From 2ff93996b073b4f6d22d9e57b49e6849da474cf6 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 11 Jan 2022 17:36:10 +0100 Subject: move lendwirbel k8s cluster to graveyard --- _graveyard_/inventory/group_vars/k8s-lwl/vars.yml | 50 +++++++++++++++++ .../group_vars/lendwirbel-live-xx/vars.yml | 2 + .../inventory/group_vars/lendwirbel-live/vars.yml | 29 ++++++++++ _graveyard_/inventory/host_vars/lw-dione.yml | 57 ++++++++++++++++++++ _graveyard_/inventory/host_vars/lw-helene.yml | 51 ++++++++++++++++++ _graveyard_/inventory/host_vars/lw-master.yml | 62 +++++++++++++++++++++ _graveyard_/inventory/host_vars/lw-telesto.yml | 54 +++++++++++++++++++ _graveyard_/inventory/host_vars/lw-thetys.yml | 52 ++++++++++++++++++ _graveyard_/inventory/hosts.ini | 63 ++++++++++++++++++++++ 9 files changed, 420 insertions(+) create mode 100644 _graveyard_/inventory/group_vars/k8s-lwl/vars.yml create mode 100644 _graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml create mode 100644 _graveyard_/inventory/group_vars/lendwirbel-live/vars.yml create mode 100644 _graveyard_/inventory/host_vars/lw-dione.yml create mode 100644 _graveyard_/inventory/host_vars/lw-helene.yml create mode 100644 _graveyard_/inventory/host_vars/lw-master.yml create mode 100644 _graveyard_/inventory/host_vars/lw-telesto.yml create mode 100644 _graveyard_/inventory/host_vars/lw-thetys.yml (limited to '_graveyard_/inventory') diff --git a/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml b/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml new file mode 100644 index 00000000..6a93d86b --- /dev/null +++ b/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml @@ -0,0 +1,50 @@ +--- +docker_pkg_provider: docker-com + +kubernetes_version: 1.22.5 +kubernetes_container_runtime: docker +kubernetes_network_plugin: kubeguard + +kubernetes: + cluster_name: lndwrbl-live + + dedicated_master: False + api_extra_sans: + - 178.63.180.137 + - k8s-master.lndwrbl.live + + pod_ip_range: 172.18.0.0/16 + pod_ip_range_size: 24 + service_ip_range: 172.18.192.0/18 + + +kubernetes_secrets: + encryption_config_keys: "{{ vault_kubernetes_encryption_config_keys }}" + + +kubeguard: + ## node_index must be in the range between 1 and 190 -> 189 hosts possible + ## + ## hardcoded hostnames are not nice but if we do this via host_vars + ## the info is spread over multiple files and this makes it more diffcult + ## to find mistakes, so it is nicer to keep it in one place... + node_index: + lw-live-01: 1 + lw-live-02: 2 + lw-live-03: 3 + lw-live-00: 100 + lw-live-dist0: 110 + lw-dione: 111 + lw-helene: 112 + lw-master: 127 + + direct_net_zones: + encoder: + transfer_net: 172.18.191.0/24 + node_interface: + lw-dione: eno2 + lw-helene: eno2 + +kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" + +kubernetes_metrics_server_version: 0.5.0 diff --git a/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml b/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml new file mode 100644 index 00000000..6defdb17 --- /dev/null +++ b/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml @@ -0,0 +1,2 @@ +--- +install_playbook: lendwirbel-live-xx diff --git a/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml b/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml new file mode 100644 index 00000000..a06be375 --- /dev/null +++ b/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml @@ -0,0 +1,29 @@ +--- +zsh_banner: lendwirbel + +acmetool_account_email: equinox@spreadspace.org +acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" + +apt_repo_blackmagic_auth: + username: "spreadspace" + password: "{{ vault_apt_repo_blackmagic_auth.password }}" + +install: + cloud: + credentials: + token: "{{ vault_hcloud_api_token }}" + + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 diff --git a/_graveyard_/inventory/host_vars/lw-dione.yml b/_graveyard_/inventory/host_vars/lw-dione.yml new file mode 100644 index 00000000..e5073987 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-dione.yml @@ -0,0 +1,57 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NY0HC29501 + kernel_cmdline: + - "consoleblank=0" + - "nomodeset" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.202/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_packages_extra_host: + - exfat-fuse + - exfat-utils + - vlan + +admin_users_host: + - equinox + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 + + +ntp_variant: chrony + +ntp_client: + pools: + - name: at.pool.ntp.org + options: iburst + +ntp_hwtimestamp_interfaces: + - name: "*" + +ntp_server: + allow: + - "192.168.32.0/24" diff --git a/_graveyard_/inventory/host_vars/lw-helene.yml b/_graveyard_/inventory/host_vars/lw-helene.yml new file mode 100644 index 00000000..a45f02d0 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-helene.yml @@ -0,0 +1,51 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NB0J803346 + kernel_cmdline: + - "consoleblank=0" + - "nomodeset" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.203/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_packages_extra_host: + - exfat-fuse + - exfat-utils + - vlan + +admin_users_host: + - equinox + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 + + +ntp_client: + servers: + - name: "192.168.32.202" + options: iburst minpoll 1 maxpoll 3 polltarget 30 + +ntp_hwtimestamp_interfaces: + - name: "*" diff --git a/_graveyard_/inventory/host_vars/lw-master.yml b/_graveyard_/inventory/host_vars/lw-master.yml new file mode 100644 index 00000000..cee52198 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-master.yml @@ -0,0 +1,62 @@ +--- +install: + vm: + memory: 10G + numcpus: 6 + autostart: True + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 20g + # sdb: + # type: blockdev + # path: /dev/zvol/storage/streamstats + interfaces: + - bridge: br-public + name: primary0 + +network: + nameservers: "{{ vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: primary0 + address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" + template: overlay + overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" + interfaces: + - *_network_primary_ + +external_ip: "{{ network.primary.overlay }}" + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 7G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + + +lvm_groups: + streamstats: + pvs: + - /dev/sdb + +emc_stats_storage: + type: lvm + vg: streamstats + lv: stats + size: 42G + fs: ext4 diff --git a/_graveyard_/inventory/host_vars/lw-telesto.yml b/_graveyard_/inventory/host_vars/lw-telesto.yml new file mode 100644 index 00000000..8e9a0061 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-telesto.yml @@ -0,0 +1,54 @@ +--- +debian_preseed_language: de +debian_preseed_country: AT +debian_preseed_locales: + - de_AT.UTF-8 + - de_DE.UTF-8 + - en_US.UTF-8 + +debian_preseed_no_splash: no +debian_preseed_install_tasks: + - xubuntu-desktop + + +install: + efi: yes + disks: + primary: software-raid + raid: + level: 1 + members: + - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720808 + - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720810 + system_lvm: + size: 50G + volumes: + - name: root + size: 20G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.201/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_modules_blacklist: "{{ base_modules_blacklist_all_but_sound }}" + +admin_users_host: + - equinox diff --git a/_graveyard_/inventory/host_vars/lw-thetys.yml b/_graveyard_/inventory/host_vars/lw-thetys.yml new file mode 100644 index 00000000..a732782d --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-thetys.yml @@ -0,0 +1,52 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/ata-TS32GMSA370_B475040161 + kernel_cmdline: + - "consoleblank=0" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.28.202/24 + gateway: 192.168.28.254 + interfaces: + - *_network_primary_ + + +admin_users_host: + - equinox + +apt_repo_components: + - main + - contrib + - non-free ## for microcode updates + +spreadspace_apt_repo_components: + - container + + +docker_pkg_provider: docker-com + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 10G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + +kubernetes_version: 1.22.5 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_cni_variant: with-portmap diff --git a/_graveyard_/inventory/hosts.ini b/_graveyard_/inventory/hosts.ini index bc1fafdb..2b79221f 100644 --- a/_graveyard_/inventory/hosts.ini +++ b/_graveyard_/inventory/hosts.ini @@ -22,6 +22,36 @@ r3-cccamp19-feedcode host_name=feedcode r3-cccamp19-av host_name=av + +############################### +# environment: spreadspace + +[lendwirbel-live:vars] +host_domain=lndwrbl.live +env_group=spreadspace + +[lendwirbel-live] +lw-thetys host_name=thetys +lw-telesto host_name=telesto +lw-dione host_name=dione +lw-helene host_name=helene +lw-master + +[lendwirbel-live:children] +lendwirbel-live-dist +lendwirbel-live-xx + +[lendwirbel-live-dist] +lw-live-dist0 host_name=cdn-dist0 + +[lendwirbel-live-xx] +lw-live-00 host_name=cdn-00 +lw-live-01 host_name=cdn-01 +lw-live-02 host_name=cdn-02 +lw-live-03 host_name=cdn-03 + + + ############################### # environment: dan @@ -64,3 +94,36 @@ vmhost-ch-gnocchi-guests [dolmetsch-ctl:children] ele-dolmetsch-ctl + +[hetzner] +lw-master + +[hcloud:children] +lendwirbel-live-dist +lendwirbel-live-xx + +[kubernetes-cluster:children] +k8s-lwl + +[standalone-kubelet] +lw-thetys + +### Kubernetes Cluster: lendwirbel-live +[k8s-lwl-encoder] +lw-dione +lw-helene + +[k8s-lwl-distribution:children] +lendwirbel-live-dist + +[k8s-lwl-streamer:children] +lendwirbel-live-xx + +[k8s-lwl-master] +lw-master + +[k8s-lwl:children] +k8s-lwl-master +k8s-lwl-encoder +k8s-lwl-distribution +k8s-lwl-streamer -- cgit v1.2.3