Merge pull request #7 from TimGrt/dev

Dev
TimGrt · Dec 2, 2023 · 3caab5b · 3caab5b
2 parents e768368 + 6f7de66
commit 3caab5b
Show file tree

Hide file tree

Showing 20 changed files with 118 additions and 90 deletions.
diff --git a/ansible.cfg b/ansible.cfg
@@ -2,3 +2,4 @@
 inventory = ./inventory.ini
 stdout_callback = community.general.yaml
 callbacks_enabled = ansible.posix.timer, ansible.posix.profile_tasks
+roles_path = ./roles
diff --git a/awx-deployment.yml b/awx-deployment.yml
diff --git a/bootstrap.yml b/bootstrap.yml
diff --git a/inventory.ini b/inventory.ini
@@ -1,2 +1,13 @@
-[target]
-awx ansible_host=192.168.178.122 ansible_user=ansible
+[kubernetes_cluster:children]
+kubernetes_control_plane
+kubernetes_nodes
+
+[kubernetes_cluster:vars]
+ansible_user=ansible
+
+[kubernetes_control_plane]
+rpi-cluster01 ansible_host=192.168.178.151
+
+[kubernetes_nodes]
+rpi-cluster02 ansible_host=192.168.178.152
+rpi-cluster03 ansible_host=192.168.178.153
diff --git a/k3s-deployment.yml b/k3s-deployment.yml
diff --git a/main.yml b/main.yml
diff --git a/playbooks/awx-deployment.yml b/playbooks/awx-deployment.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Deploy AWX operator and instance on Kubernetes
+  hosts: kubernetes_control_plane
+  roles:
+    - awx
diff --git a/check-requirements.yml → playbooks/check-requirements.yml b/check-requirements.yml → playbooks/check-requirements.yml
diff --git a/playbooks/k3s-deployment.yml b/playbooks/k3s-deployment.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Deploy k3s-server
+  hosts: kubernetes_cluster
+  roles:
+    - k3s-deployment
diff --git a/roles/awx/defaults/main.yml b/roles/awx/defaults/main.yml
@@ -13,7 +13,7 @@ kustomize_directory: "{{ ansible_user_dir }}"
 
 # Service/Network-related variables
 service_type: nodeport
-exposed_node_port: 30080
+awx_instance_port: 30080
 awx_endpoint_name: awx.demo.com
 
 # Storage-related variables

diff --git a/roles/awx/tasks/awx_instance_info.yml b/roles/awx/tasks/awx_instance_info.yml
@@ -15,6 +15,6 @@
 - name: Output login info
   ansible.builtin.debug:
     msg: |
-      AWX UI is available at 'http://{{ ansible_default_ipv4.address }}'
+      AWX UI is available at 'http://{{ ansible_default_ipv4.address }}:{{ awx_instance_port }}'
       Login with username 'admin' and password '{{ admin_secret['resources'][0]['data']['password'] | b64decode }}'
   when: admin_secret.resources | length > 0
diff --git a/roles/awx/tasks/awx_instance_service.yml b/roles/awx/tasks/awx_instance_service.yml
@@ -10,23 +10,23 @@
 - name: Expose AWX via NodePort
   when: service_type == 'nodeport'
   block:
-    - name: Expose port {{ exposed_node_port }}
+    - name: Expose port {{ awx_instance_port }}
       kubernetes.core.k8s_service:
         namespace: "{{ awx_namespace }}"
         name: "{{ awx_instance_name }}-service"
         type: NodePort
         ports:
           - port: 80
             target_port: 80
-            nodePort: "{{ exposed_node_port }}"
+            nodePort: "{{ awx_instance_port }}"
         selector:
           app.kubernetes.io/component: awx
           app.kubernetes.io/managed-by: awx-operator
           app.kubernetes.io/name: "{{ awx_instance_name }}-web"
         state: present
 
 - name: Expose AWX via Ingress
-  when: service_type == 'nodeport'
+  when: service_type == 'ingress'
   block:
     - name: Create TLS key and certificate
       ansible.builtin.import_tasks: certificate.yml
diff --git a/roles/awx/templates/awx_definition.yml.j2 b/roles/awx/templates/awx_definition.yml.j2
@@ -7,7 +7,7 @@ metadata:
 spec:
 {% if service_type == 'nodeport' %}
   service_type: NodePort
-  nodeport_port: {{ exposed_node_port }}
+  nodeport_port: {{ awx_instance_port }}
 {% endif %}
 {% if service_type == 'ingress' %}
   ingress_type: ingress

diff --git a/roles/k3s-deployment/defaults/main.yml b/roles/k3s-deployment/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+
+# Defining group aliases, overwrite these if your inventory groups differ
+# This prevents the need to overwrite the groups in the role itself
+k3s_server_group: kubernetes_control_plane
+k3s_agent_group: kubernetes_nodes
diff --git a/roles/k3s-deployment/tasks/agent-deployment.yml b/roles/k3s-deployment/tasks/agent-deployment.yml
@@ -0,0 +1,35 @@
+---
+
+- name: Get K3s server token from control plane node
+  ansible.builtin.slurp:
+    path: /var/lib/rancher/k3s/server/node-token
+  register: k3s_server_token_file
+  become: true
+  when: inventory_hostname in groups[k3s_server_group]
+  run_once: true
+
+- name: Execute install script to deploy K3s agent
+  ansible.builtin.command:
+    cmd: sh k3s-install.sh
+    chdir: "{{ ansible_user_dir }}"
+    creates: /usr/local/bin/k3s
+  become: true
+  environment:
+    K3S_URL: https://{{ hostvars[groups[k3s_server_group][0]]['ansible_host'] }}:6443
+    K3S_TOKEN: "{{ k3s_server_token_file.content | b64decode | trim }}"
+
+- name: Get info about K3s cluster nodes and wait until all report Ready status
+  kubernetes.core.k8s_info:
+    api_version: v1
+    kind: Node
+    name: "{{ item }}"
+    wait: true
+    wait_timeout: 5
+    wait_condition:
+      type: Ready
+  loop: "{{ groups['kubernetes_cluster'] }}"
+  loop_control:
+    label: Checking 'Ready' condition of {{ item }}
+  when: inventory_hostname in groups[k3s_server_group]
+  run_once: true
+  register: kubernetes_node_info
diff --git a/roles/k3s-deployment/tasks/main.yml b/roles/k3s-deployment/tasks/main.yml
@@ -2,7 +2,13 @@
 
 - ansible.builtin.import_tasks: requirements.yml # noqa name[missing]
 
-- ansible.builtin.import_tasks: deployment.yml # noqa name[missing]
+- ansible.builtin.import_tasks: server-deployment.yml # noqa name[missing]
+  when: inventory_hostname in groups[k3s_server_group]
+
+- ansible.builtin.import_tasks: agent-deployment.yml # noqa name[missing]
+  when:
+    - groups[k3s_agent_group] is defined
+    - groups[k3s_agent_group] | length > 0
 
 - ansible.builtin.import_tasks: uninstall.yml # noqa name[missing]
   when: '"uninstall" in ansible_run_tags'

diff --git a/roles/k3s-deployment/tasks/requirements.yml b/roles/k3s-deployment/tasks/requirements.yml
@@ -1,18 +1,27 @@
 ---
 
-- name: Install Python3 package manager
+- name: Install Python3 kubernetes package for module functionality
   ansible.builtin.package:
-    name: python3-pip
+    name: python3-kubernetes
     state: present
   become: true
 
-- name: Install kubernetes Python package for module functionality
-  ansible.builtin.pip:
-    name: kubernetes
-    state: present
+- name: Ensure Memory CGroup is available
+  ansible.builtin.stat:
+    path: /sys/fs/cgroup/memory.stat
+  register: memory_cgroup_file
+  failed_when: not memory_cgroup_file.stat.exists
 
 - name: Stop and disable firewalld
   ansible.builtin.service:
     name: firewalld
     state: stopped
     enabled: false
+  become: true
+  when: ansible_facts['distribution'] == "Red Hat"
+
+- name: Get K3S installation script
+  ansible.builtin.get_url:
+    url: https://get.k3s.io
+    dest: "{{ ansible_user_dir }}/k3s-install.sh"
+    mode: "0644"
diff --git a/roles/k3s-deployment/tasks/deployment.yml → ...3s-deployment/tasks/server-deployment.yml b/roles/k3s-deployment/tasks/deployment.yml → ...3s-deployment/tasks/server-deployment.yml
@@ -1,11 +1,5 @@
 ---
 
-- name: Get K3S installation script
-  ansible.builtin.get_url:
-    url: https://get.k3s.io
-    dest: "{{ ansible_user_dir }}/k3s-install.sh"
-    mode: "0644"
-
 - name: Create directory for K3S configuration file
   ansible.builtin.file:
     path: /etc/rancher/k3s
@@ -20,13 +14,19 @@
     mode: "0644"
   become: true
 
-- name: Execute K3S install script
+- name: Execute install script to deploy K3s server
   ansible.builtin.command:
     cmd: sh k3s-install.sh
     chdir: "{{ ansible_user_dir }}"
     creates: /usr/local/bin/k3s
   become: true
 
+- name: Create folder folder for default kubeconfig
+  ansible.builtin.file:
+    path: "{{ ansible_user_dir }}/.kube"
+    state: directory
+    mode: "0755"
+
 - name: Copy k3s.yaml to default kubeconfig location
   ansible.builtin.copy:
     src: /etc/rancher/k3s/k3s.yaml

diff --git a/roles/k3s-deployment/tasks/uninstall.yml b/roles/k3s-deployment/tasks/uninstall.yml
@@ -1,6 +1,7 @@
 ---
 
-- name: Uninstall K3S
+- name: Uninstall K3S Server
+  when: inventory_hostname in groups[k3s_server_group]
   block:
     - name: Execute K3S uninstall script # noqa no-changed-when
       ansible.builtin.command:
@@ -10,3 +11,15 @@
       ansible.builtin.debug:
         msg: "K3S uninstall script missing! Was K3S already uninstalled?"
       when: ansible_failed_result.msg is search('No such file or directory')
+
+- name: Uninstall K3S Agents
+  when: inventory_hostname in groups[k3s_agent_group]
+  block:
+    - name: Execute K3S uninstall script # noqa no-changed-when
+      ansible.builtin.command:
+        cmd: /usr/local/bin/k3s-agent-uninstall.sh
+  rescue:
+    - name: Uninstalling K3S failed
+      ansible.builtin.debug:
+        msg: "K3S uninstall script missing! Was K3S already uninstalled?"
+      when: ansible_failed_result.msg is search('No such file or directory')
diff --git a/roles/minikube-cluster/defaults/main.yml b/roles/minikube-cluster/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
-exposed_node_port: 30080
+awx_instance_port: 30080
 
 minikube_download_directory: "{{ ansible_user_dir }}"
 
-minikube_additional_start_parameter: "--cpus=4 --memory=6g --addons=ingress --container-runtime=containerd --ports={{ exposed_node_port }}:{{ exposed_node_port }}"
+minikube_additional_start_parameter: "--cpus=4 --memory=6g --addons=ingress --container-runtime=containerd --ports={{ awx_instance_port }}:{{ awx_instance_port }}"