snelcom-ansible
/
snel.kubernetes-cluster
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cluster configs

This commit is contained in:
Jeroen Vermeulen 2023-10-23 14:12:25 +02:00
parent fa14b38d38
commit 883ef18d44
No known key found for this signature in database
10 changed files with 46 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
applications.yml
View File

@ -2,7 +2,7 @@
--- ---
- name: Haproxy Control LB - name: Haproxy Control LB
hosts: hosts:
- control_lb_nodes - kubernetes_control_lb
roles: roles:
- role: haproxy_control_lb - role: haproxy_control_lb
tags: tags:

8
dci_hardware.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Execute dci_hostname role
gather_facts: false
hosts:
- talos_hardware_nodes
roles:
- role: dci_hostname

2
hostbill.yml
View File

@ -4,7 +4,7 @@
become: false become: false
gather_facts: false gather_facts: false
hosts: hosts:
- control_lb_nodes - kubernetes_control_lb
- talos - talos
roles: roles:
- role: hostbill_machine_name - role: hostbill_machine_name

3
k8s_services.yml
View File

@ -45,9 +45,6 @@
- role: k8s_rancher_monitoring - role: k8s_rancher_monitoring
tags: tags:
- rancher_monitoring - rancher_monitoring
- role: k8s_velero
tags:
- velero
- role: k8s_node_problem_detector - role: k8s_node_problem_detector
tags: tags:
- k8s_node_problem_detector - k8s_node_problem_detector

5
playbook.yml
View File

@ -1,4 +1,9 @@
--- ---
- name: Include dci_hardware.yml
ansible.builtin.import_playbook: dci_hardware.yml
tags:
- dci_hardware
- name: Include playbook hostbill - name: Include playbook hostbill
ansible.builtin.import_playbook: hostbill.yml ansible.builtin.import_playbook: hostbill.yml
tags: tags:

4
roles/dci_hostname/meta/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
dependencies:
- role: common
- role: dci_login

15
roles/dci_hostname/tasks/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Set hostname using DCI Manager API
delegate_to: "{{ dci_manager_access_host }}"
become: false
ansible.builtin.uri:
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server/{{ dci_server_info.id }}"
method: POST
headers:
X-Xsrf-Token: "{{ dci_token }}"
body_format: json
body: "{ \"domain\": \"{{ inventory_hostname }}\" }"
register: _dci_hostname
until: _dci_hostname.status != 503
changed_when: true

4
roles/haproxy_control_lb/tasks/firewall.yml
View File

@ -15,7 +15,7 @@
rule: allow rule: allow
port: "50000" port: "50000"
src: "{{ hostvars[talos_node].ansible_host }}" src: "{{ hostvars[talos_node].ansible_host }}"
loop: "{{ groups['customer_' + cluster_name_short] }}" loop: "{{ groups['cluster_' + cluster_name_short] }}"
loop_control: loop_control:
loop_var: talos_node loop_var: talos_node
@ -24,7 +24,7 @@
rule: allow rule: allow
port: "50001" port: "50001"
src: "{{ hostvars[talos_node].ansible_host }}" src: "{{ hostvars[talos_node].ansible_host }}"
loop: "{{ groups['customer_' + cluster_name_short] }}" loop: "{{ groups['cluster_' + cluster_name_short] }}"
loop_control: loop_control:
loop_var: talos_node loop_var: talos_node

6
roles/haproxy_control_lb/templates/haproxy_control_lb.cfg.j2
View File

@ -7,7 +7,7 @@ frontend tcp_talosapi
backend bk_talosapi backend bk_talosapi
mode tcp mode tcp
balance leastconn balance leastconn
{% for talos_node in groups['customer_' + cluster_name_short] %} {% for talos_node in groups['cluster_' + cluster_name_short] %}
{% if talos_node in groups['talos_control_nodes'] %} {% if talos_node in groups['talos_control_nodes'] %}
server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:50000 server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:50000
{% endif %} {% endif %}
@ -24,7 +24,7 @@ frontend tcp_talostrustd
backend bk_talostrustd backend bk_talostrustd
mode tcp mode tcp
balance leastconn balance leastconn
{% for talos_node in groups['customer_' + cluster_name_short] %} {% for talos_node in groups['cluster_' + cluster_name_short] %}
{% if talos_node in groups['talos_control_nodes'] %} {% if talos_node in groups['talos_control_nodes'] %}
server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:50001 server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:50001
{% endif %} {% endif %}
@ -41,7 +41,7 @@ frontend tcp_kubeapi
backend bk_kubeapi backend bk_kubeapi
mode tcp mode tcp
balance leastconn balance leastconn
{% for talos_node in groups['customer_' + cluster_name_short] %} {% for talos_node in groups['cluster_' + cluster_name_short] %}
{% if talos_node in groups['talos_control_nodes'] %} {% if talos_node in groups['talos_control_nodes'] %}
server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:6443 check server {{ talos_node }} {{ hostvars[talos_node].ansible_host }}:6443 check
{% endif %} {% endif %}

7
roles/os_debian/tasks/local-ssh.yml
View File

@ -1,5 +1,12 @@
--- ---
- name: Stat local .ssh/config.d
delegate_to: localhost
ansible.builtin.stat:
path: ~/.ssh/config.d
register: _stat_ssh_configd
- name: Add SSH config on ansible host - name: Add SSH config on ansible host
when: _stat_ssh_configd.stat.isdir
delegate_to: localhost delegate_to: localhost
ansible.builtin.copy: ansible.builtin.copy:
dest: ~/.ssh/config.d/{{ inventory_hostname }}.conf dest: ~/.ssh/config.d/{{ inventory_hostname }}.conf