diff --git a/handlers/main.yml b/handlers/main.yml index 2f135ab..58b0f16 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -3,7 +3,6 @@ service: name: containerd state: restarted - # when: opensshd_installed is defined when: > containerd_config.changed | default(false) | bool and @@ -15,13 +14,6 @@ - install -- name: "Apply Firewall Rules" - ansible.builtin.shell: | - /sbin/iptables-restore < /etc/iptables-kubernetes.rules - changed_when: false - listen: kubernetes_firewall_rules - # when: "ansible_os_family == 'Debian' and iptables_installed.rc == 0" - - name: Restart Kubernetes ansible.builtin.service: name: "{% if kubernetes_type == 'k3s' %}k3s{% else %}kubelet{% endif %}" diff --git a/meta/main.yml b/meta/main.yml index 0061d48..454c3bc 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,20 +1,24 @@ - galaxy_info: - role_name: Kubernetes - author: No Fuss Computing - description: template role to install kubernetes on a host +galaxy_info: + role_name: nfc_kubernetes + author: No Fuss Computing + description: template role to install and configure Kubernetes on a host - issue_tracker_url: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles + issue_tracker_url: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes - license: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles/-/blob/master/LICENSE + license: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes/-/blob/master/LICENSE - min_ansible_version: 1.2 + min_ansible_version: '2.15' - platforms: - - name: Debian - versions: - - 11 - - galaxy_tags: - - kubernetes - - k8s + platforms: + - name: Debian + versions: + - bullseye + - name: Ubuntu + versions: + - 21 + galaxy_tags: + - k3s + - k8s + - kubernetes + - container diff --git a/tasks/k3s.yaml b/tasks/k3s.yaml index 2eab2a6..44fbdfd 100644 --- a/tasks/k3s.yaml +++ b/tasks/k3s.yaml @@ -196,10 +196,10 @@ # ipv6: true -# # - name: Set IPTables to legacy mode -# # ansible.builtin.command: -# # cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy -# # changed_when: false +- name: Set IPTables to legacy mode + ansible.builtin.command: + cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy + changed_when: false # - name: Server install K3s diff --git a/templates/firewall-kubernetes.j2 b/templates/firewall-kubernetes.j2 deleted file mode 100644 index f606ad7..0000000 --- a/templates/firewall-kubernetes.j2 +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -/sbin/iptables-restore < /etc/iptables-kubernetes.rules; -/sbin/ip6tables-restore < /etc/ip6tables-kubernetes.rules; \ No newline at end of file diff --git a/templates/iptables-default.rules.j2 b/templates/iptables-default.rules.j2 deleted file mode 100644 index a8b0e3a..0000000 --- a/templates/iptables-default.rules.j2 +++ /dev/null @@ -1,23 +0,0 @@ -# -# IP Tables Firewall Rules for Kubernetes -# -# Managed By ansible/role/nfc_kubernetes -# -# Dont edit this file directly as it will be overwritten. To grant a host API access -# edit the cluster config, adding the hostname/ip to path kubernetes_config.cluster.access -# - - -*filter - -iptables -N sshd -iptables -A sshd -j RETURN - -iptables -A INPUT -p tcp --dport 22 -m comment --comment "OpenSSH Server" -j sshd - - -iptables -I sshd -m comment --comment "allow All Hosts" -j ACCEPT - - - -COMMIT diff --git a/templates/logrotate-Docker_containers.j2 b/templates/logrotate-Docker_containers.j2 deleted file mode 100644 index bbc638e..0000000 --- a/templates/logrotate-Docker_containers.j2 +++ /dev/null @@ -1,14 +0,0 @@ -/var/lib/docker/containers/*/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - postrotate - docker restart $(docker ps -q) - endscript -} - - -