init
This commit is contained in:
commit
7f4ac7485b
28
Readme.md
Normal file
28
Readme.md
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
# K3S cluster deployment using Ansible
|
||||||
|
Setup a K3S cluster on Debian servers.
|
||||||
|
|
||||||
|
## How to use
|
||||||
|
First, edit the inventory file and set the k3s token in *`group_vars/all.yml`*.
|
||||||
|
|
||||||
|
Then:
|
||||||
|
```sh
|
||||||
|
# allow ansible to use the ssh key
|
||||||
|
ssh-agent $SHELL
|
||||||
|
ssh-add ~/.ssh/id_rsa
|
||||||
|
|
||||||
|
# setup nodes
|
||||||
|
ansible-playbook -i inventory -u root node.yml
|
||||||
|
|
||||||
|
# create primary master
|
||||||
|
ansible-playbook -i inventory -u root master-primary.yml
|
||||||
|
|
||||||
|
# create more masters
|
||||||
|
ansible-playbook -i inventory -u root master-secondary.yml
|
||||||
|
|
||||||
|
# create workers
|
||||||
|
ansible-playbook -i inventory -u root workers.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Features
|
||||||
|
- static IP using systemd-networkd (using the last IP of the server before running the playbook)
|
||||||
|
- multiple masters
|
1
group_vars/all.yml
Normal file
1
group_vars/all.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
K3S_TOKEN: aicaaSi8Air8ohph
|
22
inventory
Normal file
22
inventory
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
[nodes]
|
||||||
|
192.168.50.1
|
||||||
|
192.168.50.2
|
||||||
|
192.168.50.3
|
||||||
|
# 192.168.50.11
|
||||||
|
# 192.168.50.12
|
||||||
|
# 192.168.50.13
|
||||||
|
|
||||||
|
[master-primary]
|
||||||
|
192.168.50.1
|
||||||
|
|
||||||
|
# do one at a time
|
||||||
|
# the k3s service restarts
|
||||||
|
# on the primary when a node joins
|
||||||
|
[master-secondary]
|
||||||
|
192.168.50.2
|
||||||
|
192.168.50.3
|
||||||
|
|
||||||
|
[workers]
|
||||||
|
# 192.168.50.11
|
||||||
|
# 192.168.50.12
|
||||||
|
# 192.168.50.13
|
6
master-primary.yml
Normal file
6
master-primary.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
- name: Cluster master-primary
|
||||||
|
hosts: master-primary
|
||||||
|
become: true
|
||||||
|
gather_facts: true
|
||||||
|
roles:
|
||||||
|
- master-primary
|
6
master-secondary.yml
Normal file
6
master-secondary.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
- name: Cluster master-secondry
|
||||||
|
hosts: master-secondary
|
||||||
|
become: true
|
||||||
|
gather_facts: true
|
||||||
|
roles:
|
||||||
|
- master-secondary
|
6
node.yml
Normal file
6
node.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
- name: Cluster node setup
|
||||||
|
hosts: nodes
|
||||||
|
become: true
|
||||||
|
gather_facts: true
|
||||||
|
roles:
|
||||||
|
- node
|
5
roles/master-primary/files/k3s-primary-master.sh
Normal file
5
roles/master-primary/files/k3s-primary-master.sh
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export K3S_TOKEN="$1"
|
||||||
|
|
||||||
|
curl -sfL https://get.k3s.io | sh -s - server --cluster-init
|
2
roles/master-primary/meta/meta.yml
Normal file
2
roles/master-primary/meta/meta.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
dependencies:
|
||||||
|
- name: node
|
2
roles/master-primary/tasks/main.yml
Normal file
2
roles/master-primary/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
- name: Install k3s as primary master
|
||||||
|
ansible.builtin.script: k3s-primary-master.sh {{ K3S_TOKEN }}
|
5
roles/master-secondary/files/k3s-secondary-master.sh
Normal file
5
roles/master-secondary/files/k3s-secondary-master.sh
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export K3S_TOKEN="$1"
|
||||||
|
|
||||||
|
curl -sfL https://get.k3s.io | sh -s - server --cluster-init --server "https://${2}:6443"
|
2
roles/master-secondary/meta/meta.yml
Normal file
2
roles/master-secondary/meta/meta.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
dependencies:
|
||||||
|
- name: node
|
2
roles/master-secondary/tasks/main.yml
Normal file
2
roles/master-secondary/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
- name: Install k3s as secondary master
|
||||||
|
ansible.builtin.script: k3s-secondary-master.sh {{ K3S_TOKEN }} {{ groups['master-primary'][0] }}
|
18
roles/node/defaults/main.yml
Normal file
18
roles/node/defaults/main.yml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
packages:
|
||||||
|
- nfs-common
|
||||||
|
- curl
|
||||||
|
- systemd-resolved # needs to be the last one
|
||||||
|
# breaks dns resolution until
|
||||||
|
# systemd-networkd is configured
|
||||||
|
|
||||||
|
# hostsnames:
|
||||||
|
# - ip: x.x.x.x
|
||||||
|
# name: example
|
||||||
|
# ...
|
||||||
|
hostnames: []
|
||||||
|
|
||||||
|
interface_name: lan0
|
||||||
|
gateway: "192.168.50.254"
|
||||||
|
dns_servers:
|
||||||
|
- "192.168.11.1"
|
||||||
|
- "1.1.1.1"
|
12
roles/node/handlers/main.yml
Normal file
12
roles/node/handlers/main.yml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
- name: Update initramfs
|
||||||
|
listen:
|
||||||
|
- update initramfs
|
||||||
|
- update initrd
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: >
|
||||||
|
update-initramfs -k all -u
|
||||||
|
|
||||||
|
- name: Warn user to reboot
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
user_notify: Reboot the machine to use the new name for primary interface!
|
||||||
|
when: systemd_networkd_ifname is changed
|
11
roles/node/tasks/hostnames.yml
Normal file
11
roles/node/tasks/hostnames.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
- name: Set hostname
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: etc-hostname.j2
|
||||||
|
dest: /etc/hostname
|
||||||
|
mode: "0644"
|
||||||
|
|
||||||
|
- name: Set hosts
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: etc-hosts.j2
|
||||||
|
dest: /etc/hosts
|
||||||
|
mode: "0644"
|
15
roles/node/tasks/main.yml
Normal file
15
roles/node/tasks/main.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
- name: Update system
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: update.yml
|
||||||
|
|
||||||
|
- name: Install packages
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: packages.yml
|
||||||
|
|
||||||
|
- name: Set hostname
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: hostnames.yml
|
||||||
|
|
||||||
|
- name: Configure network
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: network.yml
|
25
roles/node/tasks/network.yml
Normal file
25
roles/node/tasks/network.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
- name: Configure default interface name
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: etc-systemd-network-10-lan0.link.j2
|
||||||
|
dest: /etc/systemd/network/10-lan0.link
|
||||||
|
mode: "0644"
|
||||||
|
register: systemd_networkd_ifname
|
||||||
|
|
||||||
|
- name: Configure network for default interface
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: etc-systemd-network-20-lan0.network.j2
|
||||||
|
dest: /etc/systemd/network/20-lan0.network
|
||||||
|
mode: "0644"
|
||||||
|
notify: update initramfs
|
||||||
|
|
||||||
|
- name: Enable systemd-networkd
|
||||||
|
ansible.builtin.systemd_service:
|
||||||
|
name: systemd-networkd
|
||||||
|
enabled: true
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: Enable systemd-resolved
|
||||||
|
ansible.builtin.systemd_service:
|
||||||
|
name: systemd-resolved
|
||||||
|
enabled: true
|
||||||
|
state: restarted
|
10
roles/node/tasks/packages.yml
Normal file
10
roles/node/tasks/packages.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
- name: Install packages
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
install_recommends: false
|
||||||
|
loop: "{{ packages }}"
|
||||||
|
|
||||||
|
- name: Remove dependencies that are no longer required
|
||||||
|
ansible.builtin.apt:
|
||||||
|
autoremove: true
|
5
roles/node/tasks/update.yml
Normal file
5
roles/node/tasks/update.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
- name: Update and upgrade system
|
||||||
|
ansible.builtin.apt:
|
||||||
|
upgrade: true
|
||||||
|
update_cache: true
|
||||||
|
cache_valid_time: 86400
|
1
roles/node/templates/etc-hostname.j2
Normal file
1
roles/node/templates/etc-hostname.j2
Normal file
@ -0,0 +1 @@
|
|||||||
|
node-{{ groups['nodes'].index(inventory_hostname) + 1 }}
|
10
roles/node/templates/etc-hosts.j2
Normal file
10
roles/node/templates/etc-hosts.j2
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
127.0.0.1 localhost
|
||||||
|
127.0.1.1 node-{{ groups['nodes'].index(inventory_hostname) + 1 }}
|
||||||
|
|
||||||
|
::1 localhost ip6-localhost ip6-loopback
|
||||||
|
ff02::1 ip6-allnodes
|
||||||
|
ff02::2 ip6-allrouters
|
||||||
|
|
||||||
|
{% for item in hostnames %}
|
||||||
|
{{ item.ip }} {{ item.name }}
|
||||||
|
{% endfor %}
|
5
roles/node/templates/etc-systemd-network-10-lan0.link.j2
Normal file
5
roles/node/templates/etc-systemd-network-10-lan0.link.j2
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
[Match]
|
||||||
|
MACAddress={{ ansible_default_ipv4.macaddress }}
|
||||||
|
|
||||||
|
[Link]
|
||||||
|
Name={{ interface_name }}
|
@ -0,0 +1,9 @@
|
|||||||
|
[Match]
|
||||||
|
Name={{ interface_name }}
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
Address={{ ansible_default_ipv4.address|default(ansible_all_ipv4_addresses[0]) }}/24
|
||||||
|
Gateway={{ gateway }}
|
||||||
|
{% for dns in dns_servers %}
|
||||||
|
DNS={{ dns }}
|
||||||
|
{% endfor %}
|
5
roles/worker/files/k3s-agent.sh
Normal file
5
roles/worker/files/k3s-agent.sh
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export K3S_TOKEN="$1"
|
||||||
|
|
||||||
|
curl -sfL https://get.k3s.io | sh -s - agent --server "https://${2}:6443"
|
2
roles/worker/meta/meta.yml
Normal file
2
roles/worker/meta/meta.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
dependencies:
|
||||||
|
- name: node
|
2
roles/worker/tasks/main.yml
Normal file
2
roles/worker/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
- name: Install k3s as agent
|
||||||
|
ansible.builtin.script: k3s-agent.sh {{ K3S_TOKEN }} {{ groups['master-primary'][0] }}
|
6
workers.yml
Normal file
6
workers.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
- name: Cluster workers
|
||||||
|
hosts: workers
|
||||||
|
become: true
|
||||||
|
gather_facts: true
|
||||||
|
roles:
|
||||||
|
- worker
|
Loading…
Reference in New Issue
Block a user