From 86af4606d76fc007dfdfaa9d84037d8b225ab35d Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 24 Nov 2023 14:34:38 +0930 Subject: [PATCH 1/6] fix(play): k3s download task doen't require content returned !11 --- tasks/k3s/install.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/k3s/install.yaml b/tasks/k3s/install.yaml index 336815e..2c50cc4 100644 --- a/tasks/k3s/install.yaml +++ b/tasks/k3s/install.yaml @@ -135,7 +135,7 @@ -arm64 {%- endif %} method: GET - return_content: true + return_content: false status_code: - 200 - 304 From 4ce5f3722365d9584ac7da29a9903d7d8d71f414 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 24 Nov 2023 14:40:44 +0930 Subject: [PATCH 2/6] fix(multi-master): ensure that all master nodes are added during config !11 nofusscomputing/infrastructure/configuration-management/project-production!5 --- templates/k3s-config.yaml.j2 | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/templates/k3s-config.yaml.j2 b/templates/k3s-config.yaml.j2 index 9122726..f965d66 100644 --- a/templates/k3s-config.yaml.j2 +++ b/templates/k3s-config.yaml.j2 @@ -42,8 +42,31 @@ kubelet-arg: - system-reserved=cpu={{ kubelet_arg_system_reserved_cpu }},memory={{ kubelet_arg_system_reserved_memory }},ephemeral-storage={{ kubelet_arg_system_reserved_storage }} {% if host_external_ip | default('') %}node-external-ip: "{{ host_external_ip }}"{% endif %} -{% if not Kubernetes_Prime | default(false) | bool -%} -server: https://{{ hostvars[kubernetes_config.cluster.prime.name].ansible_host }}:6443 +{% if + groups[kubernetes_config.cluster.group_name] | default([]) | list | length > 0 +-%} +server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] -%} + + {%- if + cluster_node in groups['kubernetes_master'] + -%} + https:// + {%- if hostvars[cluster_node].host_external_ip is defined -%} + + {{ hostvars[cluster_node].host_external_ip }} + + {%- else -%} + + {{ hostvars[cluster_node].ansible_host }} + + {%- endif -%} + :6443 + {%- if loop.index < (groups['kubernetes_master'] | list | length - 2) -%},{%- endif -%} + + {%- endif -%} + + {%- endfor %} + {%- endif %} {% if Kubernetes_Master | default(false) | bool -%} From 301ed9ad3fc269f5b0fd625c30da53e714a70e80 Mon Sep 17 00:00:00 2001 From: Jon Date: Sun, 26 Nov 2023 23:10:08 +0930 Subject: [PATCH 3/6] fix(config): ensure join token is included in config !11 nofusscomputing/infrastructure/configuration-management/project-production!5 --- tasks/k3s/install.yaml | 34 +++++++++++++++++----------------- templates/k3s-config.yaml.j2 | 5 +++++ 2 files changed, 22 insertions(+), 17 deletions(-) diff --git a/tasks/k3s/install.yaml b/tasks/k3s/install.yaml index 2c50cc4..7ea2982 100644 --- a/tasks/k3s/install.yaml +++ b/tasks/k3s/install.yaml @@ -206,6 +206,23 @@ # kubernetes_config.cluster.prime.name == inventory_hostname +- name: Fetch Join Token + ansible.builtin.slurp: + src: /var/lib/rancher/k3s/server/token + delegate_to: "{{ kubernetes_config.cluster.prime.name }}" + run_once: true + register: k3s_join_token + no_log: true # Value is sensitive + + +- name: Create Token fact + ansible.builtin.set_fact: + k3s_join_token: "{{ k3s_join_token.content | b64decode | replace('\n', '') }}" + delegate_to: "{{ kubernetes_config.cluster.prime.name }}" + run_once: true + no_log: true # Value is sensitive + + - name: Copy Intial required templates ansible.builtin.template: src: "{{ item.src }}" @@ -307,23 +324,6 @@ kubernetes_config.cluster.networking.encrypt | default(false) | bool -- name: Fetch Join Token - ansible.builtin.slurp: - src: /var/lib/rancher/k3s/server/token - delegate_to: "{{ kubernetes_config.cluster.prime.name }}" - run_once: true - register: k3s_join_token - no_log: true # Value is sensitive - - -- name: Create Token fact - ansible.builtin.set_fact: - k3s_join_token: "{{ k3s_join_token.content | b64decode | replace('\n', '') }}" - delegate_to: "{{ kubernetes_config.cluster.prime.name }}" - run_once: true - no_log: true # Value is sensitive - - - name: Install K3s (master nodes) ansible.builtin.shell: cmd: | diff --git a/templates/k3s-config.yaml.j2 b/templates/k3s-config.yaml.j2 index f965d66..9ca6189 100644 --- a/templates/k3s-config.yaml.j2 +++ b/templates/k3s-config.yaml.j2 @@ -72,4 +72,9 @@ server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] -%} {% if Kubernetes_Master | default(false) | bool -%} servicelb-namespace: {{ kubernetes_config.cluster.networking.service_load_balancer_namespace | default('kube-system') }} service-cidr: "{{ KubernetesServiceSubnet }}" +agent-token: {{ k3s_join_token }} {% endif %} + +{% if not Kubernetes_Master | default(false) | bool -%} +token: {{ k3s_join_token }} +{% endif %} \ No newline at end of file From 0fb5e27612cc18dcf8027c8e65cac11a9ca607bc Mon Sep 17 00:00:00 2001 From: Jon Date: Mon, 27 Nov 2023 01:02:02 +0930 Subject: [PATCH 4/6] fix(handler): restart kubernetes implementation was flawed !11 --- handlers/main.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 55e2efc..48c6ec9 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -16,16 +16,15 @@ - name: Restart Kubernetes ansible.builtin.service: - name: "{% if kubernetes_type == 'k3s' %}k3s{% else %}kubelet{% endif %}" + name: |- + {%- if kubernetes_type == 'k3s' -%} + {%- if Kubernetes_Master | default(false) | bool -%} + k3s + {%- else -%} + k3s-agent + {%- endif -%} + {%- else -%} + kubelet + {%- endif %} state: restarted listen: kubernetes_restart - when: > - Kubernetes_Master | default(false) | bool - -- name: Restart Kubernetes - ansible.builtin.service: - name: "{% if kubernetes_type == 'k3s' %}k3s-agent{% else %}kubelet{% endif %}" - state: restarted - listen: kubernetes_restart - when: > - not Kubernetes_Master | default(false) | bool From 7d81b897ffd2d29a9e269718817baeaad660d237 Mon Sep 17 00:00:00 2001 From: Jon Date: Mon, 27 Nov 2023 01:03:37 +0930 Subject: [PATCH 5/6] revert: ensure join token is included in config token within the config is only required for running via cli, not service. !11 --- templates/k3s-config.yaml.j2 | 5 ----- 1 file changed, 5 deletions(-) diff --git a/templates/k3s-config.yaml.j2 b/templates/k3s-config.yaml.j2 index 9ca6189..f965d66 100644 --- a/templates/k3s-config.yaml.j2 +++ b/templates/k3s-config.yaml.j2 @@ -72,9 +72,4 @@ server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] -%} {% if Kubernetes_Master | default(false) | bool -%} servicelb-namespace: {{ kubernetes_config.cluster.networking.service_load_balancer_namespace | default('kube-system') }} service-cidr: "{{ KubernetesServiceSubnet }}" -agent-token: {{ k3s_join_token }} {% endif %} - -{% if not Kubernetes_Master | default(false) | bool -%} -token: {{ k3s_join_token }} -{% endif %} \ No newline at end of file From 56bb4557b523b24c27ce9c8f2e998f06f768e2c2 Mon Sep 17 00:00:00 2001 From: Jon Date: Mon, 27 Nov 2023 01:16:33 +0930 Subject: [PATCH 6/6] fix(config): ensure server var is list not csv string !11 nofusscomputing/infrastructure/configuration-management/project-production!5 --- templates/k3s-config.yaml.j2 | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/templates/k3s-config.yaml.j2 b/templates/k3s-config.yaml.j2 index f965d66..152b8dc 100644 --- a/templates/k3s-config.yaml.j2 +++ b/templates/k3s-config.yaml.j2 @@ -45,12 +45,11 @@ kubelet-arg: {% if groups[kubernetes_config.cluster.group_name] | default([]) | list | length > 0 -%} -server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] -%} - - {%- if +server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] +%} + {% if cluster_node in groups['kubernetes_master'] -%} - https:// + - https:// {%- if hostvars[cluster_node].host_external_ip is defined -%} {{ hostvars[cluster_node].host_external_ip }} @@ -61,8 +60,6 @@ server: {% for cluster_node in groups[kubernetes_config.cluster.group_name] -%} {%- endif -%} :6443 - {%- if loop.index < (groups['kubernetes_master'] | list | length - 2) -%},{%- endif -%} - {%- endif -%} {%- endfor %}