michael/IaC
1
0
Fork 0
Code Packages

not sure was tired

Browse Source
This commit is contained in:
michael 2022-12-06 12:48:15 +13:00
parent 970576cbb9
commit 4ff4a3198e
6 changed files with 38 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,6 +2,7 @@ ansible/vault_password
ansible/inventory/host_vars/*/vault.yaml ansible/inventory/host_vars/*/vault.yaml
ansible/roles/k8s_network/files/calico ansible/roles/k8s_network/files/calico
ansible/roles/k8s_storage_rook/files/rook ansible/roles/k8s_storage_rook/files/rook
ansible/roles/k8s_control/files/core-dns
ansible/roles/k8s_storage_ebs_manifests/files/ebs ansible/roles/k8s_storage_ebs_manifests/files/ebs
.vscode .vscode
*/vault.yaml */vault.yaml

1
ansible/roles/k8s_control/defaults/main.yaml
View File

@ -11,3 +11,4 @@ k8s_v6_pod_cidr: 2a01:4f8:13b:f202::00/64
k8s_v4_service_cidr: 10.96.0.0/16 k8s_v4_service_cidr: 10.96.0.0/16
k8s_v6_service_cidr: 2a01:4f8:13b:f203::00/116 k8s_v6_service_cidr: 2a01:4f8:13b:f203::00/116
local_user: michael local_user: michael
dns_servers: ["192.168.199.254","2a01:4f8:13b:f201::254"]

18
ansible/roles/k8s_control/tasks/main.yaml
View File

@ -66,7 +66,7 @@
ansible.builtin.shell: ansible.builtin.shell:
cmd: | cmd: |
kubeadm init \ kubeadm init \
--control-plane-endpoint {{ k8s_endpoint }} \ --control-plane-endpoint {{ k8s_v4_address }} \
--cri-socket /run/containerd/containerd.sock \ --cri-socket /run/containerd/containerd.sock \
--pod-network-cidr {{ k8s_v4_pod_cidr }},{{ k8s_v6_pod_cidr }} \ --pod-network-cidr {{ k8s_v4_pod_cidr }},{{ k8s_v6_pod_cidr }} \
--service-cidr {{ k8s_v4_service_cidr }},{{ k8s_v6_service_cidr}} \ --service-cidr {{ k8s_v4_service_cidr }},{{ k8s_v6_service_cidr}} \
@ -122,6 +122,22 @@
group: "{{ local_user }}" group: "{{ local_user }}"
mode: 0600 mode: 0600
- name: fix core-dns resolution
delegate_to: localhost
run_once: true
become: false
block:
- name: template out core-dns configmap
ansible.builtin.template:
src: core-dns_configmap.yaml.j2
dest: "{{ ansible_search_path[0] }}/files/core-dns/core-dns_configmap.yaml"
- name: configure coredns to resolve directly from upstream
kubernetes.core.k8s:
src: "{{ ansible_search_path[0] }}/files/core-dns/core-dns_configmap.yaml"
state: present
- name: kubeadm join remaining control plain nodes - name: kubeadm join remaining control plain nodes
when: ansible_host != hostvars[groups['k8s_control'][0]]['ansible_host'] when: ansible_host != hostvars[groups['k8s_control'][0]]['ansible_host']
ansible.builtin.shell: ansible.builtin.shell:

8
ansible/roles/k8s_control/templates/core-dns_configmap.yaml.j2 Normal file
View File

@ -0,0 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
data:
upstreamNameservers: |
{{ dns_servers }}

23
ansible/roles/k8s_network/tasks/main.yaml
View File

@ -37,10 +37,15 @@
calico_default_installation: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[0] | from_yaml }}" calico_default_installation: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[0] | from_yaml }}"
calico_default_apiserver: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[1] | from_yaml }}" calico_default_apiserver: "{{ (calico_file_raw['content'] | b64decode).split(\"---\")[1] | from_yaml }}"
- name: create ipv6 settings for calico config - name: create ip settings for calico config
ansible.builtin.set_fact: ansible.builtin.set_fact:
calico_ipv6: calico_ip:
blockSize: "{{ k8s_v6_network_blocksize }}" - blockSize: "{{ k8s_v4_network_blocksize }}"
cidr: "{{ k8s_v4_pod_cidr }}"
encapsulation: "{{ k8s_network_encapsulation }}"
natOutgoing: "{{ k8s_network_nat }}"
nodeSelector: "all()"
- blockSize: "{{ k8s_v6_network_blocksize }}"
cidr: "{{ k8s_v6_pod_cidr }}" cidr: "{{ k8s_v6_pod_cidr }}"
encapsulation: "{{ k8s_network_encapsulation }}" encapsulation: "{{ k8s_network_encapsulation }}"
natOutgoing: "{{ k8s_network_nat }}" natOutgoing: "{{ k8s_network_nat }}"
@ -49,18 +54,8 @@
- name: update calico installation settings to desired values - name: update calico installation settings to desired values
ansible.utils.update_fact: ansible.utils.update_fact:
updates: updates:
- path: calico_default_installation.spec.calicoNetwork.ipPools[0].blockSize
value: "{{ k8s_v4_network_blocksize }}"
- path: calico_default_installation.spec.calicoNetwork.ipPools[0].cidr
value: "{{ k8s_v4_pod_cidr }}"
- path: calico_default_installation.spec.calicoNetwork.ipPools[0].encapsulation
value: "{{ k8s_network_encapsulation }}"
- path: calico_default_installation.spec.calicoNetwork.ipPools[0].natOutgoing
value: "{{ k8s_network_nat }}"
- path: calico_default_installation.spec.calicoNetwork.ipPools[0].nodeSelector
value: "all()"
- path: calico_default_installation.spec.calicoNetwork.ipPools - path: calico_default_installation.spec.calicoNetwork.ipPools
value: "{{ calico_default_installation.spec.calicoNetwork.ipPools + [ calico_ipv6 ] }}" value: "{{ calico_ip }}"
- path: calico_default_installation.spec.calicoNetwork.bgp - path: calico_default_installation.spec.calicoNetwork.bgp
value: "{{ k8s_network_bgp }}" value: "{{ k8s_network_bgp }}"
- path: calico_default_installation.spec.calicoNetwork.linuxDataplane - path: calico_default_installation.spec.calicoNetwork.linuxDataplane

1
ansible/roles/k8s_storage_ebs_deploy/tasks/disks.yaml
View File

@ -2,6 +2,7 @@
- name: setup disks on storage nodes - name: setup disks on storage nodes
delegate_to: "{{ node }}" delegate_to: "{{ node }}"
delegate_facts: true delegate_facts: true
become: true
block: block:
- name: ensure parted is installed - name: ensure parted is installed