hive-apps/ansible/k3s-playbook.yml

45 lines
1.2 KiB
YAML
Raw Permalink Normal View History

2022-01-09 10:22:54 +00:00
# K3s Setup/Update Playbook for my Homelab host
2022-01-23 15:17:46 +00:00
- hosts: all
2022-01-09 10:22:54 +00:00
vars:
2022-01-23 15:17:46 +00:00
ansible_user: nold
ansible_become_method: su
ansible_become: true
2023-09-14 14:56:53 +00:00
k3s_release_version: v1.27
2022-01-09 10:22:54 +00:00
k3s_debug: false
k3s_registration_address: 192.168.1.111
2022-01-23 15:17:46 +00:00
k3s_become: true
2022-01-09 10:22:54 +00:00
k3s_control_node: true
k3s_start_on_boot: false
2022-01-23 15:17:46 +00:00
k3s_registries:
mirrors:
docker.io:
endpoint:
- "https://reg.dc/f/docker"
configs:
"reg.dc":
tls:
ca_file: /etc/ssl/vault_ca.crt
2022-01-09 10:22:54 +00:00
k3s_server:
2023-09-14 14:56:53 +00:00
kube-proxy-args:
"enable-health-check-nodeport=true"
kubelet-arg:
- "kube-reserved=cpu=500m,memory=1Gi,ephemeral-storage=2Gi"
- "system-reserved=cpu=500m, memory=500Mi,ephemeral-storage=1Gi"
- "eviction-hard=memory.available<100Mi,nodefs.available<1%"
- "allowed-unsafe-sysctls=net.ipv6.*"
2022-01-09 10:22:54 +00:00
cluster-cidr: 10.0.0.0/8
flannel-backend: "none"
default-local-storage-path: /data/kubernetes/storage
disable:
- traefik
- servicelb
disable-network-policy: true
2022-01-23 15:17:46 +00:00
pre_tasks:
- name: Ensure Vault CA file exists
copy:
src: vault_ca.crt
dest: /etc/ssl/vault_ca.crt
2022-01-09 10:22:54 +00:00
roles:
- ansible-role-k3s