PyratLabs · xanmanning · Apr 10, 2021 · Apr 3, 2021 · Apr 10, 2021 · Apr 10, 2021
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,20 @@
 ---
 -->
 
+## 2021-04-10, v2.8.2
+
+### Notable changes
+
+ - #105 - Added Ansible v2.9.16 support
+ - #102 - Pre-check for cgroup status
+
+### Known issues
+
+ - As per README.md, you require `ansible` >= 2.9.16
+   or `ansible-base` >= 2.10.4. See [#105(comment)](https://github.com/PyratLabs/ansible-role-k3s/issues/105#issuecomment-817182233)
+
+---
+
 ## 2021-03-22, v2.8.1
 
 ### Notable changes

diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@ and [CHANGELOG.md](CHANGELOG.md).
 
 The host you're running Ansible from requires the following Python dependencies:
 
-  - `ansbile >= 2.9.17` or `ansible-base >= 2.10.4`
+  - `ansbile >= 2.9.16` or `ansible-base >= 2.10.4`
 
 You can install dependencies using the requirements.txt file in this repository:
 `pip3 install -r requirements.txt`.

diff --git a/molecule/highavailabilitydb/prepare.yml b/molecule/highavailabilitydb/prepare.yml
@@ -25,7 +25,8 @@
         mode: 0644
 
     - name: Ensure HAProxy service is started
-      command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
+      ansible.builtin.command:
+        cmd: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
       args:
         creates: /var/run/haproxy.pid
 

diff --git a/molecule/highavailabilityetcd/prepare.yml b/molecule/highavailabilityetcd/prepare.yml
@@ -25,7 +25,8 @@
         mode: 0644
 
     - name: Ensure HAProxy service is started
-      command: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
+      ansible.builtin.command:
+        cmd: haproxy -D -f /usr/local/etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
       args:
         creates: /var/run/haproxy.pid
 

diff --git a/requirements.txt b/requirements.txt
@@ -1 +1 @@
-ansible>2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3
+ansible>=2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3
diff --git a/tasks/build/docker/amazon/install.yml b/tasks/build/docker/amazon/install.yml
@@ -1,7 +1,8 @@
 ---
 
 - name: Ensure docker is installed using amazon-linux-extras
-  ansible.builtin.command: amazon-linux-extras install docker
+  ansible.builtin.command:
+    cmd: amazon-linux-extras install docker
   args:
     creates: /etc/docker
   notify:

diff --git a/tasks/build/docker/redhat/install-prerequisites.yml b/tasks/build/docker/redhat/install-prerequisites.yml
@@ -46,7 +46,8 @@
   become: "{{ k3s_become_for_package_install | ternary(true, false, k3s_become_for_all) }}"
 
 - name: Ensure Docker repository is installed and configured from file
-  ansible.builtin.command: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
+  ansible.builtin.command:
+    cmd: yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
   args:
     creates: /etc/yum.repos.d/docker-ce.repo
   when:

diff --git a/tasks/build/preconfigure-k3s.yml b/tasks/build/preconfigure-k3s.yml
@@ -82,7 +82,8 @@
 - name: Delegate an initializing control plane node
   block:
     - name: Lookup control node from file
-      ansible.builtin.command: "grep '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt"
+      ansible.builtin.command:
+        cmd: "grep '{{ 'P_True' if (k3s_controller_list | length > 1) else 'C_True' }}' /tmp/inventory.txt"
       changed_when: false
       check_mode: false
       register: k3s_control_delegate_raw

diff --git a/tasks/teardown/docker/amazon/uninstall.yml b/tasks/teardown/docker/amazon/uninstall.yml
@@ -1,7 +1,8 @@
 ---
 
 - name: Ensure docker is uninstalled using amazon-linux-extras
-  ansible.builtin.command: amazon-linux-extras uninstall docker
+  ansible.builtin.command:
+    cmd: amazon-linux-extras uninstall docker
   register: uninstall_docker_from_amazon_linux
   changed_when: uninstall_docker_from_amazon_linux.rc == 0
   become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
diff --git a/tasks/teardown/drain-and-remove-nodes.yml b/tasks/teardown/drain-and-remove-nodes.yml
@@ -10,7 +10,8 @@
   block:
 
     - name: Gather a list of nodes
-      ansible.builtin.command: "{{ k3s_install_dir }}/kubectl get nodes"
+      ansible.builtin.command:
+        cmd: "{{ k3s_install_dir }}/kubectl get nodes"
       changed_when: false
       failed_when: false
       delegate_to: "{{ k3s_control_delegate }}"
@@ -19,11 +20,12 @@
       become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
 
     - name: Ensure uninstalled nodes are drained
-      ansible.builtin.command: >-
-        {{ k3s_install_dir }}/kubectl drain {{ item }}
-          --ignore-daemonsets
-          --delete-local-data
-          --force
+      ansible.builtin.command:
+        cmd: >-
+          {{ k3s_install_dir }}/kubectl drain {{ item }}
+            --ignore-daemonsets
+            --delete-local-data
+            --force
       delegate_to: "{{ k3s_control_delegate }}"
       run_once: true
       when:
@@ -34,7 +36,8 @@
       become: "{{ k3s_become_for_kubectl | ternary(true, false, k3s_become_for_all) }}"
 
     - name: Ensure uninstalled nodes are removed
-      ansible.builtin.command: "{{ k3s_install_dir }}/kubectl delete node {{ item }}"
+      ansible.builtin.command:
+        cmd: "{{ k3s_install_dir }}/kubectl delete node {{ item }}"
       delegate_to: "{{ k3s_control_delegate }}"
       run_once: true
       when:

diff --git a/tasks/teardown/uninstall-k3s.yml b/tasks/teardown/uninstall-k3s.yml
@@ -11,20 +11,23 @@
   register: check_k3s_uninstall_script
 
 - name: Check to see if docker is present
-  ansible.builtin.command: which docker
+  ansible.builtin.command:
+    cmd: which docker
   failed_when: false
   changed_when: false
   register: check_k3s_docker_path
 
 - name: Run k3s-killall.sh
-  ansible.builtin.command: /usr/local/bin/k3s-killall.sh
+  ansible.builtin.command:
+    cmd: /usr/local/bin/k3s-killall.sh
   register: k3s_killall
   changed_when: k3s_killall.rc == 0
   when: check_k3s_killall_script.stat.exists
   become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
 
 - name: Run k3s-uninstall.sh
-  ansible.builtin.command: /usr/local/bin/k3s-uninstall.sh
+  ansible.builtin.command:
+    cmd: /usr/local/bin/k3s-uninstall.sh
   args:
     removes: /usr/local/bin/k3s-uninstall.sh
   register: k3s_uninstall
@@ -46,7 +49,8 @@
   become: "{{ k3s_become_for_uninstall | ternary(true, false, k3s_become_for_all) }}"
 
 - name: Clean up Docker
-  ansible.builtin.command: docker system prune -a --force
+  ansible.builtin.command:
+    cmd: docker system prune -a --force
   when:
     - ("docker" in k3s_runtime_config and k3s_runtime_config.docker)
     - check_k3s_docker_path.rc == 0
diff --git a/tasks/validate/configuration/unsupported-rootless.yml b/tasks/validate/configuration/unsupported-rootless.yml
@@ -1,7 +1,8 @@
 ---
 
 - name: Check if newuidmap is available
-  ansible.builtin.command: which newuidmap
+  ansible.builtin.command:
+    cmd: which newuidmap
   failed_when: false
   changed_when: false
   register: k3s_check_newuidmap_installed

diff --git a/tasks/validate/environment/local/issue-data.yml b/tasks/validate/environment/local/issue-data.yml
@@ -4,7 +4,8 @@
   ansible.builtin.setup:
 
 - name: Ensure Ansible version is captured
-  ansible.builtin.command: ansible --version
+  ansible.builtin.command:
+    cmd: ansible --version
   failed_when: false
   changed_when: false
   register: check_ansible_version
@@ -13,7 +14,8 @@
   become: false
 
 - name: Ensure Ansible config is captured
-  ansible.builtin.command: ansible-config dump --only-changed
+  ansible.builtin.command:
+    cmd: ansible-config dump --only-changed
   failed_when: false
   changed_when: false
   register: check_ansible_config
@@ -22,7 +24,8 @@
   become: false
 
 - name: Ensure a list of roles is captured
-  ansible.builtin.command: ansible-galaxy role list
+  ansible.builtin.command:
+    cmd: ansible-galaxy role list
   failed_when: false
   changed_when: false
   register: check_ansible_roles

diff --git a/tasks/validate/environment/remote/cgroups.yml b/tasks/validate/environment/remote/cgroups.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Check if {{ cgroup.name }} cgroup is enabled
+  ansible.builtin.command:
+    cmd: 'grep -E "^{{ cgroup.name }}\s+.*\s+1$" /proc/cgroups'
+  failed_when: false
+  changed_when: false
+  register: k3s_check_cgroup_option
+
+- name: Fail if {{ cgroup.name }} cgroup is not enabled
+  ansible.builtin.assert:
+    that:
+      - k3s_check_cgroup_option.rc == 0
+    fail_msg: |
+      {{ cgroup.name }} cgroup disabled. {{ cgroup.documentation }}
+    success_msg: "{{ cgroup.name }} cgroup enabled."
diff --git a/tasks/validate/environment/remote/packages.yml b/tasks/validate/environment/remote/packages.yml
@@ -1,7 +1,8 @@
 ---
 
 - name: Check that {{ package.name }} is installed
-  ansible.builtin.command: "which {{ package.name }}"
+  ansible.builtin.command:
+    cmd: "which {{ package.name }}"
   changed_when: false
   failed_when: false
   register: check_k3s_required_package

diff --git a/tasks/validate/pre-flight.yml b/tasks/validate/pre-flight.yml
@@ -13,12 +13,20 @@
     - not k3s_skip_validation
     - not k3s_skip_env_checks
 
+- include_tasks: environment/remote/cgroups.yml
+  loop: "{{ k3s_cgroup_subsys }}"
+  loop_control:
+    loop_var: cgroup
+  when:
+    - not k3s_skip_validation
+    - not k3s_skip_env_checks
+
 - include_tasks: environment/remote/packages.yml
   loop: "{{ k3s_check_packages }}"
   loop_control:
     loop_var: package
   when:
-    - k3s_skip_validation
+    - not k3s_skip_validation
     - not k3s_skip_env_checks
 
 - include_tasks: environment/local/issue-data.yml

diff --git a/tasks/validate/state/nodes.yml b/tasks/validate/state/nodes.yml
@@ -1,7 +1,8 @@
 ---
 
 - name: Check that all nodes to be ready
-  ansible.builtin.command: "{{ k3s_install_dir }}/kubectl get nodes"
+  ansible.builtin.command:
+    cmd: "{{ k3s_install_dir }}/kubectl get nodes"
   changed_when: false
   failed_when: kubectl_get_nodes_result.stdout.find("was refused") != -1 or
                kubectl_get_nodes_result.stdout.find("ServiceUnavailable") != -1

diff --git a/tasks/validate/state/uninstalled.yml b/tasks/validate/state/uninstalled.yml
@@ -1,15 +1,17 @@
 ---
 
 - name: Check that k3s is not running
-  ansible.builtin.command: pgrep k3s
+  ansible.builtin.command:
+    cmd: pgrep k3s
   failed_when:
     - check_k3s_process.rc == 0
     - not ansible_check_mode
   changed_when: false
   register: check_k3s_process
 
 - name: Check that docker is not running
-  ansible.builtin.command: pgrep docker
+  ansible.builtin.command:
+    cmd: pgrep docker
   failed_when:
     - check_k3s_docker_process.rc == 0
     - not ansible_check_mode

diff --git a/test_versions.sh b/test_versions.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ANSIBLE_RELEASE_FEED="$(curl -Ssl https://api.github.com/repos/ansible/ansible/tags?per_page=50)"
+TMPDIR="$(mktemp -d /tmp/molecule.XXXXX)"
+
+function ansible_releases {
+    local RELEASE_LIST_ALL
+
+    RELEASE_LIST_ALL="$(echo "${ANSIBLE_RELEASE_FEED}" | grep -E "\"name\": \"v[0-9]+\.[0-9]+\.[0-9]+\"")"
+
+    for RELEASE in ${RELEASE_LIST_ALL} ; do
+        echo "${RELEASE}" | grep -v "name" | sed -E 's/"v([0-9]+\.[0-9]+\.[0-9]+)",/\1/g' || true
+    done
+}
+
+function build_requirements {
+    local TEST_REQUIREMENTS
+    local REQUIREMENTS
+    local ANSIBLE_VERSION
+
+    ANSIBLE_VERSION="${1:-true}"
+
+    if [ "${ANSIBLE_VERSION}" == "true" ] ; then
+        echo "Something went wrong!"
+        exit 1
+    fi
+
+    TEST_REQUIREMENTS=$(<molecule/requirements.txt)
+    REQUIREMENTS=$(echo "${TEST_REQUIREMENTS}" | grep -v "requirements.txt" || true)
+    if [[ "${ANSIBLE_VERSION}" =~ "^v2\.10" ]] ; then
+        echo -e "ansible==${ANSIBLE_VERSION}\nansible-base==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
+    else
+        echo -e "ansible==${ANSIBLE_VERSION}\n${REQUIREMENTS}"
+    fi
+}
+
+function make_venv {
+    local MOLECULE_RESULT
+
+    python3 -m venv "${TMPDIR}/${1:-ansible}"
+    source "${TMPDIR}/${1:-ansible}/bin/activate"
+    pip3 install -r "${TMPDIR}/version_requirements.txt" || true
+    MOLECULE_RESULT=$(molecule test | grep -E "CRITICAL|fatal:" || echo ":heavy_check_mark:")
+    if [ "${MOLECULE_RESULT}" != ":heavy_check_mark:" ] ; then
+        MOLECULE_RESULT=":x:"
+    fi
+    deactivate
+
+    echo -n "${MOLECULE_RESULT}" | tee -a /tmp/molecule_tests.md
+}
+
+function main {
+    echo "| Version   | Result             |" | tee /tmp/molecule_tests.md
+    echo "| --------- | ------------------ |" | tee -a /tmp/molecule_tests.md
+    for TEST_ANSIBLE in $(ansible_releases) ; do
+        echo -n "| ${TEST_ANSIBLE} | " | tee -a /tmp/molecule_tests.md
+        build_requirements "${TEST_ANSIBLE}" > "${TMPDIR}/version_requirements.txt"
+        make_venv "${TEST_ANSIBLE}"
+        echo " |" | tee -a /tmp/molecule_tests.md
+    done
+}
+
+main
diff --git a/vars/main.yml b/vars/main.yml
@@ -143,3 +143,13 @@ k3s_deprecated_config:
   - setting: docker
     correction: "docker: false"
     when: 1.20.0
+
+k3s_cgroup_subsys:
+  - name: memory
+    documentation: |
+      If you are running on a Raspberry Pi, see:
+      https://rancher.com/docs/k3s/latest/en/advanced/#enabling-cgroups-for-raspbian-buster
+  - name: cpuset
+    documentation: |
+      If you are running Alpine Linux, see:
+      https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-alpine-linux-setup
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		ansible>2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3
		ansible>=2.9.16,!=2.10.0,!=2.10.1,!=2.10.2,!=2.10.3