search

PyratLabs / ansible-role-k3s

Ansible role for installing k3s as either a standalone server or HA cluster.
BSD 3-Clause "New" or "Revised" License
640 stars 135 forks source link

Cannot install k3s rootless on Debian #161

Closed frgomes closed 2 years ago

frgomes commented 3 years ago

Summary

I'm trying to install k3s rootless on Debian 11 and I've stumbled on a situation which suggests that requirements applicable to CentOS are being checked against a Debian distribution.

Issue Type

Steps to Reproduce

Distribution: Debian 11

    - name: Install requirements for k3s rootless
      package:
        name: uidmap
        state: present
      become: true

    - include_role:
        name: xanmanning.k3s
      vars:
        ansible_python_interpreter: "{{vm[0].ansible_python_interpreter | default('/usr/bin/python3')}}"
        k3s_become_for_all: true
        k3s_use_experimental: true
        k3s_start_on_boot: false
        k3s_server:
          rootless: true
          data-dir: "/mnt/data00/k3s/"
          default-local-storage-path: "/mnt/data00/storage/"
          disable:
            - traefik
            - metrics-server

Expected Result

I would expect that the requirements would be met on Debian 11.

Actual Result

The installation complains that requirements have not been met.

A quick investigation on the code pointed out to the condition which I've commented out as shown below. After commenting out this condition, the installation is able to go ahead.

- name: Check user namespaces kernel parameters are adequate
  ansible.builtin.assert:
    that:
      - k3s_get_unprivileged_userns_clone['content'] | b64decode | int == 1
      ###XXX - k3s_get_max_user_namespaces['content'] | b64decode | int >= 28633
      - k3s_current_user_subuid != "UserNotFound:0:0"
      - k3s_current_user_subgid != "UserNotFound:0:0"
      - k3s_current_user_subuid.split(':')[2] | int >= 65536
      - k3s_current_user_subgid.split(':')[2] | int >= 65536
      - ansible_env['XDG_RUNTIME_DIR'] is defined
      - k3s_check_newuidmap_installed.rc == 0
    success_msg: All kernel parameters passed
    fail_msg: >-
      Kernel parameters are not set correctly, please check
      https://github.com/rootless-containers/rootlesskit

I've found this answer on StackOverflow which condenses pretty well various distributions and their corresponding requirements. It's clearly based on the documentation on rootless containers, but it is put together in a way which is visually easier to understand.

xanmanning commented 2 years ago

Should be fixed in v2.12.0

crutonjohn commented 2 years ago

@frgomes is this resolved?

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.