mirror of https://github.com/nold360/hive-apps
45 lines
1.2 KiB
YAML
45 lines
1.2 KiB
YAML
# K3s Setup/Update Playbook for my Homelab host
|
|
- hosts: all
|
|
vars:
|
|
ansible_user: nold
|
|
ansible_become_method: su
|
|
ansible_become: true
|
|
|
|
k3s_release_version: v1.27
|
|
k3s_debug: false
|
|
k3s_registration_address: 192.168.1.111
|
|
k3s_become: true
|
|
k3s_control_node: true
|
|
k3s_start_on_boot: false
|
|
k3s_registries:
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- "https://reg.dc/f/docker"
|
|
configs:
|
|
"reg.dc":
|
|
tls:
|
|
ca_file: /etc/ssl/vault_ca.crt
|
|
k3s_server:
|
|
kube-proxy-args:
|
|
"enable-health-check-nodeport=true"
|
|
kubelet-arg:
|
|
- "kube-reserved=cpu=500m,memory=1Gi,ephemeral-storage=2Gi"
|
|
- "system-reserved=cpu=500m, memory=500Mi,ephemeral-storage=1Gi"
|
|
- "eviction-hard=memory.available<100Mi,nodefs.available<1%"
|
|
- "allowed-unsafe-sysctls=net.ipv6.*"
|
|
cluster-cidr: 10.0.0.0/8
|
|
flannel-backend: "none"
|
|
default-local-storage-path: /data/kubernetes/storage
|
|
disable:
|
|
- traefik
|
|
- servicelb
|
|
disable-network-policy: true
|
|
pre_tasks:
|
|
- name: Ensure Vault CA file exists
|
|
copy:
|
|
src: vault_ca.crt
|
|
dest: /etc/ssl/vault_ca.crt
|
|
roles:
|
|
- ansible-role-k3s
|