause:
- seconds: 5
-
- - name: Destroy volume(s)
- hcloud_volume:
- name: "{{ item.instance }}"
- server: "{{ item.instance }}"
- api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
- state: "absent"
- register: volumes
- loop: "{{ instance_conf }}"
- when: item.volume | default(False) | bool
- async: 7200
- poll: 0
-
- - name: Wait for volume(s) deletion to complete
- async_status:
- jid: "{{ item.ansible_job_id }}"
- register: hetzner_volumes
- until: hetzner_volumes.finished
- retries: 300
- when: volumes.changed
- loop: "{{ volumes.results }}"
-
- - name: Remove registered SSH key
- hcloud_ssh_key:
- name: "{{ instance_conf[0].ssh_key_name }}"
- state: absent
- when: (instance_conf | default([])) | length > 0
-
- # Mandatory configuration for Molecule to function.
-
- - name: Populate instance config
- set_fact:
- instance_conf: {}
-
- - name: Dump instance config
- copy:
- content: |
- # Molecule managed
-
- {{ instance_conf | to_nice_yaml(indent=2) }}
- dest: "{{ molecule_instance_config }}"
- when: server.changed | bool
\ No newline at end of file
diff --git a/molecule/rocky9/molecule.yml b/molecule/rocky9/molecule.yml
deleted file mode 100644
index fc548ba..0000000
--- a/molecule/rocky9/molecule.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-dependency:
- name: galaxy
- options:
- role-file: molecule/requirements.yml
- requirements-file: molecule/requirements.yml
- env:
- ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
-driver:
- name: delegated
-platforms:
- - name: rocky9-k3s
- image: rocky-9
- server_type: cx11
-lint: |
- /usr/local/bin/flake8
-provisioner:
- name: ansible
- env:
- ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
- ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
- log: False
-verifier:
- name: testinfra
diff --git a/molecule/rocky9/prepare.yml b/molecule/rocky9/prepare.yml
deleted file mode 100644
index 183f4d3..0000000
--- a/molecule/rocky9/prepare.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: Prepare
- hosts: all
- gather_facts: false
- tasks:
- - name: Bootstrap python for Ansible
- raw: |
- command -v python3 python || (
- (test -e /usr/bin/dnf && sudo dnf install -y python3) ||
- (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
- (test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
- echo "Warning: Python not boostrapped due to unknown platform."
- )
- become: true
- changed_when: false
diff --git a/molecule/rocky9/templates/calico-installation.yaml.j2 b/molecule/rocky9/templates/calico-installation.yaml.j2
deleted file mode 100644
index 096e096..0000000
--- a/molecule/rocky9/templates/calico-installation.yaml.j2
+++ /dev/null
@@ -1,21 +0,0 @@
----
-apiVersion: operator.tigera.io/v1
-kind: Installation
-metadata:
- name: default
-spec:
- calicoNetwork:
- ipPools:
- - blockSize: 26
- cidr: "10.42.0.0/16"
- encapsulation: "VXLANCrossSubnet"
- natOutgoing: Enabled
- nodeSelector: all()
- nodeMetricsPort: 9091
- typhaMetricsPort: 9093
----
-apiVersion: operator.tigera.io/v1
-kind: APIServer
-metadata:
- name: default
-spec: {}
diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 0000000..7193140
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,17 @@
+[tool.ruff]
+exclude = [".git", "__pycache__"]
+
+line-length = 99
+indent-width = 4
+
+[tool.ruff.lint]
+ignore = ["W191", "E111", "E114", "E117", "S101", "S105"]
+select = ["F", "E", "I", "W", "S"]
+
+[tool.ruff.format]
+quote-style = "double"
+indent-style = "space"
+line-ending = "lf"
+
+[tool.pytest.ini_options]
+filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"]
diff --git a/setup.cfg b/setup.cfg
deleted file mode 100644
index 2bb8674..0000000
--- a/setup.cfg
+++ /dev/null
@@ -1,12 +0,0 @@
-[flake8]
-ignore = D100, D101, D102, D103, D105, D107, E402, W503
-max-line-length = 99
-inline-quotes = double
-exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env*
-
-[yapf]
-based_on_style = google
-column_limit = 99
-dedent_closing_brackets = true
-coalesce_brackets = true
-split_before_logical_operator = true
diff --git a/tasks/init.yml b/tasks/init.yml
index 2a65012..066ee61 100644
--- a/tasks/init.yml
+++ b/tasks/init.yml
@@ -1,34 +1,32 @@
---
-- block:
- - name: Ensure k3s-init service is stopped
- systemd:
- name: k3s-init
- state: stopped
- failed_when: False
+- name: Ensure k3s-init service is stopped
+ ansible.builtin.service:
+ name: k3s-init
+ state: stopped
+ failed_when: False
- - name: Clean previous runs of k3s-init
- command: systemctl reset-failed k3s-init
- failed_when: False
- changed_when: False
- tags:
- - skip_ansible_later
+- name: Clean previous runs of k3s-init
+ ansible.builtin.command: systemctl reset-failed k3s-init
+ failed_when: False
+ changed_when: False
+ tags:
+ - skip_ansible_later
- - name: Init cluster inside the transient k3s-init service
- command:
- cmd: >-
- systemd-run
- -p RestartSec=2
- -p Restart=on-failure
- --unit=k3s-init
- {{ __k3s_binary }} server {{ __k3s_server_init_args }}
- creates: "{{ __k3s_service_file }}"
- register: __k3s_init
- become: True
- become_user: root
+- name: Init cluster inside the transient k3s-init service
+ ansible.builtin.command:
+ cmd: >-
+ systemd-run
+ -p RestartSec=2
+ -p Restart=on-failure
+ --unit=k3s-init
+ {{ __k3s_binary }} server {{ __k3s_server_init_args }}
+ creates: "{{ __k3s_service_file }}"
+ register: __k3s_init
-- block:
+- when: __k3s_init.changed | bool
+ block:
- name: Verify that all nodes actually joined
- command: >-
+ ansible.builtin.command: >-
{{ __k3s_binary }} kubectl get nodes
-l "node-role.kubernetes.io/control-plane=true"
-o=jsonpath="{.items[*].metadata.name}"
@@ -39,22 +37,19 @@
changed_when: False
always:
- name: Fetch k3s-init logs
- command: journalctl --all --unit=k3s-init.service
+ ansible.builtin.command: journalctl --all --unit=k3s-init.service
changed_when: False
register: __k3s_init_log
- name: Save k3s-init logs
- copy:
+ ansible.builtin.copy:
content: "{{ __k3s_init_log.stdout }}"
dest: "{{ __k3s_log_dir }}/k3s-init.log"
- mode: 0640
+ mode: "0640"
when: k3s_init_log_enabled | bool
- name: Kill the temporary service used for initialization
- systemd:
+ ansible.builtin.service:
name: k3s-init
state: stopped
failed_when: False
- become: True
- become_user: root
- when: __k3s_init.changed | bool
diff --git a/tasks/iscsi.yml b/tasks/iscsi.yml
index ead8107..ad5f7c7 100644
--- a/tasks/iscsi.yml
+++ b/tasks/iscsi.yml
@@ -1,26 +1,23 @@
---
-- block:
- - name: Ensure iscsi is installed
- package:
- name: "{{ item }}"
- state: present
- loop:
- - iscsi-initiator-utils
+- name: Ensure iscsi is installed
+ ansible.builtin.package:
+ name: "{{ item }}"
+ state: present
+ loop:
+ - iscsi-initiator-utils
- - name: Configure iscsi-initiator
- copy:
- content: "InitiatorName=$(/sbin/iscsi-iname)"
- dest: /etc/iscsi/initiatorname.iscsi
- owner: root
- group: root
- mode: 0644
- notify: __iscsid_restart
+- name: Configure iscsi-initiator
+ ansible.builtin.copy:
+ content: "InitiatorName=$(/sbin/iscsi-iname)"
+ dest: /etc/iscsi/initiatorname.iscsi
+ owner: root
+ group: root
+ mode: "0644"
+ notify: __iscsid_restart
- - name: Ensure iscsid service is up and running
- service:
- name: iscsid
- daemon_reload: True
- enabled: True
- state: started
- become: True
- become_user: root
+- name: Ensure iscsid service is up and running
+ ansible.builtin.service:
+ name: iscsid
+ daemon_reload: True
+ enabled: True
+ state: started
diff --git a/tasks/main.yml b/tasks/main.yml
index 7330aae..df07821 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,9 +1,9 @@
---
-- include_tasks: reset.yml
+- ansible.builtin.include_tasks: reset.yml
when: k3s_reset | bool
-- include_tasks: prepare.yml
-- include_tasks: init.yml
+- ansible.builtin.include_tasks: prepare.yml
+- ansible.builtin.include_tasks: init.yml
when: k3s_server | bool
-- include_tasks: setup.yml
-- include_tasks: iscsi.yml
+- ansible.builtin.include_tasks: setup.yml
+- ansible.builtin.include_tasks: iscsi.yml
when: k3s_iscsi_enabled | bool
diff --git a/tasks/prepare.yml b/tasks/prepare.yml
index 66a2ff9..e29de0c 100644
--- a/tasks/prepare.yml
+++ b/tasks/prepare.yml
@@ -1,99 +1,96 @@
---
-- block:
- - name: Import Rancher public key
- rpm_key:
- state: present
- key: https://rpm.rancher.io/public.key
+- name: Import Rancher public key
+ ansible.builtin.rpm_key:
+ state: present
+ key: https://rpm.rancher.io/public.key
- - name: Ensure dependencies are installed
- package:
- name: "{{ item }}"
- state: present
- loop: "{{ k3s_packages + k3s_packages_extra }}"
+- name: Ensure dependencies are installed
+ ansible.builtin.package:
+ name: "{{ item }}"
+ state: present
+ loop: "{{ k3s_packages + k3s_packages_extra }}"
- - name: Check if cluster is installed
- stat:
- path: "{{ __k3s_config_dir }}/k3s.yaml"
- register: __k3s_installed
+- name: Check if cluster is installed
+ ansible.builtin.stat:
+ path: "{{ __k3s_config_dir }}/k3s.yaml"
+ register: __k3s_installed
- - name: Prepare directory structure
- file:
- path: "{{ item }}"
- owner: root
- group: root
- mode: 0700
- state: directory
- loop:
- - "{{ __k3s_config_dir }}"
- - "{{ __k3s_config_dir }}/server"
- - "{{ __k3s_data_dir }}"
- - "{{ __k3s_manifests_dir }}"
- - "{{ __k3s_log_dir }}"
+- name: Prepare directory structure
+ ansible.builtin.file:
+ path: "{{ item }}"
+ owner: root
+ group: root
+ mode: "0700"
+ state: directory
+ loop:
+ - "{{ __k3s_config_dir }}"
+ - "{{ __k3s_config_dir }}/server"
+ - "{{ __k3s_data_dir }}"
+ - "{{ __k3s_manifests_dir }}"
+ - "{{ __k3s_log_dir }}"
- - name: Download K3s binary
- get_url:
- url: https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/k3s
- checksum: sha256:https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/sha256sum-amd64.txt
- dest: /usr/local/bin/k3s
- timeout: 30
- owner: root
- group: root
- mode: 0755
- notify: __k3s_restart
+- name: Download K3s binary
+ ansible.builtin.get_url:
+ url: https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/k3s
+ checksum: sha256:https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/sha256sum-amd64.txt
+ dest: /usr/local/bin/k3s
+ timeout: 30
+ owner: root
+ group: root
+ mode: "0755"
+ notify: __k3s_restart
- - name: Copy K3s config file
- template:
- src: "etc/rancher/k3s/config.yaml.j2"
- dest: "{{ __k3s_config_dir }}/config.yaml"
- owner: root
- group: root
- mode: 0600
- notify: __k3s_restart
+- name: Copy K3s config file
+ ansible.builtin.template:
+ src: "etc/rancher/k3s/config.yaml.j2"
+ dest: "{{ __k3s_config_dir }}/config.yaml"
+ owner: root
+ group: root
+ mode: "0600"
+ notify: __k3s_restart
- - name: Copy K3s kubelet config file
- template:
- src: "etc/rancher/k3s/kubelet.yaml.j2"
- dest: "{{ __k3s_config_dir }}/kubelet.yaml"
- owner: root
- group: root
- mode: 0600
- notify: __k3s_restart
+- name: Copy K3s kubelet config file
+ ansible.builtin.template:
+ src: "etc/rancher/k3s/kubelet.yaml.j2"
+ dest: "{{ __k3s_config_dir }}/kubelet.yaml"
+ owner: root
+ group: root
+ mode: "0600"
+ notify: __k3s_restart
- - name: Copy K3s server config files
- template:
- src: "etc/rancher/k3s/server/{{ item }}.j2"
- dest: "{{ __k3s_config_dir }}/server/{{ item }}"
- owner: root
- group: root
- mode: 0600
- loop:
- - admission-config.yaml
- when: k3s_server | bool
- notify: __k3s_restart
+- name: Copy K3s server config files
+ ansible.builtin.template:
+ src: "etc/rancher/k3s/server/{{ item }}.j2"
+ dest: "{{ __k3s_config_dir }}/server/{{ item }}"
+ owner: root
+ group: root
+ mode: "0600"
+ loop:
+ - admission-config.yaml
+ when: k3s_server | bool
+ notify: __k3s_restart
- - name: Copy auto-deploying manifests to the server
- template:
- src: "{{ item }}"
- dest: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
- mode: 0644
- loop: "{{ k3s_server_manifests_templates }}"
- loop_control:
- label: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
- when:
- - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']
- - not __k3s_installed.stat.exists
+- name: Copy auto-deploying manifests to the server
+ ansible.builtin.template:
+ src: "{{ item }}"
+ dest: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
+ mode: "0644"
+ loop: "{{ k3s_server_manifests_templates }}"
+ loop_control:
+ label: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}"
+ when:
+ - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']
+ - not __k3s_installed.stat.exists
- - name: Download auto-deploying manifests to the server
- get_url:
- url: "{{ item.url }}"
- dest: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}"
- timeout: 30
- mode: 0644
- loop: "{{ k3s_server_manifests_urls }}"
- loop_control:
- label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}"
- when:
- - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']
- - not __k3s_installed.stat.exists
- become: True
- become_user: root
+- name: Download auto-deploying manifests to the server
+ ansible.builtin.get_url:
+ url: "{{ item.url }}"
+ dest: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}"
+ timeout: 30
+ mode: "0644"
+ loop: "{{ k3s_server_manifests_urls }}"
+ loop_control:
+ label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}"
+ when:
+ - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']
+ - not __k3s_installed.stat.exists
diff --git a/tasks/reset.yml b/tasks/reset.yml
index 3df2dfc..942c181 100644
--- a/tasks/reset.yml
+++ b/tasks/reset.yml
@@ -1,63 +1,60 @@
---
-- block:
- - name: Disable services
- service:
- name: "{{ item }}"
- state: stopped
- enabled: False
- failed_when: False
- loop:
- - k3s
- - k3s-init
- - kubepods
+- name: Disable services
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: stopped
+ enabled: False
+ failed_when: False
+ loop:
+ - k3s
+ - k3s-init
+ - kubepods
- - name: Kill containerd-shim-runc
- register: __k3s_pkill_containerd_shim_runc
- command: pkill -9 -f "k3s/data/[^/]+/bin/containerd-shim-runc"
- changed_when: __k3s_pkill_containerd_shim_runc.rc == 0
- failed_when: False
+- name: Kill containerd-shim-runc
+ register: __k3s_pkill_containerd_shim_runc
+ ansible.builtin.command: pkill -9 -f "k3s/data/[^/]+/bin/containerd-shim-runc"
+ changed_when: __k3s_pkill_containerd_shim_runc.rc == 0
+ failed_when: False
- - name: Get the list of mounted filesystems
- shell: set -o pipefail && cat /proc/mounts | awk '{ print $2}' | grep -E "^{{ item }}"
- loop:
- - /run/k3s
- - /var/lib/kubelet
- - /run/netns
- - /var/lib/kubelet/pods
- - /var/lib/kubelet/plugins
- - /run/netns/cni-
- - "{{ __k3s_data_dir }}"
- register: __k3s_mounted_fs
- args:
- executable: /bin/bash
- failed_when: False
- changed_when: False
+- name: Get the list of mounted filesystems
+ ansible.builtin.shell: set -o pipefail && cat /proc/mounts | awk '{ print $2}' | grep -E "^{{ item }}"
+ loop:
+ - /run/k3s
+ - /var/lib/kubelet
+ - /run/netns
+ - /var/lib/kubelet/pods
+ - /var/lib/kubelet/plugins
+ - /run/netns/cni-
+ - "{{ __k3s_data_dir }}"
+ register: __k3s_mounted_fs
+ args:
+ executable: /bin/bash
+ failed_when: False
+ changed_when: False
- - name: Umount filesystem
- mount:
- path: "{{ item }}"
- state: unmounted
- loop: "{{ __k3s_mounted_fs.results | map(attribute='stdout_lines') | list | flatten | reverse }}"
+- name: Umount filesystem
+ ansible.posix.mount:
+ path: "{{ item }}"
+ state: unmounted
+ loop: "{{ __k3s_mounted_fs.results | map(attribute='stdout_lines') | list | flatten | reverse }}"
- - name: Remove service files, binaries and data
- file:
- name: "{{ item }}"
- state: absent
- loop:
- - /usr/local/bin/k3s
- - "{{ __k3s_service_file }}"
- - "{{ __k3s_config_dir }}"
- - "{{ __k3s_data_dir }}"
- - "{{ __k3s_log_dir }}"
- - /etc/cni
- - /run/k3s
- - /run/flannel
- - /var/lib/kubelet
- - /var/lib/cni
- - /var/run/netns
+- name: Remove service files, binaries and data
+ ansible.builtin.file:
+ name: "{{ item }}"
+ state: absent
+ loop:
+ - /usr/local/bin/k3s
+ - "{{ __k3s_service_file }}"
+ - "{{ __k3s_config_dir }}"
+ - "{{ __k3s_data_dir }}"
+ - "{{ __k3s_log_dir }}"
+ - /etc/cni
+ - /run/k3s
+ - /run/flannel
+ - /var/lib/kubelet
+ - /var/lib/cni
+ - /var/run/netns
- - name: Reload systemd daemon
- systemd:
- daemon_reload: True
- become: True
- become_user: root
+- name: Reload systemd daemon
+ ansible.builtin.service:
+ daemon_reload: True
diff --git a/tasks/setup.yml b/tasks/setup.yml
index c9ae158..fd5f1b8 100644
--- a/tasks/setup.yml
+++ b/tasks/setup.yml
@@ -1,95 +1,92 @@
---
-- block:
- - name: Copy K3s service file
- template:
- src: "etc/systemd/system/k3s.service.j2"
- dest: "{{ __k3s_service_file }}"
- owner: root
- group: root
- mode: 0644
- notify: __k3s_restart
+- name: Copy K3s service file
+ ansible.builtin.template:
+ src: "etc/systemd/system/k3s.service.j2"
+ dest: "{{ __k3s_service_file }}"
+ owner: root
+ group: root
+ mode: "0644"
+ notify: __k3s_restart
- - name: Force restart
- meta: flush_handlers
+- name: Force restart
+ ansible.builtin.meta: flush_handlers
- - name: Ensure K3s service is up and running
- service:
- name: k3s
- daemon_reload: True
- enabled: True
- state: started
+- name: Ensure K3s service is up and running
+ ansible.builtin.service:
+ name: k3s
+ daemon_reload: True
+ enabled: True
+ state: started
- - name: Wait for Kubernetes API
- command: >-
- {{ __k3s_binary }} kubectl get --raw='/readyz'
- register: __k3s_api_readyz
- until: __k3s_api_readyz.rc == 0 and __k3s_api_readyz.stdout == "ok"
- retries: 30
- delay: 10
- changed_when: False
- when: k3s_server | bool
+- name: Wait for Kubernetes API
+ ansible.builtin.command: >-
+ {{ __k3s_binary }} kubectl get --raw='/readyz'
+ register: __k3s_api_readyz
+ until: __k3s_api_readyz.rc == 0 and __k3s_api_readyz.stdout == "ok"
+ retries: 30
+ delay: 10
+ changed_when: False
+ when: k3s_server | bool
- - name: Set server address
- command: >-
- {{ __k3s_binary }} kubectl config set-cluster default
- --server=https://{{ __k3s_server_ip }}:6443
- --kubeconfig {{ __k3s_config_dir }}/k3s.yaml
- changed_when: False
+- name: Set server address
+ ansible.builtin.command: >-
+ {{ __k3s_binary }} kubectl config set-cluster default
+ --server=https://{{ __k3s_server_ip }}:6443
+ --kubeconfig {{ __k3s_config_dir }}/k3s.yaml
+ changed_when: False
- - name: Create setup resources
- k8s:
- kind: "{{ item.kind }}"
- name: "{{ item.name }}"
- kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
- state: present
- definition: "{{ item.definition }}"
- loop: "{{ k3s_server_resource_creations }}"
- loop_control:
- label: "{{ item.kind | lower }}/{{ item.name | lower }}"
- when: k3s_server | bool
+- name: Create setup resources
+ kubernetes.core.k8s:
+ kind: "{{ item.kind }}"
+ name: "{{ item.name }}"
+ kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
+ state: present
+ definition: "{{ item.definition }}"
+ loop: "{{ k3s_server_resource_creations }}"
+ loop_control:
+ label: "{{ item.kind | lower }}/{{ item.name | lower }}"
+ when: k3s_server | bool
- - name: Wait for initial setup
- command: >-
- {{ __k3s_binary }} kubectl get deployment coredns
- -n kube-system
- -o go-template={% raw %}'{{ .status.availableReplicas }}'{% endraw %}
- register: __k3s_init_setup
- until: __k3s_init_setup.rc == 0 and __k3s_init_setup.stdout == "1"
- retries: 30
- delay: 10
- changed_when: False
- when: k3s_server | bool
+- name: Wait for initial setup
+ ansible.builtin.command: >-
+ {{ __k3s_binary }} kubectl get deployment coredns
+ -n kube-system
+ -o go-template={% raw %}'{{ .status.availableReplicas }}'{% endraw %}
+ register: __k3s_init_setup
+ until: __k3s_init_setup.rc == 0 and __k3s_init_setup.stdout == "1"
+ retries: 30
+ delay: 10
+ changed_when: False
+ when: k3s_server | bool
- - name: Add node role label
- k8s:
- kind: "Node"
- name: "{{ k3s_node_name }}"
- kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
- state: patched
- definition:
- metadata:
- labels: "{{ (__k3s_node_lables['control'] if k3s_server | bool else __k3s_node_lables['worker']) | combine(__k3s_node_lables['general'], k3s_node_labels) }}"
- delegate_to: "{{ hostvars[k3s_server_nodes[0]]['inventory_hostname'] }}"
+- name: Add node role label
+ kubernetes.core.k8s:
+ kind: "Node"
+ name: "{{ k3s_node_name }}"
+ kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
+ state: patched
+ definition:
+ metadata:
+ labels: "{{ (__k3s_node_lables['control'] if k3s_server | bool else __k3s_node_lables['worker']) | combine(__k3s_node_lables['general'], k3s_node_labels) }}"
+ delegate_to: "{{ hostvars[k3s_server_nodes[0]]['inventory_hostname'] }}"
- - name: Patch existing resources
- k8s:
- kind: "{{ item.kind }}"
- name: "{{ item.name }}"
- kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
- state: patched
- definition: "{{ item.definition }}"
- loop: "{{ k3s_server_resource_patches }}"
- loop_control:
- label: "{{ item.kind | lower }}/{{ item.name | lower }}"
- when: k3s_server | bool
+- name: Patch existing resources
+ kubernetes.core.k8s:
+ kind: "{{ item.kind }}"
+ name: "{{ item.name }}"
+ kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml"
+ state: patched
+ definition: "{{ item.definition }}"
+ loop: "{{ k3s_server_resource_patches }}"
+ loop_control:
+ label: "{{ item.kind | lower }}/{{ item.name | lower }}"
+ when: k3s_server | bool
- - name: Remove auto-deploying manifests
- file:
- path: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}"
- state: absent
- loop: "{{ k3s_server_manifests_urls + k3s_server_manifests_templates }}"
- loop_control:
- label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}"
- when: ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']
- become: True
- become_user: root
+- name: Remove auto-deploying manifests
+ ansible.builtin.file:
+ path: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}"
+ state: absent
+ loop: "{{ k3s_server_manifests_urls + k3s_server_manifests_templates }}"
+ loop_control:
+ label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}"
+ when: ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']