-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
149 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| --- | ||
| name: Lint | ||
| 'on': | ||
| pull_request: | ||
| push: | ||
| branches: | ||
| - master | ||
|
|
||
| jobs: | ||
|
|
||
| test: | ||
| name: Lint | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Check out the codebase. | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - name: Set up Python 3.7. | ||
| uses: actions/setup-python@v2 | ||
| with: | ||
| python-version: '3.x' | ||
|
|
||
| - name: Install test dependencies. | ||
| run: pip3 install yamllint ansible-lint ansible | ||
|
|
||
| - name: Run yamllint. | ||
| run: yamllint . | ||
|
|
||
| - name: Run ansible-lint. | ||
| run: ansible-lint |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| [defaults] | ||
| nocows = True | ||
| roles_path = ./roles | ||
| inventory = ./hosts.ini | ||
|
|
||
| remote_tmp = $HOME/.ansible/tmp | ||
| local_tmp = $HOME/.ansible/tmp | ||
| pipelining = True | ||
| become = True | ||
| host_key_checking = False | ||
| deprecation_warnings = False | ||
| callback_whitelist = profile_tasks |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| [masters] | ||
| K8S01 ansible_host=192.168.1.11 ansible_user=ubuntu | ||
|
|
||
| [workers] | ||
| K8S02 ansible_host=192.168.1.12 ansible_user=ubuntu | ||
| K8S03 ansible_host=192.168.1.13 ansible_user=ubuntu | ||
|
|
||
| [k3s_cluster:children] | ||
| masters | ||
| workers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| --- | ||
| - hosts: "masters, workers" | ||
| remote_user: ubuntu | ||
| become: yes | ||
| become_method: sudo | ||
| become_user: root | ||
| gather_facts: yes | ||
| connection: ssh | ||
|
|
||
| tasks: | ||
| - name: Create containerd config file | ||
| file: | ||
| path: "/etc/modules-load.d/containerd.conf" | ||
| state: "touch" | ||
|
|
||
|
|
||
| - name: Add conf for containerd | ||
| blockinfile: | ||
| path: "/etc/modules-load.d/containerd.conf" | ||
| block: | | ||
| overlay | ||
| br_netfilter | ||
| - name: modprobe | ||
| shell: | | ||
| sudo modprobe overlay | ||
| sudo modprobe br_netfilter | ||
| - name: Set system configurations for Kubernetes networking | ||
| file: | ||
| path: "/etc/sysctl.d/99-kubernetes-cri.conf" | ||
| state: "touch" | ||
|
|
||
| - name: Add conf for containerd | ||
| blockinfile: | ||
| path: "/etc/sysctl.d/99-kubernetes-cri.conf" | ||
| block: | | ||
| net.bridge.bridge-nf-call-iptables = 1 | ||
| net.ipv4.ip_forward = 1 | ||
| net.bridge.bridge-nf-call-ip6tables = 1 | ||
| - name: Apply new settings | ||
| command: sudo sysctl --system | ||
|
|
||
| - name: install containerd | ||
| shell: | | ||
| sudo apt-get update && sudo apt-get install -y containerd | ||
| sudo mkdir -p /etc/containerd | ||
| sudo containerd config default | sudo tee /etc/containerd/config.toml | ||
| sudo systemctl restart containerd | ||
| - name: disable swap | ||
| shell: | | ||
| sudo swapoff -a | ||
| sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab | ||
| - name: install and configure dependencies | ||
| shell: | | ||
| sudo apt-get update && sudo apt-get install -y apt-transport-https curl | ||
| curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - | ||
| - name: Create kubernetes repo file | ||
| file: | ||
| path: "/etc/apt/sources.list.d/kubernetes.list" | ||
| state: "touch" | ||
|
|
||
| - name: Add K8s Source | ||
| blockinfile: | ||
| path: "/etc/apt/sources.list.d/kubernetes.list" | ||
| block: | | ||
| deb https://apt.kubernetes.io/ kubernetes-xenial main | ||
| - name: install kubernetes | ||
| shell: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y kubelet=1.20.1-00 kubeadm=1.20.1-00 kubectl=1.20.1-00 | ||
| sudo apt-mark hold kubelet kubeadm kubectl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| --- | ||
| - hosts: 'workers, masters' | ||
| become: yes | ||
|
|
||
| tasks: | ||
| - name: create the kube user account | ||
| user: name=kube append=yes state=present createhome=yes shell=/bin/bash | ||
|
|
||
| - name: allow 'kube' to use sudo without needing a password | ||
| lineinfile: | ||
| dest: /etc/sudoers | ||
| line: 'kube ALL=(ALL) NOPASSWD: ALL' | ||
| validate: 'visudo -cf %s' | ||
|
|
||
| - name: set up authorized keys for the kube user | ||
| authorized_key: user=kube key="{{item}}" | ||
| with_file: | ||
| - ~/.ssh/id_rsa.pub |