infra
/
ansible-servers
Archived
generated from infra/template
1
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity
Labels Milestones
New Pull Request

add-k8s-hosts. Phase 1 #7

Merged
fedy95 merged 4 commits from add-k8s-hosts into master 4 years ago
Conversation 0 Commits 4 Files Changed 19
19 changed files with 297 additions and 83 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      .drone.yml
  2. 31
      Makefile
  3. 9
      README.md
  4. 2
      ansible.cfg
  5. 5
      group_vars/all.yml
  6. 8
      hosts
  7. 36
      inventory/hosts
  8. 3
      playbooks/docker-units/init.yml
  9. 31
      playbooks/k8s-dev/init.yml
  10. 19
      playbooks/k8s/init.yml
  11. 6
      roles/common/tasks/main.yml
  12. 0
      roles/docker-compose/tasks/main.yml
  13. 0
      roles/docker-compose/vars/main.yml
  14. 52
      roles/docker/tasks/docker.yml
  15. 52
      roles/docker/tasks/main.yml
  16. 45
      roles/k8s-init-first-master/tasks/main.yml
  17. 46
      roles/k8s-init-machines/tasks/main.yml
  18. 14
      roles/k8s-init-workers/tasks/main.yml
  19. 7
      roles/k8s-join-workers-to-first-master/tasks/main.yml

14
.drone.yml
View File

@ -9,16 +9,20 @@ steps:
- name: lint yaml
image: registry.fedy95.com/baseimage-yamllint:latest
commands:
- yamllint -c /yamllint/relaxed.yaml group_vars/all.yml
- yamllint -c /yamllint/relaxed.yaml playbooks/docker-units/init.yml
- yamllint -c /yamllint/relaxed.yaml playbooks/k8s/init.yml
- yamllint -c /yamllint/relaxed.yaml playbooks/k8s-dev/init.yml
- yamllint -c /yamllint/relaxed.yaml roles/common/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/defaults/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/handlers/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/docker.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/docker-compose.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker/vars/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker-compose/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/docker-compose/vars/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/k8s-init-first-master/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/k8s-init-machines/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/k8s-init-workers/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml roles/k8s-join-workers-to-first-master/tasks/main.yml
- yamllint -c /yamllint/relaxed.yaml .drone.yml
- yamllint -c /yamllint/relaxed.yaml ansible-desktop.yml
when:
event: pull_request
...

31
Makefile
View File

@ -9,21 +9,36 @@ lint: lint-yaml
LINT-YAML-CMD=docker run --rm -it -v $(PWD):/data ${REGISTRY}/${YAMLLINT_TAG}
lint-yaml:
docker pull ${REGISTRY}/${YAMLLINT_TAG}
$(LINT-YAML-CMD) group_vars/all.yml
$(LINT-YAML-CMD) playbooks/docker-units/init.yml
$(LINT-YAML-CMD) playbooks/k8s/init.yml
$(LINT-YAML-CMD) playbooks/k8s-dev/init.yml
$(LINT-YAML-CMD) roles/common/tasks/main.yml
$(LINT-YAML-CMD) roles/docker/defaults/main.yml
$(LINT-YAML-CMD) roles/docker/handlers/main.yml
$(LINT-YAML-CMD) roles/docker/tasks/docker.yml
$(LINT-YAML-CMD) roles/docker/tasks/docker-compose.yml
$(LINT-YAML-CMD) roles/docker/tasks/main.yml
$(LINT-YAML-CMD) roles/docker/vars/main.yml
$(LINT-YAML-CMD) roles/docker-compose/tasks/main.yml
$(LINT-YAML-CMD) roles/docker-compose/vars/main.yml
$(LINT-YAML-CMD) roles/k8s-init-first-master/tasks/main.yml
$(LINT-YAML-CMD) roles/k8s-init-machines/tasks/main.yml
$(LINT-YAML-CMD) roles/k8s-init-workers/tasks/main.yml
$(LINT-YAML-CMD) roles/k8s-join-workers-to-first-master/tasks/main.yml
$(LINT-YAML-CMD) .drone.yml
$(LINT-YAML-CMD) ansible-desktop.yml
run:
ansible-playbook ansible-desktop.yml -i hosts --ask-become-pass
check-playbooks-syntax:
ansible-playbook playbooks/docker-units/init.yml -i inventory/hosts --syntax-check
ansible-playbook playbooks/k8s/init.yml -i inventory/hosts --syntax-check
ansible-playbook playbooks/k8s-dev/init.yml -i inventory/hosts --syntax-check
docker-units-init:
ansible-playbook playbooks/docker-units/init.yml -i inventory/hosts --ask-become-pass
k8s-units-init:
ansible-playbook playbooks/k8s/init.yml -i inventory/hosts --ask-become-pass
k8s-dev-units-init:
ansible-playbook playbooks/k8s-dev/init.yml -i inventory/hosts --ask-become-pass
ping:
ansible -i hosts all -m ping
ansible -i inventory/hosts all -m ping
.DEFAULT_GOAL := lint

9
README.md
View File

@ -4,6 +4,13 @@
### docs
- [ansible](https://www.ansible.com/)
- https://github.com/IBM/ansible-kubernetes-ha-cluster
- https://www.linuxsysadmins.com/install-kubernetes-cluster-with-ansible/
- https://www.youtube.com/watch?v=l7gC4SgW7DU
### how to run
- see Makefile
Creating User Account
Install Kubernetes & Docker Packages.
Setting up Kubernetes Master Server
Setting Up Worker Nodes

2
ansible.cfg
View File

@ -1,6 +1,8 @@
[defaults]
hostfile = hosts
nocows = 1
inventory = inventory
roles_path = roles
[privilege_escalation]
become_method = sudo

5
group_vars/all.yml
View File

@ -1,5 +0,0 @@
---
aptcachetime: 3600
locale: "en_US.UTF-8"
timezone: "Europe/Moscow"
...

8
hosts
View File

@ -1,8 +0,0 @@
[docker-units]
10.10.10.6
192.168.1.151
[docker-units:vars]
ansible_connection=ssh
ansible_ssh_private_key_file=/home/fedy95/.ssh/id_rsa
ansible_user=fedy95

36
inventory/hosts
View File

@ -0,0 +1,36 @@
[k8s-dev:children]
k8s-dev-master
k8s-dev-worker
[k8s-dev-master-first]
k8s-dev-master-01 ansible_host=192.168.1.200
[k8s-dev-master]
k8s-dev-master-01 ansible_host=192.168.1.200
k8s-dev-master-02 ansible_host=192.168.1.201
[k8s-dev-worker]
k8s-dev-worker-01 ansible_host=192.168.1.202
k8s-dev-worker-02 ansible_host=192.168.1.203
[k8s:children]
k8s-master
k8s-worker
[k8s-master]
k8s-master-01 ansible_host=192.168.1.180
k8s-master-02 ansible_host=192.168.1.181
[k8s-worker]
k8s-worker-01 ansible_host=192.168.1.190
k8s-worker-02 ansible_host=192.168.1.191
[docker-units]
homeassistant ansible_host=10.10.10.6
pi-hole ansible_host=192.168.1.151
[all:vars]
ansible_connection=ssh
ansible_ssh_private_key_file=/home/fedy95/.ssh/id_rsa
ansible_user=fedy95
aptcachetime=3600

3
ansible-desktop.yml → playbooks/docker-units/init.yml
View File

@ -1,7 +1,8 @@
---
- name: Base playbook
- name: docker-units playbook
hosts: docker-units
roles:
- { role: common, become: true }
- { role: docker, become: true }
- { role: docker-compose, become: true }
...

31
playbooks/k8s-dev/init.yml
View File

@ -0,0 +1,31 @@
---
- name: k8s-units playbook
hosts: k8s-dev
become: true
roles:
- common
- docker
- k8s-init-machines
- name: k8s-units playbook 2
hosts: k8s-dev-master-first
become: true
vars_prompt:
- name: "k8s_master_ip"
prompt: "Enter the Apiserver advertise address, example: 192.168.1.200"
private: no
roles:
- k8s-init-first-master
- name: k8s-units playbook 3
hosts: k8s-dev-worker
become: true
roles:
- k8s-init-workers
- name: k8s-units playbook 4
hosts: k8s-dev-master-first
become: true
roles:
- k8s-join-workers-to-first-master
...

19
playbooks/k8s/init.yml
View File

@ -0,0 +1,19 @@
---
- name: k8s-units playbook
hosts: k8s
become: true
roles:
- common
- docker
- k8s-init-machines
#- name: k8s playbook
# hosts: k8s-master
# roles:
# - { role: common, become: true }
#
#- name: k8s playbook
# hosts: k8s-worker
# roles:
# - { role: common, become: true }
...

6
roles/common/tasks/main.yml
View File

@ -21,7 +21,11 @@
state: latest
update_cache: yes
cache_valid_time: "{{ aptcachetime }}"
loop: [ 'git', 'make', 'nano', 'net-tools' ]
loop:
- 'git'
- 'make'
- 'nano'
- 'net-tools'
- name: Upgrade installed packages
apt: upgrade=yes

0
roles/docker/tasks/docker-compose.yml → roles/docker-compose/tasks/main.yml
View File

0
roles/docker/vars/main.yml → roles/docker-compose/vars/main.yml
View File

52
roles/docker/tasks/docker.yml
View File

@ -1,52 +0,0 @@
---
- name: Update apt cache
apt:
update_cache: yes
cache_valid_time: "{{ aptcachetime }}"
- name: Upgrade all apt packages
apt: upgrade=dist
- name: Install docker packages
apt:
name: "{{ item }}"
state: present
update_cache: yes
loop:
- 'apt-transport-https'
- 'ca-certificates'
- 'curl'
- 'gnupg'
- 'lsb-release'
- name: Add Docker GPG key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add deb repository
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
state: present
update_cache: yes
- name: Install docker
apt:
name: "{{ item }}"
state: present
update_cache: yes
loop:
- 'docker-ce'
- 'docker-ce-cli'
- 'containerd.io'
- name: Ensure docker users are added to the docker group.
user:
name: "{{ item }}"
groups: docker
append: true
with_items: "{{ ansible_env.USER }}"
- name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}"
service: name=docker state={{ docker.start | ternary('restarted','stopped') }} enabled={{ docker.service_enabled }}
...

52
roles/docker/tasks/main.yml
View File

@ -1,4 +1,52 @@
---
- include_tasks: docker.yml
- include_tasks: docker-compose.yml
- name: Update apt cache
apt:
update_cache: yes
cache_valid_time: "{{ aptcachetime }}"
- name: Upgrade all apt packages
apt: upgrade=dist
- name: Install docker packages
apt:
name: "{{ item }}"
state: present
update_cache: yes
loop:
- 'apt-transport-https'
- 'ca-certificates'
- 'curl'
- 'gnupg'
- 'lsb-release'
- name: Add Docker GPG key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add deb repository
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
state: present
update_cache: yes
- name: Install docker
apt:
name: "{{ item }}"
state: present
update_cache: yes
loop:
- 'docker-ce'
- 'docker-ce-cli'
- 'containerd.io'
- name: Ensure docker users are added to the docker group.
user:
name: "{{ item }}"
groups: docker
append: true
with_items: "fedy95"
- name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}"
service: name=docker state={{ docker.start | ternary('restarted','stopped') }} enabled={{ docker.service_enabled }}
...

45
roles/k8s-init-first-master/tasks/main.yml
View File

@ -0,0 +1,45 @@
---
#- name: Intilizing Kubernetes Cluster
# command: kubeadm init --pod-network-cidr 192.168.0.0/16 --apiserver-advertise-address "{{ k8s_master_ip }}"
# run_once: true
# delegate_to: "{{ k8s_master_ip }}"
- name: Create directory for kube config.
file:
path: /home/fedy95/.kube
state: directory
owner: "fedy95"
group: "fedy95"
mode: 0755
- name: Copy /etc/kubernetes/admin.conf to user home directory /home/fedy95/.kube/config.
copy:
src: /etc/kubernetes/admin.conf
dest: /home/fedy95/.kube/config
remote_src: yes
owner: "fedy95"
group: "fedy95"
mode: '0644'
- name: Remove the cache directory.
file:
path: /home/fedy95/.kube/cache
state: absent
- name: Create Pod Network & RBAC.
command: "{{ item }}"
with_items:
- kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
- kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml
- name: Get the token for joining the nodes with Kuberentes master.
shell: kubeadm token create --print-join-command
register: kubernetes_join_command
- debug:
msg: "{{ kubernetes_join_command.stdout }}"
- name: Copy join command to local file.
become: false
local_action: copy content="{{ kubernetes_join_command.stdout_lines[0] }}" dest="/tmp/kubernetes_join_command" mode=0777
...

46
roles/k8s-init-machines/tasks/main.yml
View File

@ -0,0 +1,46 @@
---
- name: Disable all swaps from /proc/swaps
shell: |
swapoff --all
- name: Disable SWAP in fstab
lineinfile:
path: /etc/fstab
regexp: 'swap'
state: absent
- name: Add Google GPG key
apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
state: present
- name: Add Kubernetes' APT repository
apt_repository:
repo: deb http://apt.kubernetes.io/ kubernetes-xenial main
state: present
filename: 'kubernetes'
mode: 0600
- name: Installing Kubernetes Cluster Packages
apt:
name: "{{ item }}"
state: present
cache_valid_time: "{{ aptcachetime }}"
loop:
- 'kubeadm'
- 'kubectl'
- 'kubelet'
- name: Enable service kubelet persistently
service:
name: kubelet
enabled: yes
# TODO ???
#- name: Reboot all the kubernetes nodes.
# reboot:
# post_reboot_delay: 10
# reboot_timeout: 40
# connect_timeout: 60
# test_command: uptime
...

14
roles/k8s-init-workers/tasks/main.yml
View File

@ -0,0 +1,14 @@
---
- name: Copy join command to worker nodes.
copy:
src: /tmp/kubernetes_join_command
dest: /tmp/kubernetes_join_command
mode: 0777
- name: Join the Worker nodes with master.
command: sh /tmp/kubernetes_join_command
register: joined_or_not
- debug:
msg: "{{ joined_or_not.stdout }}"
...

7
roles/k8s-join-workers-to-first-master/tasks/main.yml
View File

@ -0,0 +1,7 @@
---
- name: Configure kubectl command auto completion.
lineinfile:
dest: /home/fedy95/.bashrc
line: 'source <(kubectl completion bash)'
insertafter: EOF
...