Rewrite

.ansible-lint

@@ -8,4 +8,5 @@ warn_list:
   - var-naming
   - yaml[comments-indentation]
 skip_list:
-  - experimental
+  - experimental
+  - yaml[line-length]

.ansible-lint-ignore

@@ -1,4 +1,8 @@
 # This file contains ignores rule violations for ansible-lint
 
 roles/testing/tasks/troubleshooting.yml ignore-errors
-inventory/sample/hosts.yml yaml[line-length]
+inventory/sample/hosts.yml yaml[line-length]
+inventory/sample/hosts.yml yaml[comments-indentation]
+roles/rke2/tasks/add-audit-policy-config.yml no-handler
+roles/rke2/tasks/add-pod-security-admission-config.yml no-handler
+roles/rke2/tasks/add-registry-config.yml no-handler

.github/vale/Readability/AutomatedReadability.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Automated Readability Index (%s) below 8."
+link: https://en.wikipedia.org/wiki/Automated_readability_index
+
+formula: |
+  (4.71 * (characters / words)) + (0.5 * (words / sentences)) - 21.43
+
+condition: "> 8"

.github/vale/Readability/ColemanLiau.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Coleman–Liau Index grade (%s) below 9."
+link: https://en.wikipedia.org/wiki/Coleman%E2%80%93Liau_index
+
+formula: |
+  (0.0588 * (characters / words) * 100) - (0.296 * (sentences / words) * 100) - 15.8
+
+condition: "> 9"

.github/vale/Readability/FleschKincaid.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Flesch–Kincaid grade level (%s) below 8."
+link: https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests
+
+formula: |
+  (0.39 * (words / sentences)) + (11.8 * (syllables / words)) - 15.59
+
+condition: "> 8"

.github/vale/Readability/FleschReadingEase.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Flesch reading ease score (%s) above 70."
+link: https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests
+
+formula: |
+  206.835 - (1.015 * (words / sentences)) - (84.6 * (syllables / words))
+
+condition: "< 70"

.github/vale/Readability/GunningFog.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Gunning-Fog index (%s) below 10."
+link: https://en.wikipedia.org/wiki/Gunning_fog_index
+
+formula: |
+  0.4 * ((words / sentences) + 100 * (complex_words / words))
+
+condition: "> 10"

.github/vale/Readability/LIX.yml

@@ -0,0 +1,17 @@
+extends: metric
+message: "Try to keep the LIX score (%s) below 35."
+
+link: https://en.wikipedia.org/wiki/Lix_(readability_test)
+# Very Easy: 20 - 25
+#
+# Easy: 30 - 35
+#
+# Medium: 40 - 45
+#
+# Difficult: 50 - 55
+#
+# Very Difficult: 60+
+formula: |
+  (words / sentences) + ((long_words * 100) / words)
+
+condition: "> 35"

.github/vale/Readability/SMOG.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the SMOG grade (%s) below 10."
+link: https://en.wikipedia.org/wiki/SMOG
+
+formula: |
+  1.0430 * math.sqrt((polysyllabic_words * 30.0) / sentences) + 3.1291
+
+condition: "> 10"

.github/vale/Readability/meta.json

@@ -0,0 +1,4 @@
+{
+  "feed": "https://github.com/errata-ai/Readability/releases.atom",
+  "vale_version": ">=2.13.0"
+}

.github/vale/config/vocabularies/RGS/accept.txt

@@ -0,0 +1,18 @@
+# Common/valid Slang
+[C|c]onfig
+airgap
+
+# Acronyms
+STIG
+
+# Tools
+[A|a]nsible
+
+# Kubernetes
+Kubernetes
+[K|k]ubeconfig
+
+# Linux
+[F|f]apolicyd
+containerd
+SELinux

.github/workflows/rocky8.yml

@@ -119,7 +119,7 @@ jobs:
           echo "        $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Agent" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text | head -1):" >> hosts.yml
           echo "all:" >> hosts.yml
           echo "  vars:" >> hosts.yml
-          echo "    kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
+          echo "    rke2_kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
           echo "" >> ansible.cfg
           echo "" >> ansible.cfg
           echo "remote_user=centos" >> ansible.cfg
@@ -172,7 +172,7 @@ jobs:
           echo "        $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=ExtraNode" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text | head -1):" >> hosts.yml
           echo "all:" >> hosts.yml
           echo "  vars:" >> hosts.yml
-          echo "    kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
+          echo "    rke2_kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
           cp hosts.yml inventory/rocky8/hosts.yml
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}

.github/workflows/ubuntu20.yml

@@ -117,7 +117,7 @@ jobs:
           echo "        $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Agent" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text | head -1):" >> hosts.yml
           echo "all:" >> hosts.yml
           echo "  vars:" >> hosts.yml
-          echo "    kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
+          echo "    rke2_kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
           echo "" >> ansible.cfg
           echo "" >> ansible.cfg
           echo "remote_user=ubuntu" >> ansible.cfg
@@ -170,7 +170,7 @@ jobs:
           echo "        $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=ExtraNode" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text | head -1):" >> hosts.yml
           echo "all:" >> hosts.yml
           echo "  vars:" >> hosts.yml
-          echo "    kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
+          echo "    rke2_kubernetes_api_server_host: $(aws ec2 describe-instances --filters "Name=instance-state-name,Values=running" "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.yml
           cp hosts.yml inventory/ubuntu20/hosts.yml
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}

.gitignore

@@ -2,12 +2,10 @@
 .cache/
 
 venv/
+.venv/
 
 test_inventory*
+inventory*
 
-rke2-images.linux-amd64.tar.gz
-rke2.linux-amd64.tar.gz
-
-
-tarball_install/*
-!tarball_install/README.md
+sample_files/tarball_install/*
+!sample_files/tarball_install/README.md

.vale.ini

@@ -0,0 +1,10 @@
+StylesPath = ./.github/vale
+
+MinAlertLevel = suggestion
+Vocab = RGS
+
+Packages = Readability
+
+[*.md]
+BasedOnStyles = Vale, Readability
+

.yamllint

@@ -5,8 +5,6 @@ rules:
   line-length:
     max: 120
     level: warning
-  truthy:
-    allowed-values: ['true', 'false', 'yes', 'no']
 
 ignore: |
   .github/

README.md

@@ -29,9 +29,13 @@ Thank you for your understanding and cooperation.
 
 Ansible RKE2 (RKE Government) Playbook
 ---------
-[![LINT](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ci.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ci.yml)
+[![LINT](https://github.com/rancherfederal/rke2-ansible/actions/workflows/lint.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/lint.yml?query=branch%3Amain)
 
-RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution. This Ansible  playbook installs RKE2 for both the control plane and workers.
+[![Rocky 8](https://github.com/rancherfederal/rke2-ansible/actions/workflows/rocky8.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/rocky8.yml?query=branch%3Amain)
+
+[![Ubuntu 20](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ubuntu20.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ubuntu20.yml?query=branch%3Amain)
+
+RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution. This Ansible playbook installs RKE2 for both the control plane and workers.
 
 See the [docs](https://docs.rke2.io/) more information about [RKE Government](https://docs.rke2.io/).
 
@@ -49,79 +53,35 @@ Supported Operating Systems:
 
 System requirements
 -------------------
-
 Deployment environment must have Ansible 2.9.0+
 
-Server and agent nodes must have passwordless SSH access
-
 Usage
 -----
+Create an Ansible inventory file (or folder), you can check the docs folder for examples (`basic_sample_inventory` or `advanced_sample_inventory`).
 
-This playbook requires ansible.utils to run properly. Please see https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-a-collection-from-galaxy for more information about how to install this.
-
-```
-ansible-galaxy collection install -r requirements.yml
-```
-
-Create a new directory based on the `sample` directory within the `inventory` directory:
-
-```bash
-cp -R inventory/sample inventory/my-cluster
-```
-
-Second, edit `inventory/my-cluster/hosts.yaml` to match the system information gathered above. For example:
-
-```yaml
-rke2_cluster:
-  children:
-    rke2_servers:
-      hosts:
-        server1.example.com:
-    rke2_agents:
-      hosts:
-        agent1.example.com:
-        agent2.example.com:
-          node_labels:
-          - agent2Label=true"
-all:
-  vars:
-    install_rke2_version: v1.27.10+rke2r1
-```
-
-If needed, you can also edit `inventory/my-cluster/group_vars/rke2_agents.yml` and `inventory/my-cluster/group_vars/rke2_servers.yml` to match your environment.
-
-Start provisioning of the cluster using the following command:
+> [!NOTE]  
+> More detailed information can be found [here](./docs/README.md)
 
+Start provisioning the cluster using the following command:
 ```bash
-ansible-playbook site.yml -i inventory/my-cluster/hosts.yml
-```
+ansible-playbook site.yml -i inventory/hosts.yml -b
+```  
 
-Tarball Install/Air-Gap Install
--------------------------------
-Added the neeed files to the [tarball_install](tarball_install/) directory.
 
-Further info can be found [here](tarball_install/README.md)
+Tarball Install/Air-Gap Install  
+-------------------------------  
+Air-Gap/Tarball install information can be found [here](./docs/tarball_install.md)
 
 
 Kubeconfig
 ----------
-
-To get access to your **Kubernetes** cluster just
-
-```bash
-ssh ec2-user@kubernetes_api_server_host "sudo /var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml get nodes"
-```
-
-Available configurations
-------------------------
-
-Variables should be set in `inventory/cluster/group_vars/rke2_agents.yml` and `inventory/cluster/group_vars/rke2_servers.yml`. See sample variables in `inventory/sample/group_vars` for reference.
+The root user will have the `kubeconfig` and `kubectl` made available, to access your cluster login into any server node and `kubectl` will be available for use immediately. 
 
 
-Uninstall RKE2
----------------
+Uninstall RKE2  
+---------------  
     Note: Uninstalling RKE2 deletes the cluster data and all of the scripts.
-The offical documentation for fully uninstalling the RKE2 cluster can be found in the [RKE2 Documentation](https://docs.rke2.io/install/uninstall/).
+The official documentation for fully uninstalling the RKE2 cluster can be found in the [RKE2 Documentation](https://docs.rke2.io/install/uninstall/).
 
 If you used this module to created the cluster and RKE2 was installed via yum, then you can attempt to run this command to remove all cluster data and all RKE2 scripts.
 

ansible.cfg

@@ -1,7 +1,7 @@
 [defaults]
 nocows = True
 roles_path = ./roles
-inventory  = ./inventory/my-cluster/hosts.yml
+inventory  = ./inventory/hosts.yml
 
 remote_tmp = $HOME/.ansible/tmp
 local_tmp  = $HOME/.ansible/tmp
@@ -12,3 +12,4 @@ host_key_checking = False
 deprecation_warnings = False
 callback_whitelist = profile_roles, timer
 display_skipped_hosts = no
+force_handlers = True

changelogs/changelog.yml

@@ -0,0 +1,2 @@
+---
+releases: {}