Initial role-data

kubernetes/tasks/install.yml

@@ -0,0 +1,29 @@
+- name: Create k3s-folder
+  ansible.builtin.file:
+    path: /etc/rancher/k3s/
+    state: directory
+    mode: '0755'
+
+- name: Deploy k3s config
+  ansible.builtin.template:
+    src: k3s/{{ type }}/config.yaml.jinja2
+    dest: /etc/rancher/k3s/config.yaml
+
+- name: Download install-script
+  get_url:
+    url: https://get.k3s.io
+    dest: /root/k3s_install.sh
+    mode:  '744'
+# todo: update when file changed?
+
+- import_tasks: ./install/server/setup_network.yml
+  when: "type == 'server'"
+
+- import_tasks: ./install/server/install_helm.yml
+  when: "type == 'server'"
+
+- import_tasks: ./install/server/install_k3s.yml
+  when: "type == 'server'"
+
+- import_tasks: ./install/agent/install_k3s.yml
+  when: "type == 'agent'"

kubernetes/tasks/install/agent/install_k3s.yml

@@ -0,0 +1,7 @@
+- name: Install K3s agent
+  command: /root/k3s_install.sh {{ type }} 
+  register: command
+  changed_when: "'No change detected' in command.stdout"
+  until: "command is not failed"
+  retries: 2
+  delay: 10

kubernetes/tasks/install/server/install_helm.yml

@@ -0,0 +1,17 @@
+- name: Add Balto key
+  apt_key:
+      url: https://baltocdn.com/helm/signing.asc
+      state: present
+
+- name: Add Balto Repository
+  apt_repository:
+      repo: "deb https://baltocdn.com/helm/stable/debian/ all main"
+      state: present
+      filename: kubernetes
+      update_cache: yes
+
+- name: Install helm
+  package:
+      name:
+          - helm
+      state: latest

kubernetes/tasks/install/server/install_k3s.yml

@@ -0,0 +1,36 @@
+- name: Install K3s-server for 1st-node
+  command: /root/k3s_install.sh {{ type }} 
+  when: "inventory_hostname == groups['kubernetes'][0]"
+  register: command
+  changed_when: "'No change detected' in command.stdout"
+
+- name: Waiting for K3s-server to accept connections
+  ansible.builtin.wait_for:
+    host: "{{ inventory_hostname }}"
+    port: 6443
+    state: started
+  when: "inventory_hostname == groups['kubernetes'][0]"
+
+- name: Install K3s-server for other nodes
+  command: /root/k3s_install.sh {{ type }}
+  when: "inventory_hostname != groups['kubernetes'][0]"
+  register: command
+  changed_when: "'No change detected' in command.stdout"
+  until: "command is not failed"
+  retries: 2
+  delay: 10
+
+- name: Waiting for K3s-server to accept connections on other nodes
+  ansible.builtin.wait_for:
+    host: "{{ inventory_hostname }}"
+    port: 6443
+    state: started
+  when: "inventory_hostname != groups['kubernetes'][0]"
+
+#- name: Add Kubernetes environment-vars to /etc/profile.d/
+#  blockinfile:
+#    path: /etc/profile.d/k3s-bin.sh
+#    marker: "# {mark} ANSIBLE MANAGED BLOCK | k3s"
+#    block: |
+#      export KUBECONFIG="/etc/rancher/k3s/k3s.yaml"
+#    create: true

kubernetes/tasks/install/server/setup_network.yml

@@ -0,0 +1,6 @@
+- name: Set control-plane-dns-endpoint towards local-ip
+  blockinfile:
+      path: /etc/hosts
+      marker: "# {mark} ANSIBLE MANAGED BLOCK | k3s"
+      block: |
+        {{ nodeip_ipv4 }} {{ kubernetes.control_plane.dns_name }}

kubernetes/tasks/main.yml

@@ -0,0 +1,4 @@
+- import_tasks: ./prerequisites.yml
+
+- import_tasks: ./install.yml
+

kubernetes/tasks/prerequisites.yml

@@ -0,0 +1,35 @@
+#- name: Load br_netfilter kernel-module
+#  modprobe:
+#      name: br_netfilter
+#      state: present
+
+- name: Set sysctl settings for iptables bridged traffic
+  copy:
+    dest: "/etc/sysctl.d/kubernetes.conf"
+    content: |
+        net.bridge.bridge-nf-call-ip6tables = 1
+        net.bridge.bridge-nf-call-iptables = 1
+
+        net.ipv4.conf.all.forwarding=1
+        net.ipv6.conf.all.forwarding=1
+  notify: reload_sysctl
+
+#- name: Disable swap
+#  command: swapoff -a
+
+#- name: Install iptables
+#  package:
+#      name:
+#          #- containerd
+#          - iptables
+#      state: latest
+
+-  import_tasks: ./prerequisites/containerd.yml
+
+- name: Getting nodeIp-data from interface
+  set_fact:
+    nodeip_ipv4: "{{ ansible_facts[ kubernetes.ipPool.nodeIp_interface ].ipv4.address }}"
+    nodeip_ipv6: "{{ ansible_facts[ kubernetes.ipPool.nodeIp_interface ].ipv6[0].address }}"
+
+- name: Run handlers to reload configurations
+  meta: flush_handlers

kubernetes/tasks/prerequisites/containerd.yml

@@ -0,0 +1,24 @@
+- name: Check if containerd-service exists & is started
+  service:
+    name: containerd
+    state: started
+  ignore_errors: true
+  register: containerd_status
+  
+- name: Install containerd when not exists
+  package:
+    name:
+      - containerd
+  when: containerd_status is failed
+
+- name: Create containerd config-folder
+  file:
+    path: /etc/containerd
+    state: directory
+
+- name: Deploy containerd-config
+  ansible.builtin.copy:
+    src: containerd_config.toml
+    dest: /etc/containerd/config.toml
+    mode: u=rw,g=r,o=r
+  notify: restart_containerd