Lino Silva
87 lines
3.5 KiB
YAML
87 lines
3.5 KiB
YAML
---
|
|
k3s_version: v1.24.6+k3s1
|
|
# this is the user that has ssh access to these machines
|
|
ansible_user: lino
|
|
systemd_dir: /etc/systemd/system
|
|
|
|
# Set your timezone
|
|
system_timezone: "Europe/Lisbon"
|
|
|
|
# interface which will be used for flannel
|
|
flannel_iface: "eth0"
|
|
|
|
# apiserver_endpoint is virtual ip-address which will be configured on each master
|
|
apiserver_endpoint: "10.0.3.1"
|
|
|
|
# k3s_token is required masters can talk together securely
|
|
# this token should be alpha numeric only
|
|
k3s_token: "7qXiuKpSY9uLwdVSNSnEF5RkttoERixCpc2EVJW7vh7Ws4NMN3"
|
|
|
|
# The IP on which the node is reachable in the cluster.
|
|
# Here, a sensible default is provided, you can still override
|
|
# it for each of your hosts, though.
|
|
k3s_node_ip: '{{ ansible_facts[flannel_iface]["ipv4"]["address"] }}'
|
|
|
|
# Disable the taint manually by setting: k3s_master_taint = false
|
|
k3s_master_taint: false
|
|
|
|
# these arguments are recommended for servers as well as agents:
|
|
extra_args: >-
|
|
--flannel-iface={{ flannel_iface }}
|
|
--node-ip={{ k3s_node_ip }}
|
|
|
|
# change these to your liking, the only required are: --disable servicelb, --tls-san {{ apiserver_endpoint }}
|
|
extra_server_args: >-
|
|
{{ extra_args }}
|
|
{{ '--node-taint node-role.kubernetes.io/master=true:NoSchedule' if k3s_master_taint else '' }}
|
|
--tls-san {{ apiserver_endpoint }}
|
|
--disable servicelb
|
|
--disable traefik
|
|
extra_agent_args: >-
|
|
{{ extra_args }}
|
|
|
|
# image tag for kube-vip
|
|
kube_vip_tag_version: "v0.5.5"
|
|
|
|
# image tag for metal lb
|
|
metal_lb_speaker_tag_version: "v0.13.6"
|
|
metal_lb_controller_tag_version: "v0.13.6"
|
|
|
|
# metallb ip range for load balancer
|
|
metal_lb_ip_range: "10.0.4.1-10.0.4.254"
|
|
|
|
lxc_password: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
38303735306236303463613632623161643633663631303931396564346565666236643562316264
|
|
6533643331306364653564653763356537303932313531350a393261643137636232616335376461
|
|
66383966333765626539363561613361393665616333303964373761356166623766663232303063
|
|
3138353333373935660a383230393330646538303933336366383736643333623663333934663131
|
|
3064
|
|
|
|
proxmox_api_password: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
35376334616332386130656335663736343337396532663266383934643632363664646631653935
|
|
6533343936353734343761343465646365616130643130360a316234333036303738663566666364
|
|
61653638373830383733323563373862346662363339656632643661336533363162616435616531
|
|
6331326462356366320a303331616366356333306638386130666538633833623162653934616338
|
|
3566
|
|
|
|
traefik_http_auth_user: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
38323532616336373939646333613338626431363466633631343162636235623563393135653231
|
|
3961383965356631613164303566393632323938386664360a373037616335643662613564353130
|
|
30353832376431633834336234386161313062373437613132623733646166303639313364373637
|
|
3933626639646536320a303163353835633837356530613931346165353939363235373561333836
|
|
39366266303064393334383835323330353934643862323330343337393761353166393333376131
|
|
33303439393531303031653361393530313930363039646566613831373366326432653634653165
|
|
313735383263623836363030386531613033
|
|
|
|
cloudflare_api_key: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
38363363386466666266613930386237623430646531303734613863306530666530376433633339
|
|
3166373361393839363439326661396136616637393865630a666637366132643035343832666335
|
|
33376139643533313730313135653064393239316162376339653965313366643565643664666534
|
|
6631393564333230370a303634643030346166383235643666356164393232643832333238313664
|
|
38346161306138653735303861646638653830633938326566663136393862643264353437623963
|
|
3462616435653132623563316231343739333761653365333437
|