diff --git a/.ansible-lint b/.ansible-lint index 836ced00..8d4982ed 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,10 +1,11 @@ exclude_paths: -- .github/ -- molecule/ -- .ansible-lint + - .github/ + - molecule/ + - .ansible-lint warn_list: - no-handler - var-spacing + - var-naming skip_list: - experimental - fqcn-builtins \ No newline at end of file diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 4f97724e..9d9d6528 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,5 +1,5 @@ --- -name: CentOS 7 +name: Lint Test on: push: diff --git a/.github/workflows/centos7.yml b/.github/workflows/rocky8.yml similarity index 84% rename from .github/workflows/centos7.yml rename to .github/workflows/rocky8.yml index e5ad682a..6fa58f82 100644 --- a/.github/workflows/centos7.yml +++ b/.github/workflows/rocky8.yml @@ -1,5 +1,5 @@ --- -name: CentOS 7 +name: Rocky 8 on: pull_request: @@ -40,7 +40,7 @@ jobs: - name: Run ansible-lint. run: ansible-lint - centos7-test: + rocky8-test: name: Initial build test runs-on: ubuntu-latest needs: ['lint-test'] @@ -75,7 +75,7 @@ jobs: id: plan run: | cd testing/ - terraform plan -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=centos7" -no-color + terraform plan -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=rocky8" -no-color continue-on-error: true - name: Terraform Plan Status @@ -85,7 +85,7 @@ jobs: - name: Terraform Apply run: | cd testing/ - terraform apply -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=centos7" -auto-approve + terraform apply -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=rocky8" -auto-approve - name: Set up Python id: setup_python @@ -122,26 +122,26 @@ jobs: - name: Prep inventory run: | - cp -R inventory/sample inventory/centos7 - cp hosts.ini inventory/centos7/hosts.ini + cp -R inventory/sample inventory/rocky8 + cp hosts.ini inventory/rocky8/hosts.ini - name: Run playbook run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vv --private-key .key site.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vv --private-key .key site.yml - name: Run playbook again for idempotency run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vv --private-key .key site.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vv --private-key .key site.yml - name: Run Ansible Tests run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml - name: Run Python Tests run: | export DEFAULT_PRIVATE_KEY_FILE=.key - pytest --hosts=rke2_servers --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py - pytest --hosts=rke2_agents --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py + pytest --hosts=rke2_servers --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py + pytest --hosts=rke2_agents --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py - name: Create new inventory hosts.ini with added hosts run: | @@ -154,26 +154,26 @@ jobs: aws ec2 describe-instances --filters "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=ExtraNode" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text >> hosts.ini echo "[all:vars]" >> hosts.ini echo "kubernetes_api_server_host=$(aws ec2 describe-instances --filters "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.ini - cp hosts.ini inventory/centos7/hosts.ini + cp hosts.ini inventory/rocky8/hosts.ini - name: Run playbook again with added hosts run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --private-key .key site.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --private-key .key site.yml - name: Run Ansible Tests with added hosts run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml - name: Run Python Tests with added hosts run: | export DEFAULT_PRIVATE_KEY_FILE=.key - pytest --hosts=rke2_servers --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py - pytest --hosts=rke2_agents --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py + pytest --hosts=rke2_servers --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py + pytest --hosts=rke2_agents --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py - name: Run troubleshoot tasks if: ${{ failure() }} run: | - ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vvv --tags "troubleshooting" --private-key .key testing.yml + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vvv --tags "troubleshooting" --private-key .key testing.yml - name: Delete Stack if: ${{ always() }} diff --git a/roles/rke2_common/defaults/main.yml b/roles/rke2_common/defaults/main.yml index e7a261bc..71eca998 100644 --- a/roles/rke2_common/defaults/main.yml +++ b/roles/rke2_common/defaults/main.yml @@ -13,7 +13,7 @@ rke2_common_yum_repo: enabled: yes rke2_versioned_yum_repo: - name: "rke2-v{{ rke2_version_majmin }}" # noqa var-spacing + name: "rke2-v{{ rke2_version_majmin }}" # noqa jinja[spacing] description: "Rancher RKE2 Version" baseurl: "https://rpm.rancher.io/rke2/latest/{{ rke2_version_majmin }}/centos/$releasever/$basearch" gpgcheck: true diff --git a/roles/rke2_common/tasks/calculate_rke2_version.yml b/roles/rke2_common/tasks/calculate_rke2_version.yml new file mode 100644 index 00000000..0cc4e97d --- /dev/null +++ b/roles/rke2_common/tasks/calculate_rke2_version.yml @@ -0,0 +1,68 @@ +--- + +- name: "Calculate rke2 full version" + when: ( install_rke2_version is not defined ) or ( install_rke2_version | length == 0 ) + block: + - name: Stop if the provided is not valid + fail: + msg: "Provided channel is not valid" + when: rke2_channel not in channels + + - name: Get full version name url + uri: + url: https://update.rke2.io/v1-release/channels/{{ rke2_channel }} + follow_redirects: safe + remote_src: true + register: rke2_version_url + + - name: Set full version name + shell: set -o pipefail && echo {{ rke2_version_url.url }} | sed -e 's|.*/||' + register: rke2_full_version + changed_when: false + args: + executable: /usr/bin/bash + +- name: Set rke2_full_version fact + set_fact: + rke2_full_version: "{{ rke2_full_version.stdout if ((install_rke2_version is not defined) or (install_rke2_version|length == 0)) else install_rke2_version }}" # yamllint disable-line rule:line-length + +- name: Set dot version + shell: set -o pipefail && echo {{ rke2_full_version }} | /usr/bin/cut -d'+' -f1 + register: rke2_version_dot_tmp + changed_when: false + args: + executable: /usr/bin/bash + +- name: Set rke2_version_dot fact + set_fact: + rke2_version_dot: "{{ rke2_version_dot_tmp.stdout }}" + +- name: Set Maj.Min version + shell: set -o pipefail && echo {{ rke2_full_version }} | /bin/awk -F'.' '{ print $1"."$2 }' | sed "s|^v||g" + register: rke2_version_majmin_tmp + changed_when: false + args: + executable: /usr/bin/bash + +- name: Set rke2_version_majmin fact + set_fact: + rke2_version_majmin: "{{ rke2_version_majmin_tmp.stdout }}" + +- name: Set RPM version + shell: set -o pipefail && echo {{ rke2_full_version }} | sed -E -e "s/[\+-]/~/g" | sed -E -e "s/v(.*)/\1/" + register: rke2_version_rpm_tmp + changed_when: false + args: + executable: /usr/bin/bash + +- name: Set rke2_version_rpm fact + set_fact: + rke2_version_rpm: "{{ rke2_version_rpm_tmp.stdout }}" + +- name: Describe versions + debug: + msg: + - "Full version, with revision indication: {{ rke2_full_version }}" + - "Version without revision indication: {{ rke2_version_dot }}" + - "Major and Minor Only: {{ rke2_version_majmin }}" + - "RPM Version (tilde): {{ rke2_version_rpm }}" diff --git a/roles/rke2_common/tasks/config.yml b/roles/rke2_common/tasks/config.yml index 4a9f0b48..65df874b 100644 --- a/roles/rke2_common/tasks/config.yml +++ b/roles/rke2_common/tasks/config.yml @@ -259,20 +259,20 @@ state: absent changed_when: false -- name: Restart rke2-server if package installed and config changed +- name: Restart rke2-server if package installed and config changed or RKE2 version changed service: state: restarted name: rke2-server when: - ansible_facts.services["rke2-server.service"] is defined - "ansible_facts.services['rke2-server.service'].state == 'running'" - - tmp_sha1 != previous_rke2_config.stat.checksum + - (tmp_sha1 != previous_rke2_config.stat.checksum or (rke2_version_changed | default(false))) -- name: Restart rke2-agent if package installed and config changed +- name: Restart rke2-agent if package installed and config changed or RKE2 version changed service: state: restarted name: rke2-agent when: - ansible_facts.services["rke2-agent.service"] is defined - "ansible_facts.services['rke2-agent.service'].state == 'running'" - - tmp_sha1 != previous_rke2_config.stat.checksum + - (tmp_sha1 != previous_rke2_config.stat.checksum or (rke2_version_changed | default(false))) diff --git a/roles/rke2_common/tasks/main.yml b/roles/rke2_common/tasks/main.yml index f3bda769..f9cc6d82 100644 --- a/roles/rke2_common/tasks/main.yml +++ b/roles/rke2_common/tasks/main.yml @@ -12,14 +12,17 @@ - name: Include images_tarball_install.yml include_tasks: images_tarball_install.yml - when: not installed -- name: "Check for binary tarball in {{ playbook_dir }}/tarball_install/rke2.linux-amd64.tar.gz" # noqa name[template] +- name: "Check for binary tarball in tarball_install/rke2.linux-amd64.tar.gz" stat: path: "{{ playbook_dir }}/tarball_install/rke2.linux-amd64.tar.gz" register: rke2_binary_tarball_check delegate_to: 127.0.0.1 - become: no + become: false + +- name: Include calculate_rke2_version.yml + include_tasks: calculate_rke2_version.yml + when: not rke2_binary_tarball_check.stat.exists - name: SLES/Ubuntu/Tarball Installation include_tasks: tarball_install.yml @@ -28,26 +31,12 @@ ((ansible_facts['os_family'] != 'RedHat' and ansible_facts['os_family'] != 'Rocky') or rke2_binary_tarball_check.stat.exists ) - and not installed - name: RHEL/CentOS Installation when: - ansible_os_family == 'RedHat' or ansible_os_family == 'Rocky' - not rke2_binary_tarball_check.stat.exists - block: - - name: Install redhat-lsb-core - when: "'redhat-lsb-core' not in ansible_facts.packages" - yum: - name: redhat-lsb-core - state: present - - - name: Reread ansible_lsb facts - when: "'redhat-lsb-core' not in ansible_facts.packages" - setup: - filter: ansible_lsb* - - - name: Include task file rpm_install.yml - include_tasks: rpm_install.yml + include_tasks: rpm_install.yml # Disable Firewalld # We recommend disabling firewalld. For Kubernetes 1.19+, firewalld must be turned off. diff --git a/roles/rke2_common/tasks/previous_install.yml b/roles/rke2_common/tasks/previous_install.yml index ab87b3a3..60f6cabb 100644 --- a/roles/rke2_common/tasks/previous_install.yml +++ b/roles/rke2_common/tasks/previous_install.yml @@ -27,3 +27,21 @@ when: > ansible_facts.services["rke2-agent.service"] is defined and not ansible_facts.services["rke2-agent.service"].status == 'disabled' + +- name: Check for the rke2 binary + stat: + path: /usr/local/bin/rke2 + register: rke2_binary + +- name: Get current RKE2 version if already installed + shell: set -o pipefail && /usr/local/bin/rke2 -v | head -n 1 | cut -d ' ' -f 3 + register: installed_rke2_version_tmp + changed_when: false + args: + executable: /usr/bin/bash + when: rke2_binary.stat.exists + +- name: Determine if current version differs what what is being installed + set_fact: + installed_rke2_version: "{{installed_rke2_version_tmp.stdout}}" + when: rke2_binary.stat.exists diff --git a/roles/rke2_common/tasks/rpm_install.yml b/roles/rke2_common/tasks/rpm_install.yml index 0f2f3e1e..e978834b 100644 --- a/roles/rke2_common/tasks/rpm_install.yml +++ b/roles/rke2_common/tasks/rpm_install.yml @@ -1,69 +1,5 @@ --- -- name: "Calculate rke2 full version " - when: ( install_rke2_version is not defined ) or ( install_rke2_version | length == 0 ) # noqa var-spacing - block: - - name: Stop if the provided is not valid - fail: - msg: "Provided channel is not valid" - when: rke2_channel not in channels - - - name: Get full version name url - uri: - url: https://update.rke2.io/v1-release/channels/{{ rke2_channel }} - follow_redirects: all - register: rke2_version_url - - - name: Set full version name - shell: set -o pipefail && echo {{ rke2_version_url.url }} | sed -e 's|.*/||' - register: rke2_full_version - changed_when: false - args: - executable: /usr/bin/bash - -- name: Set rke2_full_version fact # noqa var-spacing - set_fact: - rke2_full_version: "{{ rke2_full_version.stdout if ((install_rke2_version is not defined) or (install_rke2_version|length == 0)) else install_rke2_version }}" # yamllint disable-line rule:line-length - -- name: Set dot version - shell: set -o pipefail && echo {{ rke2_full_version }} | /usr/bin/cut -d'+' -f1 - register: rke2_version_dot - changed_when: false - args: - executable: /usr/bin/bash - -- name: Set rke2_version_dot fact - set_fact: - rke2_version_dot: "{{ rke2_version_dot.stdout }}" - -- name: Set Maj.Min version - shell: set -o pipefail && echo {{ rke2_full_version }} | /bin/awk -F'.' '{ print $1"."$2 }' | sed "s|^v||g" - register: rke2_version_majmin - changed_when: false - args: - executable: /usr/bin/bash - -- name: Set rke2_version_majmin fact - set_fact: - rke2_version_majmin: "{{ rke2_version_majmin.stdout }}" - -- name: Set RPM version - shell: set -o pipefail && echo {{ rke2_full_version }} | sed -E -e "s/[\+-]/~/g" | sed -E -e "s/v(.*)/\1/" - register: rke2_version_rpm - changed_when: false - args: - executable: /usr/bin/bash - -- name: Set rke2_version_rpm fact - set_fact: - rke2_version_rpm: "{{ rke2_version_rpm.stdout }}" - -- name: Describe versions - debug: - msg: - - "Full version: {{ rke2_full_version }}, dot version: {{ rke2_version_dot }}" - - "Maj.Min version: {{ rke2_version_majmin }}, rpm version: {{ rke2_version_rpm }}" - # Does the Rancher RKE2 Common repo exist already - name: Check to see if rke2-common.repo exists stat: @@ -71,7 +7,7 @@ register: stat_rke2_common_repo # Add RKE2 Common repo if it doesn't exist -- name: Add the rke2-common repo RHEL/CentOS 7 +- name: Add the rke2-common repo RHEL/CentOS/Rocky yum_repository: name: "{{ rke2_common_yum_repo.name }}" description: "{{ rke2_common_yum_repo.description }}" @@ -79,36 +15,19 @@ gpgcheck: "{{ rke2_common_yum_repo.gpgcheck }}" gpgkey: "{{ rke2_common_yum_repo.gpgkey }}" enabled: "{{ rke2_common_yum_repo.enabled }}" - when: not stat_rke2_common_repo.stat.exists and ansible_lsb.major_release == '7' - -- name: Add the rke2-common repo RHEL/CentOS 8 - yum_repository: - name: "{{ rke2_common_yum_repo.name }}" - description: "{{ rke2_common_yum_repo.description }}" - baseurl: "{{ rke2_common_yum_repo.baseurl }}" - gpgcheck: "{{ rke2_common_yum_repo.gpgcheck }}" - gpgkey: "{{ rke2_common_yum_repo.gpgkey }}" - enabled: "{{ rke2_common_yum_repo.enabled }}" - when: not stat_rke2_common_repo.stat.exists and ansible_lsb.major_release == '8' + when: + - not stat_rke2_common_repo.stat.exists + - ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == "Rocky" + - ansible_facts['distribution_major_version'] == "7" or ansible_facts['distribution_major_version'] == "8" # Does the Rancher RKE2 versioned repo exist already - name: Check to see if rke2 versioned repo exists stat: - path: '/etc/yum.repos.d/rke2-v{{ rke2_version_majmin }}.repo' # noqa var-spacing + path: '/etc/yum.repos.d/rke2-v{{ rke2_version_majmin }}.repo' register: stat_rke2_versioned_repo # Add RKE2 versioned repo if it doesn't exist -- name: Add the rke2 versioned repo CentOS/RHEL 7 - yum_repository: - name: "{{ rke2_versioned_yum_repo.name }}" - description: "{{ rke2_versioned_yum_repo.description }}" - baseurl: "{{ rke2_versioned_yum_repo.baseurl }}" - gpgcheck: "{{ rke2_versioned_yum_repo.gpgcheck }}" - gpgkey: "{{ rke2_versioned_yum_repo.gpgkey }}" - enabled: "{{ rke2_versioned_yum_repo.enabled }}" - when: not stat_rke2_versioned_repo.stat.exists and ansible_lsb.major_release == '7' - -- name: Add the rke2 versioned repo CentOS/RHEL 8 +- name: Add the rke2 versioned repo CentOS/RHEL/Rocky yum_repository: name: "{{ rke2_versioned_yum_repo.name }}" description: "{{ rke2_versioned_yum_repo.description }}" @@ -116,7 +35,10 @@ gpgcheck: "{{ rke2_versioned_yum_repo.gpgcheck }}" gpgkey: "{{ rke2_versioned_yum_repo.gpgkey }}" enabled: "{{ rke2_versioned_yum_repo.enabled }}" - when: not stat_rke2_versioned_repo.stat.exists and ansible_lsb.major_release == '8' + when: + - not stat_rke2_common_repo.stat.exists + - ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == "Rocky" + - ansible_facts['distribution_major_version'] == "7" or ansible_facts['distribution_major_version'] == "8" - name: YUM-Based | Install rke2-server yum: diff --git a/roles/rke2_common/tasks/tarball_install.yml b/roles/rke2_common/tasks/tarball_install.yml index 1c6b53bf..0d37c65e 100644 --- a/roles/rke2_common/tasks/tarball_install.yml +++ b/roles/rke2_common/tasks/tarball_install.yml @@ -24,56 +24,54 @@ mode: '0644' when: rke2_binary_tarball_check.stat.exists -- name: Download tarball # noqa var-spacing - when: not rke2_binary_tarball_check.stat.exists +- name: Determine if current version differs what what is being installed + set_fact: + rke2_version_changed: true + when: + - not rke2_binary_tarball_check.stat.exists + - not installed or installed_rke2_version != rke2_full_version + +- name: TARBALL | Download the tarball + get_url: + url: https://github.com/rancher/rke2/releases/download/{{ rke2_full_version }}/rke2.linux-amd64.tar.gz + dest: "{{ temp_dir.path }}/rke2.linux-amd64.tar.gz" + mode: "0644" + when: + - not rke2_binary_tarball_check.stat.exists + - rke2_version_changed + +- name: TARBALL | Install tar package + package: + name: tar + state: present + ignore_errors: true # noqa ignore-errors + +- name: Get version of provided tarball + when: + - rke2_binary_tarball_check.stat.exists block: - - name: Stop if the provided channel is not valid - fail: - msg: "Provided channel is not valid" - when: rke2_channel not in channels - - - name: TARBALL | Get full version name url - uri: - url: https://update.rke2.io/v1-release/channels/{{ rke2_channel }} - follow_redirects: all - register: rke2_version_url - - - name: Set full version name - shell: set -o pipefail && echo {{ rke2_version_url.url }} | sed -e 's|.*/||' - register: rke2_full_version + - name: Unarchive tarball into temp location + ansible.builtin.unarchive: + src: "{{ temp_dir.path }}/rke2.linux-amd64.tar.gz" + dest: "{{ temp_dir.path }}" + remote_src: true + + - name: Get tarball RKE2 version from temp location + shell: set -o pipefail && {{ temp_dir.path }}/bin/rke2 -v | head -n 1 | cut -d ' ' -f 3 + register: tarball_rke2_version_tmp changed_when: false args: - executable: /bin/bash + executable: /usr/bin/bash - - name: Set dot version - shell: set -o pipefail && echo {{ rke2_full_version.stdout }} | /usr/bin/cut -d'+' -f1 - register: rke2_version_dot - changed_when: false - args: - executable: /bin/bash + - name: Set tarball RKE2 version var + set_fact: + tarball_rke2_version: "{{tarball_rke2_version_tmp.stdout}}" - - name: Set Maj.Min version - shell: >- - set -o pipefail && echo {{ rke2_full_version.stdout }} - | awk -F'.' '{ print $1"."$2 }' | sed "s|^v||g" - register: rke2_version - changed_when: false - args: - executable: /bin/bash - - - name: Describe versions - debug: - msg: - - "Full version: {{ rke2_full_version.stdout }}" - - "dot version: {{ rke2_version_dot.stdout }}" - - "Maj.Min version: {{ rke2_version.stdout }}" - run_once: yes - - - name: TARBALL | Download the tarball - get_url: - url: https://github.com/rancher/rke2/releases/download/{{ rke2_full_version.stdout }}/rke2.linux-amd64.tar.gz - dest: "{{ temp_dir.path }}/rke2.linux-amd64.tar.gz" - mode: "0644" + - name: Determine if current version differs what what is being installed + set_fact: + rke2_version_changed: true + when: + - not installed or installed_rke2_version != tarball_rke2_version - name: TARBALL | Check Target Mountpoint command: mountpoint -q {{ tarball_dir }} @@ -98,25 +96,17 @@ recurse: true when: tarball_dir is defined -- name: TARBALL | Install tar package - package: - name: tar - state: present - ignore_errors: true +- name: Final extraction/installation of RKE2 Tar + when: + - rke2_version_changed + block: -- name: TARBALL | Extract the tarball # noqa command-instead-of-module - command: - cmd: tar -xf "{{ temp_dir.path }}/rke2.linux-amd64.tar.gz" -C "{{ tarball_dir }}" - changed_when: false + - name: Unarchive rke2 tar + ansible.builtin.unarchive: + src: "{{ temp_dir.path }}/rke2.linux-amd64.tar.gz" + dest: "{{ tarball_dir }}" + remote_src: true -- name: TARBALL | Remove the temp_dir - file: - path: "{{ temp_dir.path }}" - state: absent - when: temp_dir.path is defined - -- name: TARBALL | Updating tarball contents to reflect install path - block: - name: TARBALL | Updating rke2-server.service ansible.builtin.replace: path: "{{ tarball_dir }}/lib/systemd/system/rke2-server.service" @@ -135,50 +125,56 @@ regexp: '/usr/local' replace: '{{ tarball_dir }}' -- name: TARBALL | Moving Systemd units to /etc/systemd/system - copy: - src: "{{ tarball_dir }}/lib/systemd/system/rke2-server.service" - dest: /etc/systemd/system/rke2-server.service - mode: '0644' - owner: root - group: root - remote_src: yes - when: - - inventory_hostname in groups['rke2_servers'] - -- name: TARBALL | Moving Systemd units to /etc/systemd/system - copy: - src: "{{ tarball_dir }}/lib/systemd/system/rke2-server.env" - dest: /etc/systemd/system/rke2-server.env - mode: '0644' - owner: root - group: root - remote_src: yes - when: - - inventory_hostname in groups['rke2_servers'] - -- name: TARBALL | Moving Systemd units to /etc/systemd/system - copy: - src: "{{ tarball_dir }}/lib/systemd/system/rke2-agent.service" - dest: /etc/systemd/system/rke2-agent.service - mode: '0644' - owner: root - group: root - remote_src: yes - when: - - inventory_hostname in groups.get('rke2_agents', []) - -- name: TARBALL | Moving Systemd units to /etc/systemd/system - copy: - src: "{{ tarball_dir }}/lib/systemd/system/rke2-agent.env" - dest: /etc/systemd/system/rke2-agent.env - mode: '0644' - owner: root - group: root - remote_src: yes - when: - - inventory_hostname in groups.get('rke2_agents', []) - -- name: TARBALL | Refreshing systemd unit files - systemd: - daemon-reload: yes + - name: TARBALL | Moving Systemd units to /etc/systemd/system + copy: + src: "{{ tarball_dir }}/lib/systemd/system/rke2-server.service" + dest: /etc/systemd/system/rke2-server.service + mode: '0644' + owner: root + group: root + remote_src: yes + when: + - inventory_hostname in groups['rke2_servers'] + + - name: TARBALL | Moving Systemd units to /etc/systemd/system + copy: + src: "{{ tarball_dir }}/lib/systemd/system/rke2-server.env" + dest: /etc/systemd/system/rke2-server.env + mode: '0644' + owner: root + group: root + remote_src: yes + when: + - inventory_hostname in groups['rke2_servers'] + + - name: TARBALL | Moving Systemd units to /etc/systemd/system + copy: + src: "{{ tarball_dir }}/lib/systemd/system/rke2-agent.service" + dest: /etc/systemd/system/rke2-agent.service + mode: '0644' + owner: root + group: root + remote_src: yes + when: + - inventory_hostname in groups.get('rke2_agents', []) + + - name: TARBALL | Moving Systemd units to /etc/systemd/system + copy: + src: "{{ tarball_dir }}/lib/systemd/system/rke2-agent.env" + dest: /etc/systemd/system/rke2-agent.env + mode: '0644' + owner: root + group: root + remote_src: yes + when: + - inventory_hostname in groups.get('rke2_agents', []) + + - name: TARBALL | Refreshing systemd unit files + systemd: + daemon-reload: yes + +- name: Remove the temp_dir + file: + path: "{{ temp_dir.path }}" + state: absent + when: temp_dir.path is defined diff --git a/roles/rke2_common/vars/main.yml b/roles/rke2_common/vars/main.yml index 78c915ac..da8e48d7 100644 --- a/roles/rke2_common/vars/main.yml +++ b/roles/rke2_common/vars/main.yml @@ -3,7 +3,16 @@ channels: - stable - latest - - v1.19 - v1.18 - + - v1.19 + - v1.20 + - v1.21 + - v1.22 + - v1.23 + - v1.24 + - v1.25 + - v1.26 + - v1.27 + - v1.28 installed: false +rke2_version_changed: false diff --git a/roles/rke2_server/tasks/first_server.yml b/roles/rke2_server/tasks/first_server.yml index 2eb61ef4..fceab35b 100644 --- a/roles/rke2_server/tasks/first_server.yml +++ b/roles/rke2_server/tasks/first_server.yml @@ -30,7 +30,7 @@ delay: 10 changed_when: false -- name: Extract the hostname-override parameter from the kubelet process # noqa var-spacing +- name: Extract the hostname-override parameter from the kubelet process set_fact: kubelet_hostname_override_parameter: "{{ kubelet_check.stdout |\ regex_search('\\s--hostname-override=((([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]))\\s',\ diff --git a/roles/rke2_server/tasks/other_servers.yml b/roles/rke2_server/tasks/other_servers.yml index 8c0b636f..87b48db7 100644 --- a/roles/rke2_server/tasks/other_servers.yml +++ b/roles/rke2_server/tasks/other_servers.yml @@ -30,7 +30,7 @@ when: - '"server:" not in server_url_check.stdout' -- name: Start and wait for healthy node # noqa var-spacing +- name: Start and wait for healthy node throttle: 1 block: - name: Start rke2-server @@ -55,7 +55,7 @@ delay: 10 changed_when: false - - name: Extract the hostname-override parameter from the kubelet process # noqa var-spacing + - name: Extract the hostname-override parameter from the kubelet process set_fact: kubelet_hostname_override_parameter: "{{ kubelet_check.stdout |\ regex_search('\\s--hostname-override=((([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]))\\s',\ diff --git a/roles/testing/tasks/kubectl_basic.yml b/roles/testing/tasks/kubectl_basic.yml index f1c4bed9..bc8626f3 100644 --- a/roles/testing/tasks/kubectl_basic.yml +++ b/roles/testing/tasks/kubectl_basic.yml @@ -10,7 +10,7 @@ delay: 10 changed_when: false -- name: Extract the hostname-override parameter from the kubelet process # noqa var-spacing +- name: Extract the hostname-override parameter from the kubelet process # noqa jinja[spacing] set_fact: kubelet_hostname_override_parameter: "{{ kubelet_check.stdout |\ regex_search('\\s--hostname-override=((([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]))\\s',\ diff --git a/testing/variables.tf b/testing/variables.tf index c37dc896..6975af0b 100644 --- a/testing/variables.tf +++ b/testing/variables.tf @@ -74,8 +74,8 @@ variable "amis" { user = "centos" } "rocky8" = { - ami = "ami-06370d1e5ddbf1f76" - user = "ec2-user" + ami = "ami-01c3e8e014e8b0c7a" + user = "centos" } } }