From 194fe4bf244edd8cc5d002966afb51dde04f2a05 Mon Sep 17 00:00:00 2001 From: holden093 Date: Sat, 5 Jul 2025 13:22:00 +0200 Subject: [PATCH] test --- .env.example | 13 +++++ README.md | 6 ++- ansible/k8s-install-deps.yaml | 98 +++++++++++++++++------------------ ansible/longhorn-deps.yaml | 50 ++++++++---------- ansible/master-k8s.yaml | 3 -- redbutton.sh | 28 ++++------ 6 files changed, 95 insertions(+), 103 deletions(-) create mode 100644 .env.example delete mode 100644 ansible/master-k8s.yaml diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..ec844fd --- /dev/null +++ b/.env.example @@ -0,0 +1,13 @@ +export KUBE_USER="ubuntu" +export PRIVATE_KEY_PATH="$HOME/.ssh/id_ed25519" +export KUBE_CP="k8s-control-plane" +## Add workers to this list! +export KUBE_WORKERS=("k8s-worker1") +export ANSIBLE_DIR="ansible" +export POD_NET_CIDR="192.168.0.0/16" +export CNI_VER="v3.30.2" +export API_ADDR=$(getent hosts "$KUBE_CP" | awk '{ print $1 }') +export ACME_MAIL="name@mail.example" +export IP_POOL_RANGE="192.168.1.10-192.168.1.20" +export LOAD_BALANCER_IP="192.168.1.10" +export LONGHORN_DNS_NAME="longhorn.domain.tld" \ No newline at end of file diff --git a/README.md b/README.md index f33adb4..60a0c18 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ This guide describes how to deploy a Kubernetes cluster tailored to my environment using the provided `redbutton.sh` script. -Just be sure to edit the variables in the `redbutton.sh` script. I think you can scale this out by adding more hosts and adjusting the for loop but I haven't tried it yet. I needed three machines and that is what I worked with. +Just be sure to edit the variables in the `redbutton.sh` script. I think you can scale this out by adding more hosts and adjusting the for loop but I haven't tried it yet. I needed four machines and that is what I worked with. ## ⚙️ Pre-requisites @@ -29,7 +29,9 @@ This setup will create a Kubernetes cluster with the following topology and comp To initiate the deployment, run the provided script: ```bash -echo "CF_API=YourSuperSecretAPIKey" > .env +cp .env.example .env + +echo "export CF_API=YourSuperSecretAPIKey" >> .env chmod +x redbutton.sh diff --git a/ansible/k8s-install-deps.yaml b/ansible/k8s-install-deps.yaml index b12e814..a5827b9 100644 --- a/ansible/k8s-install-deps.yaml +++ b/ansible/k8s-install-deps.yaml @@ -3,100 +3,96 @@ become: true tasks: - - name: Ensure apt cache is updated - apt: - update_cache: yes - cache_valid_time: 3600 + - name: Add Docker signing key + ansible.builtin.apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + + - name: Add Docker repository + ansible.builtin.apt_repository: + repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu noble stable + state: present - name: Install required packages - apt: + ansible.builtin.apt: name: - apt-transport-https - ca-certificates - curl - gpg - - containerd + - containerd.io state: present + update_cache: yes ## Questo non è nella documentazione! bisogna generare il file di configurazione di containerd -## ed scriverlo nella directory apposita, altrimenti usa un suo default che non va bene +## ed scriverlo nella directory apposita, altrimenti usa un suo default che non va bene. - - name: Ensure containerd config directory exists - file: + - name: Ensure containerd config directory exists. + ansible.builtin.file: path: /etc/containerd state: directory - mode: '0755' - - name: Generate default containerd config if missing - command: containerd config default - register: containerd_config - when: not lookup('file', '/etc/containerd/config.toml', errors='ignore') - changed_when: false + - name: Get defaults from containerd. + ansible.builtin.command: containerd config default + register: containerd_config_default - - name: Write default containerd config - copy: - content: "{{ containerd_config.stdout }}" + - name: Create config file + ansible.builtin.copy: + content: "{{ containerd_config_default.stdout }}" dest: /etc/containerd/config.toml - when: containerd_config is defined - - name: Set SystemdCgroup = true in containerd config - replace: + - name: Set SystemdCgroup to true + ansible.builtin.replace: path: /etc/containerd/config.toml - regexp: '^(\s*SystemdCgroup\s*=\s*)false' - replace: '\1true' + regexp: '^(\s*)SystemdCgroup\s*=\s*false' + replace: '\1SystemdCgroup = true' - name: Restart containerd - systemd: + ansible.builtin.service: name: containerd state: restarted - enabled: yes - + enabled: true + ## Importantissimo per la gestione interna della network - name: Enable IPv4 forwarding at runtime - sysctl: + ansible.posix.sysctl: name: net.ipv4.ip_forward value: '1' - state: present - reload: yes + reload: true sysctl_set: yes ## Installa kubectl, kubeadm e kubelet dal repo ufficiale kubernetes - - name: Create /etc/apt/keyrings directory - file: - path: /etc/apt/keyrings - state: directory - mode: '0755' + - name: Add Kubernetes signing key + ansible.builtin.apt_key: + url: https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key + state: present - - name: Download and save the Kubernetes APT key - ansible.builtin.shell: | - curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg - args: - creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg - - - name: Add Kubernetes APT repository - copy: - dest: /etc/apt/sources.list.d/kubernetes.list - content: | - deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ / - - - name: Update apt cache after adding Kubernetes repo - apt: - update_cache: yes + - name: Add Kubernetes repository + ansible.builtin.apt_repository: + repo: deb [arch=amd64] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ / + state: present - name: Install Kubernetes components - apt: + ansible.builtin.apt: name: - kubelet - kubeadm - kubectl state: present + update_cache: true ## Ferma i pacchetti ad una specifica versione - name: Hold Kubernetes packages - ansible.builtin.shell: apt-mark hold kubelet kubeadm kubectl + ansible.builtin.dpkg_selections: + name: "{{ item }}" + selection: hold + loop: + - kubelet + - kubeadm + - kubectl ## Abilita il servizio di kubelet diff --git a/ansible/longhorn-deps.yaml b/ansible/longhorn-deps.yaml index 9e06411..4b4f71a 100644 --- a/ansible/longhorn-deps.yaml +++ b/ansible/longhorn-deps.yaml @@ -3,9 +3,8 @@ hosts: all become: true tasks: - - name: Install required packages - apt: + ansible.builtin.apt: name: - open-iscsi - nfs-common @@ -14,39 +13,34 @@ state: present update_cache: yes - - name: Ensure iscsi_tcp kernel module is loaded - modprobe: - name: iscsi_tcp + - name: Ensure required kernel modules are loaded + community.general.modprobe: + name: "{{ item }}" state: present + loop: + - iscsi_tcp + - dm_crypt - - name: Ensure dm_crypt kernel module is loaded - modprobe: - name: dm_crypt - state: present - - - name: Ensure iscsi_tcp module loads on boot - copy: - dest: /etc/modules-load.d/iscsi.conf - content: | - iscsi_tcp - owner: root - group: root - mode: '0644' - - - name: Ensure dm_crypt module loads on boot - copy: - dest: /etc/modules-load.d/dm_crypt.conf - content: | - dm_crypt + - name: Ensure required modules load on boot + ansible.builtin.copy: + content: "{{ item.name }}" + dest: "/etc/modules-load.d/{{ item.name }}.conf" owner: root group: root mode: '0644' + loop: + - { name: iscsi_tcp } + - { name: dm_crypt } - name: Disable and stop multipathd service - systemd: + ansible.builtin.systemd_service: name: multipathd + state: stopped + enabled: false + + - name: Disable multipathd socket (if exists) + ansible.builtin.systemd_service: + name: multipathd.socket enabled: false state: stopped - masked: true - daemon_reload: yes - ignore_errors: true + ignore_errors: true \ No newline at end of file diff --git a/ansible/master-k8s.yaml b/ansible/master-k8s.yaml deleted file mode 100644 index bb09b29..0000000 --- a/ansible/master-k8s.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# master-k8s.yaml -- import_playbook: k8s-install-deps.yaml -- import_playbook: longhorn-deps.yaml \ No newline at end of file diff --git a/redbutton.sh b/redbutton.sh index 5cb4375..40fab26 100755 --- a/redbutton.sh +++ b/redbutton.sh @@ -1,28 +1,18 @@ #!/bin/bash source .env -KUBE_USER="ubuntu" -PRIVATE_KEY_PATH="$HOME/.ssh/id_ed25519" -KUBE_CP="k8s-control-plane" -KUBE_W1="k8s-worker1" -KUBE_W2="k8s-worker2" -ANSIBLE_DIR="ansible" -POD_NET_CIDR="192.168.0.0/16" -CNI_VER="v3.30.2" -API_ADDR=$(getent hosts "$KUBE_CP" | awk '{ print $1 }') -LOAD_BALANCER_IP="10.50.3.30" -## Variables for envsubst - -export ACME_MAIL="kevin@nixit.it" -export IP_POOL_RANGE="10.50.3.30-10.50.3.40" -export LONGHORN_DNS_NAME="longhorn.nixit.it" +ALL_NODES=("$KUBE_CP" "${KUBE_WORKERS[@]}") ## Prepare all of the nodes with k8s using the ansible playbooks I prepared -ansible-playbook ./"$ANSIBLE_DIR"/master-k8s.yaml \ - -i "$KUBE_CP,$KUBE_W1,$KUBE_W2," \ - -e "k8s-control-plane=["$KUBE_CP"] k8s_nodes=["$KUBE_W1","$KUBE_W2"]" \ +ansible-playbook ./"$ANSIBLE_DIR"/k8s-install-deps.yaml \ + -i "$(IFS=, ; echo "${ALL_NODES[*]}",)" \ + -u "$KUBE_USER" \ + --private-key "$PRIVATE_KEY_PATH" + +ansible-playbook ./"$ANSIBLE_DIR"/longhorn-deps.yaml \ + -i "$(IFS=, ; echo "${KUBE_WORKERS[*]}",)" \ -u "$KUBE_USER" \ --private-key "$PRIVATE_KEY_PATH" @@ -51,7 +41,7 @@ kubectl apply -f \ JOIN_TOKEN=$(ssh "$KUBE_USER@$KUBE_CP" \ "sudo kubeadm token create --print-join-command") -for NODE in "$KUBE_W1" "$KUBE_W2"; do +for NODE in "${KUBE_WORKERS[@]}"; do echo "Joining $NODE" ssh "$KUBE_USER@$NODE" "sudo $JOIN_TOKEN" done