holden093/k8s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
holden093
2025-07-05 13:22:00 +02:00
parent 6e99cd64f9
commit 194fe4bf24
6 changed files with 95 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.env.example Normal file
View File

@ -0,0 +1,13 @@
export KUBE_USER="ubuntu"
export PRIVATE_KEY_PATH="$HOME/.ssh/id_ed25519"
export KUBE_CP="k8s-control-plane"
## Add workers to this list!
export KUBE_WORKERS=("k8s-worker1")
export ANSIBLE_DIR="ansible"
export POD_NET_CIDR="192.168.0.0/16"
export CNI_VER="v3.30.2"
export API_ADDR=$(getent hosts "$KUBE_CP" | awk '{ print $1 }')
export ACME_MAIL="name@mail.example"
export IP_POOL_RANGE="192.168.1.10-192.168.1.20"
export LOAD_BALANCER_IP="192.168.1.10"
export LONGHORN_DNS_NAME="longhorn.domain.tld"

6
README.md
View File

@ -2,7 +2,7 @@
This guide describes how to deploy a Kubernetes cluster tailored to my environment using the provided `redbutton.sh` script. This guide describes how to deploy a Kubernetes cluster tailored to my environment using the provided `redbutton.sh` script.
Just be sure to edit the variables in the `redbutton.sh` script. I think you can scale this out by adding more hosts and adjusting the for loop but I haven't tried it yet. I needed three machines and that is what I worked with. Just be sure to edit the variables in the `redbutton.sh` script. I think you can scale this out by adding more hosts and adjusting the for loop but I haven't tried it yet. I needed four machines and that is what I worked with.
## ⚙️ Pre-requisites ## ⚙️ Pre-requisites
@ -29,7 +29,9 @@ This setup will create a Kubernetes cluster with the following topology and comp
To initiate the deployment, run the provided script: To initiate the deployment, run the provided script:
```bash ```bash
echo "CF_API=YourSuperSecretAPIKey" > .env cp .env.example .env
echo "export CF_API=YourSuperSecretAPIKey" >> .env
chmod +x redbutton.sh chmod +x redbutton.sh

98
ansible/k8s-install-deps.yaml
View File

@ -3,100 +3,96 @@
become: true become: true
tasks: tasks:
- name: Ensure apt cache is updated - name: Add Docker signing key
apt: ansible.builtin.apt_key:
update_cache: yes url: https://download.docker.com/linux/ubuntu/gpg
cache_valid_time: 3600 state: present
- name: Add Docker repository
ansible.builtin.apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu noble stable
state: present
- name: Install required packages - name: Install required packages
apt: ansible.builtin.apt:
name: name:
- apt-transport-https - apt-transport-https
- ca-certificates - ca-certificates
- curl - curl
- gpg - gpg
- containerd - containerd.io
state: present state: present
update_cache: yes
## Questo non è nella documentazione! bisogna generare il file di configurazione di containerd ## Questo non è nella documentazione! bisogna generare il file di configurazione di containerd
## ed scriverlo nella directory apposita, altrimenti usa un suo default che non va bene ## ed scriverlo nella directory apposita, altrimenti usa un suo default che non va bene.
- name: Ensure containerd config directory exists - name: Ensure containerd config directory exists.
file: ansible.builtin.file:
path: /etc/containerd path: /etc/containerd
state: directory state: directory
mode: '0755'
- name: Generate default containerd config if missing - name: Get defaults from containerd.
command: containerd config default ansible.builtin.command: containerd config default
register: containerd_config register: containerd_config_default
when: not lookup('file', '/etc/containerd/config.toml', errors='ignore')
changed_when: false
- name: Write default containerd config - name: Create config file
copy: ansible.builtin.copy:
content: "{{ containerd_config.stdout }}" content: "{{ containerd_config_default.stdout }}"
dest: /etc/containerd/config.toml dest: /etc/containerd/config.toml
when: containerd_config is defined
- name: Set SystemdCgroup = true in containerd config - name: Set SystemdCgroup to true
replace: ansible.builtin.replace:
path: /etc/containerd/config.toml path: /etc/containerd/config.toml
regexp: '^(\s*SystemdCgroup\s*=\s*)false' regexp: '^(\s*)SystemdCgroup\s*=\s*false'
replace: '\1true' replace: '\1SystemdCgroup = true'
- name: Restart containerd - name: Restart containerd
systemd: ansible.builtin.service:
name: containerd name: containerd
state: restarted state: restarted
enabled: yes enabled: true
## Importantissimo per la gestione interna della network ## Importantissimo per la gestione interna della network
- name: Enable IPv4 forwarding at runtime - name: Enable IPv4 forwarding at runtime
sysctl: ansible.posix.sysctl:
name: net.ipv4.ip_forward name: net.ipv4.ip_forward
value: '1' value: '1'
state: present reload: true
reload: yes
sysctl_set: yes sysctl_set: yes
## Installa kubectl, kubeadm e kubelet dal repo ufficiale kubernetes ## Installa kubectl, kubeadm e kubelet dal repo ufficiale kubernetes
- name: Create /etc/apt/keyrings directory - name: Add Kubernetes signing key
file: ansible.builtin.apt_key:
path: /etc/apt/keyrings url: https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key
state: directory state: present
mode: '0755'
- name: Download and save the Kubernetes APT key - name: Add Kubernetes repository
ansible.builtin.shell: | ansible.builtin.apt_repository:
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg repo: deb [arch=amd64] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /
args: state: present
creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
- name: Add Kubernetes APT repository
copy:
dest: /etc/apt/sources.list.d/kubernetes.list
content: |
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /
- name: Update apt cache after adding Kubernetes repo
apt:
update_cache: yes
- name: Install Kubernetes components - name: Install Kubernetes components
apt: ansible.builtin.apt:
name: name:
- kubelet - kubelet
- kubeadm - kubeadm
- kubectl - kubectl
state: present state: present
update_cache: true
## Ferma i pacchetti ad una specifica versione ## Ferma i pacchetti ad una specifica versione
- name: Hold Kubernetes packages - name: Hold Kubernetes packages
ansible.builtin.shell: apt-mark hold kubelet kubeadm kubectl ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: hold
loop:
- kubelet
- kubeadm
- kubectl
## Abilita il servizio di kubelet ## Abilita il servizio di kubelet

50
ansible/longhorn-deps.yaml
View File

@ -3,9 +3,8 @@
hosts: all hosts: all
become: true become: true
tasks: tasks:
- name: Install required packages - name: Install required packages
apt: ansible.builtin.apt:
name: name:
- open-iscsi - open-iscsi
- nfs-common - nfs-common
@ -14,39 +13,34 @@
state: present state: present
update_cache: yes update_cache: yes
- name: Ensure iscsi_tcp kernel module is loaded - name: Ensure required kernel modules are loaded
modprobe: community.general.modprobe:
name: iscsi_tcp name: "{{ item }}"
state: present state: present
loop:
- iscsi_tcp
- dm_crypt
- name: Ensure dm_crypt kernel module is loaded - name: Ensure required modules load on boot
modprobe: ansible.builtin.copy:
name: dm_crypt content: "{{ item.name }}"
state: present dest: "/etc/modules-load.d/{{ item.name }}.conf"
- name: Ensure iscsi_tcp module loads on boot
copy:
dest: /etc/modules-load.d/iscsi.conf
content: |
iscsi_tcp
owner: root
group: root
mode: '0644'
- name: Ensure dm_crypt module loads on boot
copy:
dest: /etc/modules-load.d/dm_crypt.conf
content: |
dm_crypt
owner: root owner: root
group: root group: root
mode: '0644' mode: '0644'
loop:
- { name: iscsi_tcp }
- { name: dm_crypt }
- name: Disable and stop multipathd service - name: Disable and stop multipathd service
systemd: ansible.builtin.systemd_service:
name: multipathd name: multipathd
state: stopped
enabled: false
- name: Disable multipathd socket (if exists)
ansible.builtin.systemd_service:
name: multipathd.socket
enabled: false enabled: false
state: stopped state: stopped
masked: true ignore_errors: true
daemon_reload: yes
ignore_errors: true

3
ansible/master-k8s.yaml
View File

@ -1,3 +0,0 @@
# master-k8s.yaml
- import_playbook: k8s-install-deps.yaml
- import_playbook: longhorn-deps.yaml

28
redbutton.sh
View File

@ -1,28 +1,18 @@
#!/bin/bash #!/bin/bash
source .env source .env
KUBE_USER="ubuntu"
PRIVATE_KEY_PATH="$HOME/.ssh/id_ed25519"
KUBE_CP="k8s-control-plane"
KUBE_W1="k8s-worker1"
KUBE_W2="k8s-worker2"
ANSIBLE_DIR="ansible"
POD_NET_CIDR="192.168.0.0/16"
CNI_VER="v3.30.2"
API_ADDR=$(getent hosts "$KUBE_CP" | awk '{ print $1 }')
LOAD_BALANCER_IP="10.50.3.30"
## Variables for envsubst ALL_NODES=("$KUBE_CP" "${KUBE_WORKERS[@]}")
export ACME_MAIL="kevin@nixit.it"
export IP_POOL_RANGE="10.50.3.30-10.50.3.40"
export LONGHORN_DNS_NAME="longhorn.nixit.it"
## Prepare all of the nodes with k8s using the ansible playbooks I prepared ## Prepare all of the nodes with k8s using the ansible playbooks I prepared
ansible-playbook ./"$ANSIBLE_DIR"/master-k8s.yaml \ ansible-playbook ./"$ANSIBLE_DIR"/k8s-install-deps.yaml \
-i "$KUBE_CP,$KUBE_W1,$KUBE_W2," \ -i "$(IFS=, ; echo "${ALL_NODES[*]}",)" \
-e "k8s-control-plane=["$KUBE_CP"] k8s_nodes=["$KUBE_W1","$KUBE_W2"]" \ -u "$KUBE_USER" \
--private-key "$PRIVATE_KEY_PATH"
ansible-playbook ./"$ANSIBLE_DIR"/longhorn-deps.yaml \
-i "$(IFS=, ; echo "${KUBE_WORKERS[*]}",)" \
-u "$KUBE_USER" \ -u "$KUBE_USER" \
--private-key "$PRIVATE_KEY_PATH" --private-key "$PRIVATE_KEY_PATH"
@ -51,7 +41,7 @@ kubectl apply -f \
JOIN_TOKEN=$(ssh "$KUBE_USER@$KUBE_CP" \ JOIN_TOKEN=$(ssh "$KUBE_USER@$KUBE_CP" \
"sudo kubeadm token create --print-join-command") "sudo kubeadm token create --print-join-command")
for NODE in "$KUBE_W1" "$KUBE_W2"; do for NODE in "${KUBE_WORKERS[@]}"; do
echo "Joining $NODE" echo "Joining $NODE"
ssh "$KUBE_USER@$NODE" "sudo $JOIN_TOKEN" ssh "$KUBE_USER@$NODE" "sudo $JOIN_TOKEN"
done done