This commit is contained in:
parent
c50547c2fb
commit
4ee8043bb8
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
k3s_server_location: /var/lib/rancher/k3s
|
@ -0,0 +1,78 @@
|
|||||||
|
---
|
||||||
|
- name: Copy K3s service file
|
||||||
|
register: k3s_service
|
||||||
|
template:
|
||||||
|
src: "k3s.service.j2"
|
||||||
|
dest: "{{ systemd_dir }}/k3s.service"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Enable and check K3s service
|
||||||
|
systemd:
|
||||||
|
name: k3s
|
||||||
|
daemon_reload: yes
|
||||||
|
state: restarted
|
||||||
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Wait for node-token
|
||||||
|
wait_for:
|
||||||
|
path: "{{ k3s_server_location }}/server/node-token"
|
||||||
|
|
||||||
|
- name: Register node-token file access mode
|
||||||
|
stat:
|
||||||
|
path: "{{ k3s_server_location }}/server/node-token"
|
||||||
|
register: p
|
||||||
|
|
||||||
|
- name: Change file access node-token
|
||||||
|
file:
|
||||||
|
path: "{{ k3s_server_location }}/server/node-token"
|
||||||
|
mode: "g+rx,o+rx"
|
||||||
|
|
||||||
|
- name: Read node-token from master
|
||||||
|
slurp:
|
||||||
|
path: "{{ k3s_server_location }}/server/node-token"
|
||||||
|
register: node_token
|
||||||
|
|
||||||
|
- name: Store Master node-token
|
||||||
|
set_fact:
|
||||||
|
token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}"
|
||||||
|
|
||||||
|
- name: Restore node-token file access
|
||||||
|
file:
|
||||||
|
path: "{{ k3s_server_location }}/server/node-token"
|
||||||
|
mode: "{{ p.stat.mode }}"
|
||||||
|
|
||||||
|
- name: Create directory .kube
|
||||||
|
file:
|
||||||
|
path: ~{{ ansible_user }}/.kube
|
||||||
|
state: directory
|
||||||
|
owner: "{{ ansible_user }}"
|
||||||
|
mode: "u=rwx,g=rx,o="
|
||||||
|
|
||||||
|
- name: Copy config file to user home directory
|
||||||
|
copy:
|
||||||
|
src: /etc/rancher/k3s/k3s.yaml
|
||||||
|
dest: ~{{ ansible_user }}/.kube/config
|
||||||
|
remote_src: yes
|
||||||
|
owner: "{{ ansible_user }}"
|
||||||
|
mode: "u=rw,g=,o="
|
||||||
|
|
||||||
|
- name: Replace https://localhost:6443 by https://master-ip:6443
|
||||||
|
command: >-
|
||||||
|
k3s kubectl config set-cluster default
|
||||||
|
--server=https://{{ master_ip }}:6443
|
||||||
|
--kubeconfig ~{{ ansible_user }}/.kube/config
|
||||||
|
changed_when: true
|
||||||
|
|
||||||
|
- name: Create kubectl symlink
|
||||||
|
file:
|
||||||
|
src: /usr/local/bin/k3s
|
||||||
|
dest: /usr/local/bin/kubectl
|
||||||
|
state: link
|
||||||
|
|
||||||
|
- name: Create crictl symlink
|
||||||
|
file:
|
||||||
|
src: /usr/local/bin/k3s
|
||||||
|
dest: /usr/local/bin/crictl
|
||||||
|
state: link
|
@ -0,0 +1,24 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Lightweight Kubernetes
|
||||||
|
Documentation=https://k3s.io
|
||||||
|
After=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=notify
|
||||||
|
ExecStartPre=-/sbin/modprobe br_netfilter
|
||||||
|
ExecStartPre=-/sbin/modprobe overlay
|
||||||
|
ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} {{ extra_server_args | default("") }}
|
||||||
|
KillMode=process
|
||||||
|
Delegate=yes
|
||||||
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
||||||
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
||||||
|
LimitNOFILE=1048576
|
||||||
|
LimitNPROC=infinity
|
||||||
|
LimitCORE=infinity
|
||||||
|
TasksMax=infinity
|
||||||
|
TimeoutStartSec=0
|
||||||
|
Restart=always
|
||||||
|
RestartSec=5s
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
@ -5,11 +5,10 @@
|
|||||||
roles:
|
roles:
|
||||||
- role: prereq
|
- role: prereq
|
||||||
- role: download
|
- role: download
|
||||||
#- hosts: serverctl_master_hosts
|
- hosts: serverctl_master_hosts
|
||||||
# become: yes
|
become: yes
|
||||||
# roles:
|
roles:
|
||||||
# - role: "./k3s/master"
|
- role: "./k3s/master"
|
||||||
#
|
|
||||||
#- hosts: serverctl_node_hosts
|
#- hosts: serverctl_node_hosts
|
||||||
# become: yes
|
# become: yes
|
||||||
# roles:
|
# roles:
|
||||||
|
Loading…
Reference in New Issue
Block a user