xoxys.k3s/index.md
Robert Kaussow 31d0675475 commit 515130cd11
Author: Robert Kaussow <mail@thegeeklab.de>
Date:   Sun Jan 29 16:46:24 2023 +0100

    feat: add cis recommendations and hardening options
2023-01-29 16:26:54 +00:00

5.0 KiB

title type
k3s docs

Source Code Build Status License: MIT

Setup K3s cluster nodes.


Default Variables

k3s_init_log_enabled

Default value

k3s_init_log_enabled: false

k3s_iscsi_enabled

Default value

k3s_iscsi_enabled: false

k3s_node_ip

Default value

k3s_node_ip: '{{ ansible_default_ipv4.address }}'

k3s_node_labels

Default value

k3s_node_labels: {}

k3s_node_name

Default value

k3s_node_name: '{{ ansible_hostname }}'

k3s_packages

Default value

k3s_packages:
  - epel-release
  - python3-kubernetes
  - container-selinux
  - selinux-policy-base

k3s_packages_extra

Default value

k3s_packages_extra: []

k3s_protect_kernel_defaults

Default value

k3s_protect_kernel_defaults: false

k3s_reset

Default value

k3s_reset: false

k3s_selinux_enabled

Default value

k3s_selinux_enabled: false

k3s_server

Default value

k3s_server: true

k3s_server_admission_configuration

Default value

k3s_server_admission_configuration:
  - name: EventRateLimit
    configuration:
      kind: Configuration
      apiVersion: eventratelimit.admission.k8s.io/v1alpha1
      limits:
        - type: Namespace
          qps: 50
          burst: 100
          cacheSize: 2000
        - type: User
          qps: 10
          burst: 50

k3s_server_admission_plugins

Default value

k3s_server_admission_plugins:
  - NodeRestriction
  - EventRateLimit
  - ServiceAccount
  - NamespaceLifecycle

k3s_server_bind_ip

Default value

k3s_server_bind_ip: 0.0.0.0

k3s_server_cloud_controller_enabled

Default value

k3s_server_cloud_controller_enabled: true

k3s_server_components_disabled

Default value

k3s_server_components_disabled:
  - traefik

k3s_server_feature_gates

Default value

k3s_server_feature_gates: []

k3s_server_flannel_backend_enabled

Default value

k3s_server_flannel_backend_enabled: true

k3s_server_manifests_templates

Default value

k3s_server_manifests_templates: []

k3s_server_manifests_urls

Default value

k3s_server_manifests_urls: []

k3s_server_network_policy_enabled

Default value

k3s_server_network_policy_enabled: true

k3s_server_nodes

Default value

k3s_server_nodes:
  - '{{ ansible_hostname }}'

k3s_server_resource_creations

Default value

k3s_server_resource_creations: []

k3s_server_resource_patches

Default value

k3s_server_resource_patches: []

k3s_server_workload_enabled

Default value

k3s_server_workload_enabled: true

k3s_token

Default value

k3s_token: secure-token

k3s_version

Default value

k3s_version: 1.25.3+k3s1

Discovered Tags

skip_ansible_later
 

Dependencies

None.