From 0d2ba255089124d43846f42ad8b038ba8f779583 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 20 Aug 2024 09:21:25 +0200 Subject: [PATCH] Make kubectl binary configurable with the k3s_kubectl_binary parameter Closes techno-tim/k3s-ansible#566 Signed-off-by: Christian Berendt --- roles/k3s_server/defaults/main.yml | 2 ++ roles/k3s_server/tasks/main.yml | 4 ++-- roles/k3s_server_post/defaults/main.yml | 2 ++ roles/k3s_server_post/tasks/calico.yml | 16 ++++++++-------- roles/k3s_server_post/tasks/cilium.yml | 13 +++++++------ roles/k3s_server_post/tasks/metallb.yml | 16 ++++++++-------- 6 files changed, 29 insertions(+), 24 deletions(-) diff --git a/roles/k3s_server/defaults/main.yml b/roles/k3s_server/defaults/main.yml index 9365e113..a143582b 100644 --- a/roles/k3s_server/defaults/main.yml +++ b/roles/k3s_server/defaults/main.yml @@ -1,6 +1,8 @@ --- extra_server_args: "" +k3s_kubectl_binary: k3s kubectl + group_name_master: master kube_vip_arp: true diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 3feb30ee..b596e363 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -44,7 +44,7 @@ block: - name: Verify that all nodes actually joined (check k3s-init.service if this fails) ansible.builtin.command: - cmd: k3s kubectl get nodes -l "node-role.kubernetes.io/master=true" -o=jsonpath="{.items[*].metadata.name}" + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} get nodes -l 'node-role.kubernetes.io/master=true' -o=jsonpath='{.items[*].metadata.name}'" register: nodes until: nodes.rc == 0 and (nodes.stdout.split() | length) == (groups[group_name_master | default('master')] | length) # yamllint disable-line rule:line-length retries: "{{ retry_count | default(20) }}" @@ -124,7 +124,7 @@ - name: Configure kubectl cluster to {{ endpoint_url }} ansible.builtin.command: >- - k3s kubectl config set-cluster default + {{ k3s_kubectl_binary | default('k3s kubectl') }} config set-cluster default --server={{ endpoint_url }} --kubeconfig {{ ansible_user_dir }}/.kube/config changed_when: true diff --git a/roles/k3s_server_post/defaults/main.yml b/roles/k3s_server_post/defaults/main.yml index 41ca7627..64ad9dab 100644 --- a/roles/k3s_server_post/defaults/main.yml +++ b/roles/k3s_server_post/defaults/main.yml @@ -1,4 +1,6 @@ --- +k3s_kubectl_binary: k3s kubectl + bpf_lb_algorithm: maglev bpf_lb_mode: hybrid diff --git a/roles/k3s_server_post/tasks/calico.yml b/roles/k3s_server_post/tasks/calico.yml index 5a3b180d..2a9302f3 100644 --- a/roles/k3s_server_post/tasks/calico.yml +++ b/roles/k3s_server_post/tasks/calico.yml @@ -31,21 +31,21 @@ block: - name: Deploy Tigera Operator ansible.builtin.command: - cmd: kubectl create -f /tmp/k3s/tigera-operator.yaml + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} create -f /tmp/k3s/tigera-operator.yaml" register: create_operator changed_when: "'created' in create_operator.stdout" failed_when: "'Error' in create_operator.stderr and 'already exists' not in create_operator.stderr" rescue: - name: Replace existing Tigera Operator ansible.builtin.command: - cmd: kubectl replace -f /tmp/k3s/tigera-operator.yaml + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} replace -f /tmp/k3s/tigera-operator.yaml" register: replace_operator changed_when: "'replaced' in replace_operator.stdout" failed_when: "'Error' in replace_operator.stderr" - name: Wait for Tigera Operator resources ansible.builtin.command: >- - k3s kubectl wait {{ item.type }}/{{ item.name }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait {{ item.type }}/{{ item.name }} --namespace='tigera-operator' --for=condition=Available=True --timeout=30s @@ -63,14 +63,14 @@ block: - name: Deploy custom resources for Calico ansible.builtin.command: - cmd: kubectl create -f /tmp/k3s/custom-resources.yaml + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} create -f /tmp/k3s/custom-resources.yaml" register: create_cr changed_when: "'created' in create_cr.stdout" failed_when: "'Error' in create_cr.stderr and 'already exists' not in create_cr.stderr" rescue: - name: Apply new Calico custom resource manifest ansible.builtin.command: - cmd: kubectl apply -f /tmp/k3s/custom-resources.yaml + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} apply -f /tmp/k3s/custom-resources.yaml" register: apply_cr changed_when: "'configured' in apply_cr.stdout or 'created' in apply_cr.stdout" failed_when: "'Error' in apply_cr.stderr" @@ -78,12 +78,12 @@ - name: Wait for Calico system resources to be available ansible.builtin.command: >- {% if item.type == 'daemonset' %} - k3s kubectl wait pods + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait pods --namespace='{{ item.namespace }}' --selector={{ item.selector }} --for=condition=Ready {% else %} - k3s kubectl wait {{ item.type }}/{{ item.name }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait {{ item.type }}/{{ item.name }} --namespace='{{ item.namespace }}' --for=condition=Available {% endif %} @@ -111,7 +111,7 @@ - name: Patch Felix configuration for eBPF mode ansible.builtin.command: cmd: > - kubectl patch felixconfiguration default + {{ k3s_kubectl_binary | default('k3s kubectl') }} patch felixconfiguration default --type='merge' --patch='{"spec": {"bpfKubeProxyIptablesCleanupEnabled": false}}' register: patch_result diff --git a/roles/k3s_server_post/tasks/cilium.yml b/roles/k3s_server_post/tasks/cilium.yml index 6603bf37..17fc1e55 100644 --- a/roles/k3s_server_post/tasks/cilium.yml +++ b/roles/k3s_server_post/tasks/cilium.yml @@ -116,7 +116,8 @@ when: ping_result.rc != 0 - name: Test for existing Cilium install - ansible.builtin.command: k3s kubectl -n kube-system get daemonsets cilium + ansible.builtin.command: | + {{ k3s_kubectl_binary | default('k3s kubectl') }} -n kube-system get daemonsets cilium register: cilium_installed failed_when: false changed_when: false @@ -192,12 +193,12 @@ - name: Wait for Cilium resources ansible.builtin.command: >- {% if item.type == 'daemonset' %} - k3s kubectl wait pods + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait pods --namespace=kube-system --selector='k8s-app=cilium' --for=condition=Ready {% else %} - k3s kubectl wait {{ item.type }}/{{ item.name }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait {{ item.type }}/{{ item.name }} --namespace=kube-system --for=condition=Available {% endif %} @@ -230,7 +231,7 @@ - name: Apply BGP manifests ansible.builtin.command: - cmd: kubectl apply -f /tmp/k3s/cilium-bgp.yaml + cmd: "{{ k3s_kubectl_binary | default('k3s kubectl') }} apply -f /tmp/k3s/cilium-bgp.yaml" register: apply_cr changed_when: "'configured' in apply_cr.stdout or 'created' in apply_cr.stdout" failed_when: "'is invalid' in apply_cr.stderr" @@ -244,8 +245,8 @@ - name: Test for BGP config resources ansible.builtin.command: "{{ item }}" loop: - - k3s kubectl get CiliumBGPPeeringPolicy.cilium.io - - k3s kubectl get CiliumLoadBalancerIPPool.cilium.io + - "{{ k3s_kubectl_binary | default('k3s kubectl') }} get CiliumBGPPeeringPolicy.cilium.io" + - "{{ k3s_kubectl_binary | default('k3s kubectl') }} get CiliumLoadBalancerIPPool.cilium.io" changed_when: false loop_control: label: "{{ item }}" diff --git a/roles/k3s_server_post/tasks/metallb.yml b/roles/k3s_server_post/tasks/metallb.yml index 69943720..4a3279c6 100644 --- a/roles/k3s_server_post/tasks/metallb.yml +++ b/roles/k3s_server_post/tasks/metallb.yml @@ -12,14 +12,14 @@ ansible.builtin.shell: |- set -o pipefail - REPLICAS=$(k3s kubectl --namespace='metallb-system' get replicasets \ + REPLICAS=$({{ k3s_kubectl_binary | default('k3s kubectl') }} --namespace='metallb-system' get replicasets \ -l 'component=controller,app=metallb' \ -o jsonpath='{.items[0].spec.template.spec.containers[0].image}, {.items[0].metadata.name}' 2>/dev/null || true) REPLICAS_SETS=$(echo ${REPLICAS} | grep -v '{{ metal_lb_controller_tag_version }}' | sed -e "s/^.*\s//g") if [ -n "${REPLICAS_SETS}" ] ; then for REPLICAS in "${REPLICAS_SETS}" do - k3s kubectl --namespace='metallb-system' \ + {{ k3s_kubectl_binary | default('k3s kubectl') }} --namespace='metallb-system' \ delete rs "${REPLICAS}" done fi @@ -40,14 +40,14 @@ - name: Test metallb-system namespace ansible.builtin.command: >- - k3s kubectl -n metallb-system + {{ k3s_kubectl_binary | default('k3s kubectl') }} -n metallb-system changed_when: false with_items: "{{ groups[group_name_master | default('master')] }}" run_once: true - name: Wait for MetalLB resources ansible.builtin.command: >- - k3s kubectl wait {{ item.resource }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} wait {{ item.resource }} --namespace='metallb-system' {% if item.name | default(False) -%}{{ item.name }}{%- endif %} {% if item.selector | default(False) -%}--selector='{{ item.selector }}'{%- endif %} @@ -99,14 +99,14 @@ - name: Test metallb-system webhook-service endpoint ansible.builtin.command: >- - k3s kubectl -n metallb-system get endpoints {{ metallb_webhook_service_name }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} -n metallb-system get endpoints {{ metallb_webhook_service_name }} changed_when: false with_items: "{{ groups[group_name_master | default('master')] }}" run_once: true - name: Apply metallb CRs ansible.builtin.command: >- - k3s kubectl apply -f /tmp/k3s/metallb-crs.yaml + {{ k3s_kubectl_binary | default('k3s kubectl') }} apply -f /tmp/k3s/metallb-crs.yaml --timeout='{{ metal_lb_available_timeout }}' register: this changed_when: false @@ -116,7 +116,7 @@ - name: Test metallb-system resources for Layer 2 configuration ansible.builtin.command: >- - k3s kubectl -n metallb-system get {{ item }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} -n metallb-system get {{ item }} changed_when: false run_once: true when: metal_lb_mode == "layer2" @@ -126,7 +126,7 @@ - name: Test metallb-system resources for BGP configuration ansible.builtin.command: >- - k3s kubectl -n metallb-system get {{ item }} + {{ k3s_kubectl_binary | default('k3s kubectl') }} -n metallb-system get {{ item }} changed_when: false run_once: true when: metal_lb_mode == "bgp"