# K3s Setup/Update Playbook for my Homelab host - hosts: all vars: ansible_user: nold ansible_become_method: su ansible_become: true k3s_release_version: v1.27 k3s_debug: false k3s_registration_address: 192.168.1.111 k3s_become: true k3s_control_node: true k3s_start_on_boot: false k3s_registries: mirrors: docker.io: endpoint: - "https://reg.dc/f/docker" configs: "reg.dc": tls: ca_file: /etc/ssl/vault_ca.crt k3s_server: kube-proxy-args: "enable-health-check-nodeport=true" kubelet-arg: - "kube-reserved=cpu=500m,memory=1Gi,ephemeral-storage=2Gi" - "system-reserved=cpu=500m, memory=500Mi,ephemeral-storage=1Gi" - "eviction-hard=memory.available<100Mi,nodefs.available<1%" - "allowed-unsafe-sysctls=net.ipv6.*" cluster-cidr: 10.0.0.0/8 flannel-backend: "none" default-local-storage-path: /data/kubernetes/storage disable: - traefik - servicelb disable-network-policy: true pre_tasks: - name: Ensure Vault CA file exists copy: src: vault_ca.crt dest: /etc/ssl/vault_ca.crt roles: - ansible-role-k3s