Merge branch 'docs-update' into ci-review

Author: Daemonslayer2048

.github/vale/Readability/AutomatedReadability.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Automated Readability Index (%s) below 8."
+link: https://en.wikipedia.org/wiki/Automated_readability_index
+
+formula: |
+  (4.71 * (characters / words)) + (0.5 * (words / sentences)) - 21.43
+
+condition: "> 8"

.github/vale/Readability/ColemanLiau.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Coleman–Liau Index grade (%s) below 9."
+link: https://en.wikipedia.org/wiki/Coleman%E2%80%93Liau_index
+
+formula: |
+  (0.0588 * (characters / words) * 100) - (0.296 * (sentences / words) * 100) - 15.8
+
+condition: "> 9"

.github/vale/Readability/FleschKincaid.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Flesch–Kincaid grade level (%s) below 8."
+link: https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests
+
+formula: |
+  (0.39 * (words / sentences)) + (11.8 * (syllables / words)) - 15.59
+
+condition: "> 8"

.github/vale/Readability/FleschReadingEase.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Flesch reading ease score (%s) above 70."
+link: https://en.wikipedia.org/wiki/Flesch%E2%80%93Kincaid_readability_tests
+
+formula: |
+  206.835 - (1.015 * (words / sentences)) - (84.6 * (syllables / words))
+
+condition: "< 70"

.github/vale/Readability/GunningFog.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the Gunning-Fog index (%s) below 10."
+link: https://en.wikipedia.org/wiki/Gunning_fog_index
+
+formula: |
+  0.4 * ((words / sentences) + 100 * (complex_words / words))
+
+condition: "> 10"

.github/vale/Readability/LIX.yml

@@ -0,0 +1,17 @@
+extends: metric
+message: "Try to keep the LIX score (%s) below 35."
+
+link: https://en.wikipedia.org/wiki/Lix_(readability_test)
+# Very Easy: 20 - 25
+#
+# Easy: 30 - 35
+#
+# Medium: 40 - 45
+#
+# Difficult: 50 - 55
+#
+# Very Difficult: 60+
+formula: |
+  (words / sentences) + ((long_words * 100) / words)
+
+condition: "> 35"

.github/vale/Readability/SMOG.yml

@@ -0,0 +1,8 @@
+extends: metric
+message: "Try to keep the SMOG grade (%s) below 10."
+link: https://en.wikipedia.org/wiki/SMOG
+
+formula: |
+  1.0430 * math.sqrt((polysyllabic_words * 30.0) / sentences) + 3.1291
+
+condition: "> 10"

.github/vale/Readability/meta.json

@@ -0,0 +1,4 @@
+{
+  "feed": "https://github.com/errata-ai/Readability/releases.atom",
+  "vale_version": ">=2.13.0"
+}

.github/vale/config/vocabularies/RGS/accept.txt

@@ -0,0 +1,18 @@
+# Common/valid Slang
+[C|c]onfig
+airgap
+
+# Acronyms
+STIG
+
+# Tools
+[A|a]nsible
+
+# Kubernetes
+Kubernetes
+[K|k]ubeconfig
+
+# Linux
+[F|f]apolicyd
+containerd
+SELinux

.gitignore

@@ -5,6 +5,7 @@ venv/
 .venv/
 
 test_inventory*
+inventory*
 
 sample_files/tarball_install/*
 !sample_files/tarball_install/README.md

.vale.ini

@@ -0,0 +1,10 @@
+StylesPath = ./.github/vale
+
+MinAlertLevel = suggestion
+Vocab = RGS
+
+Packages = Readability
+
+[*.md]
+BasedOnStyles = Vale, Readability
+

README.md

@@ -29,7 +29,11 @@ Thank you for your understanding and cooperation.
 
 Ansible RKE2 (RKE Government) Playbook
 ---------
-[![LINT](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ci.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ci.yml)
+[![LINT](https://github.com/rancherfederal/rke2-ansible/actions/workflows/lint.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/lint.yml?query=branch%3Amain)
+
+[![Rocky 8](https://github.com/rancherfederal/rke2-ansible/actions/workflows/rocky8.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/rocky8.yml?query=branch%3Amain)
+
+[![Ubuntu 20](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ubuntu20.yml/badge.svg)](https://github.com/rancherfederal/rke2-ansible/actions/workflows/ubuntu20.yml?query=branch%3Amain)
 
 RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution. This Ansible playbook installs RKE2 for both the control plane and workers.
 
@@ -53,40 +57,35 @@ Deployment environment must have Ansible 2.9.0+
 
 Usage
 -----
-Create a new directory based on the `sample` directory within the `inventory` directory:
+Create a new directory based on the one of the sample inventory directories within the `docs` directory:
 
 ```bash
-cp -R inventory/sample inventory/my-cluster
+cp -R ./docs/basic_sample_inventory ./inventory
 ```
 
-Second, edit `inventory/my-cluster/hosts.yaml` to match the system information gathered above. For example:
+Second, edit `inventory/hosts.yaml` to match the system information gathered above. For example:
 
 ```yaml
+---
 rke2_cluster:
   children:
     rke2_servers:
       hosts:
-        server1.example.com:
+        server0.example.com:
     rke2_agents:
       hosts:
-        agent1.example.com:
-        agent2.example.com:
-          node_labels:
-          - agent2Label=true"
-all:
-  vars:
-    install_rke2_version: v1.27.10+rke2r1
+        agent0.example.com:
 ```
 
-If needed, you can also edit `inventory/my-cluster/group_vars/rke2_agents.yml` and `inventory/my-cluster/group_vars/rke2_servers.yml` to match your environment.
+If needed, you can also create `inventory/group_vars/rke2_agents.yml` and `inventory/my-cluster/group_vars/rke2_servers.yml` to match your environment.
 
 Start provisioning of the cluster using the following command:
 
 ```bash
-ansible-playbook site.yml -i inventory/my-cluster/hosts.yml
+ansible-playbook site.yml -i inventory/hosts.yml
 ```  
-
-More detailed information can be found [here](./docs/README.md)
+> [!NOTE]  
+> More detailed information can be found [here](./docs/README.md)
 
 
 Tarball Install/Air-Gap Install  
@@ -96,18 +95,21 @@ Air-Gap/Tarball install information can be found [here](./docs/tarball_install.m
 
 Kubeconfig
 ----------
-The root user will have the `kubeconfig` and `kubectl` made available, to access your cluster login into any server node and `kubectl` will be available for use immideatly. 
+The root user will have the `kubeconfig` and `kubectl` made available, to access your cluster login into any server node and `kubectl` will be available for use immediately. 
 
 
 Available configurations  
 ------------------------  
-Variables should be set in `inventory/cluster/group_vars/rke2_agents.yml` and `inventory/cluster/group_vars/rke2_servers.yml`. See sample variables in `inventory/sample/group_vars` for reference.
+Variables should be set in `inventory/group_vars/rke2_agents.yml` and `inventory/group_vars/rke2_servers.yml`. 
+
+> [!NOTE]  
+> More detailed information can be found [here](./docs/README.md)
 
 
 Uninstall RKE2  
 ---------------  
     Note: Uninstalling RKE2 deletes the cluster data and all of the scripts.
-The offical documentation for fully uninstalling the RKE2 cluster can be found in the [RKE2 Documentation](https://docs.rke2.io/install/uninstall/).
+The official documentation for fully uninstalling the RKE2 cluster can be found in the [RKE2 Documentation](https://docs.rke2.io/install/uninstall/).
 
 If you used this module to created the cluster and RKE2 was installed via yum, then you can attempt to run this command to remove all cluster data and all RKE2 scripts.
 

ansible.cfg

@@ -1,7 +1,7 @@
 [defaults]
 nocows = True
 roles_path = ./roles
-inventory  = ./inventory/my-cluster/hosts.yml
+inventory  = ./inventory/hosts.yml
 
 remote_tmp = $HOME/.ansible/tmp
 local_tmp  = $HOME/.ansible/tmp

docs/README.md

@@ -10,18 +10,19 @@
   - [Enabling CIS Modes](#enabling-cis-modes)
   - [Special Variables](#special-variables)
     - [RKE2 Config Variables](#rke2-config-variables)
-    - [Defining a PSA Config](#defining-a-psa-config)
+    - [Defining the RKE2 Version](#defining-the-rke2-version)
       - [Example](#example)
-    - [Defining an Audit Policy](#defining-an-audit-policy)
+    - [Defining a PSA Config](#defining-a-psa-config)
       - [Example](#example-1)
+    - [Defining an Audit Policy](#defining-an-audit-policy)
+      - [Example](#example-2)
     - [Adding Additional Cluster Manifests](#adding-additional-cluster-manifests)
       - [Pre-Deploy Example](#pre-deploy-example)
       - [Post-Deploy Example](#post-deploy-example)
-    - [rke2\_install\_version](#rke2_install_version)
 - [Examples](#examples)
 
 # Basic Usage  
-There are two methods for consuming this repository, one is to simply clone the repository and edit it as neccessary, the other is to import it as a collection, both options are detailed below. 
+There are two methods for consuming this repository, one is to simply clone the repository and edit it as necessary, the other is to import it as a collection, both options are detailed below. 
 
 > [!NOTE]  
 > If you are looking for airgap or tarball installation instructions, please go [here](./tarball_install.md)
@@ -31,7 +32,7 @@ The simplest method for using this repository (as detailed in the main README.md
 
 
 ## Importing  
-The second method for using this project is to import it as a collection in your own `requirements.yaml` as this repository does contain a `galaxy.yaml`. To import it add the following to your `galaxy.yaml`:  
+The second method for using this project is to import it as a collection in your own `requirements.yml` as this repository does contain a `galaxy.yml`. To import it add the following to your `galaxy.yml`:  
 ```yaml
 collections:
   - name: rancherfederal.rke2-ansible
@@ -51,7 +52,7 @@ Then you can call the RKE2 role in a play like so:
 
 
 # Defining Your Cluster  
-This repository is not intended to be opinionated and as a rersult it is important you to have read and understand the [RKE2 docs](https://docs.rke2.io/) before moving forward, this documentation is not intended to be an exhaustive explanation of all possible RKE2 configuration options, it is up to the end user to ensure their options are valid. 
+This repository is not intended to be opinionated and as a result it is important you to have read and understand the [RKE2 docs](https://docs.rke2.io/) before moving forward, this documentation is not intended to be an exhaustive explanation of all possible RKE2 configuration options, it is up to the end user to ensure their options are valid. 
 
 
 ## Minimal Cluster Inventory  
@@ -71,7 +72,7 @@ This is the simplest possible inventory file and will deploy the latest availabl
 
 
 ## Structuring Your Variable Files  
-Configurations and variables can become lengthy annd unwieldy, as a general note of advice it is best to move variables into a `group_vars` folder.
+Configurations and variables can become lengthy and unwieldy, as a general note of advice it is best to move variables into a `group_vars` folder.
 ```
 ./inventory
 ├── Cluser_A
@@ -92,7 +93,8 @@ Configurations and variables can become lengthy annd unwieldy, as a general note
 
 
 ## Enabling SELinux  
-Enabling SELinux in the playbook requires `seliux: true` be set in either the cluster, group, or host level config profiles (Please see [Special Variables](#special-variables) for more info). Though generally this should be set at the cluster and can be done like so: 
+Enabling SELinux in the playbook requires `selinux: true` be set in either the cluster, group, or host level config profiles (Please see [Special Variables](#special-variables) for more info). Though generally this should be set at the cluster and can be done like so:  
+__hosts.yml:__  
 ```yaml
 ---
 all:
@@ -104,7 +106,8 @@ For more information please see the RKE2 documentation, [here](https://docs.rke2
 
 
 ## Enabling CIS Modes  
-Enabling the CIS tasks in the playbook requires a CIS profile be added to the ansible variables file. This can be placed in either the cluster, or group level config profiles (Please see [Special Variables](#special-variables) for more info). Below is an example, in the example the CIS profile is set at the group level, this ensures all server nodes run the CIS hardening profile tasks. 
+Enabling the CIS tasks in the playbook requires a CIS profile be added to the ansible variables file. This can be placed in either the cluster, or group level config profiles (Please see [Special Variables](#special-variables) for more info). Below is an example, in the example the CIS profile is set at the group level, this ensures all server nodes run the CIS hardening profile tasks.  
+__hosts.yml:__  
 ```yaml
 rke2_cluster:
   children:
@@ -132,17 +135,30 @@ There are three levels an RKE2 config variables can be placed in, that is `clust
   - `rke2_cluster.children.rke2_agents.vars.hosts.<host>.host_rke2_config`: Defines a list of node labels for a specific agent node   
 
 > [!NOTE]
-> Through the rest of these docs you may see references to `rke2_servers.yaml`, this is the group vars file for rke2_servers. This is functionally equivalent to `rke2_cluster.children.rke2_servers.vars`. References to `rke2_agents.yaml` is functionally equivalent to `rke2_cluster.children.rke2_agents.vars`
+> Through the rest of these docs you may see references to `rke2_servers.yml`, this is the group vars file for rke2_servers. This is functionally equivalent to `rke2_cluster.children.rke2_servers.vars`. References to `rke2_agents.yml` is functionally equivalent to `rke2_cluster.children.rke2_agents.vars`
 
 It is important to understand these variables here are not special in the sense that they enable or disable certain functions in the RKE2 role, with one notable exception being the `profile` key. These variables are special in the sense that they will be condensed into a single config file on each node. Each node will end up with a merged config file comprised of `cluster_rke2_config`, `group_rke2_config`, and `host_rke2_config`. 
 
+
+### Defining the RKE2 Version  
+A version of RKE2 can be selected to be installed via the `all.vars.rke2_install_version` variable, please see the RKE2 repository for available [releases](releases).  
+
+#### Example 
+__group_vars/all.yml:__   
+```yaml
+---
+all:
+  vars:
+    rke2_install_version: v1.29.12+rke2r1
+```  
+
 ### Defining a PSA Config  
-In order to define a PSA config, server nodes will need to have the `rke2_pod_security_admission_config_file_path` variable defined, then the `pod-security-admission-config-file` will need to be defined in the rke2_config variable at the relevant level (please see [RKE Config Variables](#rke2-config-variables)). 
+In order to define a PSA (Pod Security Admission) config, server nodes will need to have the `rke2_pod_security_admission_config_file_path` variable defined, then the `pod-security-admission-config-file` will need to be defined in the rke2_config variable at the relevant level (please see [RKE Config Variables](#rke2-config-variables)). 
 
 #### Example 
 Below is an example of how this can be defined at the server group level (`rke2_cluster.children.rke2_servers.vars`):  
 
-__rke2_servers.yaml:__
+__group_vars/rke2_servers.yml:__
 ```yaml
 ---
 rke2_pod_security_admission_config_file_path: "{{ playbook_dir }}/docs/advanced_sample_inventory/files/pod-security-admission-config.yaml"
@@ -157,7 +173,7 @@ In order to define a audit policy config, server nodes will need to have the `rk
 #### Example 
 Below is an example of how this can be defined at the server group level (`rke2_cluster.children.rke2_servers.vars`):  
 
-__rke2_servers.yaml:__
+__group_vars/rke2_servers.yml:__
 ```yaml
 rke2_audit_policy_config_file_path: "{{ playbook_dir }}/docs/advanced_sample_inventory/files/audit-policy.yaml"
 group_rke2_config:
@@ -169,7 +185,7 @@ group_rke2_config:
 
 
 ### Adding Additional Cluster Manifests  
-If you have a cluster that needs extra manifests to be deployed or the cluster needs a ciritical component to be configured RKE2's "HelmChartConfig" is an available option (among others). The Ansible repository supports the use of these configuration files, simply place them in a folder and give Ansible the path to the folder, Ansible will enumarte the files and place them on the first server node. 
+If you have a cluster that needs extra manifests to be deployed or the cluster needs a critical component to be configured RKE2's "HelmChartConfig" is an available option (among others). The Ansible repository supports the use of these configuration files. Simply place the Helm chart configs in a folder, give Ansible the path to the folder, and Ansible will enumerate the files and place them on the first server node. 
 
 There are two variables that control the deployment of manifests to the server nodes:  
   - `rke2_manifest_config_directory`
@@ -178,13 +194,13 @@ There are two variables that control the deployment of manifests to the server n
 The first variable is used to deploy manifest to the server nodes before starting the RKE2 server process, this ensures critical components (like the CNI) can be configured when the RKE2 server process starts. The second, ensures applications are deployed after the RKE2 server process starts. There are examples of both below.
 
 #### Pre-Deploy Example 
-The example used is configuring Cilium with the kube-proxy replacement enabled a fairly common use case:  
+The example used is configuring Cilium with the kube-proxy replacement enabled (a fairly common use case):  
 
 > [!WARNING]  
 > If this option is used you must provide a `become` password and this must be the password for the local host running the Ansible playbook. The playbook is looking for this directory on the localhost, and will run as root. This imposes some limitations, if you are using an SSH password to login to remote systems (typical for STIG'd clusters) the `become` password must be the same for the cluster nodes AND localhost.
 
-__rke2_servers.yaml:__  
-For this example to work kube proxy needs to be disabled, and the Cilium CNI needs to be enabled.
+__group_vars/rke2_servers.yml:__  
+For this example to work kube-proxy needs to be disabled, and the Cilium CNI needs to be enabled.
 ```yaml
 rke2_manifest_config_directory: "{{ playbook_dir }}/docs/advanced_sample_inventory/pre-deploy-manifests/"
 group_rke2_config:
@@ -218,7 +234,7 @@ spec:
 
 #### Post-Deploy Example  
 In the example below cert-manager is auto deployed after the RKE2 server process is started. 
-__rke2_servers.yaml:__  
+__group_vars/rke2_servers.yml:__  
 ```yaml
 rke2_manifest_config_post_run_directory: "{{ playbook_dir }}/docs/advanced_sample_inventory/post-deploy-manifests/"
 ```
@@ -243,10 +259,5 @@ spec:
       enabled: true
 ```
 
-
-### rke2_install_version  
-A version of RKE2 can be selected to be installed via the `all.vars.rke2_install_version` variable
-
-
 # Examples  
-There are two examples provided in this folder, "basic_sample_inventory", and "advanced_sample_inventory". The basic example is the simplest possible example, the advanced example is all of the options explained above in one example.
+There are two examples provided in this folder, `basic_sample_inventory`, and `advanced_sample_inventory`. The basic example is the simplest possible example, the advanced example is all of the options explained above in one example.