sa_8001/cmoa_installer_ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
havelight-ee
2023-02-06 15:01:53 +09:00
commit 2b70528618
1022 changed files with 119427 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
roles/cmoa_os_setting/tasks/00-centos-os-main.yml Normal file
View File

@@ -0,0 +1,73 @@
---
- name: Update and upgrade yum packages
yum:
name: "*"
state: latest
- name: Install yum packages
yum:
name: ['cloud-utils', 'ca-certificates', 'socat', 'conntrack', 'gnupg', 'bash-completion']
state: present
- name: Disable firewalld
systemd: name=firewalld state=stopped
ignore_errors: yes
tags:
- install
- atomic
- firewalld
- name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
command: 'swapoff -a'
- name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
replace:
path: /etc/fstab
regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
replace: '# \1'
- name: Add br_netfilter to module autoload
lineinfile:
path: /etc/modules-load.d/k8s2.conf
line: "{{ item }}"
create: true
with_items:
- 'overlay'
- 'br_netfilter'
- name: Add br_netfilter to module autoload
modprobe:
name: "{{ item }}"
state: present
become: true
with_items:
- 'overlay'
- 'br_netfilter'
- name: Add br_netfilter to module autoload
lineinfile:
path: /etc/sysctl.d/k8s.conf
line: "{{ item }}"
create: true
with_items:
- 'net.bridge.bridge-nf-call-iptables = 1'
- 'net.bridge.bridge-nf-call-ip6tables = 1'
- 'net.ipv4.ip_forward = 1'
- name: Disable net.bridge.bridge-nf-call-iptables
sysctl:
name: "{{ item }}"
value: 1
with_items:
- 'net.bridge.bridge-nf-call-iptables'
- 'net.bridge.bridge-nf-call-ip6tables'
- name: Disable net.ipv4.ip_forward
sysctl:
name: net.ipv4.ip_forward
value: "1"
- name: Setting hosts file
template:
src: hosts.j2
dest: /etc/hosts

71
roles/cmoa_os_setting/tasks/00-ubuntu-os-main.yml Normal file
View File

@@ -0,0 +1,71 @@
---
- name: Update and upgrade apt packages
apt:
upgrade: yes
update_cache: yes
force_apt_get: yes
cache_valid_time: 86400
- name: Install apt packages
apt:
name: ['cloud-utils', 'apt-transport-https', 'ca-certificates', 'curl', 'socat', 'conntrack', 'gnupg', 'lsb-release', 'bash-completion', 'chrony']
state: present
- name: Disable ufw
command: 'ufw disable'
when: ansible_distribution_version == '20.04'
- name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
command: 'swapoff -a'
- name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
replace:
path: /etc/fstab
regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
replace: '# \1'
- name: Add br_netfilter to module autoload
lineinfile:
path: /etc/modules-load.d/k8s.conf
line: "{{ item }}"
create: true
with_items:
- 'overlay'
- 'br_netfilter'
- name: Add br_netfilter to module autoload
modprobe:
name: "{{ item }}"
state: present
become: true
with_items:
- 'overlay'
- 'br_netfilter'
- name: Add br_netfilter to module autoload
lineinfile:
path: /etc/sysctl.d/k8s.conf
line: "{{ item }}"
create: true
with_items:
- 'net.bridge.bridge-nf-call-iptables = 1'
- 'net.bridge.bridge-nf-call-ip6tables = 1'
- 'net.ipv4.ip_forward = 1'
- name: Disable net.bridge.bridge-nf-call-iptables
sysctl:
name: "{{ item }}"
value: 1
with_items:
- 'net.bridge.bridge-nf-call-iptables'
- 'net.bridge.bridge-nf-call-ip6tables'
- name: Disable net.ipv4.ip_forward
sysctl:
name: net.ipv4.ip_forward
value: "1"
- name: Setting hosts file
template:
src: hosts.j2
dest: /etc/hosts

45
roles/cmoa_os_setting/tasks/01-centos-os-runtime.yml Normal file
View File

@@ -0,0 +1,45 @@
---
- name: Add containerd yum repository
command: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- name: Create containerd configuration directory
file:
path: /etc/containerd
state: directory
- name: Configure containerd
template:
src: config.toml.j2
dest: /etc/containerd/config.toml
notify:
- Restart containerd service
- name: Install required packages
yum:
name: ['containerd']
state: present
notify:
- Reload systemd configuration
- Restart containerd service
- meta: flush_handlers
- name: Enable containerd service
service:
name: containerd
enabled: True
state: started
- name: Add kubernetes yum repository
ansible.builtin.yum_repository:
name: kubernetes
description: kubernetes
baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled: 1
gpgcheck: 1
gpgkey: https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
- name: Install kubernetes utils
ansible.builtin.yum:
name: ['kubelet-{{kubernetes_version}}','kubeadm-{{kubernetes_version}}','kubectl-{{kubernetes_version}}']
exclude: kubernetes

78
roles/cmoa_os_setting/tasks/01-ubuntu-os-runtime.yml Normal file
View File

@@ -0,0 +1,78 @@
---
- name: Add docker apt key
apt_key:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
- name: Add docker apt repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable
filename: docker
register: containerd_apt_repo_task
- name: apt list --upgradable
command: apt list --upgradable
when: containerd_apt_repo_task.changed
- name: apt update
apt:
update_cache: yes
when: containerd_apt_repo_task.changed
- name: Create containerd configuration directory
file:
path: /etc/containerd
state: directory
- name: Configure containerd
template:
src: config.toml.j2
dest: /etc/containerd/config.toml
notify:
- Restart containerd service
- name: Install required packages
apt:
name:
- containerd.io
notify:
- Reload systemd configuration
- Restart containerd service
- meta: flush_handlers
- name: Enable containerd service
service:
name: containerd
enabled: True
state: started
- name: Install kubernetes
block:
- name: 'Add kubernetes repo key'
apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
state: present
become: true
- name: Add kubernetes repository
apt_repository:
repo: deb http://apt.kubernetes.io kubernetes-xenial main
state: present
filename: 'kubernetes'
become: true
- name: Install kubernetes components
apt:
name: ['kubelet={{kubernetes_version}}-*', 'kubeadm={{kubernetes_version}}-*', 'kubectl={{kubernetes_version}}-*']
state: present
update_cache: yes
force: yes
dpkg_options: force-downgrade
- name: Hold kubernetes packages
dpkg_selections:
name: "{{item}}"
selection: hold
with_items:
- kubelet
- kubectl
- kubeadm

45
roles/cmoa_os_setting/tasks/02-k8s-main.yml Normal file
View File

@@ -0,0 +1,45 @@
---
- name: Enable kubelet service
systemd:
name: kubelet
enabled: true
masked: false
- name: Check if Kubernetes has already been initialized.
stat:
path: /etc/kubernetes/admin.conf
register: kubernetes_init_stat
# Set up master.
- include_tasks: 03-k8s-master.yml
when: kubernetes_role == 'master'
# Set up nodes.
- name: Get the kubeadm join command from the Kubernetes master.
command: kubeadm token create --print-join-command
changed_when: false
when: kubernetes_role == 'master'
register: kubernetes_join_command_result
- name: Get kubeconfig
fetch:
src: /etc/kubernetes/admin.conf
dest: ~/.kube/ansible_config
flat: yes
when: kubernetes_role == 'master'
- name: Set the kubeadm join command globally.
set_fact:
kubernetes_join_command: >
{{ kubernetes_join_command_result.stdout }}
{{ kubernetes_join_command_extra_opts }}
when: kubernetes_join_command_result.stdout is defined
delegate_to: "{{ item }}"
delegate_facts: true
with_items: "{{ groups['all'] }}"
- include_tasks: 05-k8s-node.yml
when: kubernetes_role == 'node'
- include_tasks: 06-worker-directory.yml
when: kubernetes_role == 'node'

45
roles/cmoa_os_setting/tasks/03-k8s-master.yml Normal file
View File

@@ -0,0 +1,45 @@
---
- name: Initialize Kubernetes master with kubeadm init.
command: >
kubeadm init
--pod-network-cidr={{ kubernetes_pod_network.cidr }}
--apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }}
{{ kubernetes_kubeadm_init_extra_opts }}
register: kubeadmin_init
when: not kubernetes_init_stat.stat.exists
- name: Print the init output to screen.
debug:
var: kubeadmin_init.stdout
verbosity: 2
when: not kubernetes_init_stat.stat.exists
- name: Ensure .kube directory exists.
file:
path: ~/.kube
state: directory
- name: Symlink the kubectl admin.conf to ~/.kube/conf.
file:
src: /etc/kubernetes/admin.conf
dest: ~/.kube/config
state: link
force: yes
- name: copy the kubectl config to ~/.kube/ansible_config
copy:
src: /etc/kubernetes/admin.conf
dest: ~/.kube/ansible_config
remote_src: true
- name: Configure Calico networking and Metric Server
include_tasks: 04-k8s-master-yaml.yml
- name: Kubectl Cheat Sheet
lineinfile:
path: ~/.bashrc
line: "{{ item }}"
with_items:
- source <(kubectl completion bash)
- alias k=kubectl
- complete -o default -F __start_kubectl k

15
roles/cmoa_os_setting/tasks/04-k8s-master-yaml.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Configure Calico networking.
command: "{{ item }}"
with_items:
- kubectl apply -f {{ kubernetes_calico_manifest_file }}
register: calico_result
changed_when: "'created' in calico_result.stdout"
when: kubernetes_pod_network.cni == 'calico'
- name: Configure Metric Server
command: "{{ item }}"
with_items:
- kubectl apply -f {{ kubernetes_metric_server_file }}
register: metric_server_result
changed_when: "'created' in metric_server_result.stdout"

6
roles/cmoa_os_setting/tasks/05-k8s-node.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: Join node to Kubernetes master
shell: >
{{ kubernetes_join_command }}
creates=/etc/kubernetes/kubelet.conf
tags: ['skip_ansible_lint']

43
roles/cmoa_os_setting/tasks/06-worker-directory.yml Normal file
View File

@@ -0,0 +1,43 @@
---
- name: make worker1 directory
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: u+rwx,g+rwx,o+rwx
recurse: yes
owner: root
group: root
with_items:
- /media/data/minio/pv1
- /media/data/minio/pv2
- /media/data/postgres/postgres-data-0
- /media/data/elasticsearch/elasticsearch-data-0
- /media/data/zookeeper/zookeeper-data-0
- /media/data/kafka/kafka-data-0
- /media/cloudmoa/ingester/ingester-data-1
- /media/data/redis/redis-data-0
- /media/data/redis/redis-data-1
- /media/data/rabbitmq
when: inventory_hostname in groups["worker1"]
- name: make worker2 directory
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: u+rwx,g+rwx,o+rwx
recurse: yes
owner: root
group: root
with_items:
- /media/data/minio/pv3
- /media/data/minio/pv4
- /media/data/elasticsearch/elasticsearch-data-1
- /media/data/zookeeper/zookeeper-data-1
- /media/data/zookeeper/zookeeper-data-2
- /media/data/kafka/kafka-data-1
- /media/data/kafka/kafka-data-2
- /media/cloudmoa/ingester/ingester-data-2
- /media/cloudmoa/ingester/ingester-data-3
- /media/data/redis/redis-data-1
- /media/data/redis/redis-data-2
when: inventory_hostname in groups["worker2"]

19
roles/cmoa_os_setting/tasks/main.yml Normal file
View File

@@ -0,0 +1,19 @@
---
- include: 00-centos-os-main.yml
tags: centos
when: ansible_distribution == 'CentOS'
- include: 00-ubuntu-os-main.yml
tags: ubuntu
when: ansible_distribution == 'Ubuntu'
- include: 01-centos-os-runtime.yml
tags: centos
when: ansible_distribution == 'CentOS'
- include: 01-ubuntu-os-runtime.yml
tags: ubuntu
when: ansible_distribution == 'Ubuntu'
- include: 02-k8s-main.yml
tags: k8s-main