Skip to content

Instantly share code, notes, and snippets.

@danjac

danjac/k3s-ansible.yaml

Created February 18, 2025 18:52
Show Gist options
  • Save danjac/6cf62c8007271c6a47003c0c1bdab77e to your computer and use it in GitHub Desktop.
Save danjac/6cf62c8007271c6a47003c0c1bdab77e to your computer and use it in GitHub Desktop.
Download ZIP
K3s ansible playbook
Raw
k3s-ansible.yaml
- name: Install K3s
hosts: kubernetes
remote_user: root
become: false
vars:
ansible_user: root
vars_files:
- vars/config.yml
- vars/secrets.yml
tasks:
- name: Install dependencies required for K3s
apt:
name:
- apt-transport-https
- curl
- ca-certificates
state: present
update_cache: true
- name: Copy /etc/resolv.conf
ansible.builtin.copy:
src: resolv.conf
dest: /etc/resolve.conf
- name: Download and install K3s on server
shell: |
curl -sfL https://get.k3s.io | sh -s - \
--node-ip={{ private_ip }} \
--advertise-address={{ private_ip }} \
--tls-san={{ private_ip }}
# args:
# creates: /usr/local/bin/k3s
when: "'control_plane' in group_names"
- name: Get the K3s join token from the control plane (for worker nodes)
shell: k3s token create
register: k3s_token
delegate_to: "{{ inventory_hostname }}"
when: "'control_plane' in group_names"
run_once: true
- name: Set K3s join token as a fact
set_fact:
k3s_token: "{{ k3s_token.stdout }}"
when: "'control-plane' in group_names"
run_once: true
- name: Check if the K3s token is set
debug:
var: k3s_token
when: "'workers' in group_names"
- name: Download and install K3s as a worker node
vars:
private_ip: "{{ hostvars[groups['control_plane'][0]].private_ip }}"
shell: |
curl -sfL https://get.k3s.io | K3S_TOKEN={{ k3s_token.stdout }} sh -s - agent \
--server https://{{ private_ip }}:6443
when: "'workers' in group_names"
- name: Create a clean Corefile with forwarders 8.8.8.8 and 1.1.1.1
copy:
dest: "/tmp/coredns_corefile"
content: |
.:53 {
errors
health
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
hosts /etc/coredns/NodeHosts {
ttl 60
reload 15s
fallthrough
}
prometheus :9153
forward . 8.8.8.8 1.1.1.1
cache 30
loop
reload
loadbalance
import /etc/coredns/custom/*.override
}
import /etc/coredns/custom/*.server
when: "'control_plane' in group_names"
- name: Create and apply the new CoreDNS ConfigMap
shell: |
kubectl create configmap coredns --from-file=Corefile=/tmp/coredns_corefile -n kube-system --dry-run=client -o yaml > /tmp/coredns_configmap.yaml
kubectl apply -f /tmp/coredns_configmap.yaml
when: "'control_plane' in group_names"
- name: Restart CoreDNS pods
command: kubectl rollout restart deployment coredns -n kube-system
when: "'control_plane' in group_names"
- name: Install deployment files
vars:
database_ip: 10.0.0.2 # "{{ hostvars[groups['database'][0]].private_ip }}"
database_url: "postgresql://postgres:{{ postgres_password }}@{{ database_ip }}:5432/postgres"
ansible.builtin.template:
src: templates/{{ item }}.j2
dest: /tmp/{{ item }}
with_items:
- k3s-deployment.yaml
- k3s-cronjob.yaml
- k3s-service.yaml
- k3s-configmap.yaml
- k3s-secrets.yaml
when: "'control_plane' in group_names"
- name: Apply deployment files
ansible.builtin.shell: kubectl apply -f /tmp/{{ item }}
with_items:
- k3s-deployment.yaml
- k3s-cronjob.yaml
- k3s-service.yaml
- k3s-configmap.yaml
- k3s-secrets.yaml
when: "'control_plane' in group_names"
# TBD: remove all temp files
# - name: Rollout the deployment to ensure everything is up to date
# ansible.builtin.shell: kubectl rollout restart deployment django-app
# when: "'control_plane' in group_names"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment