ansible/roles/k3s-agent/tasks/main.yml

---
- name: Check if k3s agent service exists
  stat:
    path: /etc/systemd/system/k3s-agent.service
  register: k3s_agent_service

- name: Check k3s agent service state
  command: systemctl is-active k3s-agent
  register: k3s_agent_service_state
  changed_when: false
  failed_when: false
  when: k3s_agent_service.stat.exists

- name: Check installed k3s version
  command: k3s --version
  register: installed_k3s_version
  changed_when: false
  failed_when: false
  when: k3s_agent_service.stat.exists

- name: Determine whether k3s agent install is needed
  set_fact:
    k3s_agent_install_needed: >-
      {{
        (not k3s_agent_service.stat.exists)
        or ((k3s_agent_service_state.stdout | default('')) != 'active')
        or (k3s_version != 'latest' and k3s_version not in (installed_k3s_version.stdout | default('')))
      }}

- name: Download k3s install script
  get_url:
    url: https://get.k3s.io
    dest: /tmp/install-k3s.sh
    mode: "0755"
  register: k3s_agent_install_script
  until: k3s_agent_install_script is succeeded
  retries: 5
  delay: 10
  when: k3s_agent_install_needed

- name: Install k3s agent
  when: k3s_agent_install_needed
  block:
    - name: Wait for Kubernetes API endpoint before agent join
      wait_for:
        host: "{{ k3s_server_url | regex_replace('^https?://([^:/]+).*$', '\\1') }}"
        port: 6443
        state: started
        timeout: 180

    - name: Run k3s agent install
      environment:
        INSTALL_K3S_VERSION: "{{ k3s_version if k3s_version != 'latest' else '' }}"
        K3S_URL: "{{ k3s_server_url }}"
        K3S_TOKEN: "{{ k3s_token }}"
      command: >-
        /tmp/install-k3s.sh agent
        --node-ip {{ k3s_node_ip }}
        --flannel-iface={{ k3s_flannel_iface }}
        {% if k3s_kubelet_cloud_provider_external | bool %}--kubelet-arg=cloud-provider=external{% endif %}
      register: k3s_agent_install
      until: k3s_agent_install.rc == 0
      retries: 3
      delay: 20

- name: Wait for k3s agent to be ready
  command: systemctl is-active k3s-agent
  register: agent_status
  until: agent_status.stdout == "active"
  retries: 30
  delay: 10
  changed_when: false

- name: Show k3s-agent service status on failure
  command: systemctl status k3s-agent --no-pager
  register: k3s_agent_status
  changed_when: false
  failed_when: false
  when: agent_status is failed

- name: Show recent k3s-agent logs on failure
  command: journalctl -u k3s-agent -n 120 --no-pager
  register: k3s_agent_journal
  changed_when: false
  failed_when: false
  when: agent_status is failed

- name: Fail with k3s-agent diagnostics
  fail:
    msg: |
      k3s agent failed to become ready on {{ inventory_hostname }}.
      Install stdout:
      {{ k3s_agent_install.stdout | default('n/a') }}

      Install stderr:
      {{ k3s_agent_install.stderr | default('n/a') }}

      Service status:
      {{ k3s_agent_status.stdout | default('n/a') }}

      Recent logs:
      {{ k3s_agent_journal.stdout | default('n/a') }}
  when: agent_status is failed
feat: Add HA Kubernetes cluster with Terraform + Ansible 2026-02-28 20:24:55 +00:00			`---`
fix: make Ansible reruns faster and idempotent 2026-04-24 11:44:11 +00:00			`- name: Check if k3s agent service exists`
feat: Add HA Kubernetes cluster with Terraform + Ansible 2026-02-28 20:24:55 +00:00			`stat:`
fix: make Ansible reruns faster and idempotent 2026-04-24 11:44:11 +00:00			`path: /etc/systemd/system/k3s-agent.service`
			`register: k3s_agent_service`

			`- name: Check k3s agent service state`
			`command: systemctl is-active k3s-agent`
			`register: k3s_agent_service_state`
			`changed_when: false`
			`failed_when: false`
			`when: k3s_agent_service.stat.exists`

fix: reinstall k3s on version drift 2026-04-30 06:03:53 +00:00			`- name: Check installed k3s version`
			`command: k3s --version`
			`register: installed_k3s_version`
			`changed_when: false`
			`failed_when: false`
			`when: k3s_agent_service.stat.exists`

fix: make Ansible reruns faster and idempotent 2026-04-24 11:44:11 +00:00			`- name: Determine whether k3s agent install is needed`
			`set_fact:`
fix: reinstall k3s on version drift 2026-04-30 06:03:53 +00:00			`k3s_agent_install_needed: >-`
			`{{`
			`(not k3s_agent_service.stat.exists)`
			`or ((k3s_agent_service_state.stdout \| default('')) != 'active')`
			`or (k3s_version != 'latest' and k3s_version not in (installed_k3s_version.stdout \| default('')))`
			`}}`
feat: Add HA Kubernetes cluster with Terraform + Ansible 2026-02-28 20:24:55 +00:00
			`- name: Download k3s install script`
			`get_url:`
			`url: https://get.k3s.io`
			`dest: /tmp/install-k3s.sh`
			`mode: "0755"`
fix: harden cluster rebuild determinism 2026-04-30 07:36:27 +00:00			`register: k3s_agent_install_script`
			`until: k3s_agent_install_script is succeeded`
			`retries: 5`
			`delay: 10`
fix: make Ansible reruns faster and idempotent 2026-04-24 11:44:11 +00:00			`when: k3s_agent_install_needed`
feat: Add HA Kubernetes cluster with Terraform + Ansible 2026-02-28 20:24:55 +00:00
			`- name: Install k3s agent`
fix: make Ansible reruns faster and idempotent 2026-04-24 11:44:11 +00:00			`when: k3s_agent_install_needed`
fix: restore k3s agent bootstrap 2026-03-20 01:50:16 +00:00			`block:`
fix: harden cluster rebuild determinism 2026-04-30 07:36:27 +00:00			`- name: Wait for Kubernetes API endpoint before agent join`
			`wait_for:`
			`host: "{{ k3s_server_url \| regex_replace('^https?://([^:/]+).*$', '\\1') }}"`
			`port: 6443`
			`state: started`
			`timeout: 180`

fix: restore k3s agent bootstrap 2026-03-20 01:50:16 +00:00			`- name: Run k3s agent install`
			`environment:`
			`INSTALL_K3S_VERSION: "{{ k3s_version if k3s_version != 'latest' else '' }}"`
			`K3S_URL: "{{ k3s_server_url }}"`
			`K3S_TOKEN: "{{ k3s_token }}"`
			`command: >-`
			`/tmp/install-k3s.sh agent`
			`--node-ip {{ k3s_node_ip }}`
feat: migrate cluster baseline from Hetzner to Proxmox 2026-04-22 03:02:13 +00:00			`--flannel-iface={{ k3s_flannel_iface }}`
fix: restore k3s agent bootstrap 2026-03-20 01:50:16 +00:00			`{% if k3s_kubelet_cloud_provider_external \| bool %}--kubelet-arg=cloud-provider=external{% endif %}`
fix: rely on k3s service readiness instead of installer exit code 2026-04-22 04:14:31 +00:00			`register: k3s_agent_install`
fix: harden cluster rebuild determinism 2026-04-30 07:36:27 +00:00			`until: k3s_agent_install.rc == 0`
			`retries: 3`
			`delay: 20`
feat: Add HA Kubernetes cluster with Terraform + Ansible 2026-02-28 20:24:55 +00:00
			`- name: Wait for k3s agent to be ready`
			`command: systemctl is-active k3s-agent`
			`register: agent_status`
			`until: agent_status.stdout == "active"`
			`retries: 30`
			`delay: 10`
			`changed_when: false`
fix: rely on k3s service readiness instead of installer exit code 2026-04-22 04:14:31 +00:00
			`- name: Show k3s-agent service status on failure`
			`command: systemctl status k3s-agent --no-pager`
			`register: k3s_agent_status`
			`changed_when: false`
			`failed_when: false`
			`when: agent_status is failed`

			`- name: Show recent k3s-agent logs on failure`
			`command: journalctl -u k3s-agent -n 120 --no-pager`
			`register: k3s_agent_journal`
			`changed_when: false`
			`failed_when: false`
			`when: agent_status is failed`

			`- name: Fail with k3s-agent diagnostics`
			`fail:`
			`msg: \|`
			`k3s agent failed to become ready on {{ inventory_hostname }}.`
			`Install stdout:`
			`{{ k3s_agent_install.stdout \| default('n/a') }}`

			`Install stderr:`
			`{{ k3s_agent_install.stderr \| default('n/a') }}`

			`Service status:`
			`{{ k3s_agent_status.stdout \| default('n/a') }}`

			`Recent logs:`
			`{{ k3s_agent_journal.stdout \| default('n/a') }}`
			`when: agent_status is failed`