implemented conditional reboot, updated README

.gitignore

@@ -1 +1,2 @@
 sshkey.private
+myhosts

README.md

@@ -32,19 +32,22 @@ sudo apt install ansible
 ```
 
 # Run the playbooks
-First we need to set up the VMs with a few dependencies and install k3s on it. This is not specific to Elasticsearch and only installs k3s.
+First we need to set up the VMs with a few dependencies and install k3s on it. The script
 
 ```
-ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --inventory-file "hosts" --private-key "sshkey.private" -u root setup-k3s.playbook
+setup-elastic-cluster.sh
 ```
 
-where "sshkey.pivate" points to the private part of the ssh key you installed in the VMs. "-u root" means to login as a root user, if you have a different ssh user, specify that here. "--inventory-file hosts" tells ansible to use the "hosts" file we edited earlier. 
+runs the two ansible playbooks setup-elastic.playbook and setup-k3s.playbook which configure the CentOS VMs, install k3s and then install an elastic cluster.
 
-After that is done, run the second playbookt which installs the Elastic operator and then an Elastic cluster:
+There are a few more environment variables that configure how ansible is run:
+
+PATH_TO_SSH_KEY is the path to the private ssh key that should be used when connecting to hosts. Defaults to "sshkey.private".
+
+SSH_USER is the user that should be used when connecting to hosts. Defaults to "root".
+
+ANSIBLE_HOSTS is the path to the host inventory file that ansible should use. Defaults to "hosts".
 
-```
-ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --inventory-file "hosts" --private-key "sshkey.private" -u root setup-elastic.playbook
-```
 
 # Useful commands to check health and status
 ```
@@ -59,10 +62,11 @@ kubectl get pods -o wide
 kubectl get elasticsearch
 ```
 
-# Caveats
+# Troubleshooting
 The playbooks are not good at detecting if a task is necessary and they may fail if executed repeatedly on the same VM. If you need to run a playbook again, it's best to
 wipe the VM first.
 
+I haven't tested (much) how to replace a worker node. The script doesn't remove worker nodes from the kubernetes master, so there will be always a missing node which you need to take care of manually (eg. kubectl remove node $nodename). Deleting the old VM, creating a new one and running the script will work only if the new host has a different name.
 
 # Acknowledgements
 

setup-elastic-cluster.sh

@@ -1,15 +1,16 @@
 #!/bin/bash
 
-PATH_TO_SSH_KEY="sshkey.private"
-SSH_USER="root"
+PATH_TO_SSH_KEY="${PATH_TO_SSH_KEY:-sshkey.private}"
+SSH_USER="${SSH_USER:-root}"
+ANSIBLE_HOSTS="${ANSIBLE_HOSTS:-hosts}"
 
 PATH_TO_SCRIPT=$(readlink -f "$0")
 base=$(dirname "$PATH_TO_SCRIPT")
 
 cd "$BASE"
 
 function ans() {
-ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --inventory-file "hosts" --private-key "$PATH_TO_SSH_KEY" -u SSH_USER "$@"
+ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --inventory-file "$ANSIBLE_HOSTS" --private-key "$PATH_TO_SSH_KEY" -u "$SSH_USER" "$@"
 }
 
 ans setup-k3s.playbook

setup-k3s.playbook

@@ -8,14 +8,18 @@
     become: yes
     become_user: root
     tasks:
+
     - name: upgrade all packages
       dnf:
         name: "*"
         state: latest
+      register: dnf_upgrade
 
     - name: Allow legacy crypto policy
       shell:
-         "update-crypto-policies --set LEGACY"
+         "update-crypto-policies --show | grep -q LEGACY || ( update-crypto-policies --set LEGACY & echo CHANGED)"
+      register: cmd_update_crypto_policies
+      changed_when: '"CHANGED" in cmd_update_crypto_policies.stdout'
       tags: cryptopolicies
 
     - name: Add IP address of all hosts to all hosts
@@ -39,8 +43,15 @@
         sysctl_set: yes
         state: present
 
+    - name: Determine if a rebootis required
+      set_fact:
+        needsReboot: '{{ cmd_update_crypto_policies.changed or dnf_upgrade.changed }}'
+
+    - debug: msg="Needs reboot {{ needsReboot }}"
+
     - name: Unconditionally reboot the machine with all defaults
       ansible.builtin.reboot:
+      when: needsReboot == "True"
 
     - name: Install the latest version of tar
       ansible.builtin.dnf:
@@ -86,7 +97,7 @@
     - name: Get K3S_TOKEN
       set_fact:
         K3S_TOKEN: "{{ hostvars['emaster']['K3S_TOKEN']}}"
-    - name: Install k3s
+    - name: Install k3s worker
       shell: curl -sfL https://get.k3s.io | K3S_URL=https://emaster:6443 K3S_TOKEN={{ K3S_TOKEN }} INSTALL_K3S_EXEC="--node-ip={{private_ip}} --flannel-iface={{ private_interface }}" sh -
       register: cmd
     - debug: var=cmd.stdout_lines