LBP
/
ChristianLempa_Boilerplates
spogulis no https://github.com/ChristianLempa/boilerplates.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318
							---
- name: Setup Prerequisites To Install Kubernetes
  hosts: instance
  become: true
  vars:
    kube_prereq_packages: [curl, ca-certificates, apt-transport-https]
    kube_packages: [kubeadm, kubectl, kubelet]

  tasks:
    - name: Test Reacheability
      ansible.builtin.ping:

    - name: Update Cache
      ansible.builtin.apt:
        update_cache: true
        autoclean: true

    - name: 1. Upgrade All the Packages to the latest
      ansible.builtin.apt:
        upgrade: "full"

    - name: 2. Install Qemu-Guest-Agent
      ansible.builtin.apt:
        name:
          - qemu-guest-agent
        state: present

    - name: 3. Setup a Container Runtime
      ansible.builtin.apt:
        name:
          - containerd
        state: present

    - name: 4. Start Containerd If Stopped
      ansible.builtin.service:
        name: containerd
        state: started

    - name: 5. Create Containerd Directory
      ansible.builtin.file:
        path: /etc/containerd
        state: directory
        mode: '0755'

    - name: 6. Check config.toml Exists
      ansible.builtin.stat:
        path: /etc/containerd/config.toml
      register: pre_file_exist_result

    - name: 6.1 Delete config.toml Exists
      ansible.builtin.file:
        path: /etc/containerd/config.toml
        state: absent
      when: pre_file_exist_result.stat.exists

    - name: 7. Place Default Containerd Config Inside It
      ansible.builtin.shell: |
        set -o pipefail
        containerd config default | sudo tee /etc/containerd/config.toml
      register: output
      changed_when: output.rc != 0
      args:
        executable: /bin/bash
      tags:
        - containerd_config

    - name: 7.1 Check If New config.toml Exists Now
      ansible.builtin.stat:
        path: /etc/containerd/config.toml
      register: post_file_exist_result
      tags:
        - containerd_config

    - name: 7.2 Exit The Play If config.toml Does Not Exist
      ansible.builtin.meta: end_play
      when: not post_file_exist_result.stat.exists
      tags:
        - containerd_config

    - name: 8.1 Disable Swap
      ansible.builtin.command: sudo swapoff -a
      register: output
      changed_when: output.rc != 0
      tags:
        - disable_swap

    - name: 8.2 Disable Swap permanently
      ansible.builtin.replace:
        path: /etc/fstab
        regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
        replace: '# \1'
      tags:
        - disable_swap

    - name: 9. Edit config.toml
      ansible.builtin.replace:
        path: /etc/containerd/config.toml
        after: \[plugins\."io\.containerd\.grpc\.v1\.cri"\.containerd\.runtimes\.runc\.options\]
        regexp: SystemdCgroup = false
        replace: SystemdCgroup = true

    - name: 10. Enable Ipv4 Bridging
      ansible.builtin.replace:
        path: /etc/sysctl.conf
        regexp: ^#net\.ipv4\.ip_forward=1$
        replace: net.ipv4.ip_forward=1

    - name: 11.1 Delete k8s Config If Exists
      ansible.builtin.file:
        path: /etc/modules-load.d/k8s.conf
        state: absent
      tags:
        - kube_config

    - name: 11.2 Add k8s.config and Edit It
      ansible.builtin.lineinfile:
        path: /etc/modules-load.d/k8s.conf
        line: br_netfilter
        create: true
        mode: '0755'
      tags:
        - kube_config

    - name: 12.1 Reboot
      ansible.builtin.reboot:
      register: system_reboot

    - name: 12.2 Verify Reboot Success
      ansible.builtin.ping:
      when: system_reboot.rebooted

    - name: 13.1 Update Cache
      ansible.builtin.apt:
        update_cache: true
        autoclean: true
      tags:
        - install_pre_kube_packages

    - name: 13.2 Remove apt lock file
      ansible.builtin.file:
        state: absent
        path: "/var/lib/dpkg/lock"
      tags:
        - install_pre_kube_packages

    - name: 13.3 Install Prerequisite Packages
      ansible.builtin.apt:
        name: '{{ kube_prereq_packages }}'
      tags:
        - install_pre_kube_packages

    - name: 13.4 Remove GPG Keys If They Exist
      ansible.builtin.file:
        path: "{{ item }}"
        state: absent
      with_items:
        - /usr/share/keyrings/kubernetes-apt-keyring.gpg
        - /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored
      tags:
        - install_pre_kube_packages

    - name: 13.5 Download Kubernetes APT Key
      ansible.builtin.get_url:
        url: https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key
        dest: /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored
        mode: '0755'
      tags:
        - install_pre_kube_packages

    - name: 13.6 De-Armor Kubernetes APT Key
      ansible.builtin.shell: gpg --dearmor < /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored > /etc/apt/keyrings/kubernetes-apt-keyring.gpg
      no_log: true
      args:
        creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
      tags:
        - install_pre_kube_packages

    - name: 13.7 Add Kubernetes APT Key
      ansible.builtin.shell: |
        set -o pipefail
        echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' \
        | sudo tee /etc/apt/sources.list.d/kubernetes.list
      register: apt_output
      changed_when: apt_output.rc != 0
      args:
        executable: /bin/bash
      tags:
        - install_pre_kube_packages

    - name: 14.1 Update Cache
      ansible.builtin.apt:
        update_cache: true
        autoclean: true
      tags:
        - install_kube_packages

    - name: 14.2 Remove apt lock file
      ansible.builtin.file:
        state: absent
        path: "/var/lib/dpkg/lock"
      tags:
        - install_kube_packages

    - name: 14.3 Install Required Packages
      ansible.builtin.apt:
        name: '{{ kube_packages }}'
      tags:
        - install_kube_packages

    - name: 14.4 Hold Packages
      ansible.builtin.dpkg_selections:
        name: '{{ item }}'
        selection: hold
      with_items: '{{ kube_packages }}'
      tags:
        - install_kube_packages

    - name: Prompt To Continue On To Configuring Control Nodes
      ansible.builtin.pause:
        prompt: Press RETURN when you want to continue configuring the Control nodes!

- name: Setup Controller Nodes
  gather_facts: true
  hosts: controllers
  become: true

  tasks:
    - name: 1. Initialize Cluster
      ansible.builtin.shell: |
        set -o pipefail
        sudo kubeadm init --control-plane-endpoint={{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} --pod-network-cidr=10.244.0.0/16
      register: init_cluster_output
      changed_when: init_cluster_output.rc != 0
      args:
        executable: /bin/bash

    - name: 2.1 Create .kube Directory
      ansible.builtin.file:
        path: .kube
        state: directory
        mode: '0755'
      tags:
        - kube_admin_config

    - name: 2.2 Copy Kubernetes Admin Config
      ansible.builtin.copy:
        remote_src: true
        src: /etc/kubernetes/admin.conf
        dest: .kube/config
        mode: '0755'
      tags:
        - kube_admin_config

    - name: 2.3 Change Config File Permission
      ansible.builtin.command: chown {{ ansible_env.USER }}:{{ ansible_env.USER }} ".kube/config"
      changed_when: false
      when: not ansible_env.HOME is undefined
      tags:
        - kube_admin_config

    - name: 3. Install An Overlay Network
      ansible.builtin.shell: |
        set -o pipefail
        kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
      register: init_cluster_output
      become: false
      changed_when: init_cluster_output.rc != 0
      args:
        executable: /bin/bash

    - name: 4.1 Execute Join String Generation Command
      ansible.builtin.command: kubeadm token create --print-join-command
      become: false
      register: join_output
      changed_when: false
      tags:
        - join_string

    - name: 4.2 Display Join String
      ansible.builtin.debug:
        msg: 'Join Command : {{ join_output.stdout }}'
      tags:
        - join_string

    - name: Copy Connection String To A Remote File
      ansible.builtin.template:
        src: k8s_worker_node_connection.j2
        dest: worker_conn_string
        mode: '0755'

    - name: Check Connection String File Exists
      ansible.builtin.stat:
        path: worker_conn_string
      register: conn_file_path_remote

    - name: Fetch The Remote File
      ansible.builtin.fetch:
        src: worker_conn_string
        dest: Remote_Files/worker_conn_string
        flat: true
      when: conn_file_path_remote.stat.exists

    - name: Prompt To Continue On To Configuring Worker Nodes
      ansible.builtin.pause:
        prompt: Press RETURN when you want to continue configuring the Worker nodes!

- name: Join Worker Nodes
  gather_facts: true
  hosts: nodes
  become: true
  vars:
    node_conn_string: "{{ lookup('ansible.builtin.file', 'Remote_Files/worker_conn_string') }}"

  tasks:
    - name: 1. Add Worker Nodes To The Controller
      ansible.builtin.command: '{{ node_conn_string }}'
      changed_when: false
      throttle: 1