первый фикс

2026-04-17 08:58:26 +03:00
parent 095b276cb3
commit d9a35478a6
9 changed files with 312 additions and 150 deletions
--- a/roles/istio/molecule/default/molecule.yml
+++ b/roles/istio/molecule/default/molecule.yml
@@ -3,7 +3,8 @@ driver:
  name: docker

 platforms:
-  - name: istio-test
+  # master01 — единственная нода нужна, шаблоны деплоятся с первого мастера
+  - name: master01
    image: geerlingguy/docker-ubuntu2204-ansible:latest
    pre_build_image: true

--- a/roles/k3s/molecule/default/converge.yml
+++ b/roles/k3s/molecule/default/converge.yml
@@ -15,6 +15,7 @@
    k3s_service_cidr: "10.43.0.0/16"
    k3s_cluster_dns: "10.43.0.10"
    k3s_flannel_backend: "vxlan"
+    k3s_cni: "flannel"
    k3s_install_dir: /usr/local/bin
    k3s_config_dir: /etc/rancher/k3s
    k3s_data_dir: /var/lib/rancher/k3s
--- a/roles/k3s/molecule/default/molecule.yml
+++ b/roles/k3s/molecule/default/molecule.yml
@@ -3,7 +3,8 @@ driver:
  name: docker

 platforms:
-  - name: k3s-node
+  # master01 — первый сервер, Ubuntu 22.04, запускает cluster-init
+  - name: master01
    image: geerlingguy/docker-ubuntu2204-ansible:latest
    pre_build_image: true
    privileged: true
@@ -15,6 +16,32 @@ platforms:
      - k3s_master
      - k3s_cluster

+  # worker01 — второй сервер, Ubuntu 22.04, присоединяется к master01
+  - name: worker01
+    image: geerlingguy/docker-ubuntu2204-ansible:latest
+    pre_build_image: true
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    command: /lib/systemd/systemd
+    groups:
+      - k3s_master
+      - k3s_cluster
+
+  # rpi01 — Raspberry Pi OS (Debian-based), NoSchedule taint
+  - name: rpi01
+    image: geerlingguy/docker-debian12-ansible:latest
+    pre_build_image: true
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    command: /lib/systemd/systemd
+    groups:
+      - k3s_master
+      - k3s_cluster
+
 provisioner:
  name: ansible
  playbooks:
@@ -25,9 +52,15 @@ provisioner:
    defaults:
      interpreter_python: auto_silent
  inventory:
-    group_vars:
-      k3s_master:
-        k3s_master_ip: "{{ hostvars[groups['k3s_master'][0]]['ansible_host'] | default('127.0.0.1') }}"
+    host_vars:
+      rpi01:
+        ansible_python_interpreter: /usr/bin/python3
+        k3s_node_taints:
+          - "node-type=raspberry-pi:NoSchedule"
+        k3s_extra_server_args: |
+          kubelet-arg:
+            - "kube-reserved=cpu=50m,memory=128Mi"
+            - "system-reserved=cpu=50m,memory=128Mi"

 verifier:
  name: ansible
--- a/roles/k3s/molecule/default/verify.yml
+++ b/roles/k3s/molecule/default/verify.yml
@@ -56,10 +56,19 @@
        that: k3s_config['service-cidr'] == '10.43.0.0/16'
        fail_msg: "Неверный service-cidr: {{ k3s_config['service-cidr'] }}"

-    - name: Assert cluster-init is set (первый мастер)
+    - name: Assert cluster-init is set (только master01)
      ansible.builtin.assert:
        that: k3s_config['cluster-init'] == true
        fail_msg: "cluster-init должен быть true для первого мастера"
+      when: inventory_hostname == groups['k3s_master'][0]
+
+    - name: Assert server URL is set (worker01 и rpi01)
+      ansible.builtin.assert:
+        that:
+          - k3s_config.server is defined
+          - "'6443' in k3s_config.server"
+        fail_msg: "server URL должен быть задан для worker01/rpi01, получено: {{ k3s_config }}"
+      when: inventory_hostname != groups['k3s_master'][0]

    - name: Assert traefik is disabled
      ansible.builtin.assert:
--- a/roles/prometheus-stack/molecule/default/molecule.yml
+++ b/roles/prometheus-stack/molecule/default/molecule.yml
@@ -3,7 +3,8 @@ driver:
  name: docker

 platforms:
-  - name: prom-test
+  # master01 — единственная нода нужна, шаблоны деплоятся с первого мастера
+  - name: master01
    image: geerlingguy/docker-ubuntu2204-ansible:latest
    pre_build_image: true