From 60952c363f6401c63ab04c33d9bcc388b0c63d10 Mon Sep 17 00:00:00 2001 From: smoleyxd Date: Fri, 29 Mar 2024 16:07:20 -0400 Subject: [PATCH] added some ansible configurations --- ansible/inventory/dev.ini | 17 +++++ ansible/inventory/group_vars/all.yml | 3 + ansible/inventory/group_vars/k8s_masters.yml | 3 + ansible/inventory/group_vars/k8s_workers.yml | 6 ++ ansible/inventory/group_vars/monitoring.yml | 4 ++ ansible/inventory/host_vars/k8s-master-01.yml | 6 ++ ansible/inventory/host_vars/k8s-worker-01.yml | 4 ++ ansible/inventory/host_vars/k8s-worker-02.yml | 4 ++ ansible/inventory/host_vars/monitoring.yml | 6 ++ ansible/inventory/prd.ini | 17 +++++ ansible/inventory/staging.ini | 17 +++++ ansible/playbooks/deploy-cilium.yaml | 0 ansible/playbooks/setup-k8s-nodes.yml | 12 ++++ ansible/playbooks/setup-kubernetes.yaml | 0 ansible/playbooks/update-cilium.yaml | 35 ++++++++++ ansible/roles/kubernetes-setup/tasks/main.yml | 70 +++++++++++++++++++ .../environments/dev/main.tf | 0 .../environments/dev/outputs.tf | 0 .../environments/dev/variables.tf | 0 .../environments/prd/main.tf | 0 .../environments/prd/outputs.tf | 0 .../environments/prd/variables.tf | 0 .../environments/staging/main.tf | 0 .../environments/staging/outputs.tf | 0 .../environments/staging/variables.tf | 0 {terraforn => terraform}/main.tf | 0 .../modules/cilium/cilium-values.yaml | 0 .../modules/cilium/main.tf | 0 .../modules/cilium/outputs.tf | 0 .../modules/cilium/variables.tf | 0 .../modules/cloudwatch/main.tf | 0 .../modules/cloudwatch/outputs.tf | 0 .../modules/cloudwatch/variables.tf | 0 {terraforn => terraform}/modules/ec2/main.tf | 0 .../modules/ec2/outputs.tf | 0 .../modules/ec2/variables.tf | 0 {terraforn => terraform}/modules/iam/main.tf | 0 .../modules/iam/outputs.tf | 0 .../modules/iam/variables.tf | 0 .../modules/networking/main.tf | 0 .../modules/networking/outputs.tf | 0 .../modules/networking/variables.tf | 0 {terraforn => terraform}/modules/s3/main.tf | 0 .../modules/s3/outputs.tf | 0 .../modules/s3/variables.tf | 0 .../modules/security groups/main.tf | 0 .../modules/security groups/outputs.tf | 0 .../modules/security groups/variables.tf | 0 {terraforn => terraform}/modules/vpc/main.tf | 0 .../modules/vpc/outputs.tf | 0 .../modules/vpc/variables.tf | 0 {terraforn => terraform}/notes.txt | 0 {terraforn => terraform}/outputs.tf | 0 {terraforn => terraform}/variables.tf | 0 {terraforn => terraform}/versions.tf | 0 55 files changed, 204 insertions(+) create mode 100644 ansible/inventory/group_vars/all.yml create mode 100644 ansible/inventory/group_vars/k8s_masters.yml create mode 100644 ansible/inventory/group_vars/k8s_workers.yml create mode 100644 ansible/inventory/group_vars/monitoring.yml create mode 100644 ansible/inventory/host_vars/k8s-master-01.yml create mode 100644 ansible/inventory/host_vars/k8s-worker-01.yml create mode 100644 ansible/inventory/host_vars/k8s-worker-02.yml create mode 100644 ansible/inventory/host_vars/monitoring.yml delete mode 100644 ansible/playbooks/deploy-cilium.yaml create mode 100644 ansible/playbooks/setup-k8s-nodes.yml delete mode 100644 ansible/playbooks/setup-kubernetes.yaml create mode 100644 ansible/playbooks/update-cilium.yaml create mode 100644 ansible/roles/kubernetes-setup/tasks/main.yml rename {terraforn => terraform}/environments/dev/main.tf (100%) rename {terraforn => terraform}/environments/dev/outputs.tf (100%) rename {terraforn => terraform}/environments/dev/variables.tf (100%) rename {terraforn => terraform}/environments/prd/main.tf (100%) rename {terraforn => terraform}/environments/prd/outputs.tf (100%) rename {terraforn => terraform}/environments/prd/variables.tf (100%) rename {terraforn => terraform}/environments/staging/main.tf (100%) rename {terraforn => terraform}/environments/staging/outputs.tf (100%) rename {terraforn => terraform}/environments/staging/variables.tf (100%) rename {terraforn => terraform}/main.tf (100%) rename {terraforn => terraform}/modules/cilium/cilium-values.yaml (100%) rename {terraforn => terraform}/modules/cilium/main.tf (100%) rename {terraforn => terraform}/modules/cilium/outputs.tf (100%) rename {terraforn => terraform}/modules/cilium/variables.tf (100%) rename {terraforn => terraform}/modules/cloudwatch/main.tf (100%) rename {terraforn => terraform}/modules/cloudwatch/outputs.tf (100%) rename {terraforn => terraform}/modules/cloudwatch/variables.tf (100%) rename {terraforn => terraform}/modules/ec2/main.tf (100%) rename {terraforn => terraform}/modules/ec2/outputs.tf (100%) rename {terraforn => terraform}/modules/ec2/variables.tf (100%) rename {terraforn => terraform}/modules/iam/main.tf (100%) rename {terraforn => terraform}/modules/iam/outputs.tf (100%) rename {terraforn => terraform}/modules/iam/variables.tf (100%) rename {terraforn => terraform}/modules/networking/main.tf (100%) rename {terraforn => terraform}/modules/networking/outputs.tf (100%) rename {terraforn => terraform}/modules/networking/variables.tf (100%) rename {terraforn => terraform}/modules/s3/main.tf (100%) rename {terraforn => terraform}/modules/s3/outputs.tf (100%) rename {terraforn => terraform}/modules/s3/variables.tf (100%) rename {terraforn => terraform}/modules/security groups/main.tf (100%) rename {terraforn => terraform}/modules/security groups/outputs.tf (100%) rename {terraforn => terraform}/modules/security groups/variables.tf (100%) rename {terraforn => terraform}/modules/vpc/main.tf (100%) rename {terraforn => terraform}/modules/vpc/outputs.tf (100%) rename {terraforn => terraform}/modules/vpc/variables.tf (100%) rename {terraforn => terraform}/notes.txt (100%) rename {terraforn => terraform}/outputs.tf (100%) rename {terraforn => terraform}/variables.tf (100%) rename {terraforn => terraform}/versions.tf (100%) diff --git a/ansible/inventory/dev.ini b/ansible/inventory/dev.ini index e69de29..7d406b2 100644 --- a/ansible/inventory/dev.ini +++ b/ansible/inventory/dev.ini @@ -0,0 +1,17 @@ +[k8s_masters] +dev-k8s-master ansible_host= # TODO Add IP + +[k8s_workers] +dev-k8s-worker-01 ansible_host= # TODO Add IP +dev-k8s-worker-02 ansible_host= # TODO Add IP + +[monitoring] +dev-monitoring ansible_host= # TODO Add IP + +[k8s_cluster:children] +k8s_masters +k8s_workers + +[dev:children] +k8s_cluster +monitoring diff --git a/ansible/inventory/group_vars/all.yml b/ansible/inventory/group_vars/all.yml new file mode 100644 index 0000000..630b65c --- /dev/null +++ b/ansible/inventory/group_vars/all.yml @@ -0,0 +1,3 @@ +# inventory/group_vars/all.yml +ansible_user: admin +base_path: /opt/project diff --git a/ansible/inventory/group_vars/k8s_masters.yml b/ansible/inventory/group_vars/k8s_masters.yml new file mode 100644 index 0000000..083805c --- /dev/null +++ b/ansible/inventory/group_vars/k8s_masters.yml @@ -0,0 +1,3 @@ +# inventory/group_vars/k8s_masters.yml +kubernetes_version: "1.21.0" +master_node_label: master diff --git a/ansible/inventory/group_vars/k8s_workers.yml b/ansible/inventory/group_vars/k8s_workers.yml new file mode 100644 index 0000000..c755995 --- /dev/null +++ b/ansible/inventory/group_vars/k8s_workers.yml @@ -0,0 +1,6 @@ +# inventory/group_vars/k8s_workers.yml +kubernetes_version: "1.21.0" +docker_version: "20.10" +worker_node_labels: + - worker + - compute diff --git a/ansible/inventory/group_vars/monitoring.yml b/ansible/inventory/group_vars/monitoring.yml new file mode 100644 index 0000000..f827d12 --- /dev/null +++ b/ansible/inventory/group_vars/monitoring.yml @@ -0,0 +1,4 @@ +# inventory/group_vars/monitoring.yml +prometheus_version: "2.26.0" +grafana_version: "7.5.4" +monitoring_path: "{{ base_path }}/monitoring" diff --git a/ansible/inventory/host_vars/k8s-master-01.yml b/ansible/inventory/host_vars/k8s-master-01.yml new file mode 100644 index 0000000..2dbb82e --- /dev/null +++ b/ansible/inventory/host_vars/k8s-master-01.yml @@ -0,0 +1,6 @@ +# inventory/host_vars/k8s-master-01.yml +hostname: k8s-master-01 +special_roles: + - api-server + - scheduler +api_server_advertise_address: "?????" # TODO Set this diff --git a/ansible/inventory/host_vars/k8s-worker-01.yml b/ansible/inventory/host_vars/k8s-worker-01.yml new file mode 100644 index 0000000..8dcb36a --- /dev/null +++ b/ansible/inventory/host_vars/k8s-worker-01.yml @@ -0,0 +1,4 @@ +# inventory/host_vars/k8s-worker-01.yml +hostname: k8s-worker-01 + +# TODO Configuration settings diff --git a/ansible/inventory/host_vars/k8s-worker-02.yml b/ansible/inventory/host_vars/k8s-worker-02.yml new file mode 100644 index 0000000..bbe1011 --- /dev/null +++ b/ansible/inventory/host_vars/k8s-worker-02.yml @@ -0,0 +1,4 @@ +# inventory/host_vars/dev-k8s-worker-02.yml +hostname: k8s-worker-02 + +# TODO Configuration settings diff --git a/ansible/inventory/host_vars/monitoring.yml b/ansible/inventory/host_vars/monitoring.yml new file mode 100644 index 0000000..d9a557f --- /dev/null +++ b/ansible/inventory/host_vars/monitoring.yml @@ -0,0 +1,6 @@ +# inventory/host_vars/monitoring.yml +hostname: monitoring +grafana_admin_password: "?????" # TODO Set this +prometheus_config_path: "/etc/prometheus/prometheus.yml" + +# TODO Setup prometheus configs via ansible \ No newline at end of file diff --git a/ansible/inventory/prd.ini b/ansible/inventory/prd.ini index e69de29..188c197 100644 --- a/ansible/inventory/prd.ini +++ b/ansible/inventory/prd.ini @@ -0,0 +1,17 @@ +[k8s_masters] +prd-k8s-master ansible_host= # TODO Add IP + +[k8s_workers] +prd-k8s-worker-01 ansible_host= # TODO Add IP +prd-k8s-worker-02 ansible_host= # TODO Add IP + +[monitoring] +prd-monitoring ansible_host= # TODO Add IP + +[k8s_cluster:children] +k8s_masters +k8s_workers + +[prd:children] +k8s_cluster +monitoring diff --git a/ansible/inventory/staging.ini b/ansible/inventory/staging.ini index e69de29..4d1e65c 100644 --- a/ansible/inventory/staging.ini +++ b/ansible/inventory/staging.ini @@ -0,0 +1,17 @@ +[k8s_masters] +staging-k8s-master ansible_host= # TODO Add IP + +[k8s_workers] +staging-k8s-worker-01 ansible_host= # TODO Add IP +staging-k8s-worker-02 ansible_host= # TODO Add IP + +[monitoring] +staging-monitoring ansible_host= # TODO Add IP + +[k8s_cluster:children] +k8s_masters +k8s_workers + +[staging:children] +k8s_cluster +monitoring diff --git a/ansible/playbooks/deploy-cilium.yaml b/ansible/playbooks/deploy-cilium.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/ansible/playbooks/setup-k8s-nodes.yml b/ansible/playbooks/setup-k8s-nodes.yml new file mode 100644 index 0000000..2ee5a42 --- /dev/null +++ b/ansible/playbooks/setup-k8s-nodes.yml @@ -0,0 +1,12 @@ +--- +- name: Setup Kubernetes Master Nodes + hosts: k8s_masters + become: true + roles: + - kubernetes_setup + +- name: Setup Kubernetes Worker Nodes + hosts: k8s_workers + become: true + roles: + - kubernetes_setup diff --git a/ansible/playbooks/setup-kubernetes.yaml b/ansible/playbooks/setup-kubernetes.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/ansible/playbooks/update-cilium.yaml b/ansible/playbooks/update-cilium.yaml new file mode 100644 index 0000000..f8150bd --- /dev/null +++ b/ansible/playbooks/update-cilium.yaml @@ -0,0 +1,35 @@ +--- +- name: Update Cilium Configuration + hosts: k8s_masters[0] # Targeting the first master node for Helm operations + become: yes + vars: + kube_config_path: "/home/ubuntu/.kube/config" # TODO Ensure correct path, fix if needed I just assumed this would be it + cilium_chart_name: "cilium/cilium" + cilium_chart_version: "1.9.5" # Specify target version for update + cilium_namespace: "kube-system" + hubble_relay_enabled: true + hubble_ui_enabled: true + + tasks: + - name: Ensure Helm is installed using binary installation + ansible.builtin.get_url: + url: "https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz" + dest: "/tmp/helm.tar.gz" + mode: '0755' + register: helm_download + until: helm_download is succeeded + + - name: Update Cilium with new configurations using Helm + community.kubernetes.helm: + kubeconfig: "{{ kube_config_path }}" + name: "cilium" + chart_ref: "{{ cilium_chart_name }}" + chart_version: "{{ cilium_chart_version }}" + release_namespace: "{{ cilium_namespace }}" + values: + hubble: + relay: + enabled: "{{ hubble_relay_enabled }}" + ui: + enabled: "{{ hubble_ui_enabled }}" + state: present diff --git a/ansible/roles/kubernetes-setup/tasks/main.yml b/ansible/roles/kubernetes-setup/tasks/main.yml new file mode 100644 index 0000000..53b2ce9 --- /dev/null +++ b/ansible/roles/kubernetes-setup/tasks/main.yml @@ -0,0 +1,70 @@ +--- +- name: Install Docker + ansible.builtin.package: + name: docker + state: present + +- name: Add Kubernetes apt repository + ansible.builtin.apt_repository: + repo: deb http://apt.kubernetes.io/ kubernetes-xenial main + state: present + filename: kubernetes + +- name: Install apt-transport-https + ansible.builtin.package: + name: apt-transport-https + state: present + +- name: Install kubelet, kubeadm, and kubectl + ansible.builtin.package: + name: + - kubelet + - kubeadm + - kubectl + state: present + +- name: Hold kubelet, kubeadm, and kubectl at current version + ansible.builtin.apt: + name: "{{ item }}" + state: present + update_cache: yes + cache_valid_time: 3600 + hold: yes + loop: + - kubelet + - kubeadm + - kubectl +- name: Initialize the Kubernetes cluster + command: kubeadm init --pod-network-cidr=10.244.0.0/16 # TODO Change this to network plugin + when: inventory_hostname in groups['k8s_masters'] + register: kubeadm_init + +- name: Create .kube directory + ansible.builtin.file: + path: "/home/{{ ansible_user }}/.kube" + state: directory + mode: '0755' + when: kubeadm_init is changed + +- name: Copy admin kubeconfig to user's home + copy: + src: "/etc/kubernetes/admin.conf" + dest: "/home/{{ ansible_user }}/.kube/config" + remote_src: yes + owner: "{{ ansible_user }}" + mode: '0644' + when: kubeadm_init is changed + +# Manual approach running separate task manually running to fetch join command from master node +# and execute it on the worker nodes +- name: Get join command + command: kubeadm token create --print-join-command + register: join_command + when: inventory_hostname in groups['k8s_masters'] + changed_when: false + check_mode: false + +- name: Output join command + debug: + msg: "{{ join_command.stdout }}" + when: join_command is defined diff --git a/terraforn/environments/dev/main.tf b/terraform/environments/dev/main.tf similarity index 100% rename from terraforn/environments/dev/main.tf rename to terraform/environments/dev/main.tf diff --git a/terraforn/environments/dev/outputs.tf b/terraform/environments/dev/outputs.tf similarity index 100% rename from terraforn/environments/dev/outputs.tf rename to terraform/environments/dev/outputs.tf diff --git a/terraforn/environments/dev/variables.tf b/terraform/environments/dev/variables.tf similarity index 100% rename from terraforn/environments/dev/variables.tf rename to terraform/environments/dev/variables.tf diff --git a/terraforn/environments/prd/main.tf b/terraform/environments/prd/main.tf similarity index 100% rename from terraforn/environments/prd/main.tf rename to terraform/environments/prd/main.tf diff --git a/terraforn/environments/prd/outputs.tf b/terraform/environments/prd/outputs.tf similarity index 100% rename from terraforn/environments/prd/outputs.tf rename to terraform/environments/prd/outputs.tf diff --git a/terraforn/environments/prd/variables.tf b/terraform/environments/prd/variables.tf similarity index 100% rename from terraforn/environments/prd/variables.tf rename to terraform/environments/prd/variables.tf diff --git a/terraforn/environments/staging/main.tf b/terraform/environments/staging/main.tf similarity index 100% rename from terraforn/environments/staging/main.tf rename to terraform/environments/staging/main.tf diff --git a/terraforn/environments/staging/outputs.tf b/terraform/environments/staging/outputs.tf similarity index 100% rename from terraforn/environments/staging/outputs.tf rename to terraform/environments/staging/outputs.tf diff --git a/terraforn/environments/staging/variables.tf b/terraform/environments/staging/variables.tf similarity index 100% rename from terraforn/environments/staging/variables.tf rename to terraform/environments/staging/variables.tf diff --git a/terraforn/main.tf b/terraform/main.tf similarity index 100% rename from terraforn/main.tf rename to terraform/main.tf diff --git a/terraforn/modules/cilium/cilium-values.yaml b/terraform/modules/cilium/cilium-values.yaml similarity index 100% rename from terraforn/modules/cilium/cilium-values.yaml rename to terraform/modules/cilium/cilium-values.yaml diff --git a/terraforn/modules/cilium/main.tf b/terraform/modules/cilium/main.tf similarity index 100% rename from terraforn/modules/cilium/main.tf rename to terraform/modules/cilium/main.tf diff --git a/terraforn/modules/cilium/outputs.tf b/terraform/modules/cilium/outputs.tf similarity index 100% rename from terraforn/modules/cilium/outputs.tf rename to terraform/modules/cilium/outputs.tf diff --git a/terraforn/modules/cilium/variables.tf b/terraform/modules/cilium/variables.tf similarity index 100% rename from terraforn/modules/cilium/variables.tf rename to terraform/modules/cilium/variables.tf diff --git a/terraforn/modules/cloudwatch/main.tf b/terraform/modules/cloudwatch/main.tf similarity index 100% rename from terraforn/modules/cloudwatch/main.tf rename to terraform/modules/cloudwatch/main.tf diff --git a/terraforn/modules/cloudwatch/outputs.tf b/terraform/modules/cloudwatch/outputs.tf similarity index 100% rename from terraforn/modules/cloudwatch/outputs.tf rename to terraform/modules/cloudwatch/outputs.tf diff --git a/terraforn/modules/cloudwatch/variables.tf b/terraform/modules/cloudwatch/variables.tf similarity index 100% rename from terraforn/modules/cloudwatch/variables.tf rename to terraform/modules/cloudwatch/variables.tf diff --git a/terraforn/modules/ec2/main.tf b/terraform/modules/ec2/main.tf similarity index 100% rename from terraforn/modules/ec2/main.tf rename to terraform/modules/ec2/main.tf diff --git a/terraforn/modules/ec2/outputs.tf b/terraform/modules/ec2/outputs.tf similarity index 100% rename from terraforn/modules/ec2/outputs.tf rename to terraform/modules/ec2/outputs.tf diff --git a/terraforn/modules/ec2/variables.tf b/terraform/modules/ec2/variables.tf similarity index 100% rename from terraforn/modules/ec2/variables.tf rename to terraform/modules/ec2/variables.tf diff --git a/terraforn/modules/iam/main.tf b/terraform/modules/iam/main.tf similarity index 100% rename from terraforn/modules/iam/main.tf rename to terraform/modules/iam/main.tf diff --git a/terraforn/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf similarity index 100% rename from terraforn/modules/iam/outputs.tf rename to terraform/modules/iam/outputs.tf diff --git a/terraforn/modules/iam/variables.tf b/terraform/modules/iam/variables.tf similarity index 100% rename from terraforn/modules/iam/variables.tf rename to terraform/modules/iam/variables.tf diff --git a/terraforn/modules/networking/main.tf b/terraform/modules/networking/main.tf similarity index 100% rename from terraforn/modules/networking/main.tf rename to terraform/modules/networking/main.tf diff --git a/terraforn/modules/networking/outputs.tf b/terraform/modules/networking/outputs.tf similarity index 100% rename from terraforn/modules/networking/outputs.tf rename to terraform/modules/networking/outputs.tf diff --git a/terraforn/modules/networking/variables.tf b/terraform/modules/networking/variables.tf similarity index 100% rename from terraforn/modules/networking/variables.tf rename to terraform/modules/networking/variables.tf diff --git a/terraforn/modules/s3/main.tf b/terraform/modules/s3/main.tf similarity index 100% rename from terraforn/modules/s3/main.tf rename to terraform/modules/s3/main.tf diff --git a/terraforn/modules/s3/outputs.tf b/terraform/modules/s3/outputs.tf similarity index 100% rename from terraforn/modules/s3/outputs.tf rename to terraform/modules/s3/outputs.tf diff --git a/terraforn/modules/s3/variables.tf b/terraform/modules/s3/variables.tf similarity index 100% rename from terraforn/modules/s3/variables.tf rename to terraform/modules/s3/variables.tf diff --git a/terraforn/modules/security groups/main.tf b/terraform/modules/security groups/main.tf similarity index 100% rename from terraforn/modules/security groups/main.tf rename to terraform/modules/security groups/main.tf diff --git a/terraforn/modules/security groups/outputs.tf b/terraform/modules/security groups/outputs.tf similarity index 100% rename from terraforn/modules/security groups/outputs.tf rename to terraform/modules/security groups/outputs.tf diff --git a/terraforn/modules/security groups/variables.tf b/terraform/modules/security groups/variables.tf similarity index 100% rename from terraforn/modules/security groups/variables.tf rename to terraform/modules/security groups/variables.tf diff --git a/terraforn/modules/vpc/main.tf b/terraform/modules/vpc/main.tf similarity index 100% rename from terraforn/modules/vpc/main.tf rename to terraform/modules/vpc/main.tf diff --git a/terraforn/modules/vpc/outputs.tf b/terraform/modules/vpc/outputs.tf similarity index 100% rename from terraforn/modules/vpc/outputs.tf rename to terraform/modules/vpc/outputs.tf diff --git a/terraforn/modules/vpc/variables.tf b/terraform/modules/vpc/variables.tf similarity index 100% rename from terraforn/modules/vpc/variables.tf rename to terraform/modules/vpc/variables.tf diff --git a/terraforn/notes.txt b/terraform/notes.txt similarity index 100% rename from terraforn/notes.txt rename to terraform/notes.txt diff --git a/terraforn/outputs.tf b/terraform/outputs.tf similarity index 100% rename from terraforn/outputs.tf rename to terraform/outputs.tf diff --git a/terraforn/variables.tf b/terraform/variables.tf similarity index 100% rename from terraforn/variables.tf rename to terraform/variables.tf diff --git a/terraforn/versions.tf b/terraform/versions.tf similarity index 100% rename from terraforn/versions.tf rename to terraform/versions.tf