Snel.com Ansible Playbooks

Preparation

Make sure you followed the instructions in INSTALL.md

Step 1: Customer order

Customer orders cluster using the special order page

Step 2: Create inventory

In this repo:

• Create a copy of the inventory file inventory/cluster_[NAME].yml.tpl.
  • Replace [NAME] with the name of the cluster and remove te .tpl suffix.
• Inside this file replace all [NAME] and update the IPs
  • In the package the customer will have one new Cloud VPS Bucket, this IP is used for the Control Load Balancer control.[NAME].k8s.snel.com
  • In the package the customer will have 6 new Talos VPSses.
    • The first 3 IPs need to be used for the talos_control_nodes
    • The remaining 3 IPs need to be used for the talos_worker_nodes
  • Attach 2 extra IPs to the VPS which will become c1.[NAME].k8s.snel.com, the first control node.
    • Use these IPs in the inventory file as ingress_ips
    • These will be floating IPs for MetalLB

Step 3: Make sure you can login on the Control Load Balancer using your SSH key

• Copy your public key to the user created by Hostbill

PUBLIC_KEY_FILE="${HOME}/.ssh/id_ed25519"
ssh-copy-id  -i "${PUBLIC_KEY_FILE}"  client_XXXXX_XX@185.62.XXX.XXX

• Login as the user created by Hostbill

ssh client_XXXXX_XX@185.62.XXX.XXX

• Copy the public key to root. The sudo password will be asked which, this is the same as the user password from Hostbill.

sudo  bash -c 'mkdir -p /root/.ssh; cat /home/client_*/.ssh/authorized_keys >> /root/.ssh/authorized_keys'

Step 3: Execute playbook - VPSses

Your Vaultwarden vault password will be asked.

cd  ~/repos/snel.ansible
git  pull  --recurse-submodules
bw  sync
BW_SESSION=$(bw unlock --raw)  ansible-playbook  site.yml  --limit cluster_[NAME]

Execute playbook - (Re)install Talos on Hardware

Your Vaultwarden vault password will be asked.

cd  ~/repos/snel.ansible
bw  sync
BW_SESSION=$(bw unlock --raw)  ansible-playbook  ./playbooks/snel.kubernetes-cluster/dci_reinstall_talos.yml  --limit cluster_[NAME]