- Nov 12, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
anon-software authored
* Generate token If a token is not explicitly provided, let the first server generate a random one. Such a token is saved on the first server and the playbook can retrieve it from there and store it a a fact. All other servers and agents can use that token later to join the cluster. It will be saved into their environment file as usual. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> * Document that token is (mostly) optional now The token is still required when using Vagrant. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
-
- Nov 08, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Oct 28, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Oct 18, 2024
-
-
Derek Nola authored
* Check for existing k3s install script during airgap deployment Signed-off-by: Derek Nola <derek.nola@suse.com> * Update vagrant file to newer OS Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Oct 09, 2024
-
-
Derek Nola authored
* Fix failure when not using airgap Signed-off-by: Derek Nola <derek.nola@suse.com>
-
Derek Nola authored
* Handle multiple architectures when distributing airgap binary Signed-off-by: Derek Nola <derek.nola@suse.com> * yamllint fix Signed-off-by: Derek Nola <derek.nola@suse.com> * ansiblelint fix Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Oct 07, 2024
-
-
anon-software authored
* Prevent multiple tokens in k3s.service.env If site.yml playbook is executed multiple times with different tokens, they will all accumulate in k3s.service.env. They won't do any harm because the last one wins, however it is a matter of good housekeeping to delete the old before inserting a new one. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> * Selectively remove existing token from the environment file If the existing token in the environment file is the same as the token used for the playbook run, leave it in the file to avoid false changed status from the task. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> --------- Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
-
- Sep 16, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Sep 13, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Sep 12, 2024
-
-
james-otten authored
Signed-off-by: James Otten <jamesotten1@gmail.com>
-
- Sep 05, 2024
-
-
anon-software authored
* Security exposure related to the token The installation playbook saves the token into the systemd unit configuration file /etc/systemd/system/k3s.service. The problem is that according to K3s' documentation "the server token should be guarded carefully" (https://docs.k3s.io/cli/token), yet the configuration file is readable by anybody. A better solution is to save the token into its corresponding environment file /etc/systemd/system/k3s.service.env which is readable by the super user only. This is what the standard K3s' installation script (https://get.k3s.io ) does. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> * Restore the server URL into systemd configuration file There aren't any security implications in keeping it there. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com> --------- Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
-
- Aug 23, 2024
-
-
anon-software authored
* Better cleanup with reset playbook The install playbook adds some convenience commands into the user's .bashrc. If K3s is uninstalled, these commands produce errors. Since they are eaily identifiable, it is trivial to remove them to improve the user's experience. Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
-
Lihai Tu authored
Signed-off-by: tu1h <lihai.tu@daocloud.io>
-
- Aug 15, 2024
-
-
anon-software authored
* More flexible cgroup settings If there are already required cgroup boot parameters present but in a different order than specified, the script will add them again. It is better to test for the individual parameter in a loop and selectively add them as necessary. Signed-off-by: Marko Vukovic <anonsoftware@gmail.com> Signed-off-by: Marko Vukovic <anonsoftware@gmail.com> Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
-
- Jul 22, 2024
-
-
Peter Klijn authored
Signed-off-by: Peter Klijn <pjmklijn@gmail.com>
-
- Jul 16, 2024
-
-
Peter Klijn authored
Signed-off-by: Peter Klijn <pjmklijn@gmail.com>
-
- Jul 15, 2024
-
-
Peter Klijn authored
* Add a handler to restart the K3s Server when the service file changes Signed-off-by: Peter Klijn <pjmklijn@gmail.com>
-
- Jul 11, 2024
-
-
haseHH authored
The extra modules were merged into the normal modules packet as of Kernel 6.8/Ubuntu 24.04 Signed-off-by: haseHH <christian@hase.hamburg>
-
- Jul 08, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Jul 03, 2024
-
-
Peter Klijn authored
* POC: Supporting k3s-ansible with external database Signed-off-by: Peter Klijn <pjmklijn@gmail.com>
-
- Jun 20, 2024
-
-
Derek Nola authored
* fixed path to playbooks/site.yml Signed-off-by: Derek Nola <derek.nola@suse.com> * Update readme with playbooks Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: Ethan Locke <13014836-Zie0@users.noreply.gitlab.com>
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Jun 10, 2024
-
-
laszlojau authored
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
-
- Jun 04, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
Meagan Harris authored
* Make agent and server groups configurable Signed-off-by: Meagan Harris <thewitch@siliconsorceress.com> * Fix typo in upgrade role Co-authored-by: Derek Nola <derek.nola@suse.com> Signed-off-by: Meagan Harris <47128741+simagick@users.noreply.github.com> --------- Signed-off-by: Meagan Harris <thewitch@siliconsorceress.com> Signed-off-by: Meagan Harris <47128741+simagick@users.noreply.github.com> Co-authored-by: Derek Nola <derek.nola@suse.com>
-
Derek Nola authored
* Implement compatible yamllint, make octals explicit Signed-off-by: Derek Nola <derek.nola@suse.com> * Replace yum with dnf, yum is deprecated Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- May 30, 2024
-
-
laszlojau authored
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
-
- May 17, 2024
-
-
Frank Villaro-Dixon authored
Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu>
-
- May 03, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Apr 06, 2024
-
-
laszlojau authored
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
-
- Apr 02, 2024
-
-
dreamingdeer authored
* feat add custom registries_config_yaml for private-registry Signed-off-by: dreamingdeer <dreamingdeer@yandex.ru> Co-authored-by: dreamingdeer <dreamingdeer@yandex.ru>
-
- Apr 01, 2024
-
-
dreamingdeer authored
* fix keep extension on uploaded file on airgap install * fix other tasks distribute K3s images Signed-off-by: dreamingdeer <dreamingdeer@yandex.ru> Co-authored-by: dreamingdeer <dreamingdeer@yandex.ru>
-
Mykyta Orlov authored
Signed-off-by: Mykyta Orlov <orlovmyk@gmail.com>
-
Jose Luis Pedrosa authored
Signed-off-by: Jose Luis Pedrosa <jlpedrosa@gmail.com>
-
Vivek Sarin authored
* Added custom context name Signed-off-by: Vivek Sarin <vivek@sarin.info> Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: Vivek Sarin <vivek@sarin.info> Co-authored-by: Derek Nola <derek.nola@suse.com>
-
- Mar 19, 2024
-
-
Derek Nola authored
Signed-off-by: Derek Nola <derek.nola@suse.com>
-
- Mar 08, 2024
-
-
LawiK974 authored
- [Agent : Download artefact only if needed](roles/k3s_agent/tasks/main.yml#L13) - [Server : Download artefact only if needed](roles/k3s_server/tasks/main.yml#L13) - [Upgrade : Upgrade node only if needed](roles/k3s_upgrade/tasks/main.yml#L14) Linked issue #264 k3s_server and k3s_agent tasks are not idempotent Signed-off-by: Loïc Dubard <loic97429@gmail.com>
-
- Mar 04, 2024
-
-
Jose Luis Pedrosa authored
* Enable skipping bootcmd verification in Raspberry PI Signed-off-by: Jose Luis Pedrosa <jlpedrosa@gmail.com> Co-authored-by: Derek Nola <derek.nola@suse.com>
-
- Feb 22, 2024
-
-
laszlojau authored
Signed-off-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
-