search

techno-tim / k3s-ansible

The easiest way to bootstrap a self-hosted High Availability Kubernetes cluster. A fully automated HA k3s etcd install with kube-vip, MetalLB, and more. Build. Destroy. Repeat.
https://technotim.live/posts/k3s-etcd-ansible/
Apache License 2.0
2.41k stars 1.05k forks source link

Dynamic Token integration that works with latest k3 releases. #45

Closed tzago closed 2 years ago

tzago commented 2 years ago

Proposed Changes

Deployments of latest releases of k3s v1.23 and higher were failing to join master02 and master03 to first master01 as the manual k3s_token string informed under the inventory/group_vars/all.yml is not being recognized. This dynamic token integration is a fix that uses the token generated by the first master01 and delegates it to the other masters and worker nodes so they can authenticate successfully with the first master. With that, there is no need to inform k3s_token in the inventory/group_vars/all.yml anymore.

Also has the similar approach  for the  fix proposed under the pull request "Replaced manifest files with double extention to '-' #41"

Checklist

timothystewart6 commented 2 years ago

I ended up reverting this due to errors with tokens.

fatal: [192.168.30.39]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'token'\n\nThe error appears to be in '/home/user/dev/public/k3s-ansible/roles/k3s/master/tasks/main.yml': line 112, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Delegate Master0 node-token to other nodes\n  ^ here\n"}
fatal: [192.168.30.40]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'token'\n\nThe error appears to be in '/home/user/dev/public/k3s-ansible/roles/k3s/master/tasks/main.yml': line 112, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Delegate Master0 node-token to other nodes\n  ^ here\n"}

It would be awesome if you could open another PR after this is fixed. Sorry and thank you!

timothystewart6 commented 2 years ago

It was still pointing to the old k3s_token

tzago commented 2 years ago

Hi Tim, I sincerely appologize for the inconvinience.

In the end of the day, fixing the manifests that was causing an infinite deletion loop for the metallb namespace the installation went through all the way to the end successfully.

Bottom line is this dynamic token approach is not needed unless if one wants to remove the need to manually set your token in the inventory/all.yml that may be seen as a security concern somehow.

Anyway, the ansible delegate command may be an issue of regression and may not be present in your present version.

It is present in mine that is

ansible 2.10.8 config file = /home/tzago/Documents/Dev/k3s/k3s-tim/k3s-ansible/ansible.cfg configured module search path = ['/home/tzago/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3/dist-packages/ansible executable location = /usr/bin/ansible python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]

I am big fan of your great work and I watch all your videos you're the best.

Thanks a lot!

timothystewart6 commented 2 years ago

Oh! Thank you! I would love to include this is you want to open another PR if it's not too much hassle! No worries, you didn't cause any inconvenience! I just have misunderstood how this word! Thank you so much!