diff --git a/infrastructure/create-resources/ansible/roles/k3s/master/defaults/main.yml b/infrastructure/create-resources/ansible/roles/k3s/master/defaults/main.yml new file mode 100644 index 0000000..c56778f --- /dev/null +++ b/infrastructure/create-resources/ansible/roles/k3s/master/defaults/main.yml @@ -0,0 +1,2 @@ +--- +k3s_server_location: /var/lib/rancher/k3s diff --git a/infrastructure/create-resources/ansible/roles/k3s/master/tasks/main.yml b/infrastructure/create-resources/ansible/roles/k3s/master/tasks/main.yml new file mode 100644 index 0000000..6fd0cd0 --- /dev/null +++ b/infrastructure/create-resources/ansible/roles/k3s/master/tasks/main.yml @@ -0,0 +1,78 @@ +--- +- name: Copy K3s service file + register: k3s_service + template: + src: "k3s.service.j2" + dest: "{{ systemd_dir }}/k3s.service" + owner: root + group: root + mode: 0644 + +- name: Enable and check K3s service + systemd: + name: k3s + daemon_reload: yes + state: restarted + enabled: yes + +- name: Wait for node-token + wait_for: + path: "{{ k3s_server_location }}/server/node-token" + +- name: Register node-token file access mode + stat: + path: "{{ k3s_server_location }}/server/node-token" + register: p + +- name: Change file access node-token + file: + path: "{{ k3s_server_location }}/server/node-token" + mode: "g+rx,o+rx" + +- name: Read node-token from master + slurp: + path: "{{ k3s_server_location }}/server/node-token" + register: node_token + +- name: Store Master node-token + set_fact: + token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}" + +- name: Restore node-token file access + file: + path: "{{ k3s_server_location }}/server/node-token" + mode: "{{ p.stat.mode }}" + +- name: Create directory .kube + file: + path: ~{{ ansible_user }}/.kube + state: directory + owner: "{{ ansible_user }}" + mode: "u=rwx,g=rx,o=" + +- name: Copy config file to user home directory + copy: + src: /etc/rancher/k3s/k3s.yaml + dest: ~{{ ansible_user }}/.kube/config + remote_src: yes + owner: "{{ ansible_user }}" + mode: "u=rw,g=,o=" + +- name: Replace https://localhost:6443 by https://master-ip:6443 + command: >- + k3s kubectl config set-cluster default + --server=https://{{ master_ip }}:6443 + --kubeconfig ~{{ ansible_user }}/.kube/config + changed_when: true + +- name: Create kubectl symlink + file: + src: /usr/local/bin/k3s + dest: /usr/local/bin/kubectl + state: link + +- name: Create crictl symlink + file: + src: /usr/local/bin/k3s + dest: /usr/local/bin/crictl + state: link diff --git a/infrastructure/create-resources/ansible/roles/k3s/master/templates/k3s.service.j2 b/infrastructure/create-resources/ansible/roles/k3s/master/templates/k3s.service.j2 new file mode 100644 index 0000000..ee560ae --- /dev/null +++ b/infrastructure/create-resources/ansible/roles/k3s/master/templates/k3s.service.j2 @@ -0,0 +1,24 @@ +[Unit] +Description=Lightweight Kubernetes +Documentation=https://k3s.io +After=network-online.target + +[Service] +Type=notify +ExecStartPre=-/sbin/modprobe br_netfilter +ExecStartPre=-/sbin/modprobe overlay +ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} {{ extra_server_args | default("") }} +KillMode=process +Delegate=yes +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=1048576 +LimitNPROC=infinity +LimitCORE=infinity +TasksMax=infinity +TimeoutStartSec=0 +Restart=always +RestartSec=5s + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/infrastructure/create-resources/ansible/site.yml b/infrastructure/create-resources/ansible/site.yml index 85a77db..3880cd7 100644 --- a/infrastructure/create-resources/ansible/site.yml +++ b/infrastructure/create-resources/ansible/site.yml @@ -5,11 +5,10 @@ roles: - role: prereq - role: download -#- hosts: serverctl_master_hosts -# become: yes -# roles: -# - role: "./k3s/master" -# +- hosts: serverctl_master_hosts + become: yes + roles: + - role: "./k3s/master" #- hosts: serverctl_node_hosts # become: yes # roles: