added some ansible configurations

ansible/inventory/dev.ini

@@ -0,0 +1,17 @@
+[k8s_masters]
+dev-k8s-master ansible_host= # TODO Add IP
+
+[k8s_workers]
+dev-k8s-worker-01 ansible_host= # TODO Add IP
+dev-k8s-worker-02 ansible_host= # TODO Add IP
+
+[monitoring]
+dev-monitoring ansible_host= # TODO Add IP
+
+[k8s_cluster:children]
+k8s_masters
+k8s_workers
+
+[dev:children]
+k8s_cluster
+monitoring

ansible/inventory/group_vars/all.yml

@@ -0,0 +1,3 @@
+# inventory/group_vars/all.yml
+ansible_user: admin
+base_path: /opt/project

ansible/inventory/group_vars/k8s_masters.yml

@@ -0,0 +1,3 @@
+# inventory/group_vars/k8s_masters.yml
+kubernetes_version: "1.21.0"
+master_node_label: master

ansible/inventory/group_vars/k8s_workers.yml

@@ -0,0 +1,6 @@
+# inventory/group_vars/k8s_workers.yml
+kubernetes_version: "1.21.0"
+docker_version: "20.10"
+worker_node_labels:
+  - worker
+  - compute

ansible/inventory/group_vars/monitoring.yml

@@ -0,0 +1,4 @@
+# inventory/group_vars/monitoring.yml
+prometheus_version: "2.26.0"
+grafana_version: "7.5.4"
+monitoring_path: "{{ base_path }}/monitoring"

ansible/inventory/host_vars/k8s-master-01.yml

@@ -0,0 +1,6 @@
+# inventory/host_vars/k8s-master-01.yml
+hostname: k8s-master-01
+special_roles:
+  - api-server
+  - scheduler
+api_server_advertise_address: "?????" # TODO Set this

ansible/inventory/host_vars/k8s-worker-01.yml

@@ -0,0 +1,4 @@
+# inventory/host_vars/k8s-worker-01.yml
+hostname: k8s-worker-01
+
+# TODO Configuration settings

ansible/inventory/host_vars/k8s-worker-02.yml

@@ -0,0 +1,4 @@
+# inventory/host_vars/dev-k8s-worker-02.yml
+hostname: k8s-worker-02
+
+# TODO Configuration settings

ansible/inventory/host_vars/monitoring.yml

@@ -0,0 +1,6 @@
+# inventory/host_vars/monitoring.yml
+hostname: monitoring
+grafana_admin_password: "?????" # TODO Set this
+prometheus_config_path: "/etc/prometheus/prometheus.yml"
+
+# TODO Setup prometheus configs via ansible

ansible/inventory/prd.ini

@@ -0,0 +1,17 @@
+[k8s_masters]
+prd-k8s-master ansible_host= # TODO Add IP
+
+[k8s_workers]
+prd-k8s-worker-01 ansible_host= # TODO Add IP
+prd-k8s-worker-02 ansible_host= # TODO Add IP
+
+[monitoring]
+prd-monitoring ansible_host= # TODO Add IP
+
+[k8s_cluster:children]
+k8s_masters
+k8s_workers
+
+[prd:children]
+k8s_cluster
+monitoring

ansible/inventory/staging.ini

@@ -0,0 +1,17 @@
+[k8s_masters]
+staging-k8s-master ansible_host= # TODO Add IP
+
+[k8s_workers]
+staging-k8s-worker-01 ansible_host= # TODO Add IP
+staging-k8s-worker-02 ansible_host= # TODO Add IP
+
+[monitoring]
+staging-monitoring ansible_host= # TODO Add IP
+
+[k8s_cluster:children]
+k8s_masters
+k8s_workers
+
+[staging:children]
+k8s_cluster
+monitoring

ansible/playbooks/setup-k8s-nodes.yml

@@ -0,0 +1,12 @@
+---
+- name: Setup Kubernetes Master Nodes
+  hosts: k8s_masters
+  become: true
+  roles:
+    - kubernetes_setup
+
+- name: Setup Kubernetes Worker Nodes
+  hosts: k8s_workers
+  become: true
+  roles:
+    - kubernetes_setup

ansible/playbooks/update-cilium.yaml

@@ -0,0 +1,35 @@
+---
+- name: Update Cilium Configuration
+  hosts: k8s_masters[0]  # Targeting the first master node for Helm operations
+  become: yes
+  vars:
+    kube_config_path: "/home/ubuntu/.kube/config"  # TODO Ensure correct path, fix if needed I just assumed this would be it
+    cilium_chart_name: "cilium/cilium"
+    cilium_chart_version: "1.9.5"  # Specify target version for update
+    cilium_namespace: "kube-system"
+    hubble_relay_enabled: true
+    hubble_ui_enabled: true
+
+  tasks:
+    - name: Ensure Helm is installed using binary installation
+      ansible.builtin.get_url:
+        url: "https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz"
+        dest: "/tmp/helm.tar.gz"
+        mode: '0755'
+      register: helm_download
+      until: helm_download is succeeded
+
+    - name: Update Cilium with new configurations using Helm
+      community.kubernetes.helm:
+        kubeconfig: "{{ kube_config_path }}"
+        name: "cilium"
+        chart_ref: "{{ cilium_chart_name }}"
+        chart_version: "{{ cilium_chart_version }}"
+        release_namespace: "{{ cilium_namespace }}"
+        values:
+          hubble:
+            relay:
+              enabled: "{{ hubble_relay_enabled }}"
+            ui:
+              enabled: "{{ hubble_ui_enabled }}"
+        state: present

ansible/roles/kubernetes-setup/tasks/main.yml

@@ -0,0 +1,70 @@
+---
+- name: Install Docker
+  ansible.builtin.package:
+    name: docker
+    state: present
+
+- name: Add Kubernetes apt repository
+  ansible.builtin.apt_repository:
+    repo: deb http://apt.kubernetes.io/ kubernetes-xenial main
+    state: present
+    filename: kubernetes
+
+- name: Install apt-transport-https
+  ansible.builtin.package:
+    name: apt-transport-https
+    state: present
+
+- name: Install kubelet, kubeadm, and kubectl
+  ansible.builtin.package:
+    name:
+      - kubelet
+      - kubeadm
+      - kubectl
+    state: present
+
+- name: Hold kubelet, kubeadm, and kubectl at current version
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+    hold: yes
+  loop:
+    - kubelet
+    - kubeadm
+    - kubectl
+- name: Initialize the Kubernetes cluster
+  command: kubeadm init --pod-network-cidr=10.244.0.0/16 # TODO Change this to network plugin
+  when: inventory_hostname in groups['k8s_masters']
+  register: kubeadm_init
+
+- name: Create .kube directory
+  ansible.builtin.file:
+    path: "/home/{{ ansible_user }}/.kube"
+    state: directory
+    mode: '0755'
+  when: kubeadm_init is changed
+
+- name: Copy admin kubeconfig to user's home
+  copy:
+    src: "/etc/kubernetes/admin.conf"
+    dest: "/home/{{ ansible_user }}/.kube/config"
+    remote_src: yes
+    owner: "{{ ansible_user }}"
+    mode: '0644'
+  when: kubeadm_init is changed
+
+# Manual approach running separate task manually running to fetch join command from master node
+# and execute it on the worker nodes
+- name: Get join command
+  command: kubeadm token create --print-join-command
+  register: join_command
+  when: inventory_hostname in groups['k8s_masters']
+  changed_when: false
+  check_mode: false
+
+- name: Output join command
+  debug:
+    msg: "{{ join_command.stdout }}"
+  when: join_command is defined