begin k8s setup
This commit is contained in:
parent
020efcc3bb
commit
31157afa57
@ -4,32 +4,81 @@ all:
|
|||||||
children:
|
children:
|
||||||
hypervisors:
|
hypervisors:
|
||||||
hosts:
|
hosts:
|
||||||
server:
|
- server
|
||||||
ansible_host: server.balsillie.net
|
- lab
|
||||||
lab:
|
- hv00
|
||||||
ansible_host: lab.balsillie.net
|
|
||||||
vms:
|
vms:
|
||||||
children:
|
children:
|
||||||
nodes:
|
nodes:
|
||||||
hosts:
|
hosts:
|
||||||
|
- node1
|
||||||
|
- node2
|
||||||
|
- node3
|
||||||
|
hosts:
|
||||||
|
- router
|
||||||
|
hetzner:
|
||||||
|
hosts:
|
||||||
|
- hv00
|
||||||
|
- firewall00
|
||||||
|
k8s:
|
||||||
|
children:
|
||||||
|
k8s_control:
|
||||||
|
hosts:
|
||||||
|
- kube00
|
||||||
|
- kube01
|
||||||
|
- kube02
|
||||||
|
k8s_taint:
|
||||||
|
hosts:
|
||||||
|
- kube00
|
||||||
|
- kube01
|
||||||
|
- kube02
|
||||||
|
k8s_worker:
|
||||||
|
hosts:
|
||||||
|
- kube00
|
||||||
|
- kube01
|
||||||
|
- kube02
|
||||||
|
firewalls:
|
||||||
|
children:
|
||||||
|
fortigate:
|
||||||
|
hosts:
|
||||||
|
- fortigate00
|
||||||
|
opnsense:
|
||||||
|
hosts:
|
||||||
|
- firewall00
|
||||||
|
switches:
|
||||||
|
hosts:
|
||||||
|
- switch00
|
||||||
|
workstations:
|
||||||
|
children:
|
||||||
|
arch:
|
||||||
|
hosts:
|
||||||
|
- lat5420
|
||||||
|
- sff
|
||||||
|
windows:
|
||||||
|
hosts:
|
||||||
|
- bridie
|
||||||
|
hosts:
|
||||||
|
server:
|
||||||
|
ansible_host: server.balsillie.net
|
||||||
|
lab:
|
||||||
|
ansible_host: lab.balsillie.net
|
||||||
|
hv00:
|
||||||
|
ansible_host: server.balsillie.net
|
||||||
|
bridie:
|
||||||
|
ansible_host: bridie.balsillie.net
|
||||||
|
lat5420:
|
||||||
|
ansible_host: lat5420.balsillie.net
|
||||||
|
sff:
|
||||||
|
ansible_host: sff.balsillie.net
|
||||||
node1:
|
node1:
|
||||||
ansible_host: node1.balsillie.net
|
ansible_host: node1.balsillie.net
|
||||||
node2:
|
node2:
|
||||||
ansible_host: node2.balsillie.net
|
ansible_host: node2.balsillie.net
|
||||||
node3:
|
node3:
|
||||||
ansible_host: node3.balsillie.net
|
ansible_host: node3.balsillie.net
|
||||||
hosts:
|
|
||||||
router:
|
router:
|
||||||
ansible_host: router.balsillie.net
|
ansible_host: router.balsillie.net
|
||||||
workstations:
|
firewall00:
|
||||||
children:
|
ansible_host: firewall.balsillie.net
|
||||||
arch:
|
fortigate00:
|
||||||
hosts:
|
ansible_host: fortigate.balsillie.net
|
||||||
lat5420:
|
|
||||||
ansible_host: lat5420.balsillie.net
|
|
||||||
sff:
|
|
||||||
ansible_host: sff.balsillie.net
|
|
||||||
windows:
|
|
||||||
hosts:
|
|
||||||
bridie:
|
|
||||||
ansible_host: bridie.balsillie.net
|
|
||||||
|
19
ansible/playbooks/k8s.yaml
Normal file
19
ansible/playbooks/k8s.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
---
|
||||||
|
- name: python bootstrap
|
||||||
|
hosts: k8s
|
||||||
|
gather_facts: false
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- python-install
|
||||||
|
- name: ssh hardening
|
||||||
|
hosts: k8s
|
||||||
|
gather_facts: true
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- sshd
|
||||||
|
- name: configure control plane
|
||||||
|
hosts: k8s_control
|
||||||
|
gather_facts: true
|
||||||
|
become: false
|
||||||
|
roles:
|
||||||
|
- k8s_control
|
Loading…
Reference in New Issue
Block a user