mvhutz/hetzner-cluster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: up to final step

Browse Source
This commit is contained in:
Maxim Hutz
2025-12-31 17:23:04 -05:00
parent 9a323672bc
commit 380ddb8920
2 changed files with 161 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

241
playbooks/install_k8s.yml
View File

@@ -1,126 +1,126 @@
# - name: Configure compute for the cluster.
# hosts: servers
# gather_facts: false
# vars:
# kubernetes_version: v1.30
# tasks:
# - name: Download Kubernetes key.
# ansible.builtin.apt_key:
# url: https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version }}/deb/Release.key
# state: present
- name: Configure compute for the cluster.
hosts: servers
gather_facts: false
vars:
kubernetes_version: v1.30
tasks:
- name: Download Kubernetes key.
ansible.builtin.apt_key:
url: https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version }}/deb/Release.key
state: present
# - name: Download Kubernetes repository.
# ansible.builtin.apt_repository:
# repo: "deb https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version }}/deb/ /"
# state: present
- name: Download Kubernetes repository.
ansible.builtin.apt_repository:
repo: "deb https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version }}/deb/ /"
state: present
# - name: Download CRI-O key.
# ansible.builtin.apt_key:
# url: https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/Release.key
# state: present
- name: Download CRI-O key.
ansible.builtin.apt_key:
url: https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/Release.key
state: present
# - name: Download CRI-O repository.
# ansible.builtin.apt_repository:
# repo: "deb https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/ /"
# state: present
- name: Download CRI-O repository.
ansible.builtin.apt_repository:
repo: "deb https://pkgs.k8s.io/addons:/cri-o:/prerelease:/main/deb/ /"
state: present
# - name: Download Helm key.
# ansible.builtin.apt_key:
# url: https://packages.buildkite.com/helm-linux/helm-debian/gpgkey
# state: present
- name: Download Helm key.
ansible.builtin.apt_key:
url: https://packages.buildkite.com/helm-linux/helm-debian/gpgkey
state: present
# - name: Download Helm repository.
# ansible.builtin.apt_repository:
# repo: "deb https://packages.buildkite.com/helm-linux/helm-debian/any/ any main"
# state: present
- name: Download Helm repository.
ansible.builtin.apt_repository:
repo: "deb https://packages.buildkite.com/helm-linux/helm-debian/any/ any main"
state: present
# - name: Install packages.
# ansible.builtin.apt:
# state: present
# update_cache: true
# name: [cri-o, kubelet, kubeadm, kubectl, python3-pip, helm]
- name: Install packages.
ansible.builtin.apt:
state: present
update_cache: true
name: [cri-o, kubelet, kubeadm, kubectl, python3-pip, helm]
# - name: Install Kubernetes Python packages.
# ansible.builtin.pip:
# name: [kubernetes, pyyaml]
# state: present
# break_system_packages: true
- name: Install Kubernetes Python packages.
ansible.builtin.pip:
name: [kubernetes, pyyaml]
state: present
break_system_packages: true
# - name: Enable IPv4 forwarding.
# ansible.posix.sysctl:
# name: net.ipv4.ip_forward
# value: '1'
# sysctl_set: true
# notify: Reboot the nodes.
- name: Enable IPv4 forwarding.
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: '1'
sysctl_set: true
notify: Reboot the nodes.
# - name: Enable `br_netfilter` module.
# community.general.modprobe:
# name: br_netfilter
# state: present
# notify: Reboot the nodes.
- name: Enable `br_netfilter` module.
community.general.modprobe:
name: br_netfilter
state: present
notify: Reboot the nodes.
# handlers:
# - name: Reboot the nodes.
# ansible.builtin.reboot:
handlers:
- name: Reboot the nodes.
ansible.builtin.reboot:
# - name: Spawn new cluster on control node.
# hosts: control
# gather_facts: false
# vars:
# config_template: ../templates/InitConfiguration.yml.jinja2
# config:
# bootstrap_token: "{{ secrets.bootstrap_token }}"
# node_ip: 10.0.2.11
# node_name: control
# vars_files:
# - ../vault.yml
# tasks:
# - name: Test for cluster.
# kubernetes.core.k8s_cluster_info:
# register: api_status
# ignore_errors: true
- name: Spawn new cluster on control node.
hosts: control
gather_facts: false
vars:
config_template: ../templates/InitConfiguration.yml.jinja2
config:
bootstrap_token: "{{ secrets.bootstrap_token }}"
node_ip: 10.0.2.11
node_name: control
vars_files:
- ../vault.yml
tasks:
- name: Test for cluster.
kubernetes.core.k8s_cluster_info:
register: api_status
ignore_errors: true
# - name: Copy configuration over.
# ansible.builtin.template:
# src: "{{ config_template }}"
# dest: InitConfiguration.yml
# mode: preserve
# when: "api_status.failed"
- name: Copy configuration over.
ansible.builtin.template:
src: "{{ config_template }}"
dest: InitConfiguration.yml
mode: preserve
when: "api_status.failed"
# - name: Initialize cluster.
# ansible.builtin.command:
# kubeadm init --config InitConfiguration.yml
# changed_when: true
# when: "api_status.failed"
- name: Initialize cluster.
ansible.builtin.command:
kubeadm init --config InitConfiguration.yml
changed_when: true
when: "api_status.failed"
# - name: Apply the Kubernetes config to the shell.
# ansible.builtin.lineinfile:
# path: /etc/environment
# line: 'KUBECONFIG=/etc/kubernetes/admin.conf'
# when: "api_status.failed"
- name: Apply the Kubernetes config to the shell.
ansible.builtin.lineinfile:
path: /etc/environment
line: 'KUBECONFIG=/etc/kubernetes/admin.conf'
when: "api_status.failed"
# - name: Join worker nodes to cluster.
# hosts: [node-a, node-b]
# vars:
# join_template: ../templates/JoinConfiguration.yml.jinja2
# join_control_ip: 10.0.2.11
# join_bootstrap_token: "{{ secrets.bootstrap_token }}"
# vars_files:
# - ../vault.yml
# tasks:
# - name: Copy join configuration over.
# vars:
# join_worker_ip: "{{ ansible_default_ipv4.address }}"
# join_worker_name: "{{ ansible_hostname }}"
# ansible.builtin.template:
# src: "{{ join_template }}"
# dest: JoinConfiguration.yml
# mode: preserve
- name: Join worker nodes to cluster.
hosts: [node-a, node-b]
vars:
join_template: ../templates/JoinConfiguration.yml.jinja2
join_control_ip: 10.0.2.11
join_bootstrap_token: "{{ secrets.bootstrap_token }}"
vars_files:
- ../vault.yml
tasks:
- name: Copy join configuration over.
vars:
join_worker_ip: "{{ ansible_default_ipv4.address }}"
join_worker_name: "{{ ansible_hostname }}"
ansible.builtin.template:
src: "{{ join_template }}"
dest: JoinConfiguration.yml
mode: preserve
# - name: Join the nodes.
# ansible.builtin.command:
# kubeadm join --config JoinConfiguration.yml
# changed_when: true
- name: Join the nodes.
ansible.builtin.command:
kubeadm join --config JoinConfiguration.yml
changed_when: true
- name: Install CNI.
gather_facts: false
@@ -157,15 +157,12 @@
podCidr: 10.244.0.0/16
state: present
- name: >
Patch CoreDNS deployment so it still runs, even though the nodes don't
have a external provider yet installed.
kubernetes.core.k8s:
- name: Patch CoreDNS deployment.
kubernetes.core.k8s_json_patch:
name: coredns
namespace: kube-system
kind: Deployment
state: present
definition:
patch:
- op: add
path: /spec/template/spec/tolerations/-
value:
@@ -194,5 +191,19 @@
namespace: kube-system
type: Opaque
data:
token: "{{ secrets.hcloud_token }}"
network: "{{ private_network_id.value }}"
token: "{{ secrets.hcloud_token | b64encode }}"
network: "{{ private_network_id.value | b64encode }}"
- name: Add Cloud Controller repository.
kubernetes.core.helm_repository:
name: hcloud
url: https://charts.hetzner.cloud
state: present
- name: Install it.
kubernetes.core.helm:
name: hccm
chart_ref: hcloud/hcloud-cloud-controller-manager
namespace: kube-system
state: present
update_repo_cache: true

70
vault.yml
View File

@@ -1,36 +1,36 @@
$ANSIBLE_VAULT;1.1;AES256
65366334626132336336326139616239386137396633343835393031653436383330386334303638
3033623632333764343365383538353364336536363636620a663431306631303030343766666663
65343236393733356639613161613638363535636531353938343230666135373932393633633230
3061323439383137300a326130386262376461643931333766323634386562343135363761656265
37386430303238626265656539633730656665376333626537663432313632636235393033326231
65616130396632623162636430306662633261383934313561306565643965666561323135366131
32653938666339643461393665313339333239633866653038323338633031613666613438616537
39356463363231613664383363656437623862396535626661653832396432363961306263623739
32626234646435643466663432643734623164383637383561306132313437363665353264353561
63333836376463383765666235336531346635626130656564376337323932353532336663646364
36393661303065393566376338366662393662333032353533626161353035643136333139653538
38343065373364323437356636653733356566373238646661313765393131313332663339336232
32313530646530666634353961656565373562643031623738393362386166373539333239373062
38386261623330643636306537326364393335633333323933663735646130333639306331323361
38366131323636656235616361633734346438343238613463323330396662626165313336323437
34616239666132653730643465326562346538636138363739633731633439653239666131393565
63616531373533313263613032393661616433326661326461313834653531336637616539633530
35303561346632366339613632643164363432303366383831363431613932356630343165343365
62333438396263656130383934333531643665616637303665323264636238666134626332343836
32366361646162393662343330613334646462613762313766663264613734633732316439393333
37653732616138656131363039396465633531353434613461356166636633353637373534323262
63323966656631376464373261656235396265393564663333656534613766663764653636353631
32336536616561346661376164343066366335656637333466343533653430633636343131376534
33303631393638376530666131383463353934663562386366353330363836363132613537383332
65333330623130333334383639306166663962636233613534393662623733306433363665303130
63383432363761356562343437386133343262643233343663363036663136326566326636626530
33343764303932333366376132366265376462646332326662336361623464353362643533326233
32383837356234323665623364643463353066366366616662343432663466343631613930333131
38656665323664656436303961316462656139386138383165346331613863326133393631333132
39323861666433313364346461666132343834376562646531626438383832663364316461303165
37616666626234346261366663323239343734623963643730666233643864623234373765653737
38646630636261343839616237393066333564323437633230653261396539313634303263333437
61303066373164366333383238303961376138383836633961386566663964366337643435323433
34326261333564316534383564363166616430323666396634303265613364643862653637386532
386331383338343638343537316236366131
66346130316130363833656139333733306135303061323864643937636639326333316235303262
3236323131623963633431333334663933653665376635360a383561366230666365323732383032
32643731613032616362313561633337336266633161326636366363346638613638643830316438
6130653230323362330a316231346462323366386539316566653139633937326364363030663631
31343239663464363366363261616631383935323161636630646132316230646332613461323366
31393235623932636366373961313538663733363565663363346534363063396632336261356265
34633064383364393664336639653461636666393662633031616165396537396466643461393862
64613862616663343565393836333834393463623335643139373966366236363262646461666365
38373331613461376431343934333761333436373664623831366261363835323437363033386363
36633862343134323130656465386462646235393833376563343161313130333536333733636636
66353162393639343765396464666130306530333030386564363361356364616338363865636565
33393233636631643563316336653461343733313266653433316265383661653264626666393830
39666239333965383464653766333263306439653231653163323130333437336432353666366531
64613737346336643263306538353131343030356164323237623937633238666336306165646231
38383837313963626531653236376530313563363333313330653439393733396136333937313061
36386131396337313131333730326639366439373933626130626537353265306434666265373063
32313832613632346563346565656366336430663762316437376461656639346634306663326165
34653534623031396564326563303132626562326131666337643839633366306462643436323635
66666665383332336636356639373863663237303064386533653837636466313461376438383238
39616434363263646235336432323139326139346364616431626532313861666266373836396363
33356137363130396237353931316137653066303930353733356432356664636431306165646136
37643666373532393936333064306661363331666332336363623430366435313962646563616261
34613166393764343830303733333033643563333032303536326131323461383535353134643036
38306531383135633431633863346465613333663433343433363633636439326636643938373265
65643066646364613230396536623537663961356531653164303134383736323064363637353738
31356630376635633930353239306633326432383031373632346234373536666431653963653566
35353163373938383736396135386266653636383066636637376238316139346239653234363830
64663432663339346634323366366138306133326562643736373964326265393537326663386364
61373039313739343031623134613435656461616165386430366333346161666530376338663961
32353231656162393138653837663863653562626236393630316635363537306130346238313161
64613566363163363966653533333664643633656533613939616533336136376635333336333233
39373638363538636632656133363864653136613231613532313531643565396237306338353263
33616132666364663036643437326463633265316236323835323039336361393739653361373632
37336162353635643333373937346333373433346333613133633936616430666637613235623937
636334616134303130303561633437353736