From 0100387087c67a6a8e58f8baa31e54164ce16d2c Mon Sep 17 00:00:00 2001 From: Jim Nicholson Date: Wed, 20 Dec 2023 21:54:54 -0800 Subject: [PATCH] Stage them all, let god sort it out --- .gitignore | 1 + alpine-cluster/alpine-prep.sh | 11 +++++ {build-cluster => alpine-cluster}/ansible.cfg | 2 +- .../config}/.gitignore | 0 alpine-cluster/files/00_setdns.cfg | 4 ++ alpine-cluster/files/config.yaml | 7 +++ .../install_k3s.yaml | 0 .../provision-cluster-nodes.yaml | 49 +++++-------------- .../k3s-cluster-installer/defaults/main.yaml | 0 .../k3s-cluster-installer/files/flannel.conf | 0 .../tasks/control_plane.yaml | 0 .../k3s-cluster-installer/tasks/main.yaml | 0 .../k3s-cluster-installer/tasks/prep.yaml | 10 ++++ .../k3s-cluster-installer/tasks/primary.yaml | 2 + .../k3s-cluster-installer/tasks/workers.yaml | 4 +- build-cluster/config/.gitignore | 2 - build-cluster/deprovision.yaml | 33 ------------- build-cluster/inventory.yaml | 44 ----------------- build-cluster/prepare-cluster-nodes.yaml | 47 ------------------ .../k3s-cluster-installer/tasks/prep.yaml | 29 ----------- requirements.in | 5 ++ 21 files changed, 57 insertions(+), 193 deletions(-) create mode 100644 alpine-cluster/alpine-prep.sh rename {build-cluster => alpine-cluster}/ansible.cfg (81%) rename {build-cluster/airgap => alpine-cluster/config}/.gitignore (100%) create mode 100644 alpine-cluster/files/00_setdns.cfg create mode 100644 alpine-cluster/files/config.yaml rename {build-cluster => alpine-cluster}/install_k3s.yaml (100%) rename {build-cluster => alpine-cluster}/provision-cluster-nodes.yaml (62%) rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/defaults/main.yaml (100%) rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/files/flannel.conf (100%) rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/tasks/control_plane.yaml (100%) rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/tasks/main.yaml (100%) create mode 100644 alpine-cluster/roles/k3s-cluster-installer/tasks/prep.yaml rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/tasks/primary.yaml (89%) rename {build-cluster => alpine-cluster}/roles/k3s-cluster-installer/tasks/workers.yaml (56%) delete mode 100644 build-cluster/config/.gitignore delete mode 100644 build-cluster/deprovision.yaml delete mode 100644 build-cluster/inventory.yaml delete mode 100644 build-cluster/prepare-cluster-nodes.yaml delete mode 100644 build-cluster/roles/k3s-cluster-installer/tasks/prep.yaml create mode 100644 requirements.in diff --git a/.gitignore b/.gitignore index f3bf9c3..5de2699 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .direnv .envrc +requirements.txt diff --git a/alpine-cluster/alpine-prep.sh b/alpine-cluster/alpine-prep.sh new file mode 100644 index 0000000..c2ff73c --- /dev/null +++ b/alpine-cluster/alpine-prep.sh @@ -0,0 +1,11 @@ + +export SWAP_SIZE=0 +alpine-setup + +echo 'http://dl-cdn.alpinelinux.org/alpine/v3.18/community' >> /etc/apk/repositories +apk update +apk add curl python3 sudo qemu-guest-agent +rc-service qemu-guest-agent start +rc-update add qemu-guest-agent +echo '%wheel ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel +adduser admin wheel diff --git a/build-cluster/ansible.cfg b/alpine-cluster/ansible.cfg similarity index 81% rename from build-cluster/ansible.cfg rename to alpine-cluster/ansible.cfg index b984b08..5be6a58 100644 --- a/build-cluster/ansible.cfg +++ b/alpine-cluster/ansible.cfg @@ -1,5 +1,5 @@ [defaults] inventory = ./inventory.yaml host_key_checking = False -remote_user = kube +remote_user = admin roles_path = ./roles \ No newline at end of file diff --git a/build-cluster/airgap/.gitignore b/alpine-cluster/config/.gitignore similarity index 100% rename from build-cluster/airgap/.gitignore rename to alpine-cluster/config/.gitignore diff --git a/alpine-cluster/files/00_setdns.cfg b/alpine-cluster/files/00_setdns.cfg new file mode 100644 index 0000000..fae22c9 --- /dev/null +++ b/alpine-cluster/files/00_setdns.cfg @@ -0,0 +1,4 @@ +#cloud-config +bootcmd: + - nmcli con mod "cloud-init eth0" ipv4.dns 10.0.96.30 + - nmcli con up id "cloud-init eth0" \ No newline at end of file diff --git a/alpine-cluster/files/config.yaml b/alpine-cluster/files/config.yaml new file mode 100644 index 0000000..8a067a4 --- /dev/null +++ b/alpine-cluster/files/config.yaml @@ -0,0 +1,7 @@ +write-kubeconfig-mode: "0644" +tls-san: + - "{{ cp_fqdn }}" +node-label: + - "size=small" +cluster-init: true +node-external-ip: \ No newline at end of file diff --git a/build-cluster/install_k3s.yaml b/alpine-cluster/install_k3s.yaml similarity index 100% rename from build-cluster/install_k3s.yaml rename to alpine-cluster/install_k3s.yaml diff --git a/build-cluster/provision-cluster-nodes.yaml b/alpine-cluster/provision-cluster-nodes.yaml similarity index 62% rename from build-cluster/provision-cluster-nodes.yaml rename to alpine-cluster/provision-cluster-nodes.yaml index 05b3f43..da9fa75 100644 --- a/build-cluster/provision-cluster-nodes.yaml +++ b/alpine-cluster/provision-cluster-nodes.yaml @@ -4,17 +4,19 @@ - localhost gather_facts: no tasks: + + - name: Clone host image community.general.proxmox_kvm: api_host: "{{ proxmox_api_host }}" - api_user: "{{ lookup('env','PM_USER') }}" - api_password: "{{ lookup('env','PM_PASSWORD') }}" + api_user: "{{ proxmox_user }}" + api_password: "{{ proxmox_pw }}" autostart: true clone: "{{ cloudinit_img }}" name: "{{ item }}" - node: pve2 + node: pve target: "{{ hostvars[item].node }}" - storage: disk-storage + storage: ceph_storage format: qcow2 newid: "{{ hostvars[item].id }}" timeout: 500 @@ -27,11 +29,11 @@ update: yes node: "{{ hostvars[item].node }}" api_host: "{{ proxmox_api_host }}" - api_user: "{{ lookup('env','PM_USER') }}" - api_password: "{{ lookup('env','PM_PASSWORD') }}" + api_user: "{{ proxmox_user }}" + api_password: "{{ proxmox_pw }}" memory: "{{ hostvars[item].mem }}" - ciuser: kube - cipassword: Call1_advent + ciuser: admin + cipassword: "{{ proxmox_pw }}" cores: 4 sshkeys: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0Lk7zShZhujYeAnqorxZZCUJbZWWzf74cyAXRCGFeqyUvzOHuc/M3s0dmEqWRQCnKKdRAcAeBuya8dNyXwlTbWGTMbrObesPb0rHgLLXUfPbDH1km9QpVufjpuhbUtBN0iSa/1n3vKeMvrQj3ekUvl6nRtcLPHY0H4RswOJSpEzpvHK8S4YxdSoBV0z9KVB3/nS45WsqY45pD75epEjgaEhxyiJkf2fy5VkEB0+ZRMWs4uv/emwXq1hparkh5618Qap5qTpxI0kG0gXjupYc9HYe3oqHtxXsqrN3G/wEX6bVsbxNUdU5WMlqT88TkbRcju7UI7UhNcBezXaeT/WlJZGGM2spEHpk7DBC8Td6t09vCDQzRU694p6/hMfOUS3aMSdcIIU9wOdqXaXgFW2ugUxjQV0L0EowCxX8wJpPmxECs+svf7cCPYZVyF+R4MKHHx2mW/GtHYceAkQvIMfjPg2ZlKNOWGAJHBjjnLlAdXWJf77+FH5q3QCQshEW4loe/7/cd3AUGplYtHKxBaGYJS8YRDDmAE/TBZsm3ICaGCIUtEEsIBrSPR+f6WFU5fMIOh82735FGMI1rO4rNkFJ3ZBgwsgurY1yKrtP8yrTKELF0noycWw6DYHrwShXDFKjIlut5w3L3tOdlL6gheTfZqhSwDNZXm/3H76BfOUpxEQ== jim@DESKTOP-PP2J3PP' vmid: "{{ hostvars[item].id }}" @@ -40,7 +42,7 @@ net: net0: 'virtio,bridge=vmbr0' ipconfig: - ipconfig0: "ip={{ hostvars[item].ip }}/24,gw=10.0.96.1" + ipconfig0: "ip={{ hostvars[item].ansible_host }}/24,gw=10.0.96.1" with_inventory_hostnames: - primary - control_plane @@ -49,8 +51,8 @@ community.general.proxmox_kvm: node: "{{ hostvars[item].node }}" api_host: "{{ proxmox_api_host }}" - api_user: "{{ lookup('env','PM_USER') }}" - api_password: "{{ lookup('env','PM_PASSWORD') }}" + api_user: "{{ proxmox_user }}" + api_password: "{{ proxmox_pw }}" update: yes vmid: "{{ hostvars[item].id }}" state: started @@ -58,28 +60,3 @@ - primary - control_plane - workers - - name: Update DNS for cluster nodes - uri: - method: PATCH - url: "http://{{ pdns_api }}:8081/api/v1/servers/localhost/zones/{{ pdns_dom }}" - body: - rrsets: - - name: "{{ item }}.{{ pdns_dom }}." - type: A - ttl: 86400 - changetype: REPLACE - records: - - content: "{{ hostvars[item].ip }}" - disabled: false - body_format: json - headers: - 'X-API-Key': "{{ lookup('env','PDNS_API_PW') }}" - return_content: yes - status_code: - - 200 - - 204 - register: dns_result - with_inventory_hostnames: - - primary - - control_plane - - workers diff --git a/build-cluster/roles/k3s-cluster-installer/defaults/main.yaml b/alpine-cluster/roles/k3s-cluster-installer/defaults/main.yaml similarity index 100% rename from build-cluster/roles/k3s-cluster-installer/defaults/main.yaml rename to alpine-cluster/roles/k3s-cluster-installer/defaults/main.yaml diff --git a/build-cluster/roles/k3s-cluster-installer/files/flannel.conf b/alpine-cluster/roles/k3s-cluster-installer/files/flannel.conf similarity index 100% rename from build-cluster/roles/k3s-cluster-installer/files/flannel.conf rename to alpine-cluster/roles/k3s-cluster-installer/files/flannel.conf diff --git a/build-cluster/roles/k3s-cluster-installer/tasks/control_plane.yaml b/alpine-cluster/roles/k3s-cluster-installer/tasks/control_plane.yaml similarity index 100% rename from build-cluster/roles/k3s-cluster-installer/tasks/control_plane.yaml rename to alpine-cluster/roles/k3s-cluster-installer/tasks/control_plane.yaml diff --git a/build-cluster/roles/k3s-cluster-installer/tasks/main.yaml b/alpine-cluster/roles/k3s-cluster-installer/tasks/main.yaml similarity index 100% rename from build-cluster/roles/k3s-cluster-installer/tasks/main.yaml rename to alpine-cluster/roles/k3s-cluster-installer/tasks/main.yaml diff --git a/alpine-cluster/roles/k3s-cluster-installer/tasks/prep.yaml b/alpine-cluster/roles/k3s-cluster-installer/tasks/prep.yaml new file mode 100644 index 0000000..e4c9dce --- /dev/null +++ b/alpine-cluster/roles/k3s-cluster-installer/tasks/prep.yaml @@ -0,0 +1,10 @@ +--- +- name: Create config directory + file: + path: /etc/rancher/k3s + state: directory + owner: root + group: root + mode: 0755 + become: true + diff --git a/build-cluster/roles/k3s-cluster-installer/tasks/primary.yaml b/alpine-cluster/roles/k3s-cluster-installer/tasks/primary.yaml similarity index 89% rename from build-cluster/roles/k3s-cluster-installer/tasks/primary.yaml rename to alpine-cluster/roles/k3s-cluster-installer/tasks/primary.yaml index ec846b6..5df34e2 100644 --- a/build-cluster/roles/k3s-cluster-installer/tasks/primary.yaml +++ b/alpine-cluster/roles/k3s-cluster-installer/tasks/primary.yaml @@ -8,6 +8,8 @@ dest="{{ playbook_dir }}/config/primary_ip" become: false delegate_to: localhost + - debug: + msg: "curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC='server --cluster-init --tls-san {{ cp_fqdn }} --write-kubeconfig-mode 644' sh -" - name: Run the installer shell: cmd: "curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC='server --cluster-init --tls-san {{ cp_fqdn }} --write-kubeconfig-mode 644' sh -" diff --git a/build-cluster/roles/k3s-cluster-installer/tasks/workers.yaml b/alpine-cluster/roles/k3s-cluster-installer/tasks/workers.yaml similarity index 56% rename from build-cluster/roles/k3s-cluster-installer/tasks/workers.yaml rename to alpine-cluster/roles/k3s-cluster-installer/tasks/workers.yaml index fb2210b..d360a2c 100644 --- a/build-cluster/roles/k3s-cluster-installer/tasks/workers.yaml +++ b/alpine-cluster/roles/k3s-cluster-installer/tasks/workers.yaml @@ -6,9 +6,11 @@ - name: Get the primary ip set_fact: primary_ip: "{{ lookup('file',playbook_dir + '/config/primary_ip') }}" + - debug: + msg: "curl -sfL https://get.k3s.io | K3S_URL=https://{{ primary_ip }}:6443 K3S_TOKEN={{ token }} sh -" - name: Run the installer shell: - cmd: "curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC='agent --server https://{{ primary_ip }}:6443 --token {{ token }}' sh -" + cmd: "curl -sfL https://get.k3s.io | K3S_URL=https://{{ primary_ip }}:6443 K3S_TOKEN={{ token }} sh -" args: creates: /var/lib/rancher/k3s/agent/k3scontroller.kubeconfig become: true diff --git a/build-cluster/config/.gitignore b/build-cluster/config/.gitignore deleted file mode 100644 index d6b7ef3..0000000 --- a/build-cluster/config/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!.gitignore diff --git a/build-cluster/deprovision.yaml b/build-cluster/deprovision.yaml deleted file mode 100644 index c6d7d91..0000000 --- a/build-cluster/deprovision.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- name: Deprovision cluster - hosts: localhost - gather_facts: no - tasks: - - community.general.proxmox_kvm: - api_host: "{{ proxmox_api_host }}" - api_user: "{{ lookup('env','PM_USER') }}" - api_password: "{{ lookup('env','PM_PASSWORD') }}" - name: "{{ item }}" - node: "{{ hostvars[item].node }}" - vmid: "{{ hostvars[item].id }}" - state: stopped - force: yes - timeout: 500 - with_inventory_hostnames: - - primary - - control_plane - - workers - - community.general.proxmox_kvm: - api_host: "{{ proxmox_api_host }}" - api_user: "{{ lookup('env','PM_USER') }}" - api_password: "{{ lookup('env','PM_PASSWORD') }}" - name: "{{ item }}" - node: "{{ hostvars[item].node }}" - vmid: "{{ hostvars[item].id }}" - state: absent - force: yes - timeout: 500 - with_inventory_hostnames: - - primary - - control_plane - - workers \ No newline at end of file diff --git a/build-cluster/inventory.yaml b/build-cluster/inventory.yaml deleted file mode 100644 index 7333887..0000000 --- a/build-cluster/inventory.yaml +++ /dev/null @@ -1,44 +0,0 @@ -all: - vars: - cp_fqdn: nc_cp.home.thejimnicholson.com - proxmox_api_host: pve.home.thejimnicholson.com - pdns_api: 10.0.96.30 - pdns_dom: home.thejimnicholson.com - cloudinit_img: centos-8-cloudimg - children: - primary: - hosts: - nc001: - mem: 4096 - node: pve - id: 3001 - ip: "10.0.96.111" - control_plane: - hosts: - nc002: - node: pve2 - mem: 4096 - id: 3002 - ip: "10.0.96.112" - nc003: - node: pve3 - mem: 4096 - id: 3003 - ip: "10.0.96.113" - workers: - hosts: - nc004: - node: pve - mem: 8192 - id: 3004 - ip: "10.0.96.114" - nc005: - node: pve2 - mem: 8192 - id: 3005 - ip: "10.0.96.115" - nc006: - node: pve3 - mem: 8192 - id: 3006 - ip: "10.0.96.116" diff --git a/build-cluster/prepare-cluster-nodes.yaml b/build-cluster/prepare-cluster-nodes.yaml deleted file mode 100644 index ef7a8b3..0000000 --- a/build-cluster/prepare-cluster-nodes.yaml +++ /dev/null @@ -1,47 +0,0 @@ -- name: Prep cluster nodes - hosts: - - primary - - control_plane - - workers - tasks: - - name: Set hostname - ansible.builtin.hostname: - name: "{{ inventory_hostname }}" - become: true - - name: Set timezone - community.general.timezone: - name: America/Los_Angeles - become: true - - name: Disable swap - shell: swapoff -a - become: true - - name: Disable swap in fstab - replace: - path: /etc/fstab - regexp: '^([^#].*?\sswap\s+sw\s+.*)$' - replace: '# \1' - become: true - - name: Add GPG for elrepo - ansible.builtin.rpm_key: - state: present - key: https://www.elrepo.org/RPM-GPG-KEY-elrepo.org - become: true - - name : Set up elrepo - dnf: - name: https://www.elrepo.org/elrepo-release-8.el8.elrepo.noarch.rpm - state: present - become: true - - name: Install kernel upgrade - dnf: - enablerepo: elrepo-kernel - name: kernel-ml - state: present - become: true - - name: Install iscsi drivers - dnf: - name: iscsi-initiator-utils - state: present - become: true - - name: Reboot servers - reboot: - become: true \ No newline at end of file diff --git a/build-cluster/roles/k3s-cluster-installer/tasks/prep.yaml b/build-cluster/roles/k3s-cluster-installer/tasks/prep.yaml deleted file mode 100644 index 11d1c2c..0000000 --- a/build-cluster/roles/k3s-cluster-installer/tasks/prep.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -- name: Create config directory - file: - path: /etc/rancher/k3s - state: directory - owner: root - group: root - mode: 0755 - become: true -- name: Disable NetworkManager for container networks - copy: - src: flannel.conf - dest: /etc/NetworkManager/conf.d/flannel.conf - owner: root - group: root - mode: 0644 - become: true - register: nm_update -- name: Restart NetworkManager - systemd: - name: NetworkManager - state: restarted - become: true - when: nm_update.changed -- name: Airgap optional tasks - block: - - debug: - msg: "Airgap tasks go here" - when: airgap_install diff --git a/requirements.in b/requirements.in new file mode 100644 index 0000000..2a462c8 --- /dev/null +++ b/requirements.in @@ -0,0 +1,5 @@ +ansible +PyYaml +ansible-lint +proxmoxer +requests \ No newline at end of file