Skip to content
/ ansible-playbook-devsecops Public

Ansible playbook to install, configure, and clean up k3s on a Linux host.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lisazevedo/ansible-playbook-devsecops

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
roles
roles
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
hosts
hosts
 
 
playbook.yaml
playbook.yaml
 
 
requirements.yaml
requirements.yaml
 
 

Repository files navigation

k3s Installation

This project provides an Ansible role to install, configure, and clean up k3s on a Linux host. It automates the installation process, verifies service status, and cleans up dependencies and installations when needed.

Requirements

  • Ansible >= 2.9. Ensure Ansible is installed on your control machine.

  • Python >= 3.6

  • SSH Access to the target hosts with a valid SSH key configured.

  1. Target Hosts:
    • A Linux-based system where k3s will be installed.
    • Ensure that sudo access is available on the target hosts for privilege escalation.

Dependencies:

Required packages: apt-transport-https, curl, software-properties-common, gnupg.

These packages are installed automatically by the playbook, but ensure your target system can access the necessary repositories.

Directory Structure

k3s-ansible-role/
├── roles/
│   ├── hosts/
│   │   ├── tasks/
│   │   │   ├── cleanup.yaml
│   │   │   ├── install.yaml
│   │   │   └── main.yaml
│   │   └── files/
│   │       └── config.yaml
│   └── k3s/
│       ├── tasks/
│       │   ├── cleanup.yaml
│       │   ├── install.yaml
│       │   └── main.yaml
│       └── files/
│           └── config.yaml
├── hosts
├── playbook.yaml
├── ansible.cfg
├── requirements.yaml
└── README.md
  • roles/k3s/tasks/main.yaml: Main task file that includes the install and cleanup tasks.
  • roles/k3s/tasks/install.yaml: Contains tasks for installing k3s, including dependencies, running the installation script, and verifying the service.
  • roles/k3s/tasks/cleanup.yaml: Contains tasks for cleaning up after the k3s installation, including removing dependencies and uninstalling k3s.
  • roles/hosts/tasks/main.yaml: Main task file that includes the install and cleanup tasks.
  • roles/hosts/tasks/install.yaml: Contains tasks for configure hosts, including dependencies, running the installation script, and verifying the service.
  • roles/hosts/tasks/cleanup.yaml: Contains tasks for cleaning up after the hosts configuration, including removing dependencies and configurations.
  • hosts: Inventory file specifying host details.
  • playbook.yaml: Playbook file that includes the k3s and hosts roles.
  • ansible.cfg: Ansible configuration file.
  • requirements.yaml: Ansible requirements file.

Playbook Breakdown

Roles

  • k3s: Includes tasks for installing and cleaning up k3s.
  • hosts: Includes tasks for configuring and cleaning up hosts.

Tasks

  • Install Dependencies: Installs required packages, including gnupg for GPG verification if needed.

  • Download k3s Install Script: Downloads the k3s installation script from the official source.

  • Run k3s Install Script: Executes the k3s installation script.

  • Verify Service Status: Checks if the k3s service is active and running.

  • Remove Dependencies: Cleans up dependencies used during installation.

  • Check and Remove k3s: Checks if the uninstall script exists and removes k3s if present.

Installation and Usage

  1. Clone the Repository:

    git clone https://github.com/lisazevedo/ansible-playbook-devsecops.git
cd ansible-playbook-devsecops

  2. Update Inventory File:

    Edit the hosts file to specify your target hosts and SSH key path.

  3. Install Requirements

    You can install the requirements with the following command:

      ansible-galaxy collection install -r requirements.yaml

  4. Run the Playbook:

    You can run the entire playbook with the following command:

    ansible-playbook playbook.yaml

    This command executes all tasks defined in the playbook. However, if you want to run specific parts of the playbook, you can use tags to control which tasks are executed.

Tags

Here’s a more detailed explanation how to run the playbook with specific tags. Tags allow you to selectively run tasks based on their tags. In this playbook, there are two main tags defined: install and cleanup.

  • Install Tasks:

    Tasks tagged with install are related to the installation of k3s and its dependencies. To run only these tasks, use the following command:

    ansible-playbook playbook.yaml --tags=install

    This command will execute only the tasks tagged with install and skip all others. This is useful when you want to perform or re-run only the installation tasks.

  • Cleanup Tasks:

    Tasks tagged with cleanup handle the removal of k3s and its dependencies. To run only these tasks, use the following command:

    ansible-playbook playbook.yaml --tags=cleanup

    This command will execute only the tasks tagged with cleanup. It’s useful for cleaning up resources.

What Can Be Improved

GPG Verification: Currently, GPG verification is commented out due to issues with finding the public key and signature files. Implementing GPG verification will enhance security by ensuring the authenticity of the installation script. Update URLs for public keys and signatures as necessary.

About

Ansible playbook to install, configure, and clean up k3s on a Linux host.

Topics

ansible ubuntu devsecops k3s

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages