From 3fbacd9378f1bc3bd8c021a3e1125100486ca863 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 17 May 2020 19:15:27 +0200 Subject: kubernetes/standalone: fix portmap and hostIP handling --- inventory/host_vars/sk-cloudia/vars.yml | 2 +- inventory/host_vars/sk-testvm.yml | 35 +++++++++++++++++++++++++++++++-- 2 files changed, 34 insertions(+), 3 deletions(-) (limited to 'inventory/host_vars') diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index f3b832e9..02bee381 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -33,7 +33,7 @@ kubelet_zfs: kubernetes_version: 1.18.2 kubernetes_container_runtime: docker -kubernetes_standalone_max_pods: 42 +kubernetes_standalone_max_pods: 100 kubernetes_standalone_resolv_conf: /var/run/systemd/resolve/resolv.conf kubernetes_standalone_pod_cidr: 192.168.255.0/24 kubernetes_standalone_cni_variant: with-localonly-portmap diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 8ffb8ac7..0b15d7ce 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -3,8 +3,8 @@ vm_host: sk-2019vm install: host: "{{ vm_host }}" - mem: 1024 - numcpu: 1 + mem: 10240 + numcpu: 4 disks: primary: /dev/sda scsi: @@ -36,3 +36,34 @@ external_ip: "{{ network.primary.overlay }}" # # https://owncloud.org/news/upgrading-owncloud-on-debian-stable-to-official-packages/ # + +docker_lvm: + vg: "{{ host_name }}" + lv: docker + size: 10G + fs: ext4 + +kubelet_lvm: + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + + +kubernetes_version: 1.18.2 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_pod_cidr: 192.168.255.0/24 +kubernetes_standalone_cni_variant: with-portmap + + +acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" + + +jitsi_meet_base_path: /srv/jitsi/meet + +jitsi_meet_version: stable-4548-1 +jitsi_meet_hostnames: + - meet-dev.elev8.at + +jitsi_meet_secrets: "{{ vault_jitsi_meet_secrets }}" -- cgit v1.2.3 From 839738d06b65fc31edcad3406adc278069dd5edc Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 17 May 2020 22:13:21 +0200 Subject: switch to improved portmapping for all other k8s standalone apps --- dan/host_vars/sk-testvm.yml | 34 ++++++++++++---------- dan/sk-testvm.yml | 1 + inventory/host_vars/sk-testvm.yml | 15 ++++++++++ roles/apps/collabora/code/templates/pod.yml.j2 | 1 + .../templates/pod-with-mariadb.yml.j2 | 1 + roles/apps/nextcloud/tasks/main.yml | 5 ++-- .../nextcloud/templates/pod-with-mariadb.yml.j2 | 1 + roles/nginx/base/defaults/main.yml | 2 ++ roles/nginx/base/tasks/main.yml | 9 ++++++ 9 files changed, 52 insertions(+), 17 deletions(-) (limited to 'inventory/host_vars') diff --git a/dan/host_vars/sk-testvm.yml b/dan/host_vars/sk-testvm.yml index 608e93b8..033f490c 100644 --- a/dan/host_vars/sk-testvm.yml +++ b/dan/host_vars/sk-testvm.yml @@ -1,16 +1,20 @@ $ANSIBLE_VAULT;1.2;AES256;dan -31376133386363353630663163613765373664666435646230336362316336303263616464666461 -3162383338383162356130643164666665356637343436380a383466636666653665323330306663 -39393863616336663061383961353465303765623636346131643231363665313233306439396431 -3464326432636431360a323566393463613737633564343432363036616566333236393266376438 -66346436396139313036666266323162623236393734663566396363633738626132396166333563 -66343261333430613635316334373333623837613364373563343666646639336236636531363766 -30356239613830616436306638653933633631633265643939613162313234303537316162313063 -64663362333737616337303034386262666265396435303936613831336433313936633765313462 -33616261323162316433353136666363303935623836396461396264356366336232323737643633 -62376630323633336435376230373834653466613333616263633436306466666138636365343134 -65633536363736623131663233366163656233373534653633333337373131663864363731323763 -39353264656264306539346165373638396538336230663032353361393865636238373063373636 -36613261396165363136386532323139376237383366363065663435313138663835616235643238 -63373636303730643665656630343331393661663263333438333063396234306332323437313266 -336465353132356530393733643835623230 +35666266336366353336306161626463373466323434316163653235623464626134316237333961 +3139623939363464366539646365323136393939316333630a373365623838663038306438636537 +63663830653332316132353033326638663332363636623131666266313065323430346634333339 +6339336365343265660a353637373133323634646463396137353130663731623265663064653337 +66363135376339363862316134373631643765383935333030323938653337396435356361353638 +35346665376262306565393339646238353230363439333762306633316331643963653466313961 +32613063306437633333386265663562616563616664613962633564373563326539363866313763 +30613232353663643066613732316564666361646163366437323765633935656238336632323733 +65386135656435313466653666623233303661343530613932373961643634346562393532663462 +31353262323133363537303035383639353334323935613831376637613964663635306637643037 +62303134633064616531353039383336363563376365326234323835643233306139363032663536 +63373534323731366365393632623432326561303863616261306233616436383266646361356636 +64383831363863363738633065386435343935633137613964316237666566313430623061636439 +31646661333161623465316564323835653062343730343331353339363664663331303735346162 +63646531646430303630356132376232656639313163376631373135313237633334646135653239 +37386437633432376564383964636266623230363834633239356565376530633838333533346335 +66383966313862353130663334383535376464613638366330303962656336613765656362393335 +37643066353734303733346234633736653663376639656633306635363061623163376139616564 +646461383234653235356164626537326664 diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml index e15880c1..a8447074 100644 --- a/dan/sk-testvm.yml +++ b/dan/sk-testvm.yml @@ -12,3 +12,4 @@ - role: acmetool/base - role: nginx/base - role: apps/jitsi/meet + - role: apps/nextcloud diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 0b15d7ce..e1a94c60 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -57,6 +57,7 @@ kubernetes_standalone_pod_cidr: 192.168.255.0/24 kubernetes_standalone_cni_variant: with-portmap +nginx_server_names_hash_bucket_size: 64 acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" @@ -67,3 +68,17 @@ jitsi_meet_hostnames: - meet-dev.elev8.at jitsi_meet_secrets: "{{ vault_jitsi_meet_secrets }}" + + +nextcloud_base_path: /srv/nextcloud +nextcloud_instances: + wolke-dev.elev8.at: + # new: true + version: 18.0.4 + port: 8100 + hostnames: + - wolke-dev.elev8.at + database: + type: mariadb + version: 10.4.13 + password: "{{ vault_nextcloud_database_passwords['wolke-dev.elev8.at'] }}" diff --git a/roles/apps/collabora/code/templates/pod.yml.j2 b/roles/apps/collabora/code/templates/pod.yml.j2 index ee4651a1..8ed092ac 100644 --- a/roles/apps/collabora/code/templates/pod.yml.j2 +++ b/roles/apps/collabora/code/templates/pod.yml.j2 @@ -26,6 +26,7 @@ spec: ports: - containerPort: 9980 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 volumes: - name: config hostPath: diff --git a/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 b/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 index a4acdd21..9391290f 100644 --- a/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 +++ b/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 @@ -22,6 +22,7 @@ spec: ports: - containerPort: 9001 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 - name: database image: "mariadb:{{ item.value.database.version }}" securityContext: diff --git a/roles/apps/nextcloud/tasks/main.yml b/roles/apps/nextcloud/tasks/main.yml index 7d52be32..68e9dc78 100644 --- a/roles/apps/nextcloud/tasks/main.yml +++ b/roles/apps/nextcloud/tasks/main.yml @@ -12,7 +12,7 @@ - name: create zfs volumes for instances loop: "{{ nextcloud_instances | dict2items }}" loop_control: - label: "{{ item.key }} ({{ item.value.quota }})" + label: "{{ item.key }} ({{ item.value.quota | default('-') }})" zfs: name: "{{ nextcloud_zfs.pool }}/{{ nextcloud_zfs.name }}/{{ item.key }}" state: present @@ -174,7 +174,8 @@ prompt: | ************* {{ item.key }} is a new instance ** - ** Please run the following commands to finalize the installation + ** Go to https://{{ item.value.hostnames[0] }} and finalize the + ** installation. After that run the following commands: ** ** $ nextcloud-occ {{ item.key }} db:add-missing-indices ** $ nextcloud-occ {{ item.key }} db:convert-filecache-bigint diff --git a/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 b/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 index dfef3810..72f8cb7a 100644 --- a/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 +++ b/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 @@ -41,6 +41,7 @@ spec: ports: - containerPort: 8080 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 - name: database image: "mariadb:{{ item.value.database.version }}" args: diff --git a/roles/nginx/base/defaults/main.yml b/roles/nginx/base/defaults/main.yml index 9dd53cdf..79c79b49 100644 --- a/roles/nginx/base/defaults/main.yml +++ b/roles/nginx/base/defaults/main.yml @@ -14,3 +14,5 @@ nginx_snippets: nginx_dhparam_size: 2048 nginx_stream_module: no + +# nginx_server_names_hash_bucket_size: 64 diff --git a/roles/nginx/base/tasks/main.yml b/roles/nginx/base/tasks/main.yml index b0e7df5b..572b1513 100644 --- a/roles/nginx/base/tasks/main.yml +++ b/roles/nginx/base/tasks/main.yml @@ -33,3 +33,12 @@ - name: install and setup stream module when: nginx_stream_module import_tasks: stream.yml + +- name: configure server_names_hash_bucket_size + when: nginx_server_names_hash_bucket_size is defined + lineinfile: + regexp: "^(\\s*)#?\\s*server_names_hash_bucket_size\\s" + line: "\\1server_names_hash_bucket_size {{ nginx_server_names_hash_bucket_size }};" + dest: /etc/nginx/nginx.conf + backrefs: yes + notify: restart nginx -- cgit v1.2.3 From 9886b4ca1c0fa0722f0219421d52b4f8024664f1 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 17 May 2020 22:47:38 +0200 Subject: sk-cloudia: switch to improved portmapping --- inventory/host_vars/sk-cloudia/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inventory/host_vars') diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index 02bee381..15dcb860 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -36,7 +36,7 @@ kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 100 kubernetes_standalone_resolv_conf: /var/run/systemd/resolve/resolv.conf kubernetes_standalone_pod_cidr: 192.168.255.0/24 -kubernetes_standalone_cni_variant: with-localonly-portmap +kubernetes_standalone_cni_variant: with-portmap acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" -- cgit v1.2.3