ansible-collections/kubernetes
2
0
Fork 0
Code Issues 8 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

chore: cleanup

Browse Source
This commit is contained in:
Jon Lockwood
2023-10-28 12:45:15 +09:30
parent 93b63308ef
commit 6763fe6509
6 changed files with 23 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
handlers/main.yml
View File

@ -3,7 +3,6 @@
service: service:
name: containerd name: containerd
state: restarted state: restarted
# when: opensshd_installed is defined
when: > when: >
containerd_config.changed | default(false) | bool containerd_config.changed | default(false) | bool
and and
@ -15,13 +14,6 @@
- install - install
- name: "Apply Firewall Rules"
ansible.builtin.shell: |
/sbin/iptables-restore < /etc/iptables-kubernetes.rules
changed_when: false
listen: kubernetes_firewall_rules
# when: "ansible_os_family == 'Debian' and iptables_installed.rc == 0"
- name: Restart Kubernetes - name: Restart Kubernetes
ansible.builtin.service: ansible.builtin.service:
name: "{% if kubernetes_type == 'k3s' %}k3s{% else %}kubelet{% endif %}" name: "{% if kubernetes_type == 'k3s' %}k3s{% else %}kubelet{% endif %}"

20
meta/main.yml
View File

@ -1,20 +1,24 @@
galaxy_info: galaxy_info:
role_name: Kubernetes role_name: nfc_kubernetes
author: No Fuss Computing author: No Fuss Computing
description: template role to install kubernetes on a host description: template role to install and configure Kubernetes on a host
issue_tracker_url: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles issue_tracker_url: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes
license: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles/-/blob/master/LICENSE license: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes/-/blob/master/LICENSE
min_ansible_version: 1.2 min_ansible_version: '2.15'
platforms: platforms:
- name: Debian - name: Debian
versions: versions:
- 11 - bullseye
- name: Ubuntu
versions:
- 21
galaxy_tags: galaxy_tags:
- kubernetes - k3s
- k8s - k8s
- kubernetes
- container

8
tasks/k3s.yaml
View File

@ -196,10 +196,10 @@
# ipv6: true # ipv6: true
# # - name: Set IPTables to legacy mode - name: Set IPTables to legacy mode
# # ansible.builtin.command: ansible.builtin.command:
# # cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy
# # changed_when: false changed_when: false
# - name: Server install K3s # - name: Server install K3s

4
templates/firewall-kubernetes.j2
View File

@ -1,4 +0,0 @@
#!/bin/bash
/sbin/iptables-restore < /etc/iptables-kubernetes.rules;
/sbin/ip6tables-restore < /etc/ip6tables-kubernetes.rules;

23
templates/iptables-default.rules.j2
View File

@ -1,23 +0,0 @@
#
# IP Tables Firewall Rules for Kubernetes
#
# Managed By ansible/role/nfc_kubernetes
#
# Dont edit this file directly as it will be overwritten. To grant a host API access
# edit the cluster config, adding the hostname/ip to path kubernetes_config.cluster.access
#
*filter
iptables -N sshd
iptables -A sshd -j RETURN
iptables -A INPUT -p tcp --dport 22 -m comment --comment "OpenSSH Server" -j sshd
iptables -I sshd -m comment --comment "allow All Hosts" -j ACCEPT
COMMIT

14
templates/logrotate-Docker_containers.j2
View File

@ -1,14 +0,0 @@
/var/lib/docker/containers/*/*.log {
daily
missingok
rotate 7
compress
delaycompress
notifempty
postrotate
docker restart $(docker ps -q)
endscript
}