From 9cb8696521d2dd5b8ed9f3940eaa0b58956b4084 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 11 Jan 2022 16:59:25 +0100 Subject: some more apt-repo cleanup for kubernetes roles --- inventory/group_vars/emc/vars.yml | 1 + inventory/group_vars/k8s-chtest/vars.yml | 4 ++-- inventory/group_vars/k8s-emc/vars.yml | 3 +-- inventory/group_vars/k8s-lwl/vars.yml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) (limited to 'inventory/group_vars') diff --git a/inventory/group_vars/emc/vars.yml b/inventory/group_vars/emc/vars.yml index df2ac782..eb0576fd 100644 --- a/inventory/group_vars/emc/vars.yml +++ b/inventory/group_vars/emc/vars.yml @@ -12,6 +12,7 @@ prometheus_scrape_endpoint: "{{ ansible_default_ipv4.address }}:9999" spreadspace_apt_repo_components: - main - prometheus + - container containerd_storage: diff --git a/inventory/group_vars/k8s-chtest/vars.yml b/inventory/group_vars/k8s-chtest/vars.yml index 60450f88..93678de5 100644 --- a/inventory/group_vars/k8s-chtest/vars.yml +++ b/inventory/group_vars/k8s-chtest/vars.yml @@ -1,7 +1,7 @@ --- docker_pkg_provider: docker-com -kubernetes_version: 1.20.2 +kubernetes_version: 1.22.5 kubernetes_container_runtime: docker kubernetes_network_plugin: kubeguard # kubernetes_network_plugin_variant: with-kube-router @@ -45,4 +45,4 @@ kubeguard: kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" -kubernetes_metrics_server_version: 0.4.1 +kubernetes_metrics_server_version: 0.5.0 diff --git a/inventory/group_vars/k8s-emc/vars.yml b/inventory/group_vars/k8s-emc/vars.yml index 234defd8..e2b82c8f 100644 --- a/inventory/group_vars/k8s-emc/vars.yml +++ b/inventory/group_vars/k8s-emc/vars.yml @@ -1,8 +1,7 @@ --- containerd_pkg_provider: docker-com -kubernetes_version: 1.22.2 -kubernetes_cri_tools_pkg_version: 1.21.0~2 +kubernetes_version: 1.22.5 kubernetes_container_runtime: containerd kubernetes_network_plugin: kubeguard diff --git a/inventory/group_vars/k8s-lwl/vars.yml b/inventory/group_vars/k8s-lwl/vars.yml index cd375971..6a93d86b 100644 --- a/inventory/group_vars/k8s-lwl/vars.yml +++ b/inventory/group_vars/k8s-lwl/vars.yml @@ -1,7 +1,7 @@ --- docker_pkg_provider: docker-com -kubernetes_version: 1.17.5 +kubernetes_version: 1.22.5 kubernetes_container_runtime: docker kubernetes_network_plugin: kubeguard @@ -47,4 +47,4 @@ kubeguard: kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" -kubernetes_metrics_server_version: 0.3.7 +kubernetes_metrics_server_version: 0.5.0 -- cgit v1.2.3 From 2ff93996b073b4f6d22d9e57b49e6849da474cf6 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 11 Jan 2022 17:36:10 +0100 Subject: move lendwirbel k8s cluster to graveyard --- _graveyard_/inventory/group_vars/k8s-lwl/vars.yml | 50 +++++++++++++++++ .../group_vars/lendwirbel-live-xx/vars.yml | 2 + .../inventory/group_vars/lendwirbel-live/vars.yml | 29 ++++++++++ _graveyard_/inventory/host_vars/lw-dione.yml | 57 ++++++++++++++++++++ _graveyard_/inventory/host_vars/lw-helene.yml | 51 ++++++++++++++++++ _graveyard_/inventory/host_vars/lw-master.yml | 62 +++++++++++++++++++++ _graveyard_/inventory/host_vars/lw-telesto.yml | 54 +++++++++++++++++++ _graveyard_/inventory/host_vars/lw-thetys.yml | 52 ++++++++++++++++++ _graveyard_/inventory/hosts.ini | 63 ++++++++++++++++++++++ _graveyard_/spreadspace/group_vars/k8s-lwl.yml | 10 ++++ .../spreadspace/group_vars/lendwirbel-live.yml | 20 +++++++ _graveyard_/spreadspace/k8s-lwl.yml | 34 ++++++++++++ _graveyard_/spreadspace/lendwirbel-live-xx.yml | 12 +++++ _graveyard_/spreadspace/lw-dione.yml | 12 +++++ _graveyard_/spreadspace/lw-helene.yml | 12 +++++ _graveyard_/spreadspace/lw-master.yml | 10 ++++ _graveyard_/spreadspace/lw-telesto.yml | 14 +++++ _graveyard_/spreadspace/lw-thetys.yml | 15 ++++++ inventory/group_vars/k8s-lwl/vars.yml | 50 ----------------- inventory/group_vars/lendwirbel-live-xx/vars.yml | 2 - inventory/group_vars/lendwirbel-live/vars.yml | 29 ---------- inventory/host_vars/lw-dione.yml | 57 -------------------- inventory/host_vars/lw-helene.yml | 51 ------------------ inventory/host_vars/lw-master.yml | 62 --------------------- inventory/host_vars/lw-telesto.yml | 54 ------------------- inventory/host_vars/lw-thetys.yml | 52 ------------------ inventory/hosts.ini | 53 ------------------ spreadspace/group_vars/k8s-lwl.yml | 10 ---- spreadspace/group_vars/lendwirbel-live.yml | 20 ------- spreadspace/k8s-lwl.yml | 34 ------------ spreadspace/lendwirbel-live-xx.yml | 12 ----- spreadspace/lw-dione.yml | 12 ----- spreadspace/lw-helene.yml | 12 ----- spreadspace/lw-master.yml | 10 ---- spreadspace/lw-telesto.yml | 14 ----- spreadspace/lw-thetys.yml | 15 ------ 36 files changed, 559 insertions(+), 549 deletions(-) create mode 100644 _graveyard_/inventory/group_vars/k8s-lwl/vars.yml create mode 100644 _graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml create mode 100644 _graveyard_/inventory/group_vars/lendwirbel-live/vars.yml create mode 100644 _graveyard_/inventory/host_vars/lw-dione.yml create mode 100644 _graveyard_/inventory/host_vars/lw-helene.yml create mode 100644 _graveyard_/inventory/host_vars/lw-master.yml create mode 100644 _graveyard_/inventory/host_vars/lw-telesto.yml create mode 100644 _graveyard_/inventory/host_vars/lw-thetys.yml create mode 100644 _graveyard_/spreadspace/group_vars/k8s-lwl.yml create mode 100644 _graveyard_/spreadspace/group_vars/lendwirbel-live.yml create mode 100644 _graveyard_/spreadspace/k8s-lwl.yml create mode 100644 _graveyard_/spreadspace/lendwirbel-live-xx.yml create mode 100644 _graveyard_/spreadspace/lw-dione.yml create mode 100644 _graveyard_/spreadspace/lw-helene.yml create mode 100644 _graveyard_/spreadspace/lw-master.yml create mode 100644 _graveyard_/spreadspace/lw-telesto.yml create mode 100644 _graveyard_/spreadspace/lw-thetys.yml delete mode 100644 inventory/group_vars/k8s-lwl/vars.yml delete mode 100644 inventory/group_vars/lendwirbel-live-xx/vars.yml delete mode 100644 inventory/group_vars/lendwirbel-live/vars.yml delete mode 100644 inventory/host_vars/lw-dione.yml delete mode 100644 inventory/host_vars/lw-helene.yml delete mode 100644 inventory/host_vars/lw-master.yml delete mode 100644 inventory/host_vars/lw-telesto.yml delete mode 100644 inventory/host_vars/lw-thetys.yml delete mode 100644 spreadspace/group_vars/k8s-lwl.yml delete mode 100644 spreadspace/group_vars/lendwirbel-live.yml delete mode 100644 spreadspace/k8s-lwl.yml delete mode 100644 spreadspace/lendwirbel-live-xx.yml delete mode 100644 spreadspace/lw-dione.yml delete mode 100644 spreadspace/lw-helene.yml delete mode 100644 spreadspace/lw-master.yml delete mode 100644 spreadspace/lw-telesto.yml delete mode 100644 spreadspace/lw-thetys.yml (limited to 'inventory/group_vars') diff --git a/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml b/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml new file mode 100644 index 00000000..6a93d86b --- /dev/null +++ b/_graveyard_/inventory/group_vars/k8s-lwl/vars.yml @@ -0,0 +1,50 @@ +--- +docker_pkg_provider: docker-com + +kubernetes_version: 1.22.5 +kubernetes_container_runtime: docker +kubernetes_network_plugin: kubeguard + +kubernetes: + cluster_name: lndwrbl-live + + dedicated_master: False + api_extra_sans: + - 178.63.180.137 + - k8s-master.lndwrbl.live + + pod_ip_range: 172.18.0.0/16 + pod_ip_range_size: 24 + service_ip_range: 172.18.192.0/18 + + +kubernetes_secrets: + encryption_config_keys: "{{ vault_kubernetes_encryption_config_keys }}" + + +kubeguard: + ## node_index must be in the range between 1 and 190 -> 189 hosts possible + ## + ## hardcoded hostnames are not nice but if we do this via host_vars + ## the info is spread over multiple files and this makes it more diffcult + ## to find mistakes, so it is nicer to keep it in one place... + node_index: + lw-live-01: 1 + lw-live-02: 2 + lw-live-03: 3 + lw-live-00: 100 + lw-live-dist0: 110 + lw-dione: 111 + lw-helene: 112 + lw-master: 127 + + direct_net_zones: + encoder: + transfer_net: 172.18.191.0/24 + node_interface: + lw-dione: eno2 + lw-helene: eno2 + +kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" + +kubernetes_metrics_server_version: 0.5.0 diff --git a/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml b/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml new file mode 100644 index 00000000..6defdb17 --- /dev/null +++ b/_graveyard_/inventory/group_vars/lendwirbel-live-xx/vars.yml @@ -0,0 +1,2 @@ +--- +install_playbook: lendwirbel-live-xx diff --git a/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml b/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml new file mode 100644 index 00000000..a06be375 --- /dev/null +++ b/_graveyard_/inventory/group_vars/lendwirbel-live/vars.yml @@ -0,0 +1,29 @@ +--- +zsh_banner: lendwirbel + +acmetool_account_email: equinox@spreadspace.org +acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" + +apt_repo_blackmagic_auth: + username: "spreadspace" + password: "{{ vault_apt_repo_blackmagic_auth.password }}" + +install: + cloud: + credentials: + token: "{{ vault_hcloud_api_token }}" + + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 diff --git a/_graveyard_/inventory/host_vars/lw-dione.yml b/_graveyard_/inventory/host_vars/lw-dione.yml new file mode 100644 index 00000000..e5073987 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-dione.yml @@ -0,0 +1,57 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NY0HC29501 + kernel_cmdline: + - "consoleblank=0" + - "nomodeset" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.202/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_packages_extra_host: + - exfat-fuse + - exfat-utils + - vlan + +admin_users_host: + - equinox + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 + + +ntp_variant: chrony + +ntp_client: + pools: + - name: at.pool.ntp.org + options: iburst + +ntp_hwtimestamp_interfaces: + - name: "*" + +ntp_server: + allow: + - "192.168.32.0/24" diff --git a/_graveyard_/inventory/host_vars/lw-helene.yml b/_graveyard_/inventory/host_vars/lw-helene.yml new file mode 100644 index 00000000..a45f02d0 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-helene.yml @@ -0,0 +1,51 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NB0J803346 + kernel_cmdline: + - "consoleblank=0" + - "nomodeset" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.203/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_packages_extra_host: + - exfat-fuse + - exfat-utils + - vlan + +admin_users_host: + - equinox + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 15G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 10G + fs: ext4 + + +ntp_client: + servers: + - name: "192.168.32.202" + options: iburst minpoll 1 maxpoll 3 polltarget 30 + +ntp_hwtimestamp_interfaces: + - name: "*" diff --git a/_graveyard_/inventory/host_vars/lw-master.yml b/_graveyard_/inventory/host_vars/lw-master.yml new file mode 100644 index 00000000..cee52198 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-master.yml @@ -0,0 +1,62 @@ +--- +install: + vm: + memory: 10G + numcpus: 6 + autostart: True + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 20g + # sdb: + # type: blockdev + # path: /dev/zvol/storage/streamstats + interfaces: + - bridge: br-public + name: primary0 + +network: + nameservers: "{{ vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: primary0 + address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" + template: overlay + overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" + interfaces: + - *_network_primary_ + +external_ip: "{{ network.primary.overlay }}" + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 7G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + + +lvm_groups: + streamstats: + pvs: + - /dev/sdb + +emc_stats_storage: + type: lvm + vg: streamstats + lv: stats + size: 42G + fs: ext4 diff --git a/_graveyard_/inventory/host_vars/lw-telesto.yml b/_graveyard_/inventory/host_vars/lw-telesto.yml new file mode 100644 index 00000000..8e9a0061 --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-telesto.yml @@ -0,0 +1,54 @@ +--- +debian_preseed_language: de +debian_preseed_country: AT +debian_preseed_locales: + - de_AT.UTF-8 + - de_DE.UTF-8 + - en_US.UTF-8 + +debian_preseed_no_splash: no +debian_preseed_install_tasks: + - xubuntu-desktop + + +install: + efi: yes + disks: + primary: software-raid + raid: + level: 1 + members: + - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720808 + - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720810 + system_lvm: + size: 50G + volumes: + - name: root + size: 20G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.32.201/24 + gateway: 192.168.32.254 + interfaces: + - *_network_primary_ + + +base_modules_blacklist: "{{ base_modules_blacklist_all_but_sound }}" + +admin_users_host: + - equinox diff --git a/_graveyard_/inventory/host_vars/lw-thetys.yml b/_graveyard_/inventory/host_vars/lw-thetys.yml new file mode 100644 index 00000000..a732782d --- /dev/null +++ b/_graveyard_/inventory/host_vars/lw-thetys.yml @@ -0,0 +1,52 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/ata-TS32GMSA370_B475040161 + kernel_cmdline: + - "consoleblank=0" + +network: + nameservers: + - 9.9.9.9 + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: 192.168.28.202/24 + gateway: 192.168.28.254 + interfaces: + - *_network_primary_ + + +admin_users_host: + - equinox + +apt_repo_components: + - main + - contrib + - non-free ## for microcode updates + +spreadspace_apt_repo_components: + - container + + +docker_pkg_provider: docker-com + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 10G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + +kubernetes_version: 1.22.5 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_cni_variant: with-portmap diff --git a/_graveyard_/inventory/hosts.ini b/_graveyard_/inventory/hosts.ini index bc1fafdb..2b79221f 100644 --- a/_graveyard_/inventory/hosts.ini +++ b/_graveyard_/inventory/hosts.ini @@ -22,6 +22,36 @@ r3-cccamp19-feedcode host_name=feedcode r3-cccamp19-av host_name=av + +############################### +# environment: spreadspace + +[lendwirbel-live:vars] +host_domain=lndwrbl.live +env_group=spreadspace + +[lendwirbel-live] +lw-thetys host_name=thetys +lw-telesto host_name=telesto +lw-dione host_name=dione +lw-helene host_name=helene +lw-master + +[lendwirbel-live:children] +lendwirbel-live-dist +lendwirbel-live-xx + +[lendwirbel-live-dist] +lw-live-dist0 host_name=cdn-dist0 + +[lendwirbel-live-xx] +lw-live-00 host_name=cdn-00 +lw-live-01 host_name=cdn-01 +lw-live-02 host_name=cdn-02 +lw-live-03 host_name=cdn-03 + + + ############################### # environment: dan @@ -64,3 +94,36 @@ vmhost-ch-gnocchi-guests [dolmetsch-ctl:children] ele-dolmetsch-ctl + +[hetzner] +lw-master + +[hcloud:children] +lendwirbel-live-dist +lendwirbel-live-xx + +[kubernetes-cluster:children] +k8s-lwl + +[standalone-kubelet] +lw-thetys + +### Kubernetes Cluster: lendwirbel-live +[k8s-lwl-encoder] +lw-dione +lw-helene + +[k8s-lwl-distribution:children] +lendwirbel-live-dist + +[k8s-lwl-streamer:children] +lendwirbel-live-xx + +[k8s-lwl-master] +lw-master + +[k8s-lwl:children] +k8s-lwl-master +k8s-lwl-encoder +k8s-lwl-distribution +k8s-lwl-streamer diff --git a/_graveyard_/spreadspace/group_vars/k8s-lwl.yml b/_graveyard_/spreadspace/group_vars/k8s-lwl.yml new file mode 100644 index 00000000..5fc69d0a --- /dev/null +++ b/_graveyard_/spreadspace/group_vars/k8s-lwl.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.2;AES256;spreadspace +30386433346435633361623664663166623666363833376365653735303831643437356532646663 +3966666138623466653532663763363938613966663135640a373132653064366438616362376561 +61366437363736396465656137643566303635636538366130636363366561623339393232306635 +6131303737333633330a643862383839326335633363393266653936323166383264333535323235 +32323832383362313432306537663736646236656139336463393261356133343263306266343931 +62383064393735613232366162306230363636356237663035333566663132613833356638623965 +38653936643336383561343831666561393337346234653637303264626566393165616363656438 +36303563343962623361366535646563666132643466346533316433653166326264323131386231 +32623331343931613639663364333961613231343765363964396239383633653730 diff --git a/_graveyard_/spreadspace/group_vars/lendwirbel-live.yml b/_graveyard_/spreadspace/group_vars/lendwirbel-live.yml new file mode 100644 index 00000000..f35f6a2f --- /dev/null +++ b/_graveyard_/spreadspace/group_vars/lendwirbel-live.yml @@ -0,0 +1,20 @@ +$ANSIBLE_VAULT;1.2;AES256;spreadspace +61313636623330653337373661633432646633363638626333356362373264303737396665353033 +3463383333323563613761376235663033373563303961330a313663396537636631333133343663 +35306233613731616165396332336631353232653066306331613432303237636437666166626539 +6133333637666536640a376365313032623564623161373630353835663565306638343463383334 +37653635633363333232646363633962653937633066656330323635653933363837626437353165 +66363937333530336664613630623832333532366566396432373730323334663033643065353963 +37633866633434366232623963616135303136613130636537363534393432346266616565663238 +36373136316162666331313664363232643131653763333438333532626230376464336538323230 +37663963353331303832643638326661353730336135376264636537353233366361343230663532 +31313765663363653061336231616664316663333763666164643565656135623266306233363036 +33323033633331616334363765636238666163313733663164643835303164373436376363373961 +62393539343135373763653865323732643766326563393932393763336330386665363366323466 +30373831633838346266363431366130633462343165373439343939643132613436643432643637 +33656233643333323864366639356134643563303861323332636261316432653335393762346566 +36636664643337356235346361626437323631373338663963663638616338343939373730666239 +61303665626137373636396536356264393435663762653835313766373232383136396563346361 +35386638303535356131363338623434623261626466393338333730333262393538653139366633 +63353164636561313665653636326339343539383335303162326238633732383333376435346537 +316137346137303430353837646661666532 diff --git a/_graveyard_/spreadspace/k8s-lwl.yml b/_graveyard_/spreadspace/k8s-lwl.yml new file mode 100644 index 00000000..1aa09daa --- /dev/null +++ b/_graveyard_/spreadspace/k8s-lwl.yml @@ -0,0 +1,34 @@ +--- +- name: Basic Node Setup + hosts: k8s-lwl + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + +- import_playbook: ../common/kubernetes-cluster-layout.yml + vars: + kubernetes_cluster_layout: + nodes_group: k8s-lwl + masters: + - lw-master + +### hack hack hack... +- name: cook kubernetes secrets + hosts: _kubernetes_nodes_ + gather_facts: no + tasks: + - set_fact: + kubernetes_secrets: "{{ kubernetes_secrets }}" + - when: external_ip is defined + set_fact: + external_ip: "{{ external_ip }}" + +- import_playbook: ../common/kubernetes-cluster.yml +- import_playbook: ../common/kubernetes-cluster-cleanup.yml + +- name: install addons + hosts: _kubernetes_primary_master_ + roles: + - role: kubernetes/addons/metrics-server diff --git a/_graveyard_/spreadspace/lendwirbel-live-xx.yml b/_graveyard_/spreadspace/lendwirbel-live-xx.yml new file mode 100644 index 00000000..82a45785 --- /dev/null +++ b/_graveyard_/spreadspace/lendwirbel-live-xx.yml @@ -0,0 +1,12 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: apt-repo/spreadspace + - role: acmetool/base + - role: acmetool/cert + acmetool_cert_name: "{{ host_name }}.{{ host_domain }}" diff --git a/_graveyard_/spreadspace/lw-dione.yml b/_graveyard_/spreadspace/lw-dione.yml new file mode 100644 index 00000000..af214d7f --- /dev/null +++ b/_graveyard_/spreadspace/lw-dione.yml @@ -0,0 +1,12 @@ +--- +- name: Basic Setup + hosts: lw-dione + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + - role: core/ntp + - role: core/admin-users + - role: streaming/blackmagic/desktopvideo diff --git a/_graveyard_/spreadspace/lw-helene.yml b/_graveyard_/spreadspace/lw-helene.yml new file mode 100644 index 00000000..a9466c66 --- /dev/null +++ b/_graveyard_/spreadspace/lw-helene.yml @@ -0,0 +1,12 @@ +--- +- name: Basic Setup + hosts: lw-helene + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + - role: core/ntp + - role: core/admin-users + - role: streaming/blackmagic/desktopvideo diff --git a/_graveyard_/spreadspace/lw-master.yml b/_graveyard_/spreadspace/lw-master.yml new file mode 100644 index 00000000..0f6f9390 --- /dev/null +++ b/_graveyard_/spreadspace/lw-master.yml @@ -0,0 +1,10 @@ +--- +- name: Basic Setup + hosts: lw-master + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: storage/lvm/groups + - role: elevate/emc-stats diff --git a/_graveyard_/spreadspace/lw-telesto.yml b/_graveyard_/spreadspace/lw-telesto.yml new file mode 100644 index 00000000..ddac511b --- /dev/null +++ b/_graveyard_/spreadspace/lw-telesto.yml @@ -0,0 +1,14 @@ +--- +- name: Basic Setup + hosts: lw-telesto + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + - role: core/admin-users + - role: streaming/blackmagic/desktopvideo + - role: apt-repo/spreadspace + - role: ws/base + - role: network/wireguard/base diff --git a/_graveyard_/spreadspace/lw-thetys.yml b/_graveyard_/spreadspace/lw-thetys.yml new file mode 100644 index 00000000..f32496af --- /dev/null +++ b/_graveyard_/spreadspace/lw-thetys.yml @@ -0,0 +1,15 @@ +--- +- name: Basic Setup + hosts: lw-thetys + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + - role: core/admin-users + - role: apt-repo/spreadspace + - role: streaming/blackmagic/desktopvideo + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: network/wireguard/base diff --git a/inventory/group_vars/k8s-lwl/vars.yml b/inventory/group_vars/k8s-lwl/vars.yml deleted file mode 100644 index 6a93d86b..00000000 --- a/inventory/group_vars/k8s-lwl/vars.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -docker_pkg_provider: docker-com - -kubernetes_version: 1.22.5 -kubernetes_container_runtime: docker -kubernetes_network_plugin: kubeguard - -kubernetes: - cluster_name: lndwrbl-live - - dedicated_master: False - api_extra_sans: - - 178.63.180.137 - - k8s-master.lndwrbl.live - - pod_ip_range: 172.18.0.0/16 - pod_ip_range_size: 24 - service_ip_range: 172.18.192.0/18 - - -kubernetes_secrets: - encryption_config_keys: "{{ vault_kubernetes_encryption_config_keys }}" - - -kubeguard: - ## node_index must be in the range between 1 and 190 -> 189 hosts possible - ## - ## hardcoded hostnames are not nice but if we do this via host_vars - ## the info is spread over multiple files and this makes it more diffcult - ## to find mistakes, so it is nicer to keep it in one place... - node_index: - lw-live-01: 1 - lw-live-02: 2 - lw-live-03: 3 - lw-live-00: 100 - lw-live-dist0: 110 - lw-dione: 111 - lw-helene: 112 - lw-master: 127 - - direct_net_zones: - encoder: - transfer_net: 172.18.191.0/24 - node_interface: - lw-dione: eno2 - lw-helene: eno2 - -kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" - -kubernetes_metrics_server_version: 0.5.0 diff --git a/inventory/group_vars/lendwirbel-live-xx/vars.yml b/inventory/group_vars/lendwirbel-live-xx/vars.yml deleted file mode 100644 index 6defdb17..00000000 --- a/inventory/group_vars/lendwirbel-live-xx/vars.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -install_playbook: lendwirbel-live-xx diff --git a/inventory/group_vars/lendwirbel-live/vars.yml b/inventory/group_vars/lendwirbel-live/vars.yml deleted file mode 100644 index a06be375..00000000 --- a/inventory/group_vars/lendwirbel-live/vars.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -zsh_banner: lendwirbel - -acmetool_account_email: equinox@spreadspace.org -acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" - -apt_repo_blackmagic_auth: - username: "spreadspace" - password: "{{ vault_apt_repo_blackmagic_auth.password }}" - -install: - cloud: - credentials: - token: "{{ vault_hcloud_api_token }}" - - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 15G - fs: ext4 - -kubelet_storage: - type: lvm - vg: "{{ host_name }}" - lv: kubelet - size: 10G - fs: ext4 diff --git a/inventory/host_vars/lw-dione.yml b/inventory/host_vars/lw-dione.yml deleted file mode 100644 index e5073987..00000000 --- a/inventory/host_vars/lw-dione.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -install: - efi: true - disks: - primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NY0HC29501 - kernel_cmdline: - - "consoleblank=0" - - "nomodeset" - -network: - nameservers: - - 9.9.9.9 - domain: "{{ host_domain }}" - primary: &_network_primary_ - name: eno1 - address: 192.168.32.202/24 - gateway: 192.168.32.254 - interfaces: - - *_network_primary_ - - -base_packages_extra_host: - - exfat-fuse - - exfat-utils - - vlan - -admin_users_host: - - equinox - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 15G - fs: ext4 - -kubelet_storage: - type: lvm - vg: "{{ host_name }}" - lv: kubelet - size: 10G - fs: ext4 - - -ntp_variant: chrony - -ntp_client: - pools: - - name: at.pool.ntp.org - options: iburst - -ntp_hwtimestamp_interfaces: - - name: "*" - -ntp_server: - allow: - - "192.168.32.0/24" diff --git a/inventory/host_vars/lw-helene.yml b/inventory/host_vars/lw-helene.yml deleted file mode 100644 index a45f02d0..00000000 --- a/inventory/host_vars/lw-helene.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -install: - efi: true - disks: - primary: /dev/disk/by-id/nvme-SAMSUNG_MZVPW256HEGL-00000_S346NB0J803346 - kernel_cmdline: - - "consoleblank=0" - - "nomodeset" - -network: - nameservers: - - 9.9.9.9 - domain: "{{ host_domain }}" - primary: &_network_primary_ - name: eno1 - address: 192.168.32.203/24 - gateway: 192.168.32.254 - interfaces: - - *_network_primary_ - - -base_packages_extra_host: - - exfat-fuse - - exfat-utils - - vlan - -admin_users_host: - - equinox - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 15G - fs: ext4 - -kubelet_storage: - type: lvm - vg: "{{ host_name }}" - lv: kubelet - size: 10G - fs: ext4 - - -ntp_client: - servers: - - name: "192.168.32.202" - options: iburst minpoll 1 maxpoll 3 polltarget 30 - -ntp_hwtimestamp_interfaces: - - name: "*" diff --git a/inventory/host_vars/lw-master.yml b/inventory/host_vars/lw-master.yml deleted file mode 100644 index cee52198..00000000 --- a/inventory/host_vars/lw-master.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -install: - vm: - memory: 10G - numcpus: 6 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 20g - # sdb: - # type: blockdev - # path: /dev/zvol/storage/streamstats - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - template: overlay - overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" - interfaces: - - *_network_primary_ - -external_ip: "{{ network.primary.overlay }}" - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 7G - fs: ext4 - -kubelet_storage: - type: lvm - vg: "{{ host_name }}" - lv: kubelet - size: 5G - fs: ext4 - - -lvm_groups: - streamstats: - pvs: - - /dev/sdb - -emc_stats_storage: - type: lvm - vg: streamstats - lv: stats - size: 42G - fs: ext4 diff --git a/inventory/host_vars/lw-telesto.yml b/inventory/host_vars/lw-telesto.yml deleted file mode 100644 index 8e9a0061..00000000 --- a/inventory/host_vars/lw-telesto.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -debian_preseed_language: de -debian_preseed_country: AT -debian_preseed_locales: - - de_AT.UTF-8 - - de_DE.UTF-8 - - en_US.UTF-8 - -debian_preseed_no_splash: no -debian_preseed_install_tasks: - - xubuntu-desktop - - -install: - efi: yes - disks: - primary: software-raid - raid: - level: 1 - members: - - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720808 - - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720810 - system_lvm: - size: 50G - volumes: - - name: root - size: 20G - filesystem: ext4 - mountpoint: / - - name: var+log - size: 768M - filesystem: ext4 - mountpoint: /var/log - mount_options: - - noatime - - nodev - - noexec - -network: - nameservers: - - 9.9.9.9 - domain: "{{ host_domain }}" - primary: &_network_primary_ - name: eno1 - address: 192.168.32.201/24 - gateway: 192.168.32.254 - interfaces: - - *_network_primary_ - - -base_modules_blacklist: "{{ base_modules_blacklist_all_but_sound }}" - -admin_users_host: - - equinox diff --git a/inventory/host_vars/lw-thetys.yml b/inventory/host_vars/lw-thetys.yml deleted file mode 100644 index a732782d..00000000 --- a/inventory/host_vars/lw-thetys.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -install: - efi: true - disks: - primary: /dev/disk/by-id/ata-TS32GMSA370_B475040161 - kernel_cmdline: - - "consoleblank=0" - -network: - nameservers: - - 9.9.9.9 - domain: "{{ host_domain }}" - primary: &_network_primary_ - name: eno1 - address: 192.168.28.202/24 - gateway: 192.168.28.254 - interfaces: - - *_network_primary_ - - -admin_users_host: - - equinox - -apt_repo_components: - - main - - contrib - - non-free ## for microcode updates - -spreadspace_apt_repo_components: - - container - - -docker_pkg_provider: docker-com - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 10G - fs: ext4 - -kubelet_storage: - type: lvm - vg: "{{ host_name }}" - lv: kubelet - size: 5G - fs: ext4 - -kubernetes_version: 1.22.5 -kubernetes_container_runtime: docker -kubernetes_standalone_max_pods: 42 -kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/hosts.ini b/inventory/hosts.ini index cf35b817..c1947b08 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -126,31 +126,6 @@ s2-dione host_name=dione s2-helene host_name=helene -[lendwirbel-live:vars] -host_domain=lndwrbl.live -env_group=spreadspace - -[lendwirbel-live] -lw-thetys host_name=thetys -lw-telesto host_name=telesto -lw-dione host_name=dione -lw-helene host_name=helene -lw-master - -[lendwirbel-live:children] -lendwirbel-live-dist -lendwirbel-live-xx - -[lendwirbel-live-dist] -lw-live-dist0 host_name=cdn-dist0 - -[lendwirbel-live-xx] -lw-live-00 host_name=cdn-00 -lw-live-01 host_name=cdn-01 -lw-live-02 host_name=cdn-02 -lw-live-03 host_name=cdn-03 - - [schlagergarten-gloria:vars] host_domain=schlagergartengloria.at env_group=spreadspace @@ -330,7 +305,6 @@ ch-pan ch-mimas ch-mimas2 s2-build -lw-master sk-2019 sk-2019vm sk-tomnext @@ -388,7 +362,6 @@ sk-torrent ch-mimas ele-gwhetzner emc-master -lw-master sgg-icecast [vmhost-sk-2019vm] sk-2019vm @@ -486,12 +459,9 @@ glt-stream [hcloud:children] emc-dist emc-xx -lendwirbel-live-dist -lendwirbel-live-xx [hetzner] emc-master -lw-master sk-testvm sk-torrent sgg-icecast @@ -531,7 +501,6 @@ k8s-emc ## Kubernetes [kubernetes-cluster:children] k8s-emc -k8s-lwl k8s-chtest [standalone-kubelet] @@ -539,7 +508,6 @@ sk-cloudio ele-thetys ele-coturn ele-jitsi -lw-thetys s2-thetys sk-tomnext-nc ch-thetys @@ -580,27 +548,6 @@ k8s-emc-distribution k8s-emc-streamer -### Kubernetes Cluster: lendwirbel-live -[k8s-lwl-encoder] -lw-dione -lw-helene - -[k8s-lwl-distribution:children] -lendwirbel-live-dist - -[k8s-lwl-streamer:children] -lendwirbel-live-xx - -[k8s-lwl-master] -lw-master - -[k8s-lwl:children] -k8s-lwl-master -k8s-lwl-encoder -k8s-lwl-distribution -k8s-lwl-streamer - - ### Kubernetes Cluster: chtest [k8s-chtest-encoder] ch-dione diff --git a/spreadspace/group_vars/k8s-lwl.yml b/spreadspace/group_vars/k8s-lwl.yml deleted file mode 100644 index 5fc69d0a..00000000 --- a/spreadspace/group_vars/k8s-lwl.yml +++ /dev/null @@ -1,10 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;spreadspace -30386433346435633361623664663166623666363833376365653735303831643437356532646663 -3966666138623466653532663763363938613966663135640a373132653064366438616362376561 -61366437363736396465656137643566303635636538366130636363366561623339393232306635 -6131303737333633330a643862383839326335633363393266653936323166383264333535323235 -32323832383362313432306537663736646236656139336463393261356133343263306266343931 -62383064393735613232366162306230363636356237663035333566663132613833356638623965 -38653936643336383561343831666561393337346234653637303264626566393165616363656438 -36303563343962623361366535646563666132643466346533316433653166326264323131386231 -32623331343931613639663364333961613231343765363964396239383633653730 diff --git a/spreadspace/group_vars/lendwirbel-live.yml b/spreadspace/group_vars/lendwirbel-live.yml deleted file mode 100644 index f35f6a2f..00000000 --- a/spreadspace/group_vars/lendwirbel-live.yml +++ /dev/null @@ -1,20 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;spreadspace -61313636623330653337373661633432646633363638626333356362373264303737396665353033 -3463383333323563613761376235663033373563303961330a313663396537636631333133343663 -35306233613731616165396332336631353232653066306331613432303237636437666166626539 -6133333637666536640a376365313032623564623161373630353835663565306638343463383334 -37653635633363333232646363633962653937633066656330323635653933363837626437353165 -66363937333530336664613630623832333532366566396432373730323334663033643065353963 -37633866633434366232623963616135303136613130636537363534393432346266616565663238 -36373136316162666331313664363232643131653763333438333532626230376464336538323230 -37663963353331303832643638326661353730336135376264636537353233366361343230663532 -31313765663363653061336231616664316663333763666164643565656135623266306233363036 -33323033633331616334363765636238666163313733663164643835303164373436376363373961 -62393539343135373763653865323732643766326563393932393763336330386665363366323466 -30373831633838346266363431366130633462343165373439343939643132613436643432643637 -33656233643333323864366639356134643563303861323332636261316432653335393762346566 -36636664643337356235346361626437323631373338663963663638616338343939373730666239 -61303665626137373636396536356264393435663762653835313766373232383136396563346361 -35386638303535356131363338623434623261626466393338333730333262393538653139366633 -63353164636561313665653636326339343539383335303162326238633732383333376435346537 -316137346137303430353837646661666532 diff --git a/spreadspace/k8s-lwl.yml b/spreadspace/k8s-lwl.yml deleted file mode 100644 index 1aa09daa..00000000 --- a/spreadspace/k8s-lwl.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -- name: Basic Node Setup - hosts: k8s-lwl - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - -- import_playbook: ../common/kubernetes-cluster-layout.yml - vars: - kubernetes_cluster_layout: - nodes_group: k8s-lwl - masters: - - lw-master - -### hack hack hack... -- name: cook kubernetes secrets - hosts: _kubernetes_nodes_ - gather_facts: no - tasks: - - set_fact: - kubernetes_secrets: "{{ kubernetes_secrets }}" - - when: external_ip is defined - set_fact: - external_ip: "{{ external_ip }}" - -- import_playbook: ../common/kubernetes-cluster.yml -- import_playbook: ../common/kubernetes-cluster-cleanup.yml - -- name: install addons - hosts: _kubernetes_primary_master_ - roles: - - role: kubernetes/addons/metrics-server diff --git a/spreadspace/lendwirbel-live-xx.yml b/spreadspace/lendwirbel-live-xx.yml deleted file mode 100644 index 82a45785..00000000 --- a/spreadspace/lendwirbel-live-xx.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Basic Setup - hosts: "{{ install_hostname }}" - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: apt-repo/spreadspace - - role: acmetool/base - - role: acmetool/cert - acmetool_cert_name: "{{ host_name }}.{{ host_domain }}" diff --git a/spreadspace/lw-dione.yml b/spreadspace/lw-dione.yml deleted file mode 100644 index af214d7f..00000000 --- a/spreadspace/lw-dione.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Basic Setup - hosts: lw-dione - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: core/cpu-microcode - - role: core/ntp - - role: core/admin-users - - role: streaming/blackmagic/desktopvideo diff --git a/spreadspace/lw-helene.yml b/spreadspace/lw-helene.yml deleted file mode 100644 index a9466c66..00000000 --- a/spreadspace/lw-helene.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Basic Setup - hosts: lw-helene - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: core/cpu-microcode - - role: core/ntp - - role: core/admin-users - - role: streaming/blackmagic/desktopvideo diff --git a/spreadspace/lw-master.yml b/spreadspace/lw-master.yml deleted file mode 100644 index 0f6f9390..00000000 --- a/spreadspace/lw-master.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Basic Setup - hosts: lw-master - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: storage/lvm/groups - - role: elevate/emc-stats diff --git a/spreadspace/lw-telesto.yml b/spreadspace/lw-telesto.yml deleted file mode 100644 index ddac511b..00000000 --- a/spreadspace/lw-telesto.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Basic Setup - hosts: lw-telesto - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: core/cpu-microcode - - role: core/admin-users - - role: streaming/blackmagic/desktopvideo - - role: apt-repo/spreadspace - - role: ws/base - - role: network/wireguard/base diff --git a/spreadspace/lw-thetys.yml b/spreadspace/lw-thetys.yml deleted file mode 100644 index f32496af..00000000 --- a/spreadspace/lw-thetys.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Basic Setup - hosts: lw-thetys - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd/base - - role: core/zsh - - role: core/cpu-microcode - - role: core/admin-users - - role: apt-repo/spreadspace - - role: streaming/blackmagic/desktopvideo - - role: kubernetes/base - - role: kubernetes/standalone/base - - role: network/wireguard/base -- cgit v1.2.3