diff --git a/tasks/cluster_k3s.yml b/tasks/cluster_k3s.yml new file mode 100644 index 0000000..cc13ecb --- /dev/null +++ b/tasks/cluster_k3s.yml @@ -0,0 +1,98 @@ +--- +- name: Check if /usr/local/bin/k3s already existe + stat: + path: /usr/local/bin/k3s + register: k3s_bin + changed_when: False + +- name: retreive k3s binary for x86_64 + get_url: + url: "https://github.com/rancher/k3s/releases/download/v1.18.8%2Bk3s1/k3s" + dest: "/usr/local/bin/k3s" + group: root + owner: root + mode: 0755 + when: + - k3s_bin.stat.exists + - ansible_machine == "x86_64" + +- name: retreive k3s binary for arm64 + get_url: + url: "https://github.com/rancher/k3s/releases/download/v1.18.8%2Bk3s1/k3s-arm64" + dest: "/usr/local/bin/k3s" + group: root + owner: root + mode: 0755 + when: + - k3s_bin.stat.exists + - ansible_machine == "arm64" + +- name: retreive k3s binary for armv6/armv7 + get_url: + url: "https://github.com/rancher/k3s/releases/download/v1.18.8%2Bk3s1/k3s-armhf" + dest: "/usr/local/bin/k3s" + group: root + owner: root + mode: 0755 + when: + - k3s_bin.stat.exists + - (ansible_machine == "armv7l") or (ansible_machine == "armv6l") + +- name: Create tools link + file: + src: "k3s" + dest: "/usr/local/bin/{{ item }}" + owner: root + group: root + state: link + with_items: + - "kubectl" + - "crictl" + - "ctr" + +# Manque kubernetes_server_token, kubernetes_master url + +- name: Deploy systemd service + template: + src: "etc/systemd/system/{{ item }}.j2" + dest: "/etc/systemd/system/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - "k3s.service" + - "k3s.service.env" + when: + - ansible_service_mgr == "systemd" + +- name: Create thin volumes for k3s + lvol: + vg: {{ item.vg }} + lv: {{ item.name }} + thinpool: kubernetes + size: {{ item.size }} + with_items: + - { name: var_lib_k3s, vg: vg_sys, size: 10g, mount_point: /var/lib/rancher/k3s} + +- name: create file system on containerd lv + filesystem: + fstype: ext4 + dev: /dev/{{ item.vg }}/{{ item.name }} + with_items: + - { name: var_lib_k3s, vg: vg_sys, size: 10g, mount_point: /var/lib/rancher/k3s} + +- name: mount logical volumes + mount: + name: {{ item.mount_point }} + src: /dev/{{ item.vg }}/{{ item.name }} + fstype: ext4 + opts: {{ item.mount_opts }} + state: mounted + with_items: + - { name: var_lib_k3s, vg: vg_sys, size: 10g, mount_point: /var/lib/rancher/k3s} + +- name: Enable k3s on boot + service: + name: k3s + state: started + enabled: yes diff --git a/templates/etc/systemd/system/k3s.service.env.j2 b/templates/etc/systemd/system/k3s.service.env.j2 new file mode 100644 index 0000000..58104e7 --- /dev/null +++ b/templates/etc/systemd/system/k3s.service.env.j2 @@ -0,0 +1,3 @@ +{% if kubernetes_master|bool %} +NODE_TOKEN={{ kubernetes_server_token }} +{% endif %} \ No newline at end of file diff --git a/templates/etc/systemd/system/k3s.service.j2 b/templates/etc/systemd/system/k3s.service.j2 new file mode 100644 index 0000000..95ac5ae --- /dev/null +++ b/templates/etc/systemd/system/k3s.service.j2 @@ -0,0 +1,27 @@ +[Unit] +Description=Lightweight Kubernetes +Documentation=https://k3s.io +After=network-online.target + +[Service] +Type=notify +EnvironmentFile=/etc/systemd/system/k3s.service.env +{% if kubernetes_master|bool %} +ExecStart=/usr/local/bin/k3s server --flannel-backend=wireguard --disable traefik --secrets-encryption +{% else %} +ExecStart=/usr/local/bin/k3s agent --server https://{{ kubernetes_master }}:6443 --token ${NODE_TOKEN} +{% endif %} +KillMode=process +Delegate=yes +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=1048576 +LimitNPROC=infinity +LimitCORE=infinity +TasksMax=infinity +TimeoutStartSec=0 +Restart=always +RestartSec=5s + +[Install] +WantedBy=multi-user.target