mirror of https://github.com/k3s-io/k3s
Merge pull request #1787 from St0rmingBr4in/move-contrib-ansible
contrib/ansible: Remove duplication and redirect to new repositorypull/1795/head
commit
689c2726e2
|
@ -1,54 +1,3 @@
|
|||
# Build a Kubernetes cluster using k3s via Ansible
|
||||
|
||||
Author: <https://github.com/itwars>
|
||||
|
||||
## K3s Ansible Playbook
|
||||
|
||||
Build a Kubernetes cluster using Ansible with k3s. The goal is easily install a Kubernetes cluster on machines running:
|
||||
|
||||
- [X] Debian
|
||||
- [ ] Ubuntu
|
||||
- [X] CentOS
|
||||
|
||||
on processor architecture:
|
||||
|
||||
- [X] x64
|
||||
- [X] arm64
|
||||
- [X] armhf
|
||||
|
||||
## System requirements
|
||||
|
||||
Deployment environment must have Ansible 2.4.0+
|
||||
Master and nodes must have passwordless SSH access
|
||||
|
||||
## Usage
|
||||
|
||||
Add the system information gathered above into a file called hosts.ini. For example:
|
||||
|
||||
```bash
|
||||
[master]
|
||||
192.16.35.12
|
||||
|
||||
[node]
|
||||
192.16.35.[10:11]
|
||||
|
||||
[k3s-cluster:children]
|
||||
master
|
||||
node
|
||||
|
||||
```
|
||||
|
||||
Start provisioning of the cluster using the following command:
|
||||
|
||||
```bash
|
||||
ansible-playbook site.yml -i inventory/hosts.ini
|
||||
```
|
||||
|
||||
## Kubeconfig
|
||||
|
||||
To get access to your **Kubernetes** cluster just
|
||||
|
||||
```bash
|
||||
scp debian@master_pi:~/.kube/config ~/.kube/config
|
||||
```
|
||||
|
||||
The ansible playbook was moved to https://github.com/rancher/k3s-ansible
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
[defaults]
|
||||
roles_path = ./roles
|
||||
inventory = ./hosts.ini
|
||||
|
||||
remote_tmp = $HOME/.ansible/tmp
|
||||
local_tmp = $HOME/.ansible/tmp
|
||||
pipelining = True
|
||||
become = True
|
||||
host_key_checking = False
|
||||
deprecation_warnings = False
|
||||
callback_whitelist = profile_tasks
|
|
@ -1,5 +0,0 @@
|
|||
k3s_version: v0.8.1
|
||||
ansible_user: debian
|
||||
systemd_dir: /etc/systemd/system
|
||||
master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}"
|
||||
extra_server_args: ""
|
|
@ -1,12 +0,0 @@
|
|||
[master]
|
||||
192.168.1.26
|
||||
|
||||
[node]
|
||||
192.168.1.34
|
||||
192.168.1.39
|
||||
192.168.1.16
|
||||
192.168.1.32
|
||||
|
||||
[k3s-cluster:children]
|
||||
master
|
||||
node
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
|
||||
- hosts: k3s-cluster
|
||||
gather_facts: yes
|
||||
become: yes
|
||||
roles:
|
||||
- { role: reset }
|
|
@ -1,38 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Delete k3s if already present
|
||||
file:
|
||||
path: /usr/local/bin/k3s
|
||||
state: absent
|
||||
|
||||
- name: Download k3s binary x64
|
||||
get_url:
|
||||
url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s
|
||||
dest: /usr/local/bin/k3s
|
||||
owner: root
|
||||
group: root
|
||||
mode: 755
|
||||
# when: ( ansible_facts.userspace_architecture == "x86_64" )
|
||||
when: ( ansible_facts.architecture == "x86_64" )
|
||||
|
||||
- name: Download k3s binary arm64
|
||||
get_url:
|
||||
url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-arm64
|
||||
dest: /usr/local/bin/k3s
|
||||
owner: root
|
||||
group: root
|
||||
mode: 755
|
||||
when: ( ansible_facts.architecture is search("arm") )
|
||||
and
|
||||
( ansible_facts.userspace_bits == "64" )
|
||||
|
||||
- name: Download k3s binary armhf
|
||||
get_url:
|
||||
url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-armhf
|
||||
dest: /usr/local/bin/k3s
|
||||
owner: root
|
||||
group: root
|
||||
mode: 755
|
||||
when: ( ansible_facts.architecture is search("arm") )
|
||||
and
|
||||
( ansible_facts.userspace_bits == "32" )
|
|
@ -1,75 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Copy K3s service file
|
||||
register: k3s_service
|
||||
template:
|
||||
src: "k3s.service.j2"
|
||||
dest: "{{ systemd_dir }}/k3s.service"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Enable and check K3s service
|
||||
systemd:
|
||||
name: k3s
|
||||
daemon_reload: yes
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
- name: Wait for node-token
|
||||
wait_for:
|
||||
path: /var/lib/rancher/k3s/server/node-token
|
||||
|
||||
- name: Register node-token file access mode
|
||||
stat:
|
||||
path: /var/lib/rancher/k3s/server
|
||||
register: p
|
||||
|
||||
- name: Change file access node-token
|
||||
file:
|
||||
path: /var/lib/rancher/k3s/server
|
||||
mode: "g+rx,o+rx"
|
||||
|
||||
- name: Read node-token from master
|
||||
slurp:
|
||||
src: /var/lib/rancher/k3s/server/node-token
|
||||
register: node_token
|
||||
|
||||
- name: Store Master node-token
|
||||
set_fact:
|
||||
token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}"
|
||||
|
||||
- name: Restore node-token file access
|
||||
file:
|
||||
path: /var/lib/rancher/k3s/server
|
||||
mode: "{{ p.stat.mode }}"
|
||||
|
||||
- name: Create directory .kube
|
||||
file:
|
||||
path: ~{{ ansible_user }}/.kube
|
||||
state: directory
|
||||
owner: "{{ ansible_user }}"
|
||||
|
||||
- name: Copy config file to user home directory
|
||||
copy:
|
||||
src: /etc/rancher/k3s/k3s.yaml
|
||||
dest: ~{{ ansible_user }}/.kube/config
|
||||
remote_src: yes
|
||||
owner: "{{ ansible_user }}"
|
||||
|
||||
- name: Replace https://localhost:6443 by https://master-pi:6443
|
||||
command: k3s kubectl config set-cluster default
|
||||
--server=https://{{ master_ip }}:6443
|
||||
--kubeconfig ~{{ ansible_user }}/.kube/config
|
||||
|
||||
- name: Create kubectl symlink
|
||||
file:
|
||||
src: /usr/local/bin/k3s
|
||||
dest: /usr/local/bin/kubectl
|
||||
state: link
|
||||
|
||||
- name: Create crictl symlink
|
||||
file:
|
||||
src: /usr/local/bin/k3s
|
||||
dest: /usr/local/bin/crictl
|
||||
state: link
|
|
@ -1,24 +0,0 @@
|
|||
[Unit]
|
||||
Description=Lightweight Kubernetes
|
||||
Documentation=https://k3s.io
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
ExecStartPre=-/sbin/modprobe br_netfilter
|
||||
ExecStartPre=-/sbin/modprobe overlay
|
||||
ExecStart=/usr/local/bin/k3s server {{ extra_server_args | default("") }}
|
||||
KillMode=process
|
||||
Delegate=yes
|
||||
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
||||
# in the kernel. We recommend using cgroups to do container-local accounting.
|
||||
LimitNOFILE=1048576
|
||||
LimitNPROC=infinity
|
||||
LimitCORE=infinity
|
||||
TasksMax=infinity
|
||||
TimeoutStartSec=infinity
|
||||
Restart=always
|
||||
RestartSec=5s
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,16 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Copy K3s service file
|
||||
template:
|
||||
src: "k3s.service.j2"
|
||||
dest: "{{ systemd_dir }}/k3s-node.service"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Enable and check K3s service
|
||||
systemd:
|
||||
name: k3s-node
|
||||
daemon_reload: yes
|
||||
state: restarted
|
||||
enabled: yes
|
|
@ -1,24 +0,0 @@
|
|||
[Unit]
|
||||
Description=Lightweight Kubernetes
|
||||
Documentation=https://k3s.io
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
ExecStartPre=-/sbin/modprobe br_netfilter
|
||||
ExecStartPre=-/sbin/modprobe overlay
|
||||
ExecStart=/usr/local/bin/k3s agent --server https://{{ master_ip }}:6443 --token {{ hostvars[groups['master'][0]]['token'] }}
|
||||
KillMode=process
|
||||
Delegate=yes
|
||||
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
||||
# in the kernel. We recommend using cgroups to do container-local accounting.
|
||||
LimitNOFILE=1048576
|
||||
LimitNPROC=infinity
|
||||
LimitCORE=infinity
|
||||
TasksMax=infinity
|
||||
TimeoutStartSec=infinity
|
||||
Restart=always
|
||||
RestartSec=5s
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,35 +0,0 @@
|
|||
---
|
||||
- name: Set SELinux to disabled state
|
||||
selinux:
|
||||
state: disabled
|
||||
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
|
||||
|
||||
- name: Enable IPv4 forwarding
|
||||
sysctl:
|
||||
name: net.ipv4.ip_forward
|
||||
value: "1"
|
||||
state: present
|
||||
reload: yes
|
||||
|
||||
- name: Enable IPv6 forwarding
|
||||
sysctl:
|
||||
name: net.ipv6.conf.all.forwarding
|
||||
value: "1"
|
||||
state: present
|
||||
reload: yes
|
||||
|
||||
- name: Set bridge-nf-call-iptables (just to be sure)
|
||||
sysctl:
|
||||
name: net.bridge.bridge-nf-call-iptables
|
||||
value: "1"
|
||||
state: present
|
||||
reload: yes
|
||||
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
|
||||
|
||||
- name: Set bridge-nf-call-ip6tables (just to be sure)
|
||||
sysctl:
|
||||
name: net.bridge.bridge-nf-call-iptables
|
||||
value: "1"
|
||||
state: present
|
||||
reload: yes
|
||||
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
|
|
@ -1,24 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Test for Raspbian
|
||||
stat:
|
||||
path: /boot/cmdline.txt
|
||||
register: cmdline
|
||||
|
||||
- name: Activating cgroup on Raspbian
|
||||
lineinfile:
|
||||
path: /boot/cmdline.txt
|
||||
regexp: '^(.*rootwait)$'
|
||||
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
||||
backrefs: true
|
||||
when: ( cmdline.stat.path is defined )
|
||||
and
|
||||
( ansible_facts.architecture is search("arm") )
|
||||
register: boot_cmdline
|
||||
|
||||
- name: Rebooting on Raspbian
|
||||
shell: reboot now
|
||||
ignore_errors: true
|
||||
when: ( boot_cmdline is changed )
|
||||
and
|
||||
( ansible_facts.architecture is search("arm") )
|
|
@ -1,25 +0,0 @@
|
|||
---
|
||||
- name: Disable services
|
||||
systemd:
|
||||
name: "{{ item }}"
|
||||
state: stopped
|
||||
enabled: no
|
||||
with_items:
|
||||
- k3s
|
||||
- k3s-node
|
||||
|
||||
- name: Remove service files, binaries and data
|
||||
file:
|
||||
name: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- "{{ systemd_dir }}/k3s.service"
|
||||
- "{{ systemd_dir }}/k3s-node.service"
|
||||
- /etc/rancher/k3s
|
||||
- /var/lib/rancher/k3s
|
||||
- /var/lib/kubelet
|
||||
- /usr/local/bin/k3s
|
||||
|
||||
- name: daemon_reload
|
||||
systemd:
|
||||
daemon_reload: yes
|
|
@ -1,22 +0,0 @@
|
|||
---
|
||||
|
||||
- hosts: k3s-cluster
|
||||
gather_facts: yes
|
||||
become: yes
|
||||
roles:
|
||||
- { role: prereq }
|
||||
- { role: download }
|
||||
- { role: raspbian }
|
||||
|
||||
|
||||
- hosts: master
|
||||
# gather_facts: yes
|
||||
become: yes
|
||||
roles:
|
||||
- { role: k3s/master }
|
||||
|
||||
- hosts: node
|
||||
# gather_facts: yes
|
||||
become: yes
|
||||
roles:
|
||||
- { role: k3s/node }
|
Loading…
Reference in New Issue