Merge branch 'master' into updates

* Create reboot.yml

* Create reboot.sh

* Updated the Playbook and Tasks Name

Co-authored-by: Techno Tim <timothystewart6@gmail.com>

.github/download-boxes.sh

@@ -5,15 +5,10 @@
 # already present on the system.
 
 set -euo pipefail
-YQ_VERSION=v4.29.2
-YQ_BINARY=yq_linux_amd64
+
 GIT_ROOT=$(git rev-parse --show-toplevel)
 PROVIDER=virtualbox
 
-# get yq used for filtering
-sudo wget https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/${YQ_BINARY} -O /usr/bin/yq &&\
-    sudo chmod +x /usr/bin/yq
-
 # Read all boxes for all platforms from the "molecule.yml" files
 all_boxes=$(cat "${GIT_ROOT}"/molecule/*/molecule.yml |
     yq -r '.platforms[].box' |         # Read the "box" property of each node under "platforms"

.github/workflows/lint.yml

@@ -10,7 +10,7 @@ on:
 jobs:
   pre-commit-ci:
     name: Pre-Commit
-    runs-on: self-hosted
+    runs-on: ubuntu-latest
     env:
       PYTHON_VERSION: "3.10"
 

.github/workflows/test.yml

@@ -10,7 +10,7 @@ on:
 jobs:
   molecule:
     name: Molecule
-    runs-on: self-hosted
+    runs-on: macos-12
 
     strategy:
       matrix:
@@ -21,7 +21,6 @@ jobs:
       fail-fast: false
     env:
       PYTHON_VERSION: "3.10"
-      VAGRANT_DEFAULT_PROVIDER: virtualbox
 
     steps:
       - name: Check out the codebase
@@ -29,32 +28,6 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Install Virtual Box from Oracle
-        run: |
-          echo "::group::Virtual Box"
-          wget -O- https://www.virtualbox.org/download/oracle_vbox_2016.asc | sudo gpg --dearmor --yes --output /usr/share/keyrings/oracle-virtualbox-2016.gpg
-          echo "deb [arch=amd64 signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" | sudo tee -a /etc/apt/sources.list.d/virtualbox.list
-          sudo apt update && sudo apt install -y linux-headers-generic linux-headers-5.15.0-52-generic build-essential dkms virtualbox-dkms virtualbox-6.1
-          echo "::endgroup::"
-          echo "::group::Virtual Box Test"
-          vboxmanage --version
-          sudo /sbin/vboxconfig
-          sudo modprobe vboxdrv
-          vboxmanage --version
-          echo "::endgroup::"
-
-      - name: Install Vagrant
-        run: |
-          echo "::group::Install Vagrant"
-          wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
-          echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
-          sudo apt update && sudo apt install -y vagrant
-          vagrant version
-          vagrant plugin list
-          vagrant plugin install vagrant-vbguest
-          vagrant plugin list
-          echo "::endgroup::"
-
       - name: Configure VirtualBox
         run: |-
           sudo mkdir -p /etc/vbox

.gitignore

@@ -1 +1,2 @@
 .env/
+*.log

ansible.cfg

@@ -2,11 +2,22 @@
 nocows                  = True
 roles_path              = ./roles
 inventory               = ./hosts.ini
+stdout_callback         = yaml
 
 remote_tmp              = $HOME/.ansible/tmp
 local_tmp               = $HOME/.ansible/tmp
-pipelining = True
-become = True
+timeout                 = 60
 host_key_checking       = False
 deprecation_warnings    = False
 callback_whitelist      = profile_tasks
+log_path                = ./ansible.log
+
+[privilege_escalation]
+become                  = True
+
+[ssh_connection]
+scp_if_ssh              = smart
+retries                 = 3
+ssh_args                = -o ControlMaster=auto -o ControlPersist=30m -o Compression=yes -o ServerAliveInterval=15s
+pipelining              = True
+control_path            = %(directory)s/%%h-%%r

inventory/sample/group_vars/all.yml

@@ -1,5 +1,5 @@
 ---
-k3s_version: v1.24.6+k3s1
+k3s_version: v1.24.7+k3s1
 # this is the user that has ssh access to these machines
 ansible_user: ansibleuser
 systemd_dir: /etc/systemd/system
@@ -44,8 +44,8 @@ extra_agent_args: >-
 kube_vip_tag_version: "v0.5.5"
 
 # image tag for metal lb
-metal_lb_speaker_tag_version: "v0.13.6"
-metal_lb_controller_tag_version: "v0.13.6"
+metal_lb_speaker_tag_version: "v0.13.9"
+metal_lb_controller_tag_version: "v0.13.9"
 
 # metallb ip range for load balancer
 metal_lb_ip_range: "192.168.30.80-192.168.30.90"

molecule/default/molecule.yml

@@ -3,56 +3,73 @@ dependency:
   name: galaxy
 driver:
   name: vagrant
-.platform_presets:
-  - &control
+platforms:
+
+  - name: control1
+    box: generic/ubuntu2204
     memory: 2048
     cpus: 2
     groups:
       - k3s_cluster
       - master
-  - &node
-    memory: 2048
-    cpus: 2
-    groups:
-      - k3s_cluster
-      - node
-  - &debian
-    box: generic/debian11
-  - &rocky
-    box: generic/rocky9
-  - &ubuntu
-    box: generic/ubuntu2204
+    interfaces:
+      - network_name: private_network
+        ip: 192.168.30.38
     config_options:
       # We currently can not use public-key based authentication on Ubuntu 22.04,
       # see: https://github.com/chef/bento/issues/1405
       ssh.username: "vagrant"
       ssh.password: "vagrant"
-platforms:
-  - <<: [*control, *ubuntu]
-    name: control1
-    interfaces:
-      - network_name: private_network
-        ip: 192.168.30.38
-  - <<: [*control, *debian]
-    name: control2
+
+  - name: control2
+    box: generic/debian11
+    memory: 2048
+    cpus: 2
+    groups:
+      - k3s_cluster
+      - master
     interfaces:
       - network_name: private_network
         ip: 192.168.30.39
-  - <<: [*control, *rocky]
-    name: control3
+
+  - name: control3
+    box: generic/rocky9
+    memory: 2048
+    cpus: 2
+    groups:
+      - k3s_cluster
+      - master
     interfaces:
       - network_name: private_network
         ip: 192.168.30.40
-  - <<: [*node, *ubuntu]
-    name: node1
+
+  - name: node1
+    box: generic/ubuntu2204
+    memory: 2048
+    cpus: 2
+    groups:
+      - k3s_cluster
+      - node
     interfaces:
       - network_name: private_network
         ip: 192.168.30.41
-  - <<: [*node, *rocky]
-    name: node2
+    config_options:
+      # We currently can not use public-key based authentication on Ubuntu 22.04,
+      # see: https://github.com/chef/bento/issues/1405
+      ssh.username: "vagrant"
+      ssh.password: "vagrant"
+
+  - name: node2
+    box: generic/rocky9
+    memory: 2048
+    cpus: 2
+    groups:
+      - k3s_cluster
+      - node
     interfaces:
       - network_name: private_network
         ip: 192.168.30.42
+
 provisioner:
   name: ansible
   playbooks:

molecule/ipv6/molecule.yml

@@ -3,37 +3,39 @@ dependency:
   name: galaxy
 driver:
   name: vagrant
-.platform_presets:
-  - &control
+platforms:
+
+  - name: control1
+    box: generic/ubuntu2204
     memory: 2048
     cpus: 2
     groups:
       - k3s_cluster
       - master
-  - &node
-    memory: 2048
-    cpus: 2
-    groups:
-      - k3s_cluster
-      - node
-  - &ubuntu
-    box: generic/ubuntu2204
+    interfaces:
+      - network_name: private_network
+        ip: fdad:bad:ba55::de:11
     config_options:
       # We currently can not use public-key based authentication on Ubuntu 22.04,
       # see: https://github.com/chef/bento/issues/1405
       ssh.username: "vagrant"
       ssh.password: "vagrant"
-platforms:
-  - <<: [*control, *ubuntu]
-    name: control1
-    interfaces:
-      - network_name: private_network
-        ip: fdad:bad:ba55::de:11
-  - <<: [*node, *ubuntu]
-    name: node1
+
+  - name: node1
+    box: generic/ubuntu2204
+    memory: 2048
+    cpus: 2
+    groups:
+      - k3s_cluster
+      - node
     interfaces:
       - network_name: private_network
         ip: fdad:bad:ba55::de:21
+    config_options:
+      # We currently can not use public-key based authentication on Ubuntu 22.04,
+      # see: https://github.com/chef/bento/issues/1405
+      ssh.username: "vagrant"
+      ssh.password: "vagrant"
 provisioner:
   name: ansible
   playbooks:

reboot.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+ansible-playbook reboot.yml -i inventory/my-cluster/hosts.ini

reboot.yml

@@ -0,0 +1,9 @@
+---
+- name: Reboot k3s_cluster
+  hosts: k3s_cluster
+  gather_facts: yes
+  become: yes
+  tasks:
+    - name: Reboot the nodes (and Wait upto 5 mins max)
+      reboot:
+        reboot_timeout: 300

requirements.in

@@ -0,0 +1,13 @@
+molecule>=4.0.3
+ansible-core>=2.13.5
+ansible-lint>=6.8.6
+kubernetes>=25.3.0
+molecule-vagrant>=1.0.0
+molecule>=4.0.3
+netaddr>=0.8.0
+pyyaml>=6.0
+yamllint>=1.28.0
+jmespath>=1.0.1
+jsonpatch>=1.32
+pre-commit>=2.20.0
+netaddr>=0.8.0

requirements.txt

@@ -1,72 +1,222 @@
-ansible-compat==2.2.1
+#
+# This file is autogenerated by pip-compile with python 3.8
+# To update, run:
+#
+#    pip-compile requirements.in
+#
+ansible-compat==2.2.4
+    # via
+    #   ansible-lint
+    #   molecule
 ansible-core==2.13.5
-ansible-lint==6.8.4
+    # via
+    #   -r requirements.in
+    #   ansible-lint
+ansible-lint==6.8.6
+    # via -r requirements.in
 arrow==1.2.3
+    # via jinja2-time
 attrs==22.1.0
+    # via jsonschema
 binaryornot==0.4.4
+    # via cookiecutter
 black==22.10.0
+    # via ansible-lint
 bracex==2.3.post1
+    # via wcmatch
 cachetools==5.2.0
-Cerberus==1.3.2
+    # via google-auth
 certifi==2022.9.24
+    # via
+    #   kubernetes
+    #   requests
 cffi==1.15.1
+    # via cryptography
+cfgv==3.3.1
+    # via pre-commit
 chardet==5.0.0
+    # via binaryornot
 charset-normalizer==2.1.1
+    # via requests
 click==8.1.3
+    # via
+    #   black
+    #   click-help-colors
+    #   cookiecutter
+    #   molecule
 click-help-colors==0.9.1
+    # via molecule
 commonmark==0.9.1
+    # via rich
 cookiecutter==2.1.1
-cryptography==38.0.1
+    # via molecule
+cryptography==38.0.3
+    # via ansible-core
+distlib==0.3.6
+    # via virtualenv
 distro==1.8.0
+    # via selinux
 enrich==1.2.7
+    # via molecule
 filelock==3.8.0
-google-auth==2.13.0
+    # via
+    #   ansible-lint
+    #   virtualenv
+google-auth==2.14.0
+    # via kubernetes
+identify==2.5.8
+    # via pre-commit
 idna==3.4
+    # via requests
 importlib-resources==5.10.0
-Jinja2==3.1.2
+    # via jsonschema
+jinja2==3.1.2
+    # via
+    #   ansible-core
+    #   cookiecutter
+    #   jinja2-time
+    #   molecule
+    #   molecule-vagrant
 jinja2-time==0.2.0
+    # via cookiecutter
 jmespath==1.0.1
+    # via -r requirements.in
 jsonpatch==1.32
+    # via -r requirements.in
 jsonpointer==2.3
-jsonschema==4.16.0
-kubernetes==24.2.0
-MarkupSafe==2.1.1
-molecule==4.0.1
+    # via jsonpatch
+jsonschema==4.17.0
+    # via
+    #   ansible-compat
+    #   ansible-lint
+    #   molecule
+kubernetes==25.3.0
+    # via -r requirements.in
+markupsafe==2.1.1
+    # via jinja2
+molecule==4.0.3
+    # via
+    #   -r requirements.in
+    #   molecule-vagrant
 molecule-vagrant==1.0.0
+    # via -r requirements.in
 mypy-extensions==0.4.3
+    # via black
 netaddr==0.8.0
+    # via -r requirements.in
+nodeenv==1.7.0
+    # via pre-commit
 oauthlib==3.2.2
+    # via requests-oauthlib
 packaging==21.3
+    # via
+    #   ansible-compat
+    #   ansible-core
+    #   ansible-lint
+    #   molecule
 pathspec==0.10.1
+    # via
+    #   black
+    #   yamllint
 pkgutil-resolve-name==1.3.10
+    # via jsonschema
 platformdirs==2.5.2
+    # via
+    #   black
+    #   virtualenv
 pluggy==1.0.0
+    # via molecule
 pre-commit==2.20.0
+    # via -r requirements.in
 pyasn1==0.4.8
+    # via
+    #   pyasn1-modules
+    #   rsa
 pyasn1-modules==0.2.8
+    # via google-auth
 pycparser==2.21
-Pygments==2.13.0
+    # via cffi
+pygments==2.13.0
+    # via rich
 pyparsing==3.0.9
-pyrsistent==0.18.1
+    # via packaging
+pyrsistent==0.19.2
+    # via jsonschema
 python-dateutil==2.8.2
+    # via
+    #   arrow
+    #   kubernetes
 python-slugify==6.1.2
+    # via cookiecutter
 python-vagrant==1.0.0
-PyYAML==6.0
+    # via molecule-vagrant
+pyyaml==6.0
+    # via
+    #   -r requirements.in
+    #   ansible-compat
+    #   ansible-core
+    #   ansible-lint
+    #   cookiecutter
+    #   kubernetes
+    #   molecule
+    #   molecule-vagrant
+    #   pre-commit
+    #   yamllint
 requests==2.28.1
+    # via
+    #   cookiecutter
+    #   kubernetes
+    #   requests-oauthlib
 requests-oauthlib==1.3.1
+    # via kubernetes
 resolvelib==0.8.1
+    # via ansible-core
 rich==12.6.0
+    # via
+    #   ansible-lint
+    #   enrich
+    #   molecule
 rsa==4.9
-ruamel.yaml==0.17.21
-ruamel.yaml.clib==0.2.7
+    # via google-auth
+ruamel-yaml==0.17.21
+    # via ansible-lint
+ruamel-yaml-clib==0.2.7
+    # via ruamel-yaml
 selinux==0.2.1
+    # via molecule-vagrant
 six==1.16.0
+    # via
+    #   google-auth
+    #   kubernetes
+    #   python-dateutil
 subprocess-tee==0.3.5
+    # via ansible-compat
 text-unidecode==1.3
+    # via python-slugify
+toml==0.10.2
+    # via pre-commit
 tomli==2.0.1
+    # via black
 typing-extensions==4.4.0
+    # via
+    #   black
+    #   rich
 urllib3==1.26.12
+    # via
+    #   kubernetes
+    #   requests
+virtualenv==20.16.6
+    # via pre-commit
 wcmatch==8.4.1
-websocket-client==1.4.1
+    # via ansible-lint
+websocket-client==1.4.2
+    # via kubernetes
 yamllint==1.28.0
+    # via
+    #   -r requirements.in
+    #   ansible-lint
 zipp==3.10.0
+    # via importlib-resources
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools