begin k8s setup

2022-10-23 19:58:01 +13:00 · 2022-10-23 19:58:01 +13:00 · 31157afa57
commit 31157afa57
parent 020efcc3bb
2 changed files with 86 additions and 18 deletions
--- a/ansible/inventory/inventory.yaml
+++ b/ansible/inventory/inventory.yaml
@ -4,32 +4,81 @@ all:
      children:
        hypervisors:
          hosts:
-            server:
+            - server
-              ansible_host: server.balsillie.net
+            - lab
-            lab:
+            - hv00
              ansible_host: lab.balsillie.net
        vms:
          children:
            nodes:
              hosts:
-                node1:
+                - node1
-                  ansible_host: node1.balsillie.net
+                - node2
-                node2:
+                - node3
                  ansible_host: node2.balsillie.net
                node3:
                  ansible_host: node3.balsillie.net
          hosts:
-            router:
+            - router
-              ansible_host: router.balsillie.net
+    hetzner:
      hosts:
        - hv00
        - firewall00
    k8s:
      children:
        k8s_control:
          hosts:
            - kube00
            - kube01
            - kube02
        k8s_taint:
          hosts:
            - kube00
            - kube01
            - kube02
        k8s_worker:
          hosts:
            - kube00
            - kube01
            - kube02        
    firewalls:
      children:
        fortigate:
          hosts:
            - fortigate00
        opnsense:
          hosts:
            - firewall00
    switches:
      hosts:
        - switch00
    workstations:
      children:
        arch:
          hosts:
-            lat5420:
+            - lat5420
-              ansible_host: lat5420.balsillie.net
+            - sff
            sff:
              ansible_host: sff.balsillie.net
        windows:
          hosts:
-            bridie:
+            - bridie
-              ansible_host: bridie.balsillie.net
+  hosts:
    server:
      ansible_host: server.balsillie.net
    lab:
      ansible_host: lab.balsillie.net
    hv00:
      ansible_host: server.balsillie.net
    bridie:
      ansible_host: bridie.balsillie.net
    lat5420:
      ansible_host: lat5420.balsillie.net
    sff:
      ansible_host: sff.balsillie.net
    node1:
      ansible_host: node1.balsillie.net
    node2:
      ansible_host: node2.balsillie.net
    node3:
      ansible_host: node3.balsillie.net
    router:
      ansible_host: router.balsillie.net
    firewall00:
      ansible_host: firewall.balsillie.net
    fortigate00:
      ansible_host: fortigate.balsillie.net
--- a/ansible/playbooks/k8s.yaml
+++ b/ansible/playbooks/k8s.yaml
@ -0,0 +1,19 @@
 ---
 - name: python bootstrap
  hosts: k8s
  gather_facts: false
  become: true
  roles:
    - python-install
 - name: ssh hardening
  hosts: k8s
  gather_facts: true
  become: true
  roles:
    - sshd
 - name: configure control plane
  hosts: k8s_control
  gather_facts: true
  become: false
  roles:
    - k8s_control