feat: k3s role

2024-02-04 14:48:13 +00:00 · 2024-02-04 14:48:13 +00:00 · 83c6ce3513
commit 83c6ce3513
parent b7a09296bc
16 changed files with 285 additions and 0 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/k3s/tasks/server.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/k3s/tasks/server.yml
@ -0,0 +1,44 @@
+---
+# TODO: disable swap
+
+- name: setup firewall rules
+  become: true
+  ansible.builtin.template:
+    src: ../templates/nftables.d/k3s_servers.nft.j2
+    dest: /etc/nftables.d/k3s_servers.nft
+    mode: '0600'
+  notify:
+    - 'k3s : restart firewall service'
+    - 'k3s : restart k3s service'
+
+- name: flush handlers
+  ansible.builtin.meta: flush_handlers
+
+- name: install K3S cluster, single server
+  connection: local
+  ansible.builtin.command:
+    argv:
+      - "{{ k3sup_binary }}"
+      - install
+      - "--merge"
+      - "--local-path"
+      - "{{ kubeconfig_repository }}/{{ k3s_cluster_name }}.kubeconfig"
+      - "--context"
+      - "{{ k3s_kube_context }}"
+      - "--k3s-extra-args"
+      - "{{ k3s_extra_args }}"
+      - "--user"
+      - "{{ k3s_operator_username }}"
+      - "--ssh-key"
+      - "{{ k3s_operator_ssh_key_path }}"
+      - "--host"
+      - "{{ inventory_hostname }}.{{ global_dns_domainname }}"
+  register: k3s_init
+  when: k3s_cluster_type is match("single")
+  changed_when: not "No change detected so skipping service start" in k3s_init.stdout
+
+- name: install K3S cluster, HA
+  connection: local
+  debug: msg="Not supported yet"
+  when: k3s_cluster_type is match("ha")
+  failed_when: true