fix: derive k3s node IPs from terraform private addresses

ansible/generate_inventory.py

@@ -1,7 +1,6 @@
 #!/usr/bin/env python3
 
 import json
-import os
 import subprocess
 import sys
 from pathlib import Path
@@ -27,9 +26,34 @@ def get_terraform_outputs():
 def main():
     outputs = get_terraform_outputs()
 
+    control_plane_ips = outputs["control_plane_ips"]["value"]
+    control_plane_private_ips = outputs["control_plane_private_ips"]["value"]
+    worker_ips = outputs["worker_ips"]["value"]
+    worker_private_ips = outputs["worker_private_ips"]["value"]
+
+    control_planes = [
+        {
+            "name": f"cp-{i + 1}",
+            "public_ip": public_ip,
+            "private_ip": private_ip,
+        }
+        for i, (public_ip, private_ip) in enumerate(
+            zip(control_plane_ips, control_plane_private_ips)
+        )
+    ]
+
+    workers = [
+        {
+            "name": f"worker-{i + 1}",
+            "public_ip": public_ip,
+            "private_ip": private_ip,
+        }
+        for i, (public_ip, private_ip) in enumerate(zip(worker_ips, worker_private_ips))
+    ]
+
     data = {
-        "control_plane_ips": outputs["control_plane_ips"]["value"],
+        "control_planes": control_planes,
-        "worker_ips": outputs["worker_ips"]["value"],
+        "workers": workers,
         "private_key_file": outputs["ssh_private_key_path"]["value"],
     }
 

ansible/inventory.tmpl

@@ -1,11 +1,11 @@
 [control_plane]
-{% for ip in control_plane_ips %}
+{% for node in control_planes %}
-{{ ip }}
+{{ node.name }} ansible_host={{ node.public_ip }} k3s_private_ip={{ node.private_ip }}
 {% endfor %}
 
 [workers]
-{% for ip in worker_ips %}
+{% for node in workers %}
-{{ ip }}
+{{ node.name }} ansible_host={{ node.public_ip }} k3s_private_ip={{ node.private_ip }}
 {% endfor %}
 
 [cluster:children]

ansible/site.yml

@@ -20,10 +20,10 @@
   vars:
     k3s_primary: true
     k3s_token: "{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}"
-    k3s_primary_private_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_primary_private_ip: "{{ k3s_private_ip }}"
-    k3s_primary_public_ip: "{{ ansible_default_ipv4.address }}"
+    k3s_primary_public_ip: "{{ ansible_host }}"
-    k3s_primary_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_primary_ip: "{{ k3s_private_ip }}"
-    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_node_ip: "{{ k3s_private_ip }}"
 
   roles:
     - k3s-server
@@ -40,8 +40,8 @@
     - name: Set join token fact
       set_fact:
         k3s_token: "{{ node_token.stdout }}"
-        k3s_primary_private_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+        k3s_primary_private_ip: "{{ k3s_private_ip }}"
-        k3s_primary_public_ip: "{{ ansible_default_ipv4.address }}"
+        k3s_primary_public_ip: "{{ ansible_host }}"
 
     - name: Fetch kubeconfig
       fetch:
@@ -58,7 +58,7 @@
     k3s_token: "{{ hostvars[groups['control_plane'][0]]['k3s_token'] }}"
     k3s_primary_ip: "{{ hostvars[groups['control_plane'][0]]['k3s_primary_private_ip'] }}"
     k3s_primary_public_ip: "{{ hostvars[groups['control_plane'][0]]['k3s_primary_public_ip'] }}"
-    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_node_ip: "{{ k3s_private_ip }}"
 
   roles:
     - k3s-server
@@ -70,7 +70,7 @@
   vars:
     k3s_token: "{{ hostvars[groups['control_plane'][0]]['k3s_token'] }}"
     k3s_server_url: "https://{{ hostvars[groups['control_plane'][0]]['k3s_primary_private_ip'] }}:6443"
-    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_node_ip: "{{ k3s_private_ip }}"
 
   roles:
     - k3s-agent