add files

This commit is contained in:
B4D_US3R 2024-11-27 22:24:24 +05:00
parent 1283a98c9d
commit 33e2774432
11 changed files with 152 additions and 0 deletions

5
ansible.cfg Normal file
View file

@ -0,0 +1,5 @@
[defaults]
roles_path = ./roles
inventory = ./inventory/master/hosts.ini
become = True
user = root

View file

@ -0,0 +1,7 @@
---
k3s_version: v1.31.1+k3s1
helm_version: v3.16.2
extra_server_args: "--disable traefik"
ansible_user: root
ingress_controller_version: v1.11.2
cert_manager_version: v1.16.1

View file

@ -0,0 +1,2 @@
[master]
your-host.tld

10
playbook.yml Normal file
View file

@ -0,0 +1,10 @@
---
- name: Test
hosts: master
roles:
- role: debian_setup
- role: k3s
- role: helm
- role: ingress
- role: cert_manager

View file

@ -0,0 +1,6 @@
---
- name: Deploy cert-manager
kubernetes.core.k8s:
src: "https://github.com/cert-manager/cert-manager/releases/download/{{ cert_manager_version }}/cert-manager.yaml"
wait: false
state: present

View file

@ -0,0 +1,14 @@
---
- name: Get indexes
apt:
update_cache: true
- name: Update dist
apt:
upgrade: dist
- name: Install K8S python library
apt:
name:
- python3-kubernetes
state: present

19
roles/helm/tasks/main.yml Normal file
View file

@ -0,0 +1,19 @@
---
- name: Get Helm binary
unarchive:
src: "https://get.helm.sh/helm-{{ helm_version }}-linux-amd64.tar.gz"
dest: /tmp
remote_src: true
- name: Copy helm binary to /usr/local/bin
copy:
src: /tmp/linux-amd64/helm
dest: /usr/local/bin/helm
owner: root
group: root
mode: 755
- name: Cleanup
file:
path: /tmp/linux-amd64
state: absent

View file

@ -0,0 +1,11 @@
---
- name: Get Nginx Ingress manifest
get_url:
url: "https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-{{ ingress_controller_version }}/deploy/static/provider/baremetal/deploy.yaml"
dest: /tmp/nginx_ingress.yml
- name: Deplroy Nginx Ingress
kubernetes.core.k8s:
src: /tmp/nginx_ingress.yml
wait: false
state: present

View file

@ -0,0 +1,2 @@
---
k3s_server_location: /var/lib/rancher/k3s

52
roles/k3s/tasks/main.yml Normal file
View file

@ -0,0 +1,52 @@
---
- name: Enable IPv4 forwarding
sysctl:
name: net.ipv4.ip_forward
value: "1"
state: present
reload: true
- name: Download k3s binary
get_url:
url: https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s
checksum: sha256:https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/sha256sum-amd64.txt
dest: /usr/local/bin/k3s
owner: root
group: root
mode: 755
- name: Copy SystemD service
template:
src: k3s.service.j2
dest: /usr/lib/systemd/system/k3s.service
owner: root
mode: 644
- name: Enable k3s service
systemd:
name: k3s
daemon_reload: true
state: restarted
enabled: true
- name: Create kubectl symlink
file:
src: /usr/local/bin/k3s
dest: /usr/local/bin/kubectl
state: link
- name: Create directory .kube
file:
path: ~{{ ansible_user }}/.kube
state: directory
owner: "{{ ansible_user }}"
mode: "750"
- name: Copy config file to user home directory
copy:
src: /etc/rancher/k3s/k3s.yaml
dest: ~{{ ansible_user }}/.kube/config
remote_src: true
owner: "{{ ansible_user }}"
mode: "600"

View file

@ -0,0 +1,24 @@
[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
After=network-online.target
[Service]
Type=notify
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} {{ extra_server_args | default("") }}
KillMode=process
Delegate=yes
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=1048576
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target