Loading playbooks/inventories/dev/group_vars/all.yml +4 −3 Original line number Diff line number Diff line Loading @@ -49,14 +49,15 @@ kubernetes_repo_apt_entry: >- deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version_series }}/deb/ / kubeadm_cluster_name: "mec-sandbox" pod_network_cidr: "92.68.0.0/16" pod_network_cidr: "192.168.0.0/16" service_cidr: "10.96.0.0/12" apiserver_advertise_address: "127.0.0.1" # CNI (Calico) calico_version: "v3.30.0" calico_version: "v3.31.4" calico_operator_crds_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/operator-crds.yaml" calico_operator_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/tigera-operator.yaml" calico_custom_resources_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/custom-resources.yaml" calico_custom_resources_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/custom-resources-bpf.yaml" # Helm helm_version: "v3.14.4" Loading playbooks/roles/cni_calico/tasks/main.yml +23 −48 Original line number Diff line number Diff line Loading @@ -59,25 +59,14 @@ mode: '0600' remote_src: true # - name: Ensure tigera-operator namespace exists # kubernetes.core.k8s: # api_version: v1 # kind: Namespace # name: tigera-operator # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # become: true # - name: Apply Calico operator manifest # kubernetes.core.k8s: # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # src: "{{ calico_operator_manifest }}" # wait: true # wait_condition: # type: Ready # status: "True" # become: true - name: Apply Calico operator CRDs kubernetes.core.k8s: kubeconfig: /home/{{ target_user }}/.kube/config state: present src: "{{ calico_operator_crds_manifest }}" become: true register: operator_crds_result ignore_errors: true - name: Apply Calico operator manifest kubernetes.core.k8s: Loading @@ -102,28 +91,6 @@ become: true when: operator_manifest_result is not failed - name: Wait for operator.tigera.io/v1.Installation CRD to exist kubernetes.core.k8s_info: kubeconfig: /home/{{ target_user }}/.kube/config kind: CustomResourceDefinition name: installations.operator.tigera.io register: installation_crd retries: 30 delay: 5 until: installation_crd.resources | length > 0 become: true # - name: Apply Calico custom resources manifest # kubernetes.core.k8s: # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # src: "{{ calico_custom_resources_manifest }}" # wait: true # wait_condition: # type: Ready # status: "True" # become: true - name: Apply Calico custom resources manifest kubernetes.core.k8s: kubeconfig: /home/{{ target_user }}/.kube/config Loading @@ -132,9 +99,16 @@ become: true register: calico_custom_resources_result - name: Display CNI installation notice debug: msg: | CNI (Calico) is being installed — this involves downloading container images and may take seconds to several minutes. You can check the status in another terminal by running: kubectl get po -A - name: Wait for Calico Installation to be ready retries: 60 delay: 10 delay: 30 until: > calico_installation.resources[0].status.conditions is defined and (calico_installation.resources[0].status.conditions Loading @@ -149,12 +123,13 @@ register: calico_installation become: true - name: Display CNI installation notice debug: msg: | CNI (Calico) is being installed — this involves downloading container images and may take several minutes. You can check the status in another terminal by running: kubectl get po -A - name: Remove master/control-plane taints to allow scheduling on single-node command: kubectl taint nodes {{ inventory_hostname }} {{ item }}- loop: - node-role.kubernetes.io/master - node-role.kubernetes.io/control-plane failed_when: false changed_when: false # - name: Display CNI installation notice # debug: Loading playbooks/roles/containerd/tasks/main.yml +4 −0 Original line number Diff line number Diff line Loading @@ -39,6 +39,10 @@ notify: Restart containerd changed_when: true - name: Trigger containerd restart if not ready meta: flush_handlers notify: Restart containerd - name: Debug - Containerd setup completed debug: msg: | Loading playbooks/roles/kubernetes/master/handlers/main.yml 0 → 100644 +7 −0 Original line number Diff line number Diff line --- - name: Restart containerd systemd: name: containerd state: restarted enabled: true become: true playbooks/roles/kubernetes/master/tasks/main.yml +3 −38 Original line number Diff line number Diff line --- # Kubernetes master setup - name: Create kubeadm config file copy: dest: /tmp/kubeadm-config.yaml content: | apiVersion: kubeadm.k8s.io/v1beta4 kind: ClusterConfiguration kubernetesVersion: "{{ kubernetes_version | regex_replace('\*$', '') }}" clusterName: "{{ kubeadm_cluster_name }}" networking: podSubnet: "{{ pod_network_cidr }}" serviceSubnet: "{{ service_cidr }}" apiServer: certSANs: - 127.0.0.1 - localhost --- apiVersion: kubelet.config.k8s.io/v1beta1 kind: KubeletConfiguration cgroupDriver: systemd mode: '0644' - name: Check if Kubernetes control plane is already initialized ansible.builtin.stat: stat: path: /etc/kubernetes/admin.conf register: kube_admin_conf become: true Loading @@ -33,7 +11,7 @@ when: not kube_admin_conf.stat.exists block: - name: Wait for containerd to be ready command: crictl info command: crictl --runtime-endpoint unix:///run/containerd/containerd.sock info register: crictl_info retries: 5 delay: 5 Loading @@ -42,13 +20,11 @@ changed_when: false - name: Initialize Kubernetes control plane command: kubeadm init --config=/tmp/kubeadm-config.yaml --upload-certs command: kubeadm init --pod-network-cidr={{ pod_network_cidr }} args: creates: /etc/kubernetes/admin.conf register: kubernetes_kubeadm_init become: true changed_when: kubernetes_kubeadm_init.rc == 0 failed_when: kubernetes_kubeadm_init.rc not in [0, 1] - name: Create .kube directory for {{ target_user }} file: Loading Loading @@ -83,17 +59,6 @@ mode: '0600' when: target_user != 'root' - name: Check if master taint exists command: kubectl get nodes -o jsonpath='{.items[*].spec.taints}' --kubeconfig={{ target_home }}/.kube/config register: kubernetes_taints changed_when: false - name: Enable scheduling on master node command: kubectl taint --kubeconfig={{ target_home }}/.kube/config nodes --all node-role.kubernetes.io/master- when: '"node-role.kubernetes.io/master" in kubernetes_taints.stdout' changed_when: false failed_when: false # - name: Enable scheduling on control plane node # command: kubectl taint --kubeconfig={{ target_home }}/.kube/config nodes --all node-role.kubernetes.io/control-plane- # when: '"node-role.kubernetes.io/control-plane" in kubernetes_taints.stdout' Loading Loading
playbooks/inventories/dev/group_vars/all.yml +4 −3 Original line number Diff line number Diff line Loading @@ -49,14 +49,15 @@ kubernetes_repo_apt_entry: >- deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/{{ kubernetes_version_series }}/deb/ / kubeadm_cluster_name: "mec-sandbox" pod_network_cidr: "92.68.0.0/16" pod_network_cidr: "192.168.0.0/16" service_cidr: "10.96.0.0/12" apiserver_advertise_address: "127.0.0.1" # CNI (Calico) calico_version: "v3.30.0" calico_version: "v3.31.4" calico_operator_crds_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/operator-crds.yaml" calico_operator_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/tigera-operator.yaml" calico_custom_resources_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/custom-resources.yaml" calico_custom_resources_manifest: "https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/custom-resources-bpf.yaml" # Helm helm_version: "v3.14.4" Loading
playbooks/roles/cni_calico/tasks/main.yml +23 −48 Original line number Diff line number Diff line Loading @@ -59,25 +59,14 @@ mode: '0600' remote_src: true # - name: Ensure tigera-operator namespace exists # kubernetes.core.k8s: # api_version: v1 # kind: Namespace # name: tigera-operator # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # become: true # - name: Apply Calico operator manifest # kubernetes.core.k8s: # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # src: "{{ calico_operator_manifest }}" # wait: true # wait_condition: # type: Ready # status: "True" # become: true - name: Apply Calico operator CRDs kubernetes.core.k8s: kubeconfig: /home/{{ target_user }}/.kube/config state: present src: "{{ calico_operator_crds_manifest }}" become: true register: operator_crds_result ignore_errors: true - name: Apply Calico operator manifest kubernetes.core.k8s: Loading @@ -102,28 +91,6 @@ become: true when: operator_manifest_result is not failed - name: Wait for operator.tigera.io/v1.Installation CRD to exist kubernetes.core.k8s_info: kubeconfig: /home/{{ target_user }}/.kube/config kind: CustomResourceDefinition name: installations.operator.tigera.io register: installation_crd retries: 30 delay: 5 until: installation_crd.resources | length > 0 become: true # - name: Apply Calico custom resources manifest # kubernetes.core.k8s: # kubeconfig: /home/{{ target_user }}/.kube/config # state: present # src: "{{ calico_custom_resources_manifest }}" # wait: true # wait_condition: # type: Ready # status: "True" # become: true - name: Apply Calico custom resources manifest kubernetes.core.k8s: kubeconfig: /home/{{ target_user }}/.kube/config Loading @@ -132,9 +99,16 @@ become: true register: calico_custom_resources_result - name: Display CNI installation notice debug: msg: | CNI (Calico) is being installed — this involves downloading container images and may take seconds to several minutes. You can check the status in another terminal by running: kubectl get po -A - name: Wait for Calico Installation to be ready retries: 60 delay: 10 delay: 30 until: > calico_installation.resources[0].status.conditions is defined and (calico_installation.resources[0].status.conditions Loading @@ -149,12 +123,13 @@ register: calico_installation become: true - name: Display CNI installation notice debug: msg: | CNI (Calico) is being installed — this involves downloading container images and may take several minutes. You can check the status in another terminal by running: kubectl get po -A - name: Remove master/control-plane taints to allow scheduling on single-node command: kubectl taint nodes {{ inventory_hostname }} {{ item }}- loop: - node-role.kubernetes.io/master - node-role.kubernetes.io/control-plane failed_when: false changed_when: false # - name: Display CNI installation notice # debug: Loading
playbooks/roles/containerd/tasks/main.yml +4 −0 Original line number Diff line number Diff line Loading @@ -39,6 +39,10 @@ notify: Restart containerd changed_when: true - name: Trigger containerd restart if not ready meta: flush_handlers notify: Restart containerd - name: Debug - Containerd setup completed debug: msg: | Loading
playbooks/roles/kubernetes/master/handlers/main.yml 0 → 100644 +7 −0 Original line number Diff line number Diff line --- - name: Restart containerd systemd: name: containerd state: restarted enabled: true become: true
playbooks/roles/kubernetes/master/tasks/main.yml +3 −38 Original line number Diff line number Diff line --- # Kubernetes master setup - name: Create kubeadm config file copy: dest: /tmp/kubeadm-config.yaml content: | apiVersion: kubeadm.k8s.io/v1beta4 kind: ClusterConfiguration kubernetesVersion: "{{ kubernetes_version | regex_replace('\*$', '') }}" clusterName: "{{ kubeadm_cluster_name }}" networking: podSubnet: "{{ pod_network_cidr }}" serviceSubnet: "{{ service_cidr }}" apiServer: certSANs: - 127.0.0.1 - localhost --- apiVersion: kubelet.config.k8s.io/v1beta1 kind: KubeletConfiguration cgroupDriver: systemd mode: '0644' - name: Check if Kubernetes control plane is already initialized ansible.builtin.stat: stat: path: /etc/kubernetes/admin.conf register: kube_admin_conf become: true Loading @@ -33,7 +11,7 @@ when: not kube_admin_conf.stat.exists block: - name: Wait for containerd to be ready command: crictl info command: crictl --runtime-endpoint unix:///run/containerd/containerd.sock info register: crictl_info retries: 5 delay: 5 Loading @@ -42,13 +20,11 @@ changed_when: false - name: Initialize Kubernetes control plane command: kubeadm init --config=/tmp/kubeadm-config.yaml --upload-certs command: kubeadm init --pod-network-cidr={{ pod_network_cidr }} args: creates: /etc/kubernetes/admin.conf register: kubernetes_kubeadm_init become: true changed_when: kubernetes_kubeadm_init.rc == 0 failed_when: kubernetes_kubeadm_init.rc not in [0, 1] - name: Create .kube directory for {{ target_user }} file: Loading Loading @@ -83,17 +59,6 @@ mode: '0600' when: target_user != 'root' - name: Check if master taint exists command: kubectl get nodes -o jsonpath='{.items[*].spec.taints}' --kubeconfig={{ target_home }}/.kube/config register: kubernetes_taints changed_when: false - name: Enable scheduling on master node command: kubectl taint --kubeconfig={{ target_home }}/.kube/config nodes --all node-role.kubernetes.io/master- when: '"node-role.kubernetes.io/master" in kubernetes_taints.stdout' changed_when: false failed_when: false # - name: Enable scheduling on control plane node # command: kubectl taint --kubeconfig={{ target_home }}/.kube/config nodes --all node-role.kubernetes.io/control-plane- # when: '"node-role.kubernetes.io/control-plane" in kubernetes_taints.stdout' Loading
