fenix-gitea-admin/iac-ansible-public
1
0
Fork 0
mirror of https://gitea.fenix-dev.com/fenix-gitea-admin/iac-ansible-private.git synced 2025-12-16 19:27:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
676cc04dd4e81022548f97a98f6535bb4c3e37e7
iac-ansible-public/roles/kube-master/tasks/main.yml

251 lines
6.0 KiB
YAML
Raw Blame History

- name: Instalar pip3 no host remoto
become: true
ansible.builtin.apt:
name: python3-pip
state: present
update_cache: true
- name: Instalar ruamel.yaml no host remoto
become: true
ansible.builtin.pip:
name: ruamel.yaml
executable: pip3
- name: Fazer download do manifest oficial do Flannel
become: true
get_url:
url: https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
dest: /tmp/kube-flannel.yml
- name: Substituir o CIDR da rede no manifest
become: true
replace:
path: /tmp/kube-flannel.yml
regexp: '10\.244\.0\.0/16'
replace: '10.240.0.0/16' # .3.
- name: Corrigir net-conf.json no manifest do Flannel
become: true
ansible.builtin.script:
cmd: patch_netconf.py
- name: cat flannel
become: true
shell: |
cat /tmp/kube-flannel.yml
register: flannel_manifest
- name: Mostrar conteúdo do manifest
become: true
debug:
var: flannel_manifest.stdout
- name: Adicionar --iface=eth0 ao flanneld
become: true
ansible.builtin.lineinfile:
path: /tmp/kube-flannel.yml
insertafter: ' - --kube-subnet-mgr'
line: ' - --iface=eth0'
- name: Inicializar o cluster com kubeadm
become: true
command:
argv:
- kubeadm
- init
- --pod-network-cidr=10.240.0.0/16 # .3.
- --apiserver-advertise-address=192.168.1.50
- --service-cidr=10.95.0.0/16
creates: /etc/kubernetes/admin.conf
- name: Verificar se o diretório .kube já existe
become: true
stat:
path: /home/fenix/.kube
register: kube_dir
- name: Criar diretório .kube para o usuário ubuntu
become: true
ansible.builtin.file:
path: /home/fenix/.kube
state: directory
owner: fenix
group: ubuntu
mode: 0755
when: not kube_dir.stat.exists
- name: Set up kubeconfig for user
become: true
copy:
src: /etc/kubernetes/admin.conf
dest: /home/fenix/.kube/config
remote_src: yes
owner: fenix
group: ubuntu
mode: 0644
when: not kube_dir.stat.exists
- name: 33 Wait for Kubernetes API to be ready
become: true
shell: |
kubectl get --raw='/healthz'
environment:
KUBECONFIG: /home/fenix/.kube/config
register: api_health
until: api_health.rc == 0
retries: 10
delay: 6
become: yes
- name: kubernetes untaint node-role.kubernetes.io/control-plane:NoSchedule
become: true
shell: |
kubectl taint nodes --all node-role.kubernetes.io/control-plane:NoSchedule-
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
ignore_errors: yes
- name: kubernetes unlabel node-role.kubernetes.io/control-plane
become: true
shell: |
kubectl label nodes --all node-role.kubernetes.io/control-plane-
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
ignore_errors: yes
- name: kubernetes unlabel node.kubernetes.io/exclude-from-external-load-balancers
become: true
shell: |
kubectl label nodes --all node.kubernetes.io/exclude-from-external-load-balancers-
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
ignore_errors: yes
- name: cat flannel
become: true
shell: |
cat /tmp/kube-flannel.yml
register: flannel_manifest2
- name: Mostrar conteúdo do manifest
become: true
debug:
var: flannel_manifest2.stdout
- name: Aplicar o manifest do Flannel
become: yes
become_user: fenix
shell: |
kubectl apply -f /tmp/kube-flannel.yml
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: 34 Wait for Kubernetes API to be ready
become: true
shell: |
kubectl get --raw='/healthz'
environment:
KUBECONFIG: /home/fenix/.kube/config
register: api_health
until: api_health.rc == 0
retries: 10
delay: 6
become: yes
- name: Instalar Helm no nó master
become: true
shell: |
curl -fsSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
args:
creates: /usr/local/bin/helm
- name: Adicionar repositório Helm do CSI NFS
command: >
helm repo add csi-driver-nfs https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
args:
creates: /root/.cache/helm/repository/csi-driver-nfs-index.yaml
- name: Atualizar repositórios Helm
command: helm repo update
- name: Instalar CSI NFS Driver via Helm
command: helm upgrade --install csi-driver-nfs csi-driver-nfs/csi-driver-nfs --namespace kube-system --version 4.12.0
register: resultado_nfs
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: Mostrar resultado do nfs csi driver
debug:
var: resultado_nfs.stdout_lines
- name: Instalar MetalLB (manifest oficial)
shell: kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.9/config/manifests/metallb-native.yaml
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: Esperar pelo webhook do MetalLB
shell: kubectl get endpoints webhook-service -n metallb-system -o jsonpath='{.subsets[*].addresses[*].ip}'
register: webhook_ready
until: webhook_ready.stdout != ""
retries: 10
delay: 10
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: Criar IP pool
shell: |
cat <<EOF | kubectl apply -f -
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: local-pool
namespace: metallb-system
spec:
addresses:
- 10.240.0.100-10.240.0.250
EOF
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: Criar anúncio L2
shell: |
cat <<EOF | kubectl apply -f -
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: advert
namespace: metallb-system
EOF
become_user: fenix
environment:
KUBECONFIG: /home/fenix/.kube/config
- name: Get kubeadm join command
become: true
shell: kubeadm token create --print-join-command
register: join_cmd
- name: Set join command as fact
become: true
set_fact:
kubeadm_join_command: "{{ join_cmd.stdout }}"
Reference in New Issue View Git Blame Copy Permalink