add scripts for nfs-server on IBMCloud VSI

Signed-off-by: anandrkskd <[email protected]>

Author: anandrkskd

scripts/ansible/Cluster/NFS-vm/README.md

@@ -0,0 +1,47 @@
+# ReadMe 
+This directory contains yaml files to create NFS server with 
+
+### NFS provisioner (how to configure nfs for cluster)
+
+You can run the following commands upon a cluster to deploy the NFS provisioner to this cluster (either Kubernetes or OpenShift). You will need to uninstall the "Block Storage for VPC" add-on installed by default, to make the NFS provisioner work correctly.
+
+```
+$ helm repo add nfs-subdir-external-provisioner \
+    https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
+
+$ helm install nfs-subdir-external-provisioner \
+    nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
+    --set nfs.server=<IP_FOR_NFS> \
+    --set nfs.path=/mnt/nfs \
+    --set storageClass.defaultClass=true \
+    --set storageClass.onDelete=delete
+    --version=4.0.15
+```
+
+> learn more about nfs-subdir-external-provisioner from https://artifacthub.io/packages/helm/nfs-subdir-external-provisioner/nfs-subdir-external-provisioner
+
+### check if nfs is working or not
+
+login using the floating IP
+
+### **NOTE**
+
+ibmcoud storage provided with cluster doesnt works with nfs storge(if nfs storage is set as default). So make sure to diable addon `vpc-block-csi-driver` from cluster for which you want to use **nfs-storage**
+
+#### *command to delete/remove storage addons from cluster*
+
+```shell
+ibmcloud ks cluster addon disable vpc-block-csi-driver
+```
+
+### helpful commands
+
+1. Fetch IP for nfs configuration 
+```shell
+IP_FOR_NFS=$(ibmcloud is instance <nfs-instance-name> --output json | jq -r ".primary_network_interface.primary_ip.address")
+```
+
+2. Fetch Floating IP of NFS-Server
+```shell
+NFS_IP=$(ibmcloud is instance k8s-nfs-server --output json | jq -r ".primary_network_interface.floating_ips[0].address" )
+```

scripts/ansible/Cluster/NFS-vm/create.yaml

@@ -0,0 +1,173 @@
+---
+- name: Create NFS vsi for Clusters on IBM Cloud
+  hosts: localhost
+  collections:
+   - ibm.cloudcollection
+  tasks:
+    - name: Fetch the variables from var file
+      include_vars:
+        file: vars.yml
+  
+    - name: Configure Resource Group
+      ibm_resource_group:
+        name: "{{ name_prefix }}-group"
+        state: available
+      register: rg_create_output
+
+    - name: Save Resource Group as fact
+      set_fact:
+        cacheable: True
+        rg: "{{ rg_create_output.resource }}"
+      when: rg_create_output.rc==0
+
+    - name: Configure VPC
+      ibm_is_vpc:
+        name: "{{ name_prefix }}-vpc"
+        resource_group: "{{ rg.id }}"
+        state: available
+      register: vpc_create_output
+
+    - name: Save VPC as fact
+      set_fact:
+        cacheable: True
+        vpc: "{{ vpc_create_output.resource }}"
+      when: vpc_create_output.rc==0
+
+    # ibm_is_security_group_rule is not idempotent - comment this block if you want to run several times
+    - name: Configure Security Group Rule to open SSH on the NFS server
+      ibm_is_security_group_rule:
+        group: "{{ vpc.default_security_group }}"
+        direction: inbound
+        remote: 0.0.0.0/0
+        tcp:
+          - port_max: 22
+            port_min: 22
+        state: available
+
+    - name: Configure Public Gateway
+      ibm_is_public_gateway:
+        name: "{{ name_prefix }}-gw"
+        resource_group: "{{ rg.id }}"
+        zone: "{{ cluster_zone }}"
+        vpc: "{{ vpc.id }}"
+        state: available
+      register: gw_create_output
+
+    - name: Save Public Gateway as fact
+      set_fact:
+        cacheable: True
+        gw: "{{ gw_create_output.resource }}"
+      when: gw_create_output.rc==0
+
+    - name: Configure VPC Subnet
+      ibm_is_subnet:
+        name: "{{ name_prefix }}-subnet"
+        resource_group: "{{ rg.id }}"
+        vpc: "{{ vpc.id }}"
+        zone: "{{ cluster_zone }}"
+        total_ipv4_address_count: "{{ total_ipv4_address_count }}"
+        public_gateway: "{{ gw.id }}"
+        state: available
+      register: subnet_create_output
+
+    - name: Save VPC Subnet as fact
+      set_fact:
+        cacheable: True
+        subnet: "{{ subnet_create_output.resource }}"
+      when: subnet_create_output.rc==0
+
+    - name: Retrieve image list
+      ibm_is_images_info:
+      register: images_list
+
+    - name: Set VM image name/id dictionary fact
+      set_fact:
+        cacheable: True
+        image_dict: "{{ images_list.resource.images |
+                        items2dict(key_name='name', value_name='id') }}"
+
+    - name: Configure SSH Key
+      ibm_is_ssh_key:
+        name: "ansible-ssh-key"
+        public_key: "{{ ssh_public_key }}"
+      register: ssh_key_create_output
+
+    - name: Save SSH Key as fact
+      set_fact:
+        cacheable: True
+        ssh_key: "{{ ssh_key_create_output.resource }}"
+
+    - name: Configure VSI for NFS server
+      ibm_is_instance:
+        name: "{{ name_prefix }}-nfs"
+        resource_group: "{{ rg.id }}"
+        vpc: "{{ vpc.id }}"
+        profile: "bx2-2x8"
+        image: "{{ image_dict[nfs_image] }}"
+        keys:
+            - "{{ ssh_key.id }}"
+        primary_network_interface:
+          - subnet: "{{ subnet.id }}"
+        zone: "{{ cluster_zone }}"
+        state: available
+      register: nfs_create_output
+
+    - name: Save VSI as fact
+      set_fact:
+        cacheable: True
+        nfs: "{{ nfs_create_output.resource }}"
+
+    - name: Configure Floating IP Address
+      ibm_is_floating_ip:
+        name: "{{ name_prefix }}-nfs-ip"
+        target: "{{ nfs.primary_network_interface[0]['id'] }}"
+        state: available
+      register: nfsip_create_output
+
+    - name: Save Floating IP as fact
+      set_fact:
+        cacheable: True
+        nfsip: "{{ nfsip_create_output.resource }}"
+
+    - name: Add NFS to Ansible inventory
+      add_host:
+        name: "{{ nfsip.address }}"
+        ansible_user: root
+        groups: new_vsi
+        ansible_ssh_extra_args: -o StrictHostKeyChecking=no
+
+    - local_action:
+        module: copy 
+        content: "{{ nfs.primary_network_interface.primary_ip.address }}"
+        dest: "{{ nfs_ip_file }}"
+
+- name: Check Ansible connection to new NFS server
+  hosts: new_vsi
+  gather_facts: False
+  tasks:
+    - name: Wait for VSI to become reachable over SSH
+      wait_for_connection:
+
+- name: Configure VSI as NFS server
+  hosts: new_vsi
+  tasks:
+  - name: Install required packages
+    ansible.builtin.package:
+      name: nfs-kernel-server
+      state: present
+  
+  - name: Create shared directory
+    ansible.builtin.file:
+      path: /mnt/nfs
+      state: directory
+      mode: '0777'
+
+  - name: Create NFS configuration
+    copy:
+      content: "/mnt/nfs *(rw,no_root_squash)"
+      dest: "/etc/exports"
+
+  - name: Restart service nfs-kernel-server
+    ansible.builtin.service:
+      name: nfs-kernel-server
+      state: restarted

scripts/ansible/Cluster/NFS-vm/manual-changes/Readme.md

@@ -0,0 +1,5 @@
+---
+collections:
+- ibm.cloudcollection
+- name: kubernetes.core
+  version: 2.0.0

scripts/ansible/Cluster/NFS-vm/requirements.yml

@@ -0,0 +1,4 @@
+---
+total_ipv4_address_count: 256
+nfs_ip_file: /tmp/nfs_ip_ibmcloud
+nfs_image: ibm-ubuntu-20-04-2-minimal-amd64-1