12c6c65139 | ||
---|---|---|
.config | ||
.githooks | ||
configs | ||
inventory | ||
playbooks | ||
test | ||
.gitignore | ||
.gitmodules | ||
.yamllint | ||
INSTALL.md | ||
README.md | ||
ansible.cfg | ||
requirements.txt | ||
requirements.yml | ||
site.yml |
README.md
Snel.com Ansible Playbooks
Preparation
Make sure you followed the instructions in INSTALL.md
Step 1: Customer order
Customer orders cluster using the special order page
Step 2: Create inventory
In this repo:
- Create a copy of the inventory file
inventory/cluster_[NAME].yml.tpl
.- Replace
[NAME]
with the name of the cluster and remove te.tpl
suffix.
- Replace
- Inside this file replace all
[NAME]
and update the IPs- In the package the customer will have one new Cloud VPS Bucket, this IP is used for the Control Load Balancer
control.[NAME].k8s.snel.com
- In the package the customer will have 6 new Talos VPSses.
- The first 3 IPs need to be used for the
talos_control_nodes
- The remaining 3 IPs need to be used for the
talos_worker_nodes
- The first 3 IPs need to be used for the
- Attach 2 extra IPs to the VPS which will become
c1.[NAME].k8s.snel.com
, the first control node.- Use these IPs in the inventory file as
ingress_ips
- These will be floating IPs for MetalLB
- Use these IPs in the inventory file as
- In the package the customer will have one new Cloud VPS Bucket, this IP is used for the Control Load Balancer
Step 3: Make sure you can login on the Control Load Balancer using your SSH key
- Copy your public key to the user created by Hostbill
PUBLIC_KEY_FILE="${HOME}/.ssh/id_ed25519"
ssh-copy-id -i "${PUBLIC_KEY_FILE}" client_XXXXX_XX@185.62.XXX.XXX
- Login as the user created by Hostbill
ssh client_XXXXX_XX@185.62.XXX.XXX
- Copy the public key to root. The sudo password will be asked which, this is the same as the user password from Hostbill.
sudo bash -c 'mkdir -p /root/.ssh; cat /home/client_*/.ssh/authorized_keys >> /root/.ssh/authorized_keys'
Step 3: Execute playbook - VPSses
Your Vaultwarden vault password will be asked.
cd ~/repos/snel.ansible
git pull --recurse-submodules
bw sync
BW_SESSION=$(bw unlock --raw) ansible-playbook site.yml --limit cluster_[NAME]
Execute playbook - (Re)install Talos on Hardware
Your Vaultwarden vault password will be asked.
cd ~/repos/snel.ansible
bw sync
BW_SESSION=$(bw unlock --raw) ansible-playbook ./playbooks/snel.kubernetes-cluster/dci_reinstall_talos.yml --limit cluster_[NAME]