@ -13,6 +13,10 @@ nfc_kubernetes_tigera_operator_tag: v1.32.3 # Calico v3.27.0
|
||||
# EoF New Variables, EEoF Depreciated
|
||||
|
||||
|
||||
nfc_kubernetes_enable_metallb: false
|
||||
nfc_kubernetes_enable_servicelb: false
|
||||
|
||||
|
||||
############################################################################################################
|
||||
#
|
||||
# Old Vars requiring refactoring
|
||||
|
||||
@ -47,6 +47,8 @@ This role deploys a K3s cluster. In addition it has the following features:
|
||||
|
||||
- Installs OLM for operator subscriptions
|
||||
|
||||
- Install MetalLB
|
||||
|
||||
|
||||
## Role Workflow
|
||||
|
||||
|
||||
@ -338,6 +338,25 @@
|
||||
kubernetes_config.cluster.prime.name == inventory_hostname
|
||||
|
||||
|
||||
- name: Install MetalLB Operator
|
||||
ansible.builtin.include_tasks:
|
||||
file: manifest_apply.yaml
|
||||
apply:
|
||||
tags:
|
||||
- always
|
||||
loop: "{{ manifests }}"
|
||||
loop_control:
|
||||
loop_var: manifest
|
||||
vars:
|
||||
manifests:
|
||||
- name: MetalLB Operator
|
||||
template: Deployment-manifest-MetalLB_Operator.yaml
|
||||
when: >-
|
||||
nfc_kubernetes_enable_metallb | default(false) | bool
|
||||
and
|
||||
kubernetes_config.cluster.prime.name == inventory_hostname
|
||||
|
||||
|
||||
- name: Wait for kubernetes prime to be ready
|
||||
ansible.builtin.shell:
|
||||
cmd: |
|
||||
|
||||
49
tasks/k3s/manifest_apply.yaml
Normal file
49
tasks/k3s/manifest_apply.yaml
Normal file
@ -0,0 +1,49 @@
|
||||
---
|
||||
|
||||
# Save the manifests in a dir so that diff's can be shown for changes
|
||||
- name: Copy Manifest for addition - {{ manifest.name }}
|
||||
ansible.builtin.template:
|
||||
src: "{{ manifest.template }}"
|
||||
dest: "/var/lib/rancher/k3s/ansible/{{ manifest.template | lower | replace('.j2', '') }}"
|
||||
mode: '744'
|
||||
become: true
|
||||
diff: true
|
||||
|
||||
|
||||
- name: Try / Catch
|
||||
block:
|
||||
|
||||
# Try to create first, if fail use replace.
|
||||
- name: Apply Manifest Create - {{ manifest.name }}
|
||||
ansible.builtin.command:
|
||||
cmd: "kubectl create -f /var/lib/rancher/k3s/ansible/{{ manifest.template | lower | replace('.j2', '') }}"
|
||||
become: true
|
||||
changed_when: false
|
||||
failed_when: >
|
||||
'Error from server' in manifest_stdout.stderr
|
||||
register: manifest_stdout
|
||||
|
||||
|
||||
rescue:
|
||||
|
||||
|
||||
- name: TRACE - Manifest Create - {{ manifest.name }}
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ manifest_stdout }}"
|
||||
|
||||
|
||||
- name: Replace Manifests - "Rescue" - {{ manifest.name }}
|
||||
ansible.builtin.command:
|
||||
cmd: "kubectl replace -f /var/lib/rancher/k3s/ansible/{{ manifest.template | lower | replace('.j2', '') }}"
|
||||
become: true
|
||||
changed_when: false
|
||||
failed_when: >
|
||||
'Error from server' in manifest_stdout.stderr
|
||||
and
|
||||
'ensure CRDs are installed first' in manifest_stdout.stderr
|
||||
register: manifest_stdout
|
||||
|
||||
|
||||
- name: TRACE - Replace Manifest - "Rescue" - {{ manifest.name }}
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ manifest_stdout }}"
|
||||
@ -16,8 +16,6 @@
|
||||
block:
|
||||
|
||||
|
||||
|
||||
|
||||
- name: Move Calico Manifest from addons directory
|
||||
ansible.builtin.command:
|
||||
cmd: mv /var/lib/rancher/k3s/server/manifests/calico.yaml /tmp/
|
||||
|
||||
4347
templates/Deployment-manifest-MetalLB_Operator.yaml.j2
Normal file
4347
templates/Deployment-manifest-MetalLB_Operator.yaml.j2
Normal file
File diff suppressed because it is too large
Load Diff
@ -168,6 +168,13 @@
|
||||
|
||||
{%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-calico-typha -s ' + kubernetes_host + ' -j ACCEPT'] -%}
|
||||
|
||||
{%- if nfc_kubernetes_enable_metallb | default(false) -%}
|
||||
|
||||
{%- set data.firewall_rules = data.firewall_rules + ['-I metallb-l2-tcp -s ' + kubernetes_host + ' -j ACCEPT'] -%}
|
||||
|
||||
{%- set data.firewall_rules = data.firewall_rules + ['-I metallb-l2-udp -s ' + kubernetes_host + ' -j ACCEPT'] -%}
|
||||
|
||||
{%- endif -%}
|
||||
|
||||
{%- endif -%}
|
||||
|
||||
|
||||
@ -19,8 +19,8 @@
|
||||
cluster-init: true
|
||||
disable-network-policy: true
|
||||
disable:
|
||||
{% if nfc_kubernetes_enable_metallb | default(false) or not nfc_kubernetes_enable_servicelb | default(false) -%}- servicelb{% endif +%}
|
||||
- traefik
|
||||
# - metrics-server
|
||||
etcd-snapshot-retention: {{ kubernetes_etcd_snapshot_retention | int }}
|
||||
etcd-snapshot-schedule-cron: "{{ kubernetes_etcd_snapshot_cron_schedule }}"
|
||||
flannel-backend: none
|
||||
@ -80,6 +80,9 @@ server:
|
||||
{%- endif %}
|
||||
|
||||
{% if Kubernetes_Master | default(false) | bool -%}
|
||||
servicelb-namespace: {{ kubernetes_config.cluster.networking.service_load_balancer_namespace | default('kube-system') }}
|
||||
{% if nfc_kubernetes_enable_metallb | default(false) or not nfc_kubernetes_enable_servicelb | default(false) -%}
|
||||
servicelb-namespace: {{ kubernetes_config.cluster.networking.service_load_balancer_namespace | default('kube-system') }}
|
||||
{% endif %}
|
||||
|
||||
service-cidr: "{{ KubernetesServiceSubnet }}"
|
||||
{% endif %}
|
||||
|
||||
Reference in New Issue
Block a user