44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
---
|
|
# TODO: disable swap
|
|
|
|
- name: setup firewall rules
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: ../templates/nftables.d/k3s_servers.nft.j2
|
|
dest: /etc/nftables.d/k3s_servers.nft
|
|
mode: '0600'
|
|
notify:
|
|
- 'k3s : restart firewall service'
|
|
- 'k3s : restart k3s service'
|
|
|
|
- name: flush handlers
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: install K3S cluster, single server
|
|
connection: local
|
|
ansible.builtin.command:
|
|
argv:
|
|
- "{{ k3sup_binary }}"
|
|
- install
|
|
- "--merge"
|
|
- "--local-path"
|
|
- "{{ kubeconfig_repository }}/{{ k3s_cluster_name }}.kubeconfig"
|
|
- "--context"
|
|
- "{{ k3s_kube_context }}"
|
|
- "--k3s-extra-args"
|
|
- "{{ k3s_extra_args }}"
|
|
- "--user"
|
|
- "{{ k3s_operator_username }}"
|
|
- "--ssh-key"
|
|
- "{{ k3s_operator_ssh_key_path }}"
|
|
- "--host"
|
|
- "{{ inventory_hostname }}.{{ global_dns_domainname }}"
|
|
register: k3s_init
|
|
when: k3s_cluster_type is match("single")
|
|
changed_when: not "No change detected so skipping service start" in k3s_init.stdout
|
|
|
|
- name: install K3S cluster, HA
|
|
connection: local
|
|
debug: msg="Not supported yet"
|
|
when: k3s_cluster_type is match("ha")
|
|
failed_when: true
|