Commit d397c5c3 authored by Derek Nola's avatar Derek Nola
Browse files

Remove agent jinja template 



* Remove opt_tls_san for agents, it is not a valid agent argument
Signed-off-by: default avatarDerek Nola <derek.nola@suse.com>
parent dccb5ed4

roles/k3s_agent/tasks/main.yml

+10 −30
Original line number Diff line number Diff line
@@ -41,28 +41,6 @@ 
        }) }}

      changed_when: true



- name: Compute final agent arguments

  ansible.builtin.set_fact:

    _api_endpoint_in_agent_config: >-

      {% if agent_config_yaml is defined and api_endpoint is defined and agent_config_yaml | regex_search('tls-san:.*' + api_endpoint | regex_escape(), ignorecase=True) %}

      true

      {% else %}

      false

      {% endif %}

    _api_endpoint_in_agent_args: >-

      {% if api_endpoint is defined and extra_agent_args | regex_search('--tls-san[=\s]+' + api_endpoint | regex_escape(), ignorecase=True) %}

      true

      {% else %}

      false

      {% endif %}



- name: Add TLS SAN to agent arguments if needed

  ansible.builtin.set_fact:

    opt_tls_san: >-

      {% if api_endpoint is defined and api_endpoint != ansible_hostname and _api_endpoint_in_agent_config | bool == false and _api_endpoint_in_agent_args | bool == false %}

      --tls-san={{ api_endpoint }}

      {% endif %}



- name: Setup optional config file

  when: agent_config_yaml is defined

  block:
@@ -103,16 +81,18 @@ 
  with_items:

    - "K3S_TOKEN={{ token }}"



- name: Copy K3s service file

- name: Modify ExecStart in k3s-agent.service to include API endpoint and extra args

  register: k3s_agent_service

  ansible.builtin.template:

    src: "k3s-agent.service.j2"

    dest: "{{ systemd_dir }}/k3s-agent.service"

    owner: root

    group: root

    mode: "u=rw,g=r,o=r"

  ansible.builtin.replace:

    path: "{{ systemd_dir }}/k3s-agent.service"

    regexp: '^ExecStart=\/usr\/local\/bin\/k3s \\\n\s*agent.*'

    replace: |

      ExecStart=/usr/local/bin/k3s \

          agent \

          --server https://{{ api_endpoint }}:{{ api_port }} \

          {{ extra_agent_args }}



- name: Enable and check K3s service

- name: Enable and check K3s agent service

  ansible.builtin.systemd:

    name: k3s-agent

    daemon_reload: "{{ true if k3s_agent_service.changed else false }}"

roles/k3s_agent/templates/k3s-agent.service.j2

deleted100644 → 0
+0 −29
Original line number Diff line number Diff line 
[Unit]

Description=Lightweight Kubernetes

Documentation=https://k3s.io

Wants=network-online.target

After=network-online.target



[Install]

WantedBy=multi-user.target



[Service]

Type=notify

EnvironmentFile=-/etc/default/%N

EnvironmentFile=-/etc/sysconfig/%N

EnvironmentFile=-/etc/systemd/system/k3s-agent.service.env

KillMode=process

Delegate=yes

# Having non-zero Limit*s causes performance problems due to accounting overhead

# in the kernel. We recommend using cgroups to do container-local accounting.

LimitNOFILE=1048576

LimitNPROC=infinity

LimitCORE=infinity

TasksMax=infinity

TimeoutStartSec=0

Restart=always

RestartSec=5s

ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service'

ExecStartPre=-/sbin/modprobe br_netfilter

ExecStartPre=-/sbin/modprobe overlay

ExecStart=/usr/local/bin/k3s agent --data-dir {{ k3s_server_location }} --server https://{{ api_endpoint }}:{{ api_port }} {{ opt_tls_san }} {{ extra_agent_args }}