GithubHelp home page GithubHelp logo

onedr0p / k3s-homeops-ansible Goto Github PK

View Code? Open in Web Editor NEW
53.0 10.0 5.0 643 KB

Bootstrap a k3s cluster on top of Ubuntu 20.04

HTML 99.27% Shell 0.73%
git gitops ansible kubernetes k3s vagrant virtualbox

k3s-homeops-ansible's Introduction

k3s-homeops-ansible

This is an opinionated way to provision Ubuntu 20.04 and install k3s on top.

Prerequisites

There's a couple things that will need to be done before you get starting running with Ansible.

  1. Install Ansible >= 2.10.0 on your local machine
  2. Install a supported OS on each of your nodes
  3. Set static IP for each node on the OS or in your router (you can use the IP assigned via DHCP, but it's not recommended)
  4. Copy your local public ssh key with ssh-copy-id to each node
  5. Optional review playbooks and roles to understand what these Ansible script will do

After that we're ready to continue with Ansible...

Ansible

Get started by cloning this repository and copying the hosts and config into a new directory.

# clone this repo
git clone https://github.com/onedr0p/k3s-homeops-ansible
# change into the directory
cd k3s-homeops-ansible
# copy the hosts and config to a new folder
cp -r ./inventory/local ./inventory/custom

Update the Ansible config files

Note: This project uses PyratLabs/ansible-role-k3s for installing k3s. Configuration options can be viewed in their README.

After you have copied over the configuration files you will need to update the configuration in the files:

  • ./inventory/custom/hosts.yml: Host definitions
  • ./inventory/custom/host_vars/*.yml: Host IP and host level variables
  • ./inventory/custom/group_vars/*.yml: Global variables for all hosts

Each file it carefully documented.

Get Ansible dependencies

ansible-galaxy install -r requirements.yml

Run the playbooks

# This playbook will prepare your nodes for Kubernetes
ansible-playbook -i ./inventory/custom/hosts.yml ./playbooks/os-build.yml
# This playbook will install k3s
ansible-playbook -i ./inventory/custom/hosts.yml ./playbooks/cluster-build.yml

Verify the cluster is up and running

kubectl --kubeconfig ./kubeconfig get nodes -o wide

k3s-homeops-ansible's People

Contributors

carpenike avatar onedr0p avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

mdbraber fr34k8 bayeslearner davidthamwf doytsujin

k3s-homeops-ansible's Issues

Create vagrant task to remove old block devices

Running into errors where vagrant thinks the block device exists

VBoxManage: error: Failed to create medium
VBoxManage: error: Could not create the medium storage unit '/Users/devin/Code/k3s-cluster-ansible/k8s-node-10-block.vdi'.
VBoxManage: error: VDI: cannot create image '/Users/devin/Code/k3s-cluster-ansible/k8s-node-10-block.vdi' (VERR_ALREADY_EXISTS)
VBoxManage: error: Details: code VBOX_E_FILE_ERROR (0x80bb0004), component MediumWrap, interface IMedium
VBoxManage: error: Context: "RTEXITCODE handleCreateMedium(HandlerArg *)" at line 510 of file VBoxManageDisk.cpp

hashicorp/vagrant#8107 (comment)

Maybe we should add this in a task to run if shit gets fubared?

Add taint to storage nodes for rook-ceph

Would be nice to taint the servers running rook-ceph and apply tolerations to the rook-ceph deployments. This way standard workloads can only be ran on the worker nodes without any affinity rules.

Convert Calico BGP file to inline with EOF

Getting errors because it references a local path that is no longer local.

failed: [k3s-0 -> localhost] (item=kubectl apply -f /home/ryan/src/k3s-bootstrap/devops/kube-system/calico/calico.yaml) => {"ansible_loop_var": "item", "attempts": 6, "changed": false, "cmd": ["kubectl", "apply", "-f", "/home/ryan/src/k3s-bootstrap/devops/kube-system/calico/calico.yaml"], "delta": "0:00:00.239140", "end": "2020-02-17 00:55:58.162550", "item": "kubectl apply -f /home/ryan/src/k3s-bootstrap/devops/kube-system/calico/calico.yaml", "msg": "non-zero return code", "rc": 1, "start": "2020-02-17 00:55:57.923410", "stderr": "Unable to connect to the server: x509: certificate signed by unknown authority", "stderr_lines": ["Unable to connect to the server: x509: certificate signed by unknown authority"], "stdout": "", "stdout_lines": []}

Add a preflight playbook

Ensure tools are installed locally

  • helm
  • kubectl
  • fluxctl
  • calicoctl
  • vault

...

Prompt to copy sample files if not exists

  • hosts
  • main variables
  • encrypted vault variables
  • unencrypted vault variables

...

  • Validate that a key file is created or offer to generate for Ansible Vault

...

  • Warn that the option to encrypt the encrypted variables should be set to true as part as playbook

...

  • Validate that pre-commit includes option to check for Ansible-Vault being encrypted
  • Validate that .gitattributes includes filter for git-crypt and the vault.key file

Prep Disks for Ceph

Ceph isn't always picking up block devices at initial provision. Need to add detection for state of block device with option to clean.

Do not send poweroff on power button press

edit /etc/systemd/logind.conf

change #HandlePowerKey=poweroff to HandlePowerKey=ignore

this will prevent misclicks with the power button on my NUCs, you can still force poweroff by holding the button

Explore adding local user variable

Default to {{ ansible_user }} and update any local copy jobs to use that user instead.

Use case is for build processes where the remote user is different from the local user.

Remove more packages 

apt-get --purge -qqy remove apport bcache-tools btrfs-progs byobu cloud-guest-utils cloud-initramfs-copymods cloud-initramfs-dyn-netconf friendly-recovery fwupd landscape-common lxd-agent-loader ntfs-3g open-vm-tools plymouth plymouth-theme-ubuntu-text popularity-contest snapd sosreport tmux ubuntu-advantage-tools ufw```

Ansible with Vagrant currently failing on this step 

TASK [k3s/master : Restore node-token file access] *****************************
changed: [192.168.88.200]
ERROR! Attempting to decrypt but no vault secrets found
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.