diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..db33135 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,91 @@ +name: molecule test + +on: + pull_request: + branches: + - main + types: [opened, synchronize, reopened] + paths: + - 'defaults/**' + - 'handlers/**' + - 'molecule/**' + - 'tasks/**' + - 'templates/**' + - 'vars/**' + schedule: + - cron: '0 1 1 * *' + workflow_dispatch: + +jobs: + standalone: + name: Single node setup + runs-on: ubuntu-20.04 + strategy: + matrix: + config: + - image: "rockylinux8" + tag: "latest" + cgroup_mode: "private" + # - image: "ubuntu2004" + # tag: "latest" + # cgroup_mode: "private" + - image: "ubuntu2204" + tag: "latest" + cgroup_mode: "private" + steps: + - name: checkout + uses: actions/checkout@v3 + with: + path: 'lablabs.rke2' + + - name: Set up Python 3 + uses: actions/setup-python@v4 + with: + python-version: '3.x' + + - name: Install test dependencies + run: pip3 install ansible ansible-lint docker molecule[docker] yamllint + + - name: Run Molecule tests + run: molecule test + working-directory: ./lablabs.rke2 + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_IMAGE: ${{ matrix.config.image }} + MOLECULE_TAG: ${{ matrix.config.tag }} + MOLECULE_DOCKER_CGROUPS_MODE: ${{ matrix.config.cgroup_mode }} + + cluster: + name: Cluster setup + runs-on: ubuntu-20.04 + needs: standalone + strategy: + matrix: + config: + - image: "ubuntu2204" + tag: "latest" + cgroup_mode: "private" + steps: + - name: checkout + uses: actions/checkout@v3 + with: + path: 'lablabs.rke2' + + - name: Set up Python 3 + uses: actions/setup-python@v4 + with: + python-version: '3.x' + + - name: Install test dependencies + run: pip3 install ansible ansible-lint docker molecule[docker] yamllint + + - name: Run Molecule tests + run: molecule test + working-directory: ./lablabs.rke2 + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_IMAGE: ${{ matrix.config.image }} + MOLECULE_TAG: ${{ matrix.config.tag }} + MOLECULE_DOCKER_CGROUPS_MODE: ${{ matrix.config.cgroup_mode }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index eb336ad..d4331c3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -12,7 +12,7 @@ jobs: fail-fast: true steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: "${{ github.repository }}" - name: Molecule for Ansible - lint diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index a3c5724..0000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,66 +0,0 @@ -name: molecule test - -on: - pull_request: - branches: - - main - types: [opened, synchronize, reopened] - paths: - - 'defaults/**' - - 'handlers/**' - - 'molecule/**' - - 'tasks/**' - - 'templates/**' - - 'vars/**' - schedule: - - cron: '0 1 1 * *' - workflow_dispatch: - -jobs: - standalone: - name: Test RKE2 Ansible Role - standalone - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - max-parallel: 1 - matrix: - config: - - image: "rockylinux8" - tag: "latest" - - image: "ubuntu2004" - tag: "latest" - - image: "ubuntu2204" - tag: "latest" - steps: - - name: checkout - uses: actions/checkout@v2 - with: - path: "${{ github.repository }}" - - name: Molecule for Ansible - uses: robertdebock/molecule-action@2.7.2 - with: - image: ${{ matrix.config.image }} - tag: ${{ matrix.config.tag }} - - cluster: - name: Test RKE2 Ansible Role - cluster - runs-on: ubuntu-20.04 - needs: standalone - strategy: - fail-fast: false - max-parallel: 1 - matrix: - config: - - image: "ubuntu2004" - tag: "latest" - steps: - - name: checkout - uses: actions/checkout@v2 - with: - path: "${{ github.repository }}" - - name: Molecule for Ansible - uses: robertdebock/molecule-action@2.7.2 - with: - image: ${{ matrix.config.image }} - tag: ${{ matrix.config.tag }} - scenario: cluster diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 37782c6..0ee4b11 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -9,7 +9,7 @@ jobs: pre-commit: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions/setup-python@v2 - name: Run pre-commit diff --git a/README.md b/README.md index 5cfed9d..eb1ee33 100644 --- a/README.md +++ b/README.md @@ -39,9 +39,6 @@ This is a copy of `defaults/main.yml` ```yaml --- -# Default nodetaints -node_taints: [] - # The node type - server or agent rke2_type: server @@ -82,8 +79,12 @@ rke2_additional_sans: [] # API Server destination port rke2_apiserver_dest_port: 6443 -# If false, server node(s) will be schedulable and thus your workloads can get launched on them -rke2_server_taint: false +# Server nodes taints +rke2_server_node_taints: [] + # - 'CriticalAddonsOnly=true:NoExecute' + +# Agent nodes taints +rke2_agent_node_taints: [] # Pre-shared secret token that other server or agent nodes will register with when connecting to the cluster rke2_token: defaultSecret12345 @@ -309,7 +310,7 @@ This playbook will deploy RKE2 to a cluster with one server(master) and several ``` -This playbook will deploy RKE2 to a cluster with HA server(master) control-plane and several agent(worker) nodes. The server(master) nodes will be tainted so the workload will be distributed only on worker/agent nodes. The role will install also keepalived on the control-plane nodes and setup VIP address where the Kubernetes API will be reachable. it will also download the Kubernetes config file to the local machine. +This playbook will deploy RKE2 to a cluster with HA server(master) control-plane and several agent(worker) nodes. The server(master) nodes will be tainted so the workload will be distributed only on worker(agent) nodes. The role will install also keepalived on the control-plane nodes and setup VIP address where the Kubernetes API will be reachable. it will also download the Kubernetes config file to the local machine. ```yaml - name: Deploy RKE2 @@ -317,9 +318,10 @@ This playbook will deploy RKE2 to a cluster with HA server(master) control-plane become: yes vars: rke2_ha_mode: true - rke2_server_taint: true rke2_api_ip : 192.168.123.100 rke2_download_kubeconf: true + rke2_server_node_taints: + - 'CriticalAddonsOnly=true:NoExecute' roles: - role: lablabs.rke2 @@ -333,7 +335,6 @@ If the playbook starts to hang at the `Start RKE2 service on the rest of the nod Please check the required *Inbound Rules for RKE2 Server Nodes* at the following link: . - ## License MIT diff --git a/defaults/main.yml b/defaults/main.yml index 733abdf..1591f1a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,7 +1,4 @@ --- -# Default nodetaints -node_taints: [] - # The node type - server or agent rke2_type: server @@ -42,8 +39,12 @@ rke2_additional_sans: [] # API Server destination port rke2_apiserver_dest_port: 6443 -# If false, server node(s) will be schedulable and thus your workloads can get launched on them -rke2_server_taint: false +# Server nodes taints +rke2_server_node_taints: [] + # - 'CriticalAddonsOnly=true:NoExecute' + +# Agent nodes taints +rke2_agent_node_taints: [] # Pre-shared secret token that other server or agent nodes will register with when connecting to the cluster rke2_token: defaultSecret12345 diff --git a/handlers/main.yml b/handlers/main.yml index d226c57..2ed95ad 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,11 +1,11 @@ --- -- name: restart keepalived +- name: Restart keepalived ansible.builtin.service: name: keepalived state: restarted -- name: restart systemd-sysctl +- name: Restart systemd-sysctl ansible.builtin.service: state: restarted name: systemd-sysctl diff --git a/molecule/cluster/converge.yml b/molecule/cluster/converge.yml index fc6dbf6..a303c4f 100644 --- a/molecule/cluster/converge.yml +++ b/molecule/cluster/converge.yml @@ -3,7 +3,9 @@ hosts: all become: yes vars: - rke2_version: v1.20.7+rke2r2 + rke2_version: v1.20.15+rke2r1 rke2_snapshooter: native + rke2_server_node_taints: + - 'CriticalAddonsOnly=true:NoExecute' roles: - - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/cluster/molecule.yml b/molecule/cluster/molecule.yml index fa68694..21de637 100644 --- a/molecule/cluster/molecule.yml +++ b/molecule/cluster/molecule.yml @@ -9,24 +9,26 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: - masters - k8s_cluster - name: node2 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index fc6dbf6..3a60c99 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -3,7 +3,7 @@ hosts: all become: yes vars: - rke2_version: v1.20.7+rke2r2 + rke2_version: v1.20.15+rke2r1 rke2_snapshooter: native roles: - - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 622fed1..c75e5e9 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -9,12 +9,13 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${image:-rockylinux8}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: diff --git a/molecule/ha_cluster/converge.yml b/molecule/ha_cluster/converge.yml index f00ca62..f5d16bf 100644 --- a/molecule/ha_cluster/converge.yml +++ b/molecule/ha_cluster/converge.yml @@ -6,8 +6,9 @@ rke2_version: v1.25.3+rke2r1 rke2_cis_profile: cis-1.23 rke2_ha_mode: true - rke2_server_taint: true rke2_api_ip: 192.168.123.100 rke2_snapshooter: native + rke2_server_node_taints: + - 'CriticalAddonsOnly=true:NoExecute' roles: - - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" diff --git a/molecule/ha_cluster/molecule.yml b/molecule/ha_cluster/molecule.yml index 42dd294..9b533f0 100644 --- a/molecule/ha_cluster/molecule.yml +++ b/molecule/ha_cluster/molecule.yml @@ -9,48 +9,52 @@ lint: | ansible-lint --exclude molecule/ platforms: - name: node1 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: - masters - k8s_cluster - name: node2 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: - masters - k8s_cluster - name: node3 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: - masters - k8s_cluster - name: node4 - image: "geerlingguy/docker-${image:-ubuntu2004}-ansible:${tag:-latest}" + image: "geerlingguy/docker-${MOLECULE_IMAGE:-ubuntu2204}-ansible:${MOLECULE_TAG:-latest}" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - "/sys/fs/cgroup:/sys/fs/cgroup:${MOLECULE_DOCKER_VOLUMES:-ro}" # Use "ro" for cgroup v1 and "rw" for cgroup v2 + cgroups_mode: ${MOLECULE_DOCKER_CGROUPS_MODE:-"private"} # Use "private" for cgroup v1 and "host" for cgroup v2 privileged: true - pre_build_image: ${MOLECULE_PREBUILT:-true} + pre_build_image: true networks: - name: rke2net groups: diff --git a/tasks/cis.yml b/tasks/cis.yml index c0e02bc..6779e1a 100644 --- a/tasks/cis.yml +++ b/tasks/cis.yml @@ -19,7 +19,7 @@ dest: /etc/sysctl.d/60-rke2-cis.conf mode: 0600 remote_src: true - notify: restart systemd-sysctl + notify: Restart systemd-sysctl - name: Flush handlers ansible.builtin.meta: flush_handlers diff --git a/tasks/first_server.yml b/tasks/first_server.yml index 0d03908..e745877 100644 --- a/tasks/first_server.yml +++ b/tasks/first_server.yml @@ -10,13 +10,8 @@ - name: Set server taints ansible.builtin.set_fact: - combined_node_taints: "{{ node_taints + [ 'CriticalAddonsOnly=true:NoExecute' ] }}" - when: rke2_server_taint and rke2_type == 'server' - -- name: Set agent taints - ansible.builtin.set_fact: - combined_node_taints: "{{ node_taints }}" - when: rke2_type == 'agent' or not rke2_server_taint + combined_node_taints: "{{ rke2_server_node_taints }}" + when: rke2_type == 'server' - name: Copy rke2 config ansible.builtin.template: @@ -37,6 +32,7 @@ when: rke2_custom_registry_mirrors.0.endpoint | length > 0 - name: Restore etcd + when: rke2_etcd_snapshot_file and ( "rke2-server.service" is not in ansible_facts.services ) block: - name: Create the RKE2 etcd snapshot dir ansible.builtin.file: @@ -56,7 +52,8 @@ --cluster-reset \ --cluster-reset-restore-path="{{ rke2_etcd_snapshot_destination_dir }}/{{ rke2_etcd_snapshot_file }}" \ --token {{ rke2_token }} - when: rke2_etcd_snapshot_file and ( "rke2-server.service" is not in ansible_facts.services ) + register: task_output # <- Registers the command output. + changed_when: task_output.rc != 0 # <- Uses the return code to define when the task has changed. - name: Start RKE2 service on the first server ansible.builtin.systemd: diff --git a/tasks/keepalived.yml b/tasks/keepalived.yml index 8f5dafe..d37effb 100644 --- a/tasks/keepalived.yml +++ b/tasks/keepalived.yml @@ -30,7 +30,7 @@ group: root mode: 0755 when: ansible_facts['os_family'] == "Debian" - notify: restart keepalived + notify: Restart keepalived - name: Create Kubernetes API health check script for RedHat OS famliy ansible.builtin.template: @@ -40,7 +40,7 @@ group: root mode: 0755 when: ansible_facts['os_family'] == "RedHat" - notify: restart keepalived + notify: Restart keepalived - name: Create RKE2 Server health check script for Debian OS family ansible.builtin.template: @@ -50,7 +50,7 @@ group: root mode: 0755 when: ansible_facts['os_family'] == "Debian" - notify: restart keepalived + notify: Restart keepalived - name: Create RKE2 Server health check script for RedHat OS family ansible.builtin.template: @@ -60,7 +60,7 @@ group: root mode: 0755 when: ansible_facts['os_family'] == "RedHat" - notify: restart keepalived + notify: Restart keepalived - name: Create keepalived config file ansible.builtin.template: @@ -69,14 +69,14 @@ owner: root group: root mode: 0644 - notify: restart keepalived + notify: Restart keepalived - name: Enable keepalived and make sure it is not masked ansible.builtin.systemd: name: keepalived enabled: yes masked: no - notify: restart keepalived + notify: Restart keepalived - name: Flush handlers ansible.builtin.meta: flush_handlers diff --git a/tasks/main.yml b/tasks/main.yml index 878dadd..22e4a0d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -27,7 +27,7 @@ - inventory_hostname == groups[rke2_servers_group_name].0 - active_server is not defined -- name: copy kube-vip manifests to the masternode +- name: Copy kube-vip manifests to the masternode ansible.builtin.include_tasks: kubevip.yml when: - inventory_hostname == groups[rke2_servers_group_name].0 diff --git a/tasks/remaining_nodes.yml b/tasks/remaining_nodes.yml index 5ab5e2c..2d56cad 100644 --- a/tasks/remaining_nodes.yml +++ b/tasks/remaining_nodes.yml @@ -9,14 +9,14 @@ mode: 0755 - name: Set server taints - set_fact: - combined_node_taints: "{{ node_taints + [ 'CriticalAddonsOnly=true:NoExecute' ] }}" - when: rke2_server_taint and rke2_type == 'server' + ansible.builtin.set_fact: + combined_node_taints: "{{ rke2_server_node_taints }}" + when: rke2_type == 'server' - name: Set agent taints - set_fact: - combined_node_taints: "{{ node_taints }}" - when: rke2_type == 'agent' or not rke2_server_taint + ansible.builtin.set_fact: + combined_node_taints: "{{ rke2_agent_node_taints }}" + when: rke2_type == 'agent' - name: Copy RKE2 config ansible.builtin.template: @@ -54,12 +54,12 @@ enabled: false masked: true with_items: - - "{{ ([ 'agent', 'server' ] | reject('match', rke2_type) | list) }}" + - "{{ (['agent', 'server'] | reject('match', rke2_type) | list) }}" - name: Wait for remaining nodes to be ready ansible.builtin.shell: | - set -o pipefail - {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml get nodes | grep " Ready" | wc -l + set -o pipefail + {{ rke2_data_path }}/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml get nodes | grep " Ready" | wc -l args: executable: /bin/bash changed_when: false diff --git a/tasks/rke2.yml b/tasks/rke2.yml index d9f1c66..fbac457 100644 --- a/tasks/rke2.yml +++ b/tasks/rke2.yml @@ -23,6 +23,7 @@ when: rke2_airgap_mode - name: Download RKE2 checksum and artifacts + when: rke2_airgap_mode and rke2_airgap_implementation == 'download' block: - name: Download sha256 checksum file ansible.builtin.get_url: @@ -38,8 +39,7 @@ mode: 0644 checksum: "sha256:{{ rke2_artifact_url }}/{{ rke2_version }}/sha256sum-{{ rke2_architecture }}.txt" timeout: 30 - with_items: "{{ rke2_artifact | reject('search','sha256sum') | list }}" - when: rke2_airgap_mode and rke2_airgap_implementation == 'download' + with_items: "{{ rke2_artifact | reject('search', 'sha256sum') | list }}" - name: Copy local RKE2 artifacts ansible.builtin.copy: @@ -51,6 +51,7 @@ when: rke2_airgap_mode and rke2_airgap_implementation == 'copy' - name: Airgap mode - additional images tarballs + when: rke2_airgap_mode and ( rke2_airgap_copy_additional_tarballs | length > 0 ) block: - name: Create additional images tarballs folder ansible.builtin.file: @@ -64,7 +65,6 @@ mode: 0644 force: yes with_items: "{{ rke2_airgap_copy_additional_tarballs }}" - when: rke2_airgap_mode and ( rke2_airgap_copy_additional_tarballs | length > 0 ) - name: Populate service facts ansible.builtin.service_facts: @@ -75,8 +75,8 @@ register: usr_local - name: Set RKE2 bin path - set_fact: - rke2_bin_path: "{{ '/usr/local/bin/rke2' if usr_local.stat.writeable == True else ' /opt/rke2/bin/rke2' }}" + ansible.builtin.set_fact: + rke2_bin_path: "{{ '/usr/local/bin/rke2' if usr_local.stat.writeable == True else ' /opt/rke2/bin/rke2' }}" - name: Check RKE2 version ansible.builtin.shell: | diff --git a/tasks/summary.yml b/tasks/summary.yml index 71e55f9..f11194b 100644 --- a/tasks/summary.yml +++ b/tasks/summary.yml @@ -20,7 +20,9 @@ when: - rke2_download_kubeconf | bool -- block: +- name: Summary + when: inventory_hostname == groups[rke2_servers_group_name].0 + block: - name: Prepare summary ansible.builtin.shell: | set -e @@ -36,4 +38,3 @@ ansible.builtin.debug: var: nodes_summary.stdout_lines run_once: true - when: inventory_hostname == groups[rke2_servers_group_name].0