Reorder ingress configuration tasks;Housekeeping
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-02-01 20:07:04 +01:00
parent be4b6177f9
commit 5aecf61a01
3 changed files with 18 additions and 21 deletions

View File

@ -1,3 +1,21 @@
- name: Reconfigure traefik container for persistence
ansible.builtin.blockinfile:
path: /var/lib/rancher/k3s/server/manifests/traefik-config.yaml
block: |2
deployment:
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
persistence:
enabled: true
marker: ' # {mark} ANSIBLE MANAGED BLOCK'
notify:
- Apply manifests
- name: Configure traefik dashboard ingress - name: Configure traefik dashboard ingress
ansible.builtin.template: ansible.builtin.template:
src: ingressroute.j2 src: ingressroute.j2

View File

@ -31,17 +31,6 @@
INSTALL_K3S_EXEC: "server --cluster-init --token {{ vapp['metacluster.token'] | trim }} --tls-san {{ vapp['metacluster.vip'] }} --disable local-storage --config /etc/rancher/k3s/config.yaml" INSTALL_K3S_EXEC: "server --cluster-init --token {{ vapp['metacluster.token'] | trim }} --tls-san {{ vapp['metacluster.vip'] }} --disable local-storage --config /etc/rancher/k3s/config.yaml"
when: ansible_facts.services['k3s.service'] is undefined when: ansible_facts.services['k3s.service'] is undefined
- name: Debug possible taints on k3s node
ansible.builtin.shell:
cmd: >-
while true;
do
kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints --no-headers | awk '{print strftime("%H:%M:%S"),$0;fflush();}' >> /var/log/taintlog
sleep 1
done
async: 1800
poll: 0
- name: Ensure API availability - name: Ensure API availability
ansible.builtin.uri: ansible.builtin.uri:
url: https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose url: https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose

View File

@ -19,20 +19,10 @@ platform:
- "--certificatesResolvers.stepca.acme.storage=/data/acme.json" - "--certificatesResolvers.stepca.acme.storage=/data/acme.json"
- "--certificatesResolvers.stepca.acme.tlsChallenge=true" - "--certificatesResolvers.stepca.acme.tlsChallenge=true"
- "--certificatesresolvers.stepca.acme.certificatesduration=24" - "--certificatesresolvers.stepca.acme.certificatesduration=24"
deployment:
initContainers:
- name: volume-permissions
image: busybox:1
command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
globalArguments: [] globalArguments: []
ingressRoute: ingressRoute:
dashboard: dashboard:
enabled: false enabled: false
persistence:
enabled: true
ports: ports:
ssh: ssh:
port: 8022 port: 8022