added deploy script

README.md

@@ -1,12 +1,12 @@
 # Kubernetes Cluster Deployment Guide
 
-This guide describes how to deploy a Kubernetes cluster tailored to your environment using the provided `init-deploy.sh` script.
+This guide describes how to deploy a Kubernetes cluster tailored to your environment using the provided `redbutton.sh` script.
 
 ## ⚙️ Pre-requisites
 
 Before running the deployment script, ensure the following are in place:
 
-- `kubectl` is installed on your local machine
+- `kubectl` and `helm` are installed on your local machine
 - The remote user can execute `sudo` commands **without a password prompt**
 - SSH host keys of the target nodes are already added to your system (to avoid interactive confirmation prompts)
 
@@ -17,7 +17,8 @@ This setup will create a Kubernetes cluster with the following topology and comp
 - **1 Control Plane Node**
 - **2 Worker Nodes**
 - **Calico** as the CNI (Container Network Interface)
-- **MetalLB** as the cloud load balancer for bare metal services
+- **MetalLB** as the cloud load balancer for bare metal services (change the configmap to adapt it to your network)
+- **Traefik** as the ingress controller on IP 10.50.3.30 (change it in the values.yaml to adapt it to your network)
 - **Longhorn** as the persistent storage provider
 
 ## 🚀 How to Deploy
@@ -26,4 +27,6 @@ To initiate the deployment, run the provided script:
 
 ```bash
 chmod +x init-deploy.sh
-./init-deploy.sh
+chmod +x helm-deploy.sh
+chmod +x redbutton.sh
+./redbutton.sh

ansible/longhorn-reqs.yaml

@@ -9,6 +9,8 @@
         name:
           - open-iscsi
           - nfs-common
+          - cryptsetup
+          - dmsetup
         state: present
         update_cache: yes
 
@@ -17,6 +19,11 @@
         name: iscsi_tcp
         state: present
 
+    - name: Ensure dm_crypt kernel module is loaded
+      modprobe:
+        name: dm_crypt
+        state: present
+
     - name: Ensure iscsi_tcp module loads on boot
       copy:
         dest: /etc/modules-load.d/iscsi.conf
@@ -26,6 +33,15 @@
         group: root
         mode: '0644'
 
+    - name: Ensure dm_crypt module loads on boot
+      copy:
+        dest: /etc/modules-load.d/dm_crypt.conf
+        content: |
+          dm_crypt
+        owner: root
+        group: root
+        mode: '0644'
+
     - name: Disable and stop multipathd service
       systemd:
         name: multipathd

helm-deploy.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+## Setup MetalLb repo
+helm repo add metallb https://metallb.github.io/metallb
+helm repo update
+helm install metallb metallb/metallb -n metallb-system --create-namespace
+
+echo "Waiting for all the pods to start..."
+
+kubectl wait --namespace metallb-system \
+  --for=condition=Ready pod \
+  --all \
+  --timeout=120s
+
+## Apply the load-balancer IPs
+kubectl apply -f manifests/metallb/metallb-config.yaml
+
+## Setup traefik repo
+helm repo add traefik https://traefik.github.io/charts
+helm repo update
+helm install traefik traefik/traefik -n traefik -f ./manifests/traefik/values.yaml --create-namespace
+
+## Setup MetalLb repo
+helm repo add longhorn https://charts.longhorn.io
+helm repo update
+helm install longhorn longhorn/longhorn -n longhorn-system --create-namespace
+
+echo "Waiting for all the pods to start..."
+
+kubectl wait --namespace longhorn-system \
+  --for=condition=Ready pod \
+  --all \
+  --timeout=120s
+
+## Apply ingress rule
+kubectl apply -f manifests/longhorn/longhorn-ingress.yaml

manifests/metallb/metallb-config.yaml

@@ -0,0 +1,15 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: ip-pool
+  namespace: metallb-system
+spec:
+  addresses:
+    - 10.50.3.30-10.50.3.40
+
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: l2
+  namespace: metallb-system

manifests/traefik/values.yaml

@@ -1,3 +1,8 @@
+service:
+  spec:
+    externalTrafficPolicy: Local
+    loadBalancerIP: 10.50.3.30
+
 ports:
   web:
     redirections:

redbutton.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+./init-deploy.sh
+./helm-deploy.sh