Ansible provisionning (#217)

Ansible provisionning contrib
6 years ago · 39e2e45cc2
12 changed files with 295 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -371,6 +371,71 @@ The full help text for the install script environment variables are as follows:
     Type of systemd service to create, will default from the k3s exec command
     if not specified.
 openrc on Alpine Linux
 -------
 In order to pre-setup Alpine Linux you have to go through the following steps:
 ```bash
 echo "cgroup /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
 cat >> /etc/cgconfig.conf <<EOF
 mount {
 cpuacct = /cgroup/cpuacct;
 memory = /cgroup/memory;
 devices = /cgroup/devices;
 freezer = /cgroup/freezer;
 net_cls = /cgroup/net_cls;
 blkio = /cgroup/blkio;
 cpuset = /cgroup/cpuset;
 cpu = /cgroup/cpu;
 }
 EOF
 ```
 Then update **/etc/update-extlinux.conf** by adding:
 ```
 default_kernel_opts="...  cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory"
 ```
 Than update the config and reboot
 ```bash
 update-extlinux
 reboot
 ```
 After rebooting:
 - download **k3s** to **/usr/local/bin/k3s**
 - create an openrc file in **/etc/init.d**
 For the server:
 ```bash
 #!/sbin/openrc-run
 command=/usr/local/bin/k3s
 command_args="server"
 pidfile=
 name="k3s"
 description="Lightweight Kubernetes"
 ```
 For the agent:
 ```bash
 #!/sbin/openrc-run
 command=/usr/local/bin/k3s
 command_args="agent --server https://myserver:6443 --token ${NODE_TOKEN}"
 pidfile=
 name="k3s"
 description="Lightweight Kubernetes"
 ```
 Flannel
 -------
--- a/contrib/ansible/README.md
+++ b/contrib/ansible/README.md
@ -0,0 +1,43 @@
 # Build a Kubernetes cluster using k3s via Ansible.
 ## K3s Ansible Playbook
 Build a Kubernetes cluster using Ansible with k3s. The goal is easily install a Kubernetes cluster on machines running:
 - [X] Debian 
 - [ ] Ubuntu 
 - [ ] CentOS 
 on processor architecture:
 - [X] x64
 - [X] arm64
 - [X] armhf
 ## System requirements:
 Deployment environment must have Ansible 2.4.0+
 Master and nodes must have passwordless SSH access
 ## Usage
 Add the system information gathered above into a file called hosts.ini. For example:
 ```
 [master]
 192.16.35.12
 [node]
 192.16.35.[10:11]
 [kube-cluster:children]
 master
 node
 ```
 Start provisioning of the cluster using the following command:
 ```
 ansible-playbook site.yaml
 ```
--- a/contrib/ansible/ansible.cfg
+++ b/contrib/ansible/ansible.cfg
@ -0,0 +1,11 @@
 [defaults]
 roles_path = ./roles
 inventory  = ./hosts.ini
 remote_tmp = $HOME/.ansible/tmp
 local_tmp  = $HOME/.ansible/tmp
 pipelining = True
 become = True
 host_key_checking = False
 deprecation_warnings = False
 callback_whitelist = profile_tasks
--- a/contrib/ansible/group_vars/all.yml
+++ b/contrib/ansible/group_vars/all.yml
@ -0,0 +1,4 @@
 k3s_version: v0.3.0
 ansible_user: debian
 systemd_dir: /etc/systemd/system
 master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}"
--- a/contrib/ansible/hosts.ini
+++ b/contrib/ansible/hosts.ini
@ -0,0 +1,12 @@
 [master]
 192.168.1.26
 [node]
 192.168.1.34
 192.168.1.39
 192.168.1.16
 192.168.1.32
 [k3s-cluster:children]
 master
 node
--- a/contrib/ansible/roles/download/tasks/main.yml
+++ b/contrib/ansible/roles/download/tasks/main.yml
@ -0,0 +1,36 @@
 ---
 - name: Delete k3s if already present
  file:
    path: /usr/local/bin/k3s
    state: absent
 - name: Download k3s binary x64
  get_url:                                                           
      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s
      dest: /usr/local/bin/k3s
      owner: root
      group: root
      mode: 755
 #  when: ( ansible_facts.userspace_architecture == "x86_64" )
  when: ( ansible_facts.architecture == "x86_64" )
 - name: Download k3s binary arm64
  get_url:                                                           
      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-arm64
      dest: /usr/local/bin/k3s
      owner: root
      group: root
      mode: 755
  when: ( ansible_facts.architecture is search "arm" and 
          ansible_facts.userspace_bits == "64" )
 - name: Download k3s binary armhf
  get_url:                                                           
      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-armhf
      dest: /usr/local/bin/k3s
      owner: root
      group: root
      mode: 755
  when: ( ansible_facts.architecture is search "arm" and 
          ansible_facts.userspace_bits == "32" )
--- a/contrib/ansible/roles/k3s/master/tasks/main.yml
+++ b/contrib/ansible/roles/k3s/master/tasks/main.yml
@ -0,0 +1,43 @@
 ---
 - name: Copy K3s service file
  register: k3s_service
  template:
    src: "k3s.service.j2"
    dest: "{{ systemd_dir }}/k3s.service"
    owner: root
    group: root
    mode: 0755
 - name: Enable and check K3s service
  systemd:
    name: k3s
    daemon_reload: yes
    state: restarted
    enabled: yes
 - name: Register file access mode
  stat:
    path: /var/lib/rancher/k3s/server
  register: p
 - name: Change file access node-token
  file:
    path: /var/lib/rancher/k3s/server
    mode: "g+rx,o+rx"
 - name: Read Node Token from Master
  slurp:
    src: /var/lib/rancher/k3s/server/node-token
  register: node_token
 - name: Store Master Token
  set_fact: 
   token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}"
 - name: Restore file access 
  file:
    path: /var/lib/rancher/k3s/server
    mode: "{{ p.stat.mode }}"
 #- debug: msg="Node TOKEN {{ token }}"
--- a/contrib/ansible/roles/k3s/master/templates/k3s.service.j2
+++ b/contrib/ansible/roles/k3s/master/templates/k3s.service.j2
@ -0,0 +1,16 @@
 [Unit]
 Description=Lightweight Kubernetes
 Documentation=https://k3s.io
 After=network.target
 [Service]
 ExecStartPre=-/sbin/modprobe br_netfilter
 ExecStartPre=-/sbin/modprobe overlay
 ExecStart=/usr/local/bin/k3s server
 KillMode=process
 Delegate=yes
 LimitNOFILE=infinity
 LimitNPROC=infinity
 LimitCORE=infinity
 TasksMax=infinity
 [Install]
 WantedBy=multi-user.target
--- a/contrib/ansible/roles/k3s/node/tasks/main.yml
+++ b/contrib/ansible/roles/k3s/node/tasks/main.yml
@ -0,0 +1,16 @@
 ---
 - name: Copy K3s service file
  template:
    src: "k3s.service.j2"
    dest: "{{ systemd_dir }}/k3s.service"
    owner: root
    group: root
    mode: 0755
 - name: Enable and check K3s service
  systemd:
    name: k3s
    daemon_reload: yes
    state: restarted
    enabled: yes
--- a/contrib/ansible/roles/k3s/node/templates/k3s.service.j2
+++ b/contrib/ansible/roles/k3s/node/templates/k3s.service.j2
@ -0,0 +1,14 @@
 [Unit]
 Description=Lightweight Kubernetes
 Documentation=https://k3s.io
 After=network.target
 [Service]
 ExecStart=/usr/local/bin/k3s agent --server https://{{ master_ip }}:6443 --token {{ hostvars[groups['master'][0]]['token'] }}
 KillMode=process
 Delegate=yes
 LimitNOFILE=infinity
 LimitNPROC=infinity
 LimitCORE=infinity
 TasksMax=infinity
 [Install]
 WantedBy=multi-user.target
--- a/contrib/ansible/roles/raspbian/tasks/main.yml
+++ b/contrib/ansible/roles/raspbian/tasks/main.yml
@ -0,0 +1,14 @@
 ---
 - name: Activating cgroup on Raspbian
  lineinfile:
    path: /boot/cmdline.txt
    regexp: '^(.*rootwait)$'
    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
    backrefs: true
  when: ( ansible_facts.architecture is search "arm" )
 - name: Rebooting on Raspbian 
  shell: reboot now
  ignore_errors: true
  when: ( ansible_facts.architecture is search "arm" )
--- a/contrib/ansible/site.yml
+++ b/contrib/ansible/site.yml
@ -0,0 +1,21 @@
 ---
 - hosts: k3s-cluster
  gather_facts: yes
  become: yes
  roles:
    - { role: download }
    - { role: raspbian }
 - hosts: master
 #  gather_facts: yes
  become: yes
  roles:
    - { role: k3s/master }
 - hosts: node
 #  gather_facts: yes
  become: yes
  roles:
    - { role: k3s/node }