WIP

2022-02-06 15:52:03 -06:00 · 2022-02-06 15:52:03 -06:00 · 2edb3ca55d
parent 3e79f1355d
commit 2edb3ca55d
23 changed files with 65 additions and 161 deletions
--- a/ansible/arch-linux/defaults/main.yml
+++ b/ansible/arch-linux/defaults/main.yml
@ -1,2 +0,0 @@
 ---
 # defaults file for arch-linux
--- a/ansible/arch-linux/handlers/main.yml
+++ b/ansible/arch-linux/handlers/main.yml
@ -1,2 +0,0 @@
 ---
 # handlers file for arch-linux
--- a/ansible/arch-linux/meta/main.yml
+++ b/ansible/arch-linux/meta/main.yml
@ -1,52 +0,0 @@
 galaxy_info:
  author: your name
  description: your role description
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: license (GPL-2.0-or-later, MIT, etc)
  min_ansible_version: 2.1
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/ansible/arch-linux/tasks/main.yml
+++ b/ansible/arch-linux/tasks/main.yml
@ -1,16 +0,0 @@
 # TODO: how can I "share" the `aur_builder` username
 # TODO: how can I avoiding repeating tasks if I know they're done?t remote add origin ssh://git@git.lyte.dev:2222/lytedev/home-k8s-cluster.git
 - include_tasks: ./create-aur-builder.yml
  when: ansible_facts.os_family == 'Archlinux'
 - include_tasks: ./install-yay-bin.yml
  when: ansible_facts.os_family == 'Archlinux'
 - include_tasks: ./upgrade-all-packages.yml
  when: ansible_facts.os_family == 'Archlinux'
 # TODO:
 # - update everything
 # - install k8s
 # - join cluster?
--- a/ansible/arch-linux/tests/inventory
+++ b/ansible/arch-linux/tests/inventory
@ -1,2 +0,0 @@
 localhost
--- a/ansible/arch-linux/tests/test.yml
+++ b/ansible/arch-linux/tests/test.yml
@ -1,5 +0,0 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - arch-linux
--- a/ansible/arch-linux/vars/main.yml
+++ b/ansible/arch-linux/vars/main.yml
@ -1,2 +0,0 @@
 ---
 # vars file for arch-linux
--- a/ansible/build-k3s-cluster.yml
+++ b/ansible/build-k3s-cluster.yml
@ -0,0 +1,5 @@
 - name: setup k3s on k3s-nodes
  hosts: k3s-nodes
  gather_facts: yes
  roles:
    - role: k3s-node
--- a/ansible/install-k3s.yml
+++ b/ansible/install-k3s.yml
@ -1,18 +0,0 @@
 - name: provision Arch Linux hosts
  hosts: all
  gather_facts: yes
  roles:
    - role: xanmanning.k3s
 # - hosts: k3s_nodes
 #   vars:
 #     k3s_registration_address: loadbalancer  # Typically a load balancer.
 #     k3s_server:
 #       datastore-endpoint: "postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable"
 #   pre_tasks:
 #     - name: Set each node to be a control node
 #       ansible.builtin.set_fact:
 #         k3s_control_node: true
 #       when: inventory_hostname in ['node2', 'node3']
 #   roles:
 #     - role: xanmanning.k3s
--- a/ansible/inventory/hosts.yml
+++ b/ansible/inventory/hosts.yml
@ -1,32 +1,13 @@
-homek8s:
+k3s-nodes:
  children:
    controllers:
    hybrid:
  hosts:
-        "10.0.0.87":
+    "root@10.0.0.87":
-          k3s_control_node: true
+      control-plane-node: true
-          ansible_host: "10.0.0.87"
+    "root@10.0.0.138":
-          ansible_user: root
+      agent-node: true
          cluster-cidr: '10.42.0.0/16'
          #   # flannel-backend: 'none'
          #   node-label:
          #     - "human-name=datto3"
        "10.0.0.138":
          ansible_host: "10.0.0.138"
          ansible_user: root
          # k3s_control_node: false
          #   with-node-id: true
          #   node-label:
          #     - "human-name=chromebox"
    workers:
  vars:
    k3s_release_version: v1.23.3+k3s1
    k3s_build_cluster: true
    k3s_registration_address: 10.0.0.87
    ansible_python_interpreter: /usr/bin/python3.10
-    k3s_server:
+    cluster_cidr: '192.168.0.0/16'
-      advertise-address: "0.0.0.0"
+    k3s:
-    k3s_agent:
+      version: v1.23.3+k3s1
-      node-ip: "{{ ansible_host }}"
+      master: 10.0.0.87
      node-external-ip: "{{ ansible_host }}"
--- a/ansible/arch-linux/.travis.yml
+++ b/ansible/arch-linux/.travis.yml
--- a/ansible/arch-linux/README.md
+++ b/ansible/arch-linux/README.md
--- a/ansible/arch-linux/tasks/aur.yml
+++ b/ansible/arch-linux/tasks/aur.yml
@ -2,7 +2,7 @@
  connection: local
  become: no
  uri: >
-    url=https://aur.archlinux.org/rpc.php?type=info&arg={{ pkg_name | mandatory }}
+    url=https://aur.archlinux.org/rpc?v=5&type=info&arg={{ pkg_name | mandatory }}
    return_content=yes
    timeout=6
  register: api_info
@ -11,7 +11,7 @@
    that:
      - api_info.status == 200
      - api_info.json is defined
-      - api_info.json.type == 'info'
+      - api_info.json.type == 'multiinfo'
      - api_info.json.resultcount == 1
      - api_info.json.results is defined
@ -19,10 +19,15 @@
  become: no
  connection: local
  get_url: >
-    url='https://aur.archlinux.org{{ api_info.json.results.URLPath }}'
+    url='https://aur.archlinux.org{{ api_info.json.results[0].URLPath }}'
    dest='/tmp/'
  register: aur_tarball
 - name: AUR | cleanup old {{ pkg_name }} builds
  ansible.builtin.file:
    path: /tmp/{{ pkg_name }}
    state: absent
 - name: AUR | upload and extract package {{ pkg_name }} tarball to host
  become: yes
  become_user: '{{ makepkg_nonroot_user }}'
--- a/ansible/arch-linux/tasks/create-aur-builder.yml
+++ b/ansible/arch-linux/tasks/create-aur-builder.yml
--- a/ansible/k3s-node/tasks/install-k3s.yml
+++ b/ansible/k3s-node/tasks/install-k3s.yml
@ -0,0 +1,3 @@
 - name: install k3s
  ansible.builtin.command: >
    curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION="{{ k3s.version }}" sh -
--- a/ansible/arch-linux/tasks/install-yay-bin.yml
+++ b/ansible/arch-linux/tasks/install-yay-bin.yml
--- a/ansible/k3s-node/tasks/main.yml
+++ b/ansible/k3s-node/tasks/main.yml
@ -0,0 +1,10 @@
 - include_tasks: ./prepare-host.yml
 - include_tasks: ./install-k3s.yml
 # TODO: setup loadbalancer?
 - include_tasks: ./start-k3s-control-nodes.yml
  # TODO: probably need some output here?
 - include_tasks: ./start-k3s-agents.yml
  # TODO: probably need the output from control nodes
--- a/ansible/k3s-node/tasks/prepare-host.yml
+++ b/ansible/k3s-node/tasks/prepare-host.yml
@ -0,0 +1,19 @@
 # arch linux
 - include_tasks: ./create-aur-builder.yml
  when: ansible_facts.os_family == 'Archlinux'
 - include_tasks: ./install-yay-bin.yml
  when: ansible_facts.os_family == 'Archlinux'
 # common
 - include_tasks: ./use-firewalld-with-iptables.yml
 - name: open http and https ports in firewalld
  ansible.builtin.command: >
    sudo firewall-cmd --add-port=443/tcp --permanent \
      && sudo firewall-cmd --add-port=80/tcp --permanent \
      && sudo firewall-cmd --reload
 - include_tasks: ./update-all.yml
  # _todo: net.ipv4.ip_forward = 1
--- a/ansible/arch-linux/tasks/upgrade-all-packages.yml
+++ b/ansible/arch-linux/tasks/upgrade-all-packages.yml
@ -1,4 +1,5 @@
 - name: upgrade all packages
  when: ansible_facts.os_family == 'Archlinux'
  community.general.pacman:
    # executable: yay
    force: yes
--- a/ansible/k3s-node/tasks/use-firewalld-with-iptables.yml
+++ b/ansible/k3s-node/tasks/use-firewalld-with-iptables.yml
@ -0,0 +1,8 @@
 - name: uninstall nftables, install firewalld, configure it to use iptables, and activate it
  when: ansible_facts.os_family == 'Archlinux'
  become: true
  ansible.builtin.command: >
    pacman -Rs nftables \
      && pacman -Sy firewalld \
      && sed -i 's/FirewallBackend=.*/FirewallBackend=iptables/g' /etc/firewalld/firewalld.conf \
      && systemctl enable --now firewalld
--- a/ansible/nuke-k3s-cluster.yml
+++ b/ansible/nuke-k3s-cluster.yml
@ -1,4 +1,4 @@
- name: deprovision k3s nodes
+- name: purge k3s from k3s-nodes
  hosts: all
  become: true
  gather_facts: yes
@ -24,16 +24,3 @@
        path: "{{ item.path }}"
        state: absent
      loop: "{{ files_to_delete.files }}"
 # - hosts: k3s_nodes
 #   vars:
 #     k3s_registration_address: loadbalancer  # Typically a load balancer.
 #     k3s_server:
 #       datastore-endpoint: "postgres://postgres:verybadpass@database:5432/postgres?sslmode=disable"
 #   pre_tasks:
 #     - name: Set each node to be a control node
 #       ansible.builtin.set_fact:
 #         k3s_control_node: true
 #       when: inventory_hostname in ['node2', 'node3']
 #   roles:
 #     - role: xanmanning.k3s
--- a/ansible/provision.yml
+++ b/ansible/provision.yml
@ -1,13 +0,0 @@
 - name: provision Arch Linux hosts
  hosts: all
  gather_facts: yes
  roles:
    - role: './arch-linux'
  tasks:
    - name: print all available facts
      ansible.builtin.debug:
        var: ansible_facts
    - name: print os family
      ansible.builtin.debug:
        var: ansible_facts.os_family
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -5,6 +5,3 @@ collections:
    version: 1.2.0
  - name: ansible.posix
    version: 1.3.0
 roles:
  - src: xanmanning.k3s
    version: v3.1.0