diff options
Diffstat (limited to 'roles/kubernetes/base')
-rw-r--r-- | roles/kubernetes/base/files/kubernetes-apt-key.asc | 18 | ||||
-rw-r--r-- | roles/kubernetes/base/handlers/main.yml | 5 | ||||
-rw-r--r-- | roles/kubernetes/base/meta/main.yml | 3 | ||||
-rw-r--r-- | roles/kubernetes/base/tasks/main.yml | 90 | ||||
-rw-r--r-- | roles/kubernetes/base/templates/20-dns.conf.j2 | 2 | ||||
-rw-r--r-- | roles/kubernetes/base/templates/50-extra.conf.j2 | 3 |
6 files changed, 121 insertions, 0 deletions
diff --git a/roles/kubernetes/base/files/kubernetes-apt-key.asc b/roles/kubernetes/base/files/kubernetes-apt-key.asc new file mode 100644 index 00000000..10af13ea --- /dev/null +++ b/roles/kubernetes/base/files/kubernetes-apt-key.asc @@ -0,0 +1,18 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFrBaNsBCADrF18KCbsZlo4NjAvVecTBCnp6WcBQJ5oSh7+E98jX9YznUCrN +rgmeCcCMUvTDRDxfTaDJybaHugfba43nqhkbNpJ47YXsIa+YL6eEE9emSmQtjrSW +IiY+2YJYwsDgsgckF3duqkb02OdBQlh6IbHPoXB6H//b1PgZYsomB+841XW1LSJP +YlYbIrWfwDfQvtkFQI90r6NknVTQlpqQh5GLNWNYqRNrGQPmsB+NrUYrkl1nUt1L +RGu+rCe4bSaSmNbwKMQKkROE4kTiB72DPk7zH4Lm0uo0YFFWG4qsMIuqEihJ/9KN +X8GYBr+tWgyLooLlsdK3l+4dVqd8cjkJM1ExABEBAAG0QEdvb2dsZSBDbG91ZCBQ +YWNrYWdlcyBBdXRvbWF0aWMgU2lnbmluZyBLZXkgPGdjLXRlYW1AZ29vZ2xlLmNv +bT6JAT4EEwECACgFAlrBaNsCGy8FCQWjmoAGCwkIBwMCBhUIAgkKCwQWAgMBAh4B +AheAAAoJEGoDCyG6B/T78e8H/1WH2LN/nVNhm5TS1VYJG8B+IW8zS4BqyozxC9iJ +AJqZIVHXl8g8a/Hus8RfXR7cnYHcg8sjSaJfQhqO9RbKnffiuQgGrqwQxuC2jBa6 +M/QKzejTeP0Mgi67pyrLJNWrFI71RhritQZmzTZ2PoWxfv6b+Tv5v0rPaG+ut1J4 +7pn+kYgtUaKdsJz1umi6HzK6AacDf0C0CksJdKG7MOWsZcB4xeOxJYuy6NuO6Kcd +Ez8/XyEUjIuIOlhYTd0hH8E/SEBbXXft7/VBQC5wNq40izPi+6WFK/e1O42DIpzQ +749ogYQ1eodexPNhLzekKR3XhGrNXJ95r5KO10VrsLFNd8I= +=TKuP +-----END PGP PUBLIC KEY BLOCK----- diff --git a/roles/kubernetes/base/handlers/main.yml b/roles/kubernetes/base/handlers/main.yml new file mode 100644 index 00000000..b61c1417 --- /dev/null +++ b/roles/kubernetes/base/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload systemd + command: systemctl daemon-reload + args: + warn: no diff --git a/roles/kubernetes/base/meta/main.yml b/roles/kubernetes/base/meta/main.yml new file mode 100644 index 00000000..724b20f1 --- /dev/null +++ b/roles/kubernetes/base/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: +- role: docker diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml new file mode 100644 index 00000000..cc3bc83a --- /dev/null +++ b/roles/kubernetes/base/tasks/main.yml @@ -0,0 +1,90 @@ +--- +- name: prepare /var/lib/kubelet as LVM + when: kubelet_lvm is defined + block: + + - name: create logical volume + lvol: + vg: "{{ kubelet_lvm.vg }}" + lv: "{{ kubelet_lvm.lv }}" + size: "{{ kubelet_lvm.size }}" + + - name: create filesystem + filesystem: + fstype: "{{ kubelet_lvm.fs }}" + dev: "/dev/mapper/{{ kubelet_lvm.vg | replace('-', '--') }}-{{ kubelet_lvm.lv | replace('-', '--') }}" + + - name: mount filesytem + mount: + src: "/dev/mapper/{{ kubelet_lvm.vg | replace('-', '--') }}-{{ kubelet_lvm.lv | replace('-', '--') }}" + path: /var/lib/kubelet + fstype: "{{ kubelet_lvm.fs }}" + state: mounted + +- name: install apt https transport + apt: + name: apt-transport-https + state: present + force: yes + +- name: add kubernetes apt key + apt_key: + data: "{{ lookup('file', 'kubernetes-apt-key.asc') }}" + state: present + +- name: add kubernetes apt repo + apt_repository: + repo: deb http://apt.kubernetes.io/ kubernetes-xenial main + state: present + filename: kubernetes + +- name: install basic kubernetes components + with_items: + - "kubelet{% if kubernetes.pkg_version is defined %}={{ kubernetes.pkg_version }}{% endif %}" + - "kubeadm{% if kubernetes.pkg_version is defined %}={{ kubernetes.pkg_version }}{% endif %}" + - "kubectl{% if kubernetes.pkg_version is defined %}={{ kubernetes.pkg_version }}{% endif %}" + apt: + name: "{{ item }}" + state: present + +- name: disable automatic upgrades for kubernetes components + when: kubernetes.pkg_version is defined + with_items: + - kubelet + - kubeadm + - kubectl + dpkg_selections: + name: "{{ item }}" + selection: hold + +- name: install kubelet config snippets + with_items: + - 20-dns.conf + - 50-extra.conf + template: + src: "{{ item }}.j2" + dest: "/etc/systemd/system/kubelet.service.d/{{ item }}" + notify: reload systemd + +- name: add dummy group with gid 998 + group: + name: app + gid: 998 + +- name: add dummy user with uid 998 + user: + name: app + uid: 998 + group: app + password: "!" + +- name: add kubectl config for shells + with_items: + - zsh + - bash + blockinfile: + path: "/root/.{{ item }}rc" + create: yes + marker: "### {mark} ANSIBLE MANAGED BLOCK for kubectl ###" + content: | + source <(kubectl completion {{ item }}) diff --git a/roles/kubernetes/base/templates/20-dns.conf.j2 b/roles/kubernetes/base/templates/20-dns.conf.j2 new file mode 100644 index 00000000..9b7ab32c --- /dev/null +++ b/roles/kubernetes/base/templates/20-dns.conf.j2 @@ -0,0 +1,2 @@ +[Service] +Environment="KUBELET_DNS_ARGS=--cluster-dns={{ kubernetes.service_ip_range | ipaddr(10) | ipaddr('address') }} --cluster-domain=cluster.local" diff --git a/roles/kubernetes/base/templates/50-extra.conf.j2 b/roles/kubernetes/base/templates/50-extra.conf.j2 new file mode 100644 index 00000000..c722ade6 --- /dev/null +++ b/roles/kubernetes/base/templates/50-extra.conf.j2 @@ -0,0 +1,3 @@ +{% set br_net = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubernetes.net_index[inventory_hostname]) -%} +[Service] +Environment="KUBELET_EXTRA_ARGS=--node-ip={{ br_net | ipaddr(1) | ipaddr('address') }}" |