generated from infra/template
19 changed files with 297 additions and 83 deletions
-
14.drone.yml
-
31Makefile
-
9README.md
-
2ansible.cfg
-
5group_vars/all.yml
-
8hosts
-
36inventory/hosts
-
3playbooks/docker-units/init.yml
-
31playbooks/k8s-dev/init.yml
-
19playbooks/k8s/init.yml
-
6roles/common/tasks/main.yml
-
0roles/docker-compose/tasks/main.yml
-
0roles/docker-compose/vars/main.yml
-
52roles/docker/tasks/docker.yml
-
52roles/docker/tasks/main.yml
-
45roles/k8s-init-first-master/tasks/main.yml
-
46roles/k8s-init-machines/tasks/main.yml
-
14roles/k8s-init-workers/tasks/main.yml
-
7roles/k8s-join-workers-to-first-master/tasks/main.yml
@ -1,6 +1,8 @@ |
|||||
[defaults] |
[defaults] |
||||
hostfile = hosts |
hostfile = hosts |
||||
nocows = 1 |
nocows = 1 |
||||
|
inventory = inventory |
||||
|
roles_path = roles |
||||
|
|
||||
[privilege_escalation] |
[privilege_escalation] |
||||
become_method = sudo |
become_method = sudo |
||||
@ -1,5 +0,0 @@ |
|||||
--- |
|
||||
aptcachetime: 3600 |
|
||||
locale: "en_US.UTF-8" |
|
||||
timezone: "Europe/Moscow" |
|
||||
... |
|
||||
@ -1,8 +0,0 @@ |
|||||
[docker-units] |
|
||||
10.10.10.6 |
|
||||
192.168.1.151 |
|
||||
|
|
||||
[docker-units:vars] |
|
||||
ansible_connection=ssh |
|
||||
ansible_ssh_private_key_file=/home/fedy95/.ssh/id_rsa |
|
||||
ansible_user=fedy95 |
|
||||
@ -0,0 +1,36 @@ |
|||||
|
[k8s-dev:children] |
||||
|
k8s-dev-master |
||||
|
k8s-dev-worker |
||||
|
|
||||
|
[k8s-dev-master-first] |
||||
|
k8s-dev-master-01 ansible_host=192.168.1.200 |
||||
|
|
||||
|
[k8s-dev-master] |
||||
|
k8s-dev-master-01 ansible_host=192.168.1.200 |
||||
|
k8s-dev-master-02 ansible_host=192.168.1.201 |
||||
|
|
||||
|
[k8s-dev-worker] |
||||
|
k8s-dev-worker-01 ansible_host=192.168.1.202 |
||||
|
k8s-dev-worker-02 ansible_host=192.168.1.203 |
||||
|
|
||||
|
[k8s:children] |
||||
|
k8s-master |
||||
|
k8s-worker |
||||
|
|
||||
|
[k8s-master] |
||||
|
k8s-master-01 ansible_host=192.168.1.180 |
||||
|
k8s-master-02 ansible_host=192.168.1.181 |
||||
|
|
||||
|
[k8s-worker] |
||||
|
k8s-worker-01 ansible_host=192.168.1.190 |
||||
|
k8s-worker-02 ansible_host=192.168.1.191 |
||||
|
|
||||
|
[docker-units] |
||||
|
homeassistant ansible_host=10.10.10.6 |
||||
|
pi-hole ansible_host=192.168.1.151 |
||||
|
|
||||
|
[all:vars] |
||||
|
ansible_connection=ssh |
||||
|
ansible_ssh_private_key_file=/home/fedy95/.ssh/id_rsa |
||||
|
ansible_user=fedy95 |
||||
|
aptcachetime=3600 |
||||
@ -1,7 +1,8 @@ |
|||||
--- |
--- |
||||
- name: Base playbook |
|
||||
|
- name: docker-units playbook |
||||
hosts: docker-units |
hosts: docker-units |
||||
roles: |
roles: |
||||
- { role: common, become: true } |
- { role: common, become: true } |
||||
- { role: docker, become: true } |
- { role: docker, become: true } |
||||
|
- { role: docker-compose, become: true } |
||||
... |
... |
||||
@ -0,0 +1,31 @@ |
|||||
|
--- |
||||
|
- name: k8s-units playbook |
||||
|
hosts: k8s-dev |
||||
|
become: true |
||||
|
roles: |
||||
|
- common |
||||
|
- docker |
||||
|
- k8s-init-machines |
||||
|
|
||||
|
- name: k8s-units playbook 2 |
||||
|
hosts: k8s-dev-master-first |
||||
|
become: true |
||||
|
vars_prompt: |
||||
|
- name: "k8s_master_ip" |
||||
|
prompt: "Enter the Apiserver advertise address, example: 192.168.1.200" |
||||
|
private: no |
||||
|
roles: |
||||
|
- k8s-init-first-master |
||||
|
|
||||
|
- name: k8s-units playbook 3 |
||||
|
hosts: k8s-dev-worker |
||||
|
become: true |
||||
|
roles: |
||||
|
- k8s-init-workers |
||||
|
|
||||
|
- name: k8s-units playbook 4 |
||||
|
hosts: k8s-dev-master-first |
||||
|
become: true |
||||
|
roles: |
||||
|
- k8s-join-workers-to-first-master |
||||
|
... |
||||
@ -0,0 +1,19 @@ |
|||||
|
--- |
||||
|
- name: k8s-units playbook |
||||
|
hosts: k8s |
||||
|
become: true |
||||
|
roles: |
||||
|
- common |
||||
|
- docker |
||||
|
- k8s-init-machines |
||||
|
|
||||
|
#- name: k8s playbook |
||||
|
# hosts: k8s-master |
||||
|
# roles: |
||||
|
# - { role: common, become: true } |
||||
|
# |
||||
|
#- name: k8s playbook |
||||
|
# hosts: k8s-worker |
||||
|
# roles: |
||||
|
# - { role: common, become: true } |
||||
|
... |
||||
@ -1,52 +0,0 @@ |
|||||
--- |
|
||||
- name: Update apt cache |
|
||||
apt: |
|
||||
update_cache: yes |
|
||||
cache_valid_time: "{{ aptcachetime }}" |
|
||||
|
|
||||
- name: Upgrade all apt packages |
|
||||
apt: upgrade=dist |
|
||||
|
|
||||
- name: Install docker packages |
|
||||
apt: |
|
||||
name: "{{ item }}" |
|
||||
state: present |
|
||||
update_cache: yes |
|
||||
loop: |
|
||||
- 'apt-transport-https' |
|
||||
- 'ca-certificates' |
|
||||
- 'curl' |
|
||||
- 'gnupg' |
|
||||
- 'lsb-release' |
|
||||
|
|
||||
- name: Add Docker GPG key |
|
||||
apt_key: |
|
||||
url: https://download.docker.com/linux/ubuntu/gpg |
|
||||
state: present |
|
||||
|
|
||||
- name: Add deb repository |
|
||||
apt_repository: |
|
||||
repo: deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable |
|
||||
state: present |
|
||||
update_cache: yes |
|
||||
|
|
||||
- name: Install docker |
|
||||
apt: |
|
||||
name: "{{ item }}" |
|
||||
state: present |
|
||||
update_cache: yes |
|
||||
loop: |
|
||||
- 'docker-ce' |
|
||||
- 'docker-ce-cli' |
|
||||
- 'containerd.io' |
|
||||
|
|
||||
- name: Ensure docker users are added to the docker group. |
|
||||
user: |
|
||||
name: "{{ item }}" |
|
||||
groups: docker |
|
||||
append: true |
|
||||
with_items: "{{ ansible_env.USER }}" |
|
||||
|
|
||||
- name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}" |
|
||||
service: name=docker state={{ docker.start | ternary('restarted','stopped') }} enabled={{ docker.service_enabled }} |
|
||||
... |
|
||||
@ -1,4 +1,52 @@ |
|||||
--- |
--- |
||||
- include_tasks: docker.yml |
|
||||
- include_tasks: docker-compose.yml |
|
||||
|
- name: Update apt cache |
||||
|
apt: |
||||
|
update_cache: yes |
||||
|
cache_valid_time: "{{ aptcachetime }}" |
||||
|
|
||||
|
- name: Upgrade all apt packages |
||||
|
apt: upgrade=dist |
||||
|
|
||||
|
- name: Install docker packages |
||||
|
apt: |
||||
|
name: "{{ item }}" |
||||
|
state: present |
||||
|
update_cache: yes |
||||
|
loop: |
||||
|
- 'apt-transport-https' |
||||
|
- 'ca-certificates' |
||||
|
- 'curl' |
||||
|
- 'gnupg' |
||||
|
- 'lsb-release' |
||||
|
|
||||
|
- name: Add Docker GPG key |
||||
|
apt_key: |
||||
|
url: https://download.docker.com/linux/ubuntu/gpg |
||||
|
state: present |
||||
|
|
||||
|
- name: Add deb repository |
||||
|
apt_repository: |
||||
|
repo: deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable |
||||
|
state: present |
||||
|
update_cache: yes |
||||
|
|
||||
|
- name: Install docker |
||||
|
apt: |
||||
|
name: "{{ item }}" |
||||
|
state: present |
||||
|
update_cache: yes |
||||
|
loop: |
||||
|
- 'docker-ce' |
||||
|
- 'docker-ce-cli' |
||||
|
- 'containerd.io' |
||||
|
|
||||
|
- name: Ensure docker users are added to the docker group. |
||||
|
user: |
||||
|
name: "{{ item }}" |
||||
|
groups: docker |
||||
|
append: true |
||||
|
with_items: "fedy95" |
||||
|
|
||||
|
- name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}" |
||||
|
service: name=docker state={{ docker.start | ternary('restarted','stopped') }} enabled={{ docker.service_enabled }} |
||||
... |
... |
||||
@ -0,0 +1,45 @@ |
|||||
|
--- |
||||
|
#- name: Intilizing Kubernetes Cluster |
||||
|
# command: kubeadm init --pod-network-cidr 192.168.0.0/16 --apiserver-advertise-address "{{ k8s_master_ip }}" |
||||
|
# run_once: true |
||||
|
# delegate_to: "{{ k8s_master_ip }}" |
||||
|
|
||||
|
- name: Create directory for kube config. |
||||
|
file: |
||||
|
path: /home/fedy95/.kube |
||||
|
state: directory |
||||
|
owner: "fedy95" |
||||
|
group: "fedy95" |
||||
|
mode: 0755 |
||||
|
|
||||
|
- name: Copy /etc/kubernetes/admin.conf to user home directory /home/fedy95/.kube/config. |
||||
|
copy: |
||||
|
src: /etc/kubernetes/admin.conf |
||||
|
dest: /home/fedy95/.kube/config |
||||
|
remote_src: yes |
||||
|
owner: "fedy95" |
||||
|
group: "fedy95" |
||||
|
mode: '0644' |
||||
|
|
||||
|
- name: Remove the cache directory. |
||||
|
file: |
||||
|
path: /home/fedy95/.kube/cache |
||||
|
state: absent |
||||
|
|
||||
|
- name: Create Pod Network & RBAC. |
||||
|
command: "{{ item }}" |
||||
|
with_items: |
||||
|
- kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml |
||||
|
- kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml |
||||
|
|
||||
|
- name: Get the token for joining the nodes with Kuberentes master. |
||||
|
shell: kubeadm token create --print-join-command |
||||
|
register: kubernetes_join_command |
||||
|
|
||||
|
- debug: |
||||
|
msg: "{{ kubernetes_join_command.stdout }}" |
||||
|
|
||||
|
- name: Copy join command to local file. |
||||
|
become: false |
||||
|
local_action: copy content="{{ kubernetes_join_command.stdout_lines[0] }}" dest="/tmp/kubernetes_join_command" mode=0777 |
||||
|
... |
||||
@ -0,0 +1,46 @@ |
|||||
|
--- |
||||
|
- name: Disable all swaps from /proc/swaps |
||||
|
shell: | |
||||
|
swapoff --all |
||||
|
|
||||
|
- name: Disable SWAP in fstab |
||||
|
lineinfile: |
||||
|
path: /etc/fstab |
||||
|
regexp: 'swap' |
||||
|
state: absent |
||||
|
|
||||
|
- name: Add Google GPG key |
||||
|
apt_key: |
||||
|
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg |
||||
|
state: present |
||||
|
|
||||
|
- name: Add Kubernetes' APT repository |
||||
|
apt_repository: |
||||
|
repo: deb http://apt.kubernetes.io/ kubernetes-xenial main |
||||
|
state: present |
||||
|
filename: 'kubernetes' |
||||
|
mode: 0600 |
||||
|
|
||||
|
- name: Installing Kubernetes Cluster Packages |
||||
|
apt: |
||||
|
name: "{{ item }}" |
||||
|
state: present |
||||
|
cache_valid_time: "{{ aptcachetime }}" |
||||
|
loop: |
||||
|
- 'kubeadm' |
||||
|
- 'kubectl' |
||||
|
- 'kubelet' |
||||
|
|
||||
|
- name: Enable service kubelet persistently |
||||
|
service: |
||||
|
name: kubelet |
||||
|
enabled: yes |
||||
|
|
||||
|
# TODO ??? |
||||
|
#- name: Reboot all the kubernetes nodes. |
||||
|
# reboot: |
||||
|
# post_reboot_delay: 10 |
||||
|
# reboot_timeout: 40 |
||||
|
# connect_timeout: 60 |
||||
|
# test_command: uptime |
||||
|
... |
||||
@ -0,0 +1,14 @@ |
|||||
|
--- |
||||
|
- name: Copy join command to worker nodes. |
||||
|
copy: |
||||
|
src: /tmp/kubernetes_join_command |
||||
|
dest: /tmp/kubernetes_join_command |
||||
|
mode: 0777 |
||||
|
|
||||
|
- name: Join the Worker nodes with master. |
||||
|
command: sh /tmp/kubernetes_join_command |
||||
|
register: joined_or_not |
||||
|
|
||||
|
- debug: |
||||
|
msg: "{{ joined_or_not.stdout }}" |
||||
|
... |
||||
@ -0,0 +1,7 @@ |
|||||
|
--- |
||||
|
- name: Configure kubectl command auto completion. |
||||
|
lineinfile: |
||||
|
dest: /home/fedy95/.bashrc |
||||
|
line: 'source <(kubectl completion bash)' |
||||
|
insertafter: EOF |
||||
|
... |
||||
Reference in new issue