From 0ada2d1d0e0fe8039c91841724356ad7a5baa873 Mon Sep 17 00:00:00 2001 From: gezimbll Date: Thu, 28 Sep 2023 10:52:41 -0400 Subject: [PATCH] Creating roles and playbook for k8s cluster setup --- data/ansible/k8s_cluster/hosts | 4 + data/ansible/k8s_cluster/main.yaml | 105 ++++++++++++++++++++++ data/ansible/roles/k8s/defaults/main.yaml | 23 +++++ data/ansible/roles/k8s/handlers/main.yaml | 6 ++ data/ansible/roles/k8s/tasks/main.yaml | 100 +++++++++++++++++++++ 5 files changed, 238 insertions(+) create mode 100644 data/ansible/k8s_cluster/hosts create mode 100644 data/ansible/k8s_cluster/main.yaml create mode 100644 data/ansible/roles/k8s/defaults/main.yaml create mode 100644 data/ansible/roles/k8s/handlers/main.yaml create mode 100644 data/ansible/roles/k8s/tasks/main.yaml diff --git a/data/ansible/k8s_cluster/hosts b/data/ansible/k8s_cluster/hosts new file mode 100644 index 000000000..97c41a4ca --- /dev/null +++ b/data/ansible/k8s_cluster/hosts @@ -0,0 +1,4 @@ +[k8snodes] +k8s-master ansible_host=192.168.56.120 ansible_ssh_user=gezim +k8s-node1 ansible_host=192.168.56.121 ansible_ssh_user=gezim +k8s-node2 ansible_host=192.168.56.122 ansible_ssh_user=gezim \ No newline at end of file diff --git a/data/ansible/k8s_cluster/main.yaml b/data/ansible/k8s_cluster/main.yaml new file mode 100644 index 000000000..4071932d6 --- /dev/null +++ b/data/ansible/k8s_cluster/main.yaml @@ -0,0 +1,105 @@ +--- + +- hosts: k8snodes + vars: + tasks: + + - name: Install kubeadm,containerd,kubectl + import_role: + name: ../roles/k8s + + - name: Disable swap permanently + lineinfile: + path: /etc/fstab + regexp: '^\s*UUID=\S+\s+none\s+swap' + state: absent + become: true + + - name: Disable swap on current session + become: true + command: + cmd: swapoff -a + when: ansible_swaptotal_mb > 0 + + +- hosts: k8s-master + vars: + kube_config: "{{ ansible_env.HOME }}/.kube/config" + iface: enp0s8 + tasks: + - name: Install kubectl + become: true + apt: + name: kubectl + state: present + + - name: Get flannel configuration + get_url: + url: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml + dest: "{{ ansible_env.HOME }}" + + - name: Add iface for flannel + lineinfile: + path: "{{ ansible_env.HOME }}/kube-flannel.yml" + insertafter: "- --kube-subnet-mgr" + line : " - --iface={{ iface }}" + + + - name: Reset the kubeadm + become: true + command: + cmd: kubeadm reset -f + + - name: Start the cluster + become: true + command: + cmd: "kubeadm init --apiserver-advertise-address {{ hostvars['k8s-master']['ansible_host'] }} --pod-network-cidr=10.244.0.0/16" + register: kubeadm_output + + - name: Extract token value + set_fact: + kubeadm_token: "{{ kubeadm_output | regex_search('--token\\s+(\\S+)', '\\1') | first }}" + kubeadm_hash: "{{ kubeadm_output | regex_search('--discovery-token-ca-cert-hash\\s+sha256:(\\S+)', '\\1') | first }}" + + - name: Remove $HOME/.config + file: + path: "{{ kube_config }}" + state: absent + + - name: Create .config + file: + path: "{{ ansible_env.HOME }}/.kube" + state: directory + + - name: Copy the file + become: true + copy: + src: /etc/kubernetes/admin.conf + dest: "{{ kube_config }}" + remote_src: true + owner: "{{ ansible_env.USER }}" + group: "{{ ansible_env.USER }}" + + - name: Apply flannel network settings + command: + cmd: kubectl apply -f kube-flannel.yml + chdir: "{{ ansible_env.HOME }}" + register: flannel + + +- hosts: k8s-node1,k8s-node2 + + tasks: + + - name: Reset the kubeadm + become: true + command: + cmd: kubeadm reset -f + + - name: Join in the cluster + become: true + command: + cmd: "kubeadm join {{ hostvars['k8s-master']['ansible_host'] }}:6443 --token {{ hostvars['k8s-master']['kubeadm_token'] }} --discovery-token-ca-cert-hash sha256:{{ hostvars['k8s-master']['kubeadm_hash'] }}" + + + \ No newline at end of file diff --git a/data/ansible/roles/k8s/defaults/main.yaml b/data/ansible/roles/k8s/defaults/main.yaml new file mode 100644 index 000000000..b2d420742 --- /dev/null +++ b/data/ansible/roles/k8s/defaults/main.yaml @@ -0,0 +1,23 @@ +--- +keyring_path: /etc/apt/keyrings + +kubernetes_version: v1.28 + +k8s_dependencies: +- ca-certificates +- curl +- gnupg +- apt-transport-https + +k8s_packages: +- containerd.io +- kubelet +- kubeadm + +gpg_keys: + - url: https://download.docker.com/linux/debian/gpg + dest: /tmp/docker.gpg + keyring_files: "{{ keyring_path }}/docker.gpg" + - url: https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version }}/deb/Release.key + dest: /tmp/kubernetes.gpg + keyring_files: "{{ keyring_path }}/kubernetes-apt-keyring.gpg" \ No newline at end of file diff --git a/data/ansible/roles/k8s/handlers/main.yaml b/data/ansible/roles/k8s/handlers/main.yaml new file mode 100644 index 000000000..7119f7f8a --- /dev/null +++ b/data/ansible/roles/k8s/handlers/main.yaml @@ -0,0 +1,6 @@ +--- +- name: Restart containerd + become: true + ansible.builtin.systemd: + name: containerd + state: restarted diff --git a/data/ansible/roles/k8s/tasks/main.yaml b/data/ansible/roles/k8s/tasks/main.yaml new file mode 100644 index 000000000..b327b5d42 --- /dev/null +++ b/data/ansible/roles/k8s/tasks/main.yaml @@ -0,0 +1,100 @@ +--- + +- name: Install containerd dependencies + become: true + apt: + name: "{{ k8s_dependencies }}" + state: present + update_cache: yes + +- name: Ensure the keyring exist + become: true + file: + mode: '0755' + path: "{{ keyring_path }}" + state: directory + +- name: Get the GPG keys + get_url: + url: "{{ item.url }}" + dest: "{{ item.dest }}" + loop: "{{ gpg_keys }}" + +- name: Add the GPG keys + become: true + apt_key: + file: "{{ item.dest }}" + keyring: "{{ item.keyring_files }}" + loop: "{{ gpg_keys }}" + +- name: Set the permissions for key + file: + path: "{{ keyring_path }}/docker.gpg" + state: file + mode: '0644' + + +- name: Set up Docker repository + become: true + shell: | + echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" > /etc/apt/sources.list.d/docker.list + echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list + +- name: Install packages + become: true + apt: + name: "{{ k8s_packages }}" + state: present + update_cache: yes + +- name: Configure kernel modules to load on boot for Kubernetes + become: true + copy: + dest: "{{ item }}" + content: | + overlay + br_netfilter + loop: + - /etc/modules-load.d/containerd.conf + - /etc/modules-load.d/k8s.conf + +- name: Load necessary kernel modules for Kubernetes + become: true + modprobe: + name: "{{ item }}" + state: present + loop: + - overlay + - br_netfilter + +- name: Set sysctl parameters for Kubernetes + become: true + copy: + dest: /etc/sysctl.d/k8s.conf + content: | + net.bridge.bridge-nf-call-iptables = 1 + net.bridge.bridge-nf-call-ip6tables = 1 + net.ipv4.ip_forward = 1 + +- name: Apply sysctl parameters without reboot + become: true + command: + cmd: sysctl --system + +- name: Set containerd default config + become: true + shell: | + containerd config default | tee /etc/containerd/config.toml >/dev/null 2>&1 + +- name: Change systemd to true + become: true + lineinfile: + path: /etc/containerd/config.toml + regexp: '^(\s*)SystemdCgroup' + line: '\1SystemdCgroup = true' + backrefs: yes + notify: Restart containerd + + + +