Fix file /etc/kubernetes/admin.conf absent with k3s

Update k3s config file
Add link for the documentation
2024-11-01 15:15:46 +01:00 · 2024-11-01 15:12:21 +01:00 · 2024-11-01 15:10:26 +01:00 · 2024-11-01 15:10:03 +01:00
4 changed files with 19 additions and 6 deletions
--- a/files/etc/NetworkManager/conf.d/calico.conf
+++ b/files/etc/NetworkManager/conf.d/calico.conf
@ -1,2 +1,3 @@
+# https://docs.tigera.io/calico/latest/operations/troubleshoot/troubleshooting#configure-networkmanager
 [keyfile]
-unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:wireguard.cali
+unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:wireguard.cali
--- a/files/etc/kubernetes/psa.yaml
+++ b/files/etc/kubernetes/psa.yaml
@ -15,7 +15,7 @@ plugins:
    exemptions:
      usernames: []
      runtimeClasses: []
-      namespaces: [kube-system, system-upgrade, cis-operator-system]
+      namespaces: [kube-system, cis-operator-system]
 - name: EventRateLimit
  configuration:
    apiVersion: eventratelimit.admission.k8s.io/v1alpha1
--- a/tasks/install_server.yml
+++ b/tasks/install_server.yml
@ -89,6 +89,18 @@
    - kubernetes_master|bool
    - kubernetes_cri == "k3s"

+- name: Make link from /etc/rancher/k3s/k3s.yaml to /etc/kubernetes/admin.conf
+  file:
+    src: "/etc/rancher/k3s/k3s.yaml"
+    state: link
+    dest: "/etc/kubernetes/admin.conf"
+    force: yes
+    owner: root
+    group: root
+  when:
+    - kubernetes_master|bool
+    - kubernetes_cri == "k3s"
+
 #
 # Manque autoconfig de .kube/config local
 #
@ -100,6 +112,7 @@
 #   when:
 #     - kubernetes_master|bigip_pool

+# kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints --no-headers
 - name: Check if a node is still tainted
  ansible.builtin.command: kubectl --kubeconfig=/etc/kubernetes/admin.conf get nodes '{{ ansible_hostname | lower }}' -o jsonpath='{.spec.taints}'
  register: current_taint
--- a/templates/etc/rancher/k3s/config.yaml.j2
+++ b/templates/etc/rancher/k3s/config.yaml.j2
@ -40,11 +40,10 @@ selinux: true
 #embedded-registry: true
 disable:
  - traefik
-{% if kubernetes_interface is defined %}
-node-ip: {{ kubernetes_interface.address }}
-#node-ip: {{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}
-{% endif %}
+{% if lookup('vars', 'ansible_' + kubernetes_interface ) != ansible_host %}
 node-external-ip: {{ ansible_host }}
+{% endif %}
+node-ip: {{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.address }}
 {% if false %}
 # node-external-ip: 1.2.3.4
 #node-label:
Author	SHA1	Message	Date
Adrien Reslinger	714868ab71	Fix file /etc/kubernetes/admin.conf absent with k3s	2024-11-01 15:15:46 +01:00
Adrien Reslinger	2c69995cf9	Update k3s config file	2024-11-01 15:12:21 +01:00
Adrien Reslinger	e4fb1642e5	Add link for the documentation	2024-11-01 15:10:26 +01:00
Adrien Reslinger	b23028a336	Finaly no need to exclude system-upgrade namespace in psa.yml file	2024-11-01 15:10:03 +01:00