From e880f08d26989299cdd1b8a39f7e1f7c8a85f163 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Hasprai?= Date: Sat, 21 Oct 2023 02:18:36 +0200 Subject: [PATCH] Add option for install behind http_proxy (#384) * Add option for install behind http_proxy * Tidy up http_proxy usage --- inventory/sample/group_vars/all.yml | 6 ++++++ roles/k3s_agent/tasks/http_proxy.yml | 18 ++++++++++++++++++ roles/k3s_agent/tasks/main.yml | 4 ++++ roles/k3s_agent/templates/http_proxy.conf.j2 | 4 ++++ roles/k3s_server/tasks/http_proxy.yml | 18 ++++++++++++++++++ roles/k3s_server/tasks/main.yml | 4 ++++ roles/k3s_server/templates/http_proxy.conf.j2 | 4 ++++ roles/reset/tasks/main.yml | 9 +++++++++ site.yml | 5 +++++ 9 files changed, 72 insertions(+) create mode 100644 roles/k3s_agent/tasks/http_proxy.yml create mode 100644 roles/k3s_agent/templates/http_proxy.conf.j2 create mode 100644 roles/k3s_server/tasks/http_proxy.yml create mode 100644 roles/k3s_server/templates/http_proxy.conf.j2 diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 4b1f2da..43fa3f4 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -121,3 +121,9 @@ custom_registries_yaml: | auth: username: yourusername password: yourpassword + +# Only enable and configure these if you access the internet through a proxy +# proxy_env: +# HTTP_PROXY: "http://proxy.domain.local:3128" +# HTTPS_PROXY: "http://proxy.domain.local:3128" +# NO_PROXY: "*.domain.local,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" diff --git a/roles/k3s_agent/tasks/http_proxy.yml b/roles/k3s_agent/tasks/http_proxy.yml new file mode 100644 index 0000000..f0a68f6 --- /dev/null +++ b/roles/k3s_agent/tasks/http_proxy.yml @@ -0,0 +1,18 @@ +--- + +- name: Create k3s.service.d directory + file: + path: '{{ systemd_dir }}/k3s.service.d' + state: directory + owner: root + group: root + mode: '0755' + + +- name: Copy K3s http_proxy conf file + template: + src: "http_proxy.conf.j2" + dest: "{{ systemd_dir }}/k3s.service.d/http_proxy.conf" + owner: root + group: root + mode: '0755' diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml index 0ce8e08..395c1ac 100644 --- a/roles/k3s_agent/tasks/main.yml +++ b/roles/k3s_agent/tasks/main.yml @@ -1,5 +1,9 @@ --- +- name: Deploy K3s http_proxy conf + include_tasks: http_proxy.yml + when: proxy_env is defined + - name: Copy K3s service file template: src: "k3s.service.j2" diff --git a/roles/k3s_agent/templates/http_proxy.conf.j2 b/roles/k3s_agent/templates/http_proxy.conf.j2 new file mode 100644 index 0000000..6591d45 --- /dev/null +++ b/roles/k3s_agent/templates/http_proxy.conf.j2 @@ -0,0 +1,4 @@ +[Service] +Environment=HTTP_PROXY={{ proxy_env.HTTP_PROXY }} +Environment=HTTPS_PROXY={{ proxy_env.HTTPS_PROXY }} +Environment=NO_PROXY={{ proxy_env.NO_PROXY }} diff --git a/roles/k3s_server/tasks/http_proxy.yml b/roles/k3s_server/tasks/http_proxy.yml new file mode 100644 index 0000000..f0a68f6 --- /dev/null +++ b/roles/k3s_server/tasks/http_proxy.yml @@ -0,0 +1,18 @@ +--- + +- name: Create k3s.service.d directory + file: + path: '{{ systemd_dir }}/k3s.service.d' + state: directory + owner: root + group: root + mode: '0755' + + +- name: Copy K3s http_proxy conf file + template: + src: "http_proxy.conf.j2" + dest: "{{ systemd_dir }}/k3s.service.d/http_proxy.conf" + owner: root + group: root + mode: '0755' diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index a1796ac..030dc22 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -12,6 +12,10 @@ failed_when: false changed_when: false +- name: Deploy K3s http_proxy conf + include_tasks: http_proxy.yml + when: proxy_env is defined + - name: Deploy vip manifest include_tasks: vip.yml diff --git a/roles/k3s_server/templates/http_proxy.conf.j2 b/roles/k3s_server/templates/http_proxy.conf.j2 new file mode 100644 index 0000000..6591d45 --- /dev/null +++ b/roles/k3s_server/templates/http_proxy.conf.j2 @@ -0,0 +1,4 @@ +[Service] +Environment=HTTP_PROXY={{ proxy_env.HTTP_PROXY }} +Environment=HTTPS_PROXY={{ proxy_env.HTTPS_PROXY }} +Environment=NO_PROXY={{ proxy_env.NO_PROXY }} diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index cd3bf72..d75c9ff 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -46,6 +46,15 @@ - /var/lib/rancher/ - /var/lib/cni/ +- name: Remove K3s http_proxy files + file: + name: "{{ item }}" + state: absent + with_items: + - "{{ systemd_dir }}/k3s.service.d" + - "{{ systemd_dir }}/k3s-node.service.d" + when: proxy_env is defined + - name: Reload daemon_reload systemd: daemon_reload: yes diff --git a/site.yml b/site.yml index 33653a9..6dde6b1 100644 --- a/site.yml +++ b/site.yml @@ -3,6 +3,7 @@ hosts: proxmox gather_facts: true become: yes + environment: "{{ proxy_env | default({}) }}" roles: - role: proxmox_lxc when: proxmox_lxc_configure @@ -10,6 +11,7 @@ - name: Prepare k3s nodes hosts: k3s_cluster gather_facts: yes + environment: "{{ proxy_env | default({}) }}" roles: - role: lxc become: true @@ -26,18 +28,21 @@ - name: Setup k3s servers hosts: master + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_server become: true - name: Setup k3s agents hosts: node + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_agent become: true - name: Configure k3s cluster hosts: master + environment: "{{ proxy_env | default({}) }}" roles: - role: k3s_server_post become: true