From baf38acb14c295f0a25d02129729b417c7b965fb Mon Sep 17 00:00:00 2001 From: root Date: Wed, 3 Mar 2021 12:07:40 +0100 Subject: [PATCH] First working version --- deploy_vms.yml | 12 ++++++ hosts | 14 +++++++ k8s_init.yml | 13 +++++++ roles/deploy/defaults/main.yaml | 8 ++++ roles/deploy/tasks/main.yml | 56 +++++++++++++++++++++++++++ roles/deploy/vars/main.yaml | 15 ++++++++ roles/k8s-common/tasks/main.yml | 67 +++++++++++++++++++++++++++++++++ roles/k8s-master/tasks/main.yml | 40 ++++++++++++++++++++ roles/k8s-worker/tasks/main.yml | 7 ++++ 9 files changed, 232 insertions(+) create mode 100644 deploy_vms.yml create mode 100644 hosts create mode 100644 k8s_init.yml create mode 100644 roles/deploy/defaults/main.yaml create mode 100644 roles/deploy/tasks/main.yml create mode 100644 roles/deploy/vars/main.yaml create mode 100644 roles/k8s-common/tasks/main.yml create mode 100644 roles/k8s-master/tasks/main.yml create mode 100644 roles/k8s-worker/tasks/main.yml diff --git a/deploy_vms.yml b/deploy_vms.yml new file mode 100644 index 0000000..fd51585 --- /dev/null +++ b/deploy_vms.yml @@ -0,0 +1,12 @@ +- hosts: h61 + vars_prompt: + - name: PV_password + prompt: “Node Password” + private: yes + vars: + VM_template: centos-8-small + VM_name: k8s + user: root + gather_facts: false + roles: + - deploy diff --git a/hosts b/hosts new file mode 100644 index 0000000..8434097 --- /dev/null +++ b/hosts @@ -0,0 +1,14 @@ +[proxmox] +h61 ansible_ssh_host=192.168.0.103 + +[k8s] +192.168.0.16[0:2] + +[masters] +192.168.0.160 + +[workers] +192.168.0.16[1:2] + +[all:vars] +ansible_ssh_extra_args='-o StrictHostKeyChecking=no' diff --git a/k8s_init.yml b/k8s_init.yml new file mode 100644 index 0000000..56d3fc8 --- /dev/null +++ b/k8s_init.yml @@ -0,0 +1,13 @@ +- hosts: k8s + user: root + gather_facts: false + roles: + - k8s-common +- hosts: masters + user: root + roles: + - k8s-master +- hosts: workers + user: root + roles: + - k8s-worker diff --git a/roles/deploy/defaults/main.yaml b/roles/deploy/defaults/main.yaml new file mode 100644 index 0000000..40ffc5c --- /dev/null +++ b/roles/deploy/defaults/main.yaml @@ -0,0 +1,8 @@ +--- +# defaults file for proxmox_deploy +VM_template: debian-10-template +default_disk: virtio0 +default_interface: ens18 +default_volume: /dev/vda +default_partition: 2 +template_name: template-debian-deployment diff --git a/roles/deploy/tasks/main.yml b/roles/deploy/tasks/main.yml new file mode 100644 index 0000000..657ab7e --- /dev/null +++ b/roles/deploy/tasks/main.yml @@ -0,0 +1,56 @@ +--- +# tasks file for proxmox_deploy +- name: Cloning virtual machine from "{{ VM_template }}" with name "{{ VM_name }}" + proxmox_kvm: + api_user : root@pam + api_password: "{{ PV_password }}" + api_host : px2 + name : "{{ VM_name }}-{{ item }}" + node : px2 + vmid: 9000 + clone: "{{ VM_template }}" + timeout: 300 + tags: provission,test + loop: "{{ range(0, 3, 1)|list }}" +#- name: starting new Virtual Machine to change IPv4 configuration, it is necessary +# proxmox_kvm: +# api_user : root@pam +# api_password: “{{ PV_password }}” +# api_host : “{{ default_proxmox_node }}” +# name : “{{ VM_name }}” +# node : “{{ default_proxmox_node }}” +# state : started +# timeout: 300 +# when: ‘“{{ VM_INCREASE_DISK }}” != “0”’ +# register: wait +# tags: provission +- name: copy ssh public key to host + copy: + src: /root/.ssh/id_rsa.pub + dest: /root/.ssh/root_c200.pub + owner: root + group: root + mode: 0600 +- name: set ssh keys for Virtual Machine + shell: A=$(qm list |grep "{{ VM_name }}-{{ item }}" | awk '{print $1}'); qm set $A --sshkey /root/.ssh/root_c200.pub --ciuser root + loop: "{{ range(0, 3, 1)|list }}" + tags: provission +- name: Loading set up for Virtual Machine. Assigning IP for Virtual Machine + shell: A=$(qm list |grep "{{ VM_name }}-{{ item }}" | awk '{print $1}'); qm set $A --ipconfig0 'ip=192.168.0.16{{ item }}/24,gw=192.168.0.253' --nameserver '192.168.0.253' --memory 2048 --cores 2 + loop: "{{ range(0, 3, 1)|list }}" + tags: provission +- name: Regenerate cloudinit + shell: A=$(qm list |grep "{{ VM_name }}-{{ item }}" | awk '{print $1}'); qm set $A --ide2 local-lvm:cloudinit + loop: "{{ range(0, 3, 1)|list }}" + tags: provission +- name: starting new Virtual Machine in current proxmox node + proxmox_kvm: + api_user : root@pam + api_password: "{{ PV_password }}" + api_host : px2 + name : "{{ VM_name }}-{{ item }}" + node : px2 + state : started + timeout: 300 + tags: provission + loop: "{{ range(0, 3, 1)|list }}" diff --git a/roles/deploy/vars/main.yaml b/roles/deploy/vars/main.yaml new file mode 100644 index 0000000..68c95e9 --- /dev/null +++ b/roles/deploy/vars/main.yaml @@ -0,0 +1,15 @@ +# vars file for proxmox_deploy +vlan10: + params: + netmask: 24 + vmbr: 0 + gateway: 192.168.2.1 + dnsservers: “192.168.2.253 192.168.2.254” + searchdomain: vectops.com +vlan11: + params: + netmask: 24 + vmbr: 1 + gateway: 192.168.3.130 + dnsservers: “192.168.3.253 192.168.3.254” + searchdomain: vectops.com diff --git a/roles/k8s-common/tasks/main.yml b/roles/k8s-common/tasks/main.yml new file mode 100644 index 0000000..0e6d660 --- /dev/null +++ b/roles/k8s-common/tasks/main.yml @@ -0,0 +1,67 @@ +--- +- name: Disable SELinux + selinux: + state: disabled +#- name: Disable SELinux again +# shell: setenforce 0 +- name: install firewalld + yum: + name: firewalld + state: latest +- name: Start Firewalld + ansible.builtin.systemd: + name: firewalld + state: started + enabled: yes +- name: Allow kube API server + firewalld: + port: 6443/tcp + permanent: yes + state: enabled +- name: enable etcd ports + firewalld: + port: 2379-2380/tcp + permanent: yes + state: enabled +- name: enable etcd ports + firewalld: + port: 10250-10255/tcp + permanent: yes + state: enabled +- name: Add the br_netfilter module + modprobe: + name: br_netfilter + state: present +- name: bridge + shell: "echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables" +- name: Docker Repo + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: /etc/yum.repos.d/docker-ce.repo +- name: Install docker + yum: + name: + - docker-ce-20.10.* + - docker-ce-cli + - containerd.io + state: present +- name: Docker daemon + systemd: + name: docker + enabled: yes + state: started +- name: Add K8s repo + yum_repository: + name: kubernetes + description: K8s Repo + baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 + gpgcakey: 'https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg' +- name: Install kubeadm + yum: + name: kubeadm + state: present +- name: Enable kubelet + systemd: + name: kubelet + enabled: yes + state: started diff --git a/roles/k8s-master/tasks/main.yml b/roles/k8s-master/tasks/main.yml new file mode 100644 index 0000000..3eec419 --- /dev/null +++ b/roles/k8s-master/tasks/main.yml @@ -0,0 +1,40 @@ +--- +- name: Init cluster + shell: kubeadm init --pod-network-cidr=10.10.0.0/16 --ignore-preflight-errors=all + +- name: Get kube-router + get_url: + url: https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter-all-features.yaml + dest: /tmp/kubeadm-kuberouter-all-features.yaml + +- name: Install python + yum: + name: + - python3 + - python3-pip + state: present + +- name: Install kubernetes python package + pip: + name: + - kubernetes==11.0 + - openshift + +- name: Apply Kube-router + k8s: + state: present + kubeconfig: /etc/kubernetes/admin.conf + src: /tmp/kubeadm-kuberouter-all-features.yaml + +- name: Get join token + command: kubeadm token create --print-join-command + register: found_join_token + retries: 30 + delay: 5 + until: found_join_token.rc == 0 + become: true + +- name: Save join token + set_fact: + k8s_join_token: "{{ found_join_token.stdout }}" + diff --git a/roles/k8s-worker/tasks/main.yml b/roles/k8s-worker/tasks/main.yml new file mode 100644 index 0000000..bdd5eeb --- /dev/null +++ b/roles/k8s-worker/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Set k3s master facts + set_fact: + node_join_token: "{{ hostvars[groups['masters'][0]]['k8s_join_token'] }}" + +- name: Join cluster + shell: "{{ node_join_token }}"