Co-authored-by: Techno Tim <timothystewart6@gmail.com>
This commit is contained in:
Balázs Hasprai
GitHub
parent
70e658cf98
commit
cddbfc8e40
@ -6,4 +6,4 @@ rules:
|
|||||||
max: 120
|
max: 120
|
||||||
level: warning
|
level: warning
|
||||||
truthy:
|
truthy:
|
||||||
allowed-values: ['true', 'false', 'yes', 'no']
|
allowed-values: ['true', 'false']
|
||||||
|
|||||||
@ -17,6 +17,6 @@
|
|||||||
# and security needs.
|
# and security needs.
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: firewalld
|
name: firewalld
|
||||||
enabled: no
|
enabled: false
|
||||||
state: stopped
|
state: stopped
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@ -35,7 +35,7 @@
|
|||||||
- name: Assert that the nginx welcome page is available
|
- name: Assert that the nginx welcome page is available
|
||||||
ansible.builtin.uri:
|
ansible.builtin.uri:
|
||||||
url: http://{{ ip | ansible.utils.ipwrap }}:{{ port_ }}/
|
url: http://{{ ip | ansible.utils.ipwrap }}:{{ port_ }}/
|
||||||
return_content: yes
|
return_content: true
|
||||||
register: result
|
register: result
|
||||||
failed_when: "'Welcome to nginx!' not in result.content"
|
failed_when: "'Welcome to nginx!' not in result.content"
|
||||||
vars:
|
vars:
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
- name: Reboot k3s_cluster
|
- name: Reboot k3s_cluster
|
||||||
hosts: k3s_cluster
|
hosts: k3s_cluster
|
||||||
gather_facts: yes
|
gather_facts: true
|
||||||
tasks:
|
tasks:
|
||||||
- name: Reboot the nodes (and Wait upto 5 mins max)
|
- name: Reboot the nodes (and Wait upto 5 mins max)
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
- name: Reset k3s cluster
|
- name: Reset k3s cluster
|
||||||
hosts: k3s_cluster
|
hosts: k3s_cluster
|
||||||
gather_facts: yes
|
gather_facts: true
|
||||||
roles:
|
roles:
|
||||||
- role: reset
|
- role: reset
|
||||||
become: true
|
become: true
|
||||||
@ -17,7 +17,7 @@
|
|||||||
- name: Revert changes to Proxmox cluster
|
- name: Revert changes to Proxmox cluster
|
||||||
hosts: proxmox
|
hosts: proxmox
|
||||||
gather_facts: true
|
gather_facts: true
|
||||||
become: yes
|
become: true
|
||||||
remote_user: "{{ proxmox_lxc_ssh_user }}"
|
remote_user: "{{ proxmox_lxc_ssh_user }}"
|
||||||
roles:
|
roles:
|
||||||
- role: reset_proxmox_lxc
|
- role: reset_proxmox_lxc
|
||||||
|
|||||||
@ -15,6 +15,6 @@
|
|||||||
- name: Enable and check K3s service
|
- name: Enable and check K3s service
|
||||||
systemd:
|
systemd:
|
||||||
name: k3s-node
|
name: k3s-node
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: true
|
||||||
|
|||||||
@ -67,9 +67,9 @@
|
|||||||
- name: Enable and check K3s service
|
- name: Enable and check K3s service
|
||||||
systemd:
|
systemd:
|
||||||
name: k3s
|
name: k3s
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: true
|
||||||
|
|
||||||
- name: Wait for node-token
|
- name: Wait for node-token
|
||||||
wait_for:
|
wait_for:
|
||||||
@ -110,7 +110,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: /etc/rancher/k3s/k3s.yaml
|
src: /etc/rancher/k3s/k3s.yaml
|
||||||
dest: "{{ ansible_user_dir }}/.kube/config"
|
dest: "{{ ansible_user_dir }}/.kube/config"
|
||||||
remote_src: yes
|
remote_src: true
|
||||||
owner: "{{ ansible_user_id }}"
|
owner: "{{ ansible_user_id }}"
|
||||||
mode: "u=rw,g=,o="
|
mode: "u=rw,g=,o="
|
||||||
|
|
||||||
|
|||||||
@ -14,7 +14,7 @@
|
|||||||
name: net.ipv4.ip_forward
|
name: net.ipv4.ip_forward
|
||||||
value: "1"
|
value: "1"
|
||||||
state: present
|
state: present
|
||||||
reload: yes
|
reload: true
|
||||||
tags: sysctl
|
tags: sysctl
|
||||||
|
|
||||||
- name: Enable IPv6 forwarding
|
- name: Enable IPv6 forwarding
|
||||||
@ -22,7 +22,7 @@
|
|||||||
name: net.ipv6.conf.all.forwarding
|
name: net.ipv6.conf.all.forwarding
|
||||||
value: "1"
|
value: "1"
|
||||||
state: present
|
state: present
|
||||||
reload: yes
|
reload: true
|
||||||
tags: sysctl
|
tags: sysctl
|
||||||
|
|
||||||
- name: Enable IPv6 router advertisements
|
- name: Enable IPv6 router advertisements
|
||||||
@ -30,7 +30,7 @@
|
|||||||
name: net.ipv6.conf.all.accept_ra
|
name: net.ipv6.conf.all.accept_ra
|
||||||
value: "2"
|
value: "2"
|
||||||
state: present
|
state: present
|
||||||
reload: yes
|
reload: true
|
||||||
tags: sysctl
|
tags: sysctl
|
||||||
|
|
||||||
- name: Add br_netfilter to /etc/modules-load.d/
|
- name: Add br_netfilter to /etc/modules-load.d/
|
||||||
@ -51,7 +51,7 @@
|
|||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
value: "1"
|
value: "1"
|
||||||
state: present
|
state: present
|
||||||
reload: yes
|
reload: true
|
||||||
when: ansible_os_family == "RedHat"
|
when: ansible_os_family == "RedHat"
|
||||||
loop:
|
loop:
|
||||||
- net.bridge.bridge-nf-call-iptables
|
- net.bridge.bridge-nf-call-iptables
|
||||||
|
|||||||
@ -2,7 +2,7 @@
|
|||||||
- name: Enable cgroup via boot commandline if not already enabled for Rocky
|
- name: Enable cgroup via boot commandline if not already enabled for Rocky
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /boot/cmdline.txt
|
path: /boot/cmdline.txt
|
||||||
backrefs: yes
|
backrefs: true
|
||||||
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
|
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
|
||||||
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
||||||
notify: reboot
|
notify: reboot
|
||||||
|
|||||||
@ -2,7 +2,7 @@
|
|||||||
- name: Enable cgroup via boot commandline if not already enabled for Ubuntu on a Raspberry Pi
|
- name: Enable cgroup via boot commandline if not already enabled for Ubuntu on a Raspberry Pi
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /boot/firmware/cmdline.txt
|
path: /boot/firmware/cmdline.txt
|
||||||
backrefs: yes
|
backrefs: true
|
||||||
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
|
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
|
||||||
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
||||||
notify: reboot
|
notify: reboot
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
systemd:
|
systemd:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
with_items:
|
with_items:
|
||||||
- k3s
|
- k3s
|
||||||
@ -57,7 +57,7 @@
|
|||||||
|
|
||||||
- name: Reload daemon_reload
|
- name: Reload daemon_reload
|
||||||
systemd:
|
systemd:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
|
|
||||||
- name: Remove tmp directory used for manifests
|
- name: Remove tmp directory used for manifests
|
||||||
file:
|
file:
|
||||||
|
|||||||
4
site.yml
4
site.yml
@ -2,7 +2,7 @@
|
|||||||
- name: Prepare Proxmox cluster
|
- name: Prepare Proxmox cluster
|
||||||
hosts: proxmox
|
hosts: proxmox
|
||||||
gather_facts: true
|
gather_facts: true
|
||||||
become: yes
|
become: true
|
||||||
environment: "{{ proxy_env | default({}) }}"
|
environment: "{{ proxy_env | default({}) }}"
|
||||||
roles:
|
roles:
|
||||||
- role: proxmox_lxc
|
- role: proxmox_lxc
|
||||||
@ -10,7 +10,7 @@
|
|||||||
|
|
||||||
- name: Prepare k3s nodes
|
- name: Prepare k3s nodes
|
||||||
hosts: k3s_cluster
|
hosts: k3s_cluster
|
||||||
gather_facts: yes
|
gather_facts: true
|
||||||
environment: "{{ proxy_env | default({}) }}"
|
environment: "{{ proxy_env | default({}) }}"
|
||||||
roles:
|
roles:
|
||||||
- role: lxc
|
- role: lxc
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user