Erster Commit mit 3 neuen Playbooks

.gitignore

@@ -6,6 +6,10 @@
 *.qcow2
 playbooks/roles/downloadNodeIso/files/
 playbooks/roles/setupRkeCluster/files/id_rsa.pub
+playbooks/roles/setupRkeCluster/files/rke_linux-amd64
+playbooks/roles/runTerraform/workspace/
+playbooks/inventories/hosts.yml
 *.tfstate
 *.tfstate.backup
+*.tfstate.lock.info
 .terraform

README_FORK.md

@@ -0,0 +1,31 @@
+# Fork von aluedtke7
+Ansible Projekt um einen Kubernetes Cluster lokal auf einer Ubuntu 18.04 Maschine zu installieren
+
+Das Projekt ist in 3 Playbooks aufgeteilt. Das erste (prepareHost.yml) dient zur Vorbereitung der Linux Maschine, um die nötigen Tools bzw. die nötige Software zu installieren. Dieses Playbook muß normalerweise nur einmal ausgeführt werden.
+
+Das zweite Playbook (createCluster.yml) dient dem Aufsetzen und starten des K8S Clusters.
+
+Das dritte Playbook (destroyCluster.yml) dient dem Zerstören des K8S Clusters.
+
+## Voraussetzungen
+Ansible muss installiert sein (`sudo apt install ansible`). Die Playbooks müssen als normaler User ausgeführt werden (kein sudo).
+
+
+## Playbooks
+### Host vorbereiten (einmalig als erstes ausführen):
+````
+ansible-playbook prepareHost.yml
+````
+
+### K8S Cluster erstellen:
+````
+ansible-playbook createCluster.yml
+````
+Am Ende des Skriptes wird der Token für den admin_user angezeigt, damit man sich am K8S Dashboard anmelden kann. 
+Hierzu einmalig `kubectl proxy` in einer Shell starten und dann im Webbrowser die Adresse
+http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ aufrufen.
+
+### K8S Cluster zerstören:
+````
+ansible-playbook destroyCluster.yml
+````

playbooks/createCluster.yml

@@ -0,0 +1,22 @@
+---
+- hosts: local
+  roles:
+    - checkUserIsRoot
+    - { role: runTerraform, action: create }
+  tags:
+    - createCluster
+
+- hosts: kvm
+  gather_facts: no
+  tasks:
+    - setup:
+  tags:
+    - createCluster
+
+- hosts: kvm
+  gather_facts: no
+  roles:
+    - installDocker
+    - setupRkeCluster
+  tags:
+    - createCluster

playbooks/destroyCluster.yml

@@ -0,0 +1,4 @@
+---
+- hosts: local
+  roles:
+    - { role: runTerraform, action: destroy }

playbooks/group_vars/all

@@ -1,6 +1,4 @@
 ---
-groupVarAnsibleGroup: swalker
 groupVarAnsibleGid: 1000
-groupVarAnsibleUser: swalker
 groupVarAnsibleUid: 1000
 ...

playbooks/inventories/hosts.yml

@@ -17,10 +17,9 @@ all:
 
         k8s-master:
           hosts:
-            192.168.122.142:
+            192.168.122.99:
 
         k8s-worker:
           hosts:
-            192.168.122.36:
-            192.168.122.6:
-...        
+            192.168.122.113:
+            192.168.122.251:     

playbooks/prepareHost.yml

@@ -0,0 +1,27 @@
+---
+- hosts: local
+  tags: ['init', 'ansible', 'kvm', 'terraform', 'tools']
+  roles:
+    - checkUserIsRoot
+
+- hosts: local
+  tags: ['ansible']
+  roles:
+    - setupAnsibleHost
+
+- hosts: local
+  tags: ['kvm']
+  become: yes
+  roles:
+    - setupKvmHost
+
+- hosts: local
+  tags: ['terraform']
+  roles:
+    - downloadNodeIso
+    - installTerraform
+
+- hosts: local
+  tags: ['tools']
+  roles:
+    - setupKubeTools

playbooks/roles/checkUserIsRoot/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Aktuell angemeldeter Benutzer und Home Verzeichnis ausgeben
+  debug:
+    msg: "{{ ansible_user_id }} - {{ lookup('env','HOME') }} - {{ playbook_dir }} - {{ role_path }}"
+  tags: debug
+
+- fail: msg="Das Playbook darf NICHT als Benutzer root (sudo) ausgeführt werden!!!"
+  when: "ansible_user_id == 'root' "
+  tags: debug

playbooks/roles/downloadNodeIso/tasks/main.yml

@@ -3,8 +3,8 @@
   file:
     path: "{{ role_path }}/files/"
     state: directory
-    owner: "{{ groupVarAnsibleUser }}"
-    group: "{{ groupVarAnsibleGroup }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
     mode: 0755
   tags:
     - alpine

playbooks/roles/downloadNodeIso/vars/main.yml

@@ -2,5 +2,4 @@
 roleVarAlpineDownload: http://dl-cdn.alpinelinux.org/alpine/v3.8/releases/x86_64/alpine-virt-3.8.1-x86_64.iso
 roleVarAlpineDownloadChecksum: sha256:83ede521b174d99a0975c3653e7310b58075fa68fb773ed6995b974a44df60ce
 roleVarUbuntuDownload: https://cloud-images.ubuntu.com/releases/18.04/release/ubuntu-18.04-server-cloudimg-amd64.img
-roleVarUbuntuDownloadChecksum: sha256:5a80b6116471229482b5c5246b412e4716ac501e7aa3dd0f60b0debdcebbcfc1
-...
+roleVarUbuntuDownloadChecksum: sha256:19e9853d8267b3f546e8f3824bbe04756d65ddf9c0068373079933e3359331d3

playbooks/roles/installTerraform/tasks/main.yml

@@ -4,27 +4,27 @@
     path: "{{ item }}"
     mode: 0700
     recurse: yes
-    owner: "{{ groupVarAnsibleUser }}"
-    group: "{{ groupVarAnsibleGroup }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
   with_items:
-    - "{{ hostVarAnsibleUserHome }}/.terraform.d/plugins/"
-    - "{{ hostVarAnsibleUserHome }}/bin/"
+    - "{{ lookup('env','HOME') }}/.terraform.d/plugins/"
+    - "{{ lookup('env','HOME') }}/bin/"
 
 - name: creating temporary file dir
   file:
     path: "{{ role_path }}/files/"
     mode: 0775
     recurse: yes
-    owner: "{{ groupVarAnsibleUser }}"
-    group: "{{ groupVarAnsibleGroup }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
 
 - name: Download terraform with check (sha256) and terraform-provider-libvirt
   get_url:
     url: "{{ item.src }}"
     dest: "{{ item.dst }}"
     checksum: "{{ item.cks | default(omit) }}"
-    owner: "{{ groupVarAnsibleUser }}" 
-    group: "{{ groupVarAnsibleGroup }}"
+    owner: "{{ ansible_user_id }}" 
+    group: "{{ ansible_user_id }}"
     mode: 0600
   with_items:
     - { src: "{{ roleVarTerraformDownload }}", dst: "{{ role_path }}/files/{{ roleVarTerraformDownload | basename }}", cks: "{{ roleVarTerraformDownloadChecksum }}" }
@@ -35,11 +35,11 @@
     src: "{{ item.src }}"
     dest: "{{ item.dst }}"
     mode: 0700
-    owner: "{{ groupVarAnsibleUser }}"
-    group: "{{ groupVarAnsibleGroup }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
   with_items:
-    - { src: "{{ role_path }}/files/{{ roleVarTerraformDownload | basename }}", dst: "{{ hostVarAnsibleUserHome }}/bin/" }
-    - { src: "{{ role_path }}/files/{{ roleVarTerraformProviderLibvirtDownload | basename }}", dst: "{{ hostVarAnsibleUserHome }}/.terraform.d/plugins/" }
+    - { src: "{{ role_path }}/files/{{ roleVarTerraformDownload | basename }}", dst: "{{ lookup('env','HOME') }}/bin/" }
+    - { src: "{{ role_path }}/files/{{ roleVarTerraformProviderLibvirtDownload | basename }}", dst: "{{ lookup('env','HOME') }}/.terraform.d/plugins/" }
 
 - name: deleting zipfile of terraform and terraform-provider-libvirt
   file:

playbooks/roles/installTerraform/vars/main.yml

@@ -1,5 +1,4 @@
 ---
-roleVarTerraformDownload: https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_linux_amd64.zip
-roleVarTerraformDownloadChecksum: sha256:43543a0e56e31b0952ea3623521917e060f2718ab06fe2b2d506cfaa14d54527
-roleVarTerraformProviderLibvirtDownload: https://github.com/dmacvicar/terraform-provider-libvirt/releases/download/v0.5.0/terraform-provider-libvirt-0.5.0.Ubuntu_18.04.amd64.tar.gz
-...
+roleVarTerraformDownload: https://releases.hashicorp.com/terraform/0.11.11/terraform_0.11.11_linux_amd64.zip
+roleVarTerraformDownloadChecksum: sha256:94504f4a67bad612b5c8e3a4b7ce6ca2772b3c1559630dfd71e9c519e3d6149c
+roleVarTerraformProviderLibvirtDownload: https://github.com/dmacvicar/terraform-provider-libvirt/releases/download/v0.5.1/terraform-provider-libvirt-0.5.1.Ubuntu_18.04.amd64.tar.gz

playbooks/roles/runTerraform/tasks/create.yml

@@ -0,0 +1,95 @@
+---
+- name: Create workspace folder
+  file:
+    path: "{{ role_path }}/{{ workspacefolder }}"
+    state: directory
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+  tags: prepareCluster, createCluster
+
+- name: prepare Terraform file
+  template:
+    src: multiNode.j2.tf
+    dest: "{{ role_path }}/{{ workspacefolder }}/multiNode.tf"
+    force: yes
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+    mode: "u=rw,g=r,o=r"
+  tags: prepareCluster, createCluster
+
+- name: prepare cloudconfig.cfg
+  template:
+    src: cloudconfig.j2.cfg
+    dest: "{{ role_path }}/{{ workspacefolder }}/cloudconfig.cfg"
+    force: yes
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+    mode: "u=rw,g=r,o=r"
+  tags: prepareCluster, createCluster
+
+- name: run Terraform to create cluster
+  terraform:
+    project_path: '{{ role_path }}/{{ workspacefolder }}'
+    state: present
+    force_init: yes
+  register: terraform
+  tags: createCluster
+
+- name: Terraform Command
+  debug:
+    msg: "{{ terraform.command }}"
+  tags: createCluster
+
+- name: Print return value
+  debug:
+    msg: "{{ terraform.outputs.ips.value }}"
+  tags: createCluster
+
+- name: Variable setzen master
+  set_fact:
+    ip_master: "{{ terraform.outputs.ip_master.value }}"
+  tags: createCluster
+
+- name: Variable setzen worker 1
+  set_fact:
+    ip_worker1: "{{ terraform.outputs.ip_worker1.value }}"
+  tags: createCluster
+
+- name: Variable setzen worker 2
+  set_fact:
+    ip_worker2: "{{ terraform.outputs.ip_worker2.value }}"
+  tags: createCluster
+
+- name: IPs ausgeben
+  debug:
+    msg: 'Master {{ ip_master }} - Worker1 {{ ip_worker1 }} - Worker2 {{ ip_worker2 }}'
+  tags: createCluster
+
+- name: prepare host file
+  template:
+    src: hosts.j2.yml
+    dest: "{{ playbook_dir }}/inventories/hosts.yml"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+    mode: "u=rw,g=r,o=r"
+  tags: createCluster
+
+- name: Refresh inventory
+  meta: refresh_inventory
+  tags: createCluster
+
+- name: remove ssh_keys of actual cluster members from known hosts
+  known_hosts:
+    state: absent
+    name: "{{ item }}"
+  with_items: 
+    - "{{ ip_master }}"
+    - "{{ ip_worker1 }}"
+    - "{{ ip_worker2 }}"
+  tags: createCluster
+
+- name: sleep for 10 seconds and continue with play
+  wait_for: 
+    timeout: 10
+  delegate_to: localhost
+  tags: createCluster

playbooks/roles/runTerraform/tasks/destroy.yml

@@ -0,0 +1,25 @@
+---
+- name: Create workspace folder
+  file:
+    path: "{{ role_path }}/{{ workspacefolder }}"
+    state: directory
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+  tags: prepareCluster, createCluster, destroyCluster
+
+- name: prepare Terraform file
+  template:
+    src: multiNode.j2.tf
+    dest: "{{ role_path }}/{{ workspacefolder }}/multiNode.tf"
+    force: yes
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+    mode: "u=rw,g=r,o=r"
+  tags: prepareCluster, destroyCluster
+
+- name: run Terraform to destroy cluster
+  terraform:
+    project_path: '{{ role_path }}/{{ workspacefolder }}'
+    state: absent
+  register: terraform
+  tags: destroyCluster

playbooks/roles/runTerraform/tasks/main.yml

@@ -0,0 +1,2 @@
+# anhand des Parameters wird die auszuführende Aktion ausgewählt
+- include: "{{ action }}.yml"

playbooks/roles/runTerraform/templates/cloudconfig.j2.cfg

@@ -0,0 +1,15 @@
+#cloud-config
+#
+# Goal here is to just extend the default root LVM to the full size of the disk during boot
+# Tested with CentOS 7
+# Ensure that the image has cloud-init and cloud-utils-growpart installed prior to running this cloud-init
+
+growpart:
+  mode: growpart
+  devices: ['/dev/vda1']
+  ignore_growroot_disabled: false
+
+runcmd:
+  - pvresize /dev/vda1
+  - lvmdev="$(mount | grep 'on / ' | awk '{print $1}')"
+  - lvresize -r $lvmdev /dev/vda1

playbooks/roles/runTerraform/templates/hosts.j2.yml

@@ -0,0 +1,25 @@
+---
+all:
+  children:
+
+    local:
+      hosts:
+        localhost:
+      vars:
+        ansible_connection: local
+        ansible_python_interpreter: /usr/bin/python3
+
+    kvm:
+      vars:
+        ansible_python_interpreter: /usr/bin/python3
+        docker_service_dir: /root/docker
+      children:
+
+        k8s-master:
+          hosts:
+            {{ ip_master }}:
+
+        k8s-worker:
+          hosts:
+            {{ ip_worker1 }}:
+            {{ ip_worker2 }}: