diff --git a/data/ansible/k8s_cluster/hosts b/data/ansible/k8s_cluster/hosts index 97c41a4ca..e42230848 100644 --- a/data/ansible/k8s_cluster/hosts +++ b/data/ansible/k8s_cluster/hosts @@ -1,4 +1,6 @@ +[k8smaster] +k8s-master ansible_host=192.168.56.10 ansible_ssh_user=user + [k8snodes] -k8s-master ansible_host=192.168.56.120 ansible_ssh_user=gezim -k8s-node1 ansible_host=192.168.56.121 ansible_ssh_user=gezim -k8s-node2 ansible_host=192.168.56.122 ansible_ssh_user=gezim \ No newline at end of file +k8s-node1 ansible_host=192.168.56.11 ansible_ssh_user=user +k8s-node2 ansible_host=192.168.56.12 ansible_ssh_user=user \ No newline at end of file diff --git a/data/ansible/k8s_cluster/main.yaml b/data/ansible/k8s_cluster/main.yaml index 4071932d6..b62660068 100644 --- a/data/ansible/k8s_cluster/main.yaml +++ b/data/ansible/k8s_cluster/main.yaml @@ -1,105 +1,26 @@ --- -- hosts: k8snodes +- hosts: all vars: + m_node_ip: "{{ hostvars['k8s-master']['ansible_host'] }}" tasks: - name: Install kubeadm,containerd,kubectl import_role: name: ../roles/k8s - - name: Disable swap permanently - lineinfile: - path: /etc/fstab - regexp: '^\s*UUID=\S+\s+none\s+swap' - state: absent - become: true - - - name: Disable swap on current session - become: true - command: - cmd: swapoff -a - when: ansible_swaptotal_mb > 0 + - name: Start nfs server + import_role: + name: ../roles/nfs_server -- hosts: k8s-master - vars: - kube_config: "{{ ansible_env.HOME }}/.kube/config" - iface: enp0s8 - tasks: - - name: Install kubectl - become: true - apt: - name: kubectl - state: present - - - name: Get flannel configuration - get_url: - url: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml - dest: "{{ ansible_env.HOME }}" - - - name: Add iface for flannel - lineinfile: - path: "{{ ansible_env.HOME }}/kube-flannel.yml" - insertafter: "- --kube-subnet-mgr" - line : " - --iface={{ iface }}" - - - - name: Reset the kubeadm - become: true - command: - cmd: kubeadm reset -f - - - name: Start the cluster - become: true - command: - cmd: "kubeadm init --apiserver-advertise-address {{ hostvars['k8s-master']['ansible_host'] }} --pod-network-cidr=10.244.0.0/16" - register: kubeadm_output - - - name: Extract token value - set_fact: - kubeadm_token: "{{ kubeadm_output | regex_search('--token\\s+(\\S+)', '\\1') | first }}" - kubeadm_hash: "{{ kubeadm_output | regex_search('--discovery-token-ca-cert-hash\\s+sha256:(\\S+)', '\\1') | first }}" - - - name: Remove $HOME/.config - file: - path: "{{ kube_config }}" - state: absent - - - name: Create .config - file: - path: "{{ ansible_env.HOME }}/.kube" - state: directory - - - name: Copy the file - become: true - copy: - src: /etc/kubernetes/admin.conf - dest: "{{ kube_config }}" - remote_src: true - owner: "{{ ansible_env.USER }}" - group: "{{ ansible_env.USER }}" - - - name: Apply flannel network settings - command: - cmd: kubectl apply -f kube-flannel.yml - chdir: "{{ ansible_env.HOME }}" - register: flannel - - -- hosts: k8s-node1,k8s-node2 - +- hosts: k8smaster tasks: - - name: Reset the kubeadm - become: true - command: - cmd: kubeadm reset -f + - name: Install Postgresql + import_role: + name: ../roles/postgresql - - name: Join in the cluster - become: true - command: - cmd: "kubeadm join {{ hostvars['k8s-master']['ansible_host'] }}:6443 --token {{ hostvars['k8s-master']['kubeadm_token'] }} --discovery-token-ca-cert-hash sha256:{{ hostvars['k8s-master']['kubeadm_hash'] }}" - - - \ No newline at end of file + - name: Install Redis + import_role: + name: ../roles/redis \ No newline at end of file diff --git a/data/ansible/roles/k8s/defaults/main.yaml b/data/ansible/roles/k8s/defaults/main.yaml index b2d420742..bf53dd481 100644 --- a/data/ansible/roles/k8s/defaults/main.yaml +++ b/data/ansible/roles/k8s/defaults/main.yaml @@ -3,6 +3,10 @@ keyring_path: /etc/apt/keyrings kubernetes_version: v1.28 +kube_config: "{{ ansible_env.HOME }}/.kube/config" + +iface: enp0s8 + k8s_dependencies: - ca-certificates - curl diff --git a/data/ansible/roles/k8s/handlers/main.yaml b/data/ansible/roles/k8s/handlers/main.yaml index 7119f7f8a..3ec0a9261 100644 --- a/data/ansible/roles/k8s/handlers/main.yaml +++ b/data/ansible/roles/k8s/handlers/main.yaml @@ -1,6 +1,7 @@ --- -- name: Restart containerd - become: true - ansible.builtin.systemd: - name: containerd - state: restarted + +- name: Restart kubelet + become: true + systemd: + name: kubelet + state: restarted diff --git a/data/ansible/roles/k8s/tasks/k8s-master.yaml b/data/ansible/roles/k8s/tasks/k8s-master.yaml new file mode 100644 index 000000000..54cc91af4 --- /dev/null +++ b/data/ansible/roles/k8s/tasks/k8s-master.yaml @@ -0,0 +1,58 @@ +--- + +- name: Install kubectl + become: true + apt: + name: kubectl + state: present + +- name: Get flannel configuration + get_url: + url: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml + dest: "{{ ansible_env.HOME }}" + +- name: Add iface for flannel + lineinfile: + path: "{{ ansible_env.HOME }}/kube-flannel.yml" + insertafter: "- --kube-subnet-mgr" + line : " - --iface={{ iface }}" + +- name: Reset the kubeadm + become: true + command: + cmd: kubeadm reset -f + +- name: Start the cluster + become: true + command: + cmd: "kubeadm init --apiserver-advertise-address {{ ansible_host }} --pod-network-cidr=10.244.0.0/16" + register: kubeadm_output + +- name: Extract token and hash valuew + set_fact: + kubeadm_token: "{{ kubeadm_output | regex_search('--token\\s+(\\S+)', '\\1') | first }}" + kubeadm_hash: "{{ kubeadm_output | regex_search('--discovery-token-ca-cert-hash\\s+sha256:(\\S+)', '\\1') | first }}" + +- name: Remove $HOME/.config + file: + path: "{{ kube_config }}" + state: absent + +- name: Create .config + file: + path: "{{ ansible_env.HOME }}/.kube" + state: directory + +- name: Copy the file + become: true + copy: + src: /etc/kubernetes/admin.conf + dest: "{{ kube_config }}" + remote_src: true + owner: "{{ ansible_env.USER }}" + group: "{{ ansible_env.USER }}" + +- name: Apply flannel network settings + command: + cmd: kubectl apply -f kube-flannel.yml + chdir: "{{ ansible_env.HOME }}" diff --git a/data/ansible/roles/k8s/tasks/k8s-nodes.yaml b/data/ansible/roles/k8s/tasks/k8s-nodes.yaml new file mode 100644 index 000000000..b7e82d967 --- /dev/null +++ b/data/ansible/roles/k8s/tasks/k8s-nodes.yaml @@ -0,0 +1,10 @@ +--- +- name: Reset the kubeadm + become: true + command: + cmd: kubeadm reset -f + +- name: Join in the cluster + become: true + command: + cmd: "kubeadm join {{ m_node_ip }}:6443 --token {{ hostvars['k8s-master']['kubeadm_token'] }} --discovery-token-ca-cert-hash sha256:{{ hostvars['k8s-master']['kubeadm_hash'] }}" \ No newline at end of file diff --git a/data/ansible/roles/k8s/tasks/main.yaml b/data/ansible/roles/k8s/tasks/main.yaml index b327b5d42..fac5fdcee 100644 --- a/data/ansible/roles/k8s/tasks/main.yaml +++ b/data/ansible/roles/k8s/tasks/main.yaml @@ -1,5 +1,18 @@ --- +- name: Disable swap permanently + lineinfile: + path: /etc/fstab + regexp: '^\s*UUID=\S+\s+none\s+swap' + state: absent + become: true + +- name: Disable swap on current session + become: true + command: + cmd: swapoff -a + when: ansible_swaptotal_mb > 0 + - name: Install containerd dependencies become: true apt: @@ -93,8 +106,29 @@ regexp: '^(\s*)SystemdCgroup' line: '\1SystemdCgroup = true' backrefs: yes - notify: Restart containerd +- name: Restart containerd + become: true + ansible.builtin.systemd: + name: containerd + state: restarted - +- include_tasks: k8s-master.yaml + when: "'k8smaster' in group_names" +- include_tasks: k8s-nodes.yaml + when: "'k8snodes' in group_names" + +- name: Add worker label on nodes + command: + cmd: "kubectl label node {{ item }} node-role.kubernetes.io/worker=worker" + loop: "{{ groups['k8snodes'] }}" + when: "'k8smaster' in group_names" + +- name: Add the correct IP for the nodes + become: true + template: + dest: /var/lib/kubelet/kubeadm-flags.env + src: kubeadm-flags.env.j2 + force: yes + notify: Restart kubelet \ No newline at end of file diff --git a/data/ansible/roles/k8s/templates/kubeadm-flags.env.j2 b/data/ansible/roles/k8s/templates/kubeadm-flags.env.j2 new file mode 100644 index 000000000..63aeb9ee9 --- /dev/null +++ b/data/ansible/roles/k8s/templates/kubeadm-flags.env.j2 @@ -0,0 +1 @@ +KUBELET_KUBEADM_ARGS="--container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.k8s.io/pause:3.9 --node-ip={{ ansible_host }}" diff --git a/data/ansible/roles/nfs_server/tasks/client.yaml b/data/ansible/roles/nfs_server/tasks/client.yaml new file mode 100644 index 000000000..c3c86bdd4 --- /dev/null +++ b/data/ansible/roles/nfs_server/tasks/client.yaml @@ -0,0 +1,29 @@ +--- + +- name: Install NFS client packages + become: true + apt: + name: nfs-common + state: present + update_cache: yes + +- name: Create NFS Shared folder + become: true + file: + state: directory + path: /mnt/nfs + +- name: Mount the shared folder + become: true + mount: + path: /mnt/nfs + src: "{{ m_node_ip }}:/nfs" + fstype: nfs + state: mounted + +# - name: Configure auto-mount +# become: true +# lineinfile: +# path: /etc/fstab +# insertafter: 'EOF' +# line: "{{ m_node_ip }}:/nfs /mnt/nfs nfs defaults 0 0" \ No newline at end of file diff --git a/data/ansible/roles/nfs_server/tasks/main.yaml b/data/ansible/roles/nfs_server/tasks/main.yaml new file mode 100644 index 000000000..888feda33 --- /dev/null +++ b/data/ansible/roles/nfs_server/tasks/main.yaml @@ -0,0 +1,8 @@ +--- + +- include_tasks: server.yaml + when: "'k8smaster' in group_names" + + +- include_tasks: client.yaml + when: "'k8snodes' in group_names" \ No newline at end of file diff --git a/data/ansible/roles/nfs_server/tasks/server.yaml b/data/ansible/roles/nfs_server/tasks/server.yaml new file mode 100644 index 000000000..14996eb5a --- /dev/null +++ b/data/ansible/roles/nfs_server/tasks/server.yaml @@ -0,0 +1,38 @@ +--- +- name: Install nfs-kernel-server + become: true + apt: + update_cache: yes + name: nfs-kernel-server + state: present + + +- name: Create a directory for NFS share + become: true + file: + path: /nfs + owner: nobody + group: nogroup + mode: '0777' + state: directory + + +- name: Modyify the exports file + become: true + lineinfile: + path: /etc/exports + insertafter: 'EOF' + line: "/nfs *(rw,sync,no_subtree_check,no_root_squash)" + +- name: Export the NFS Share + become: true + command: + cmd: "exportfs -a" + + +- name: Enable and start nfs-kernel-server + become: true + systemd: + name: nfs-kernel-server + enabled: yes + state: started diff --git a/data/ansible/roles/redis/tasks/main.yaml b/data/ansible/roles/redis/tasks/main.yaml new file mode 100644 index 000000000..2b5265121 --- /dev/null +++ b/data/ansible/roles/redis/tasks/main.yaml @@ -0,0 +1,7 @@ +--- + +- name: Get Redis from apt repository + become: true + apt: + name: redis-server + state: present \ No newline at end of file