-
Notifications
You must be signed in to change notification settings - Fork 2
/
ohmyk8s.yaml
353 lines (337 loc) · 9.61 KB
/
ohmyk8s.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
---
- name: Detect target machine architecture
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: Set global architecture variable based on target machine's architecture
set_fact:
target_mc_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
- name: Display the architecture being set
debug:
msg: "Architecture for the target machine is set to: {{ target_mc_arch }}"
- name: docker dependencies installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: true
tasks:
- name: install deps
apt:
name: "{{item}}"
state: present
update_cache: yes
loop:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- lsb-release
- name: Get the distribution codename
command: lsb_release -sc
register: lsb_codename
- name: add official GPG key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: add apt repository for docker
apt_repository:
repo: "deb https://download.docker.com/linux/ubuntu {{ lsb_codename.stdout }} stable"
state: present
- name: docker engine installer
hosts: k8sdev, k8sdevdocker
become: true
tasks:
- name: install docker
apt:
name: "{{item}}"
state: latest
update_cache: yes
loop:
- docker-ce
- docker-compose-plugin
- containerd.io
- name: ensure docker service is running
service:
name: docker
state: started
enabled: yes
- name: add ansible user to docker group
user:
name: "{{ ansible_user }}"
groups: docker
append: yes
- name: allow insecure registries
copy:
content: '{"insecure-registries" : ["localhost:32000"]}'
dest: /etc/docker/daemon.json
- name: restart docker
service:
name: docker
state: restarted
- name: docker client installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: true
tasks:
- name: install docker client
apt:
name: "docker-ce-cli"
state: latest
update_cache: yes
- name: microk8s installer
hosts: k8sdev
become: yes
tasks:
- name: snap installer
community.general.snap:
name: microk8s
classic: yes
- name: pauser
shell: 'microk8s status --wait-ready'
- name: addons enabler
shell: 'microk8s enable dns storage registry metrics-server'
- name: ensure .kube dir exists
file:
path: "{{ ansible_env.HOME }}/.kube"
state: directory
mode: 0700
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: export kube config
become: yes
shell: 'microk8s.kubectl config view --raw > .kube/config'
- name: ensure .kube/config has correct permissions
file:
path: "{{ ansible_env.HOME }}/.kube/config"
mode: 0600
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: kubectl installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: yes
tasks:
- name: snap installer
community.general.snap:
name: kubectl
classic: yes
- name: enable bash completion
shell: 'kubectl completion bash >/etc/bash_completion.d/kubectl'
- name: sops installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: download sops
get_url:
url: "https://github.com/getsops/sops/releases/download/v3.7.3/sops-v3.7.3.linux.{{ target_mc_arch }}"
dest: /tmp/sops
- name: copy to $PATH
become: yes
copy:
src: /tmp/sops
remote_src: yes
dest: /usr/local/bin/
mode: a+x
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: helm and helm plugins installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: snap installer
become: yes
community.general.snap:
name: helm
classic: yes
- name: enable bash completion
become: yes
shell: 'helm completion bash >/etc/bash_completion.d/helm'
- name: install helm-secrets plugin
kubernetes.core.helm_plugin:
plugin_path: https://github.com/jkroepke/helm-secrets
state: present
- name: skaffold installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: download skaffold
get_url:
url: "https://storage.googleapis.com/skaffold/releases/latest/skaffold-linux-{{ target_mc_arch }}"
dest: /tmp/skaffold
- name: copy to $PATH
become: yes
copy:
src: /tmp/skaffold
remote_src: yes
dest: /usr/local/bin/
mode: a+x
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: enable bash completion
become: yes
shell: 'skaffold completion bash >/etc/bash_completion.d/skaffold'
- name: Set default repo for skaffold to local microk8s
hosts: k8sdev
tasks:
- name: set skaffold global environment variables
lineinfile:
path: "{{ ansible_env.HOME }}/.bashrc"
regexp: 'export SKAFFOLD_.*'
line: |
export SKAFFOLD_INSECURE_REGISTRY=localhost:32000 SKAFFOLD_DEFAULT_REPO=localhost:32000
- name: k9s installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: download k9s
become: yes
unarchive:
src: "https://github.com/derailed/k9s/releases/download/v0.32.5/k9s_Linux_{{ target_mc_arch }}.tar.gz"
remote_src: yes
dest: /usr/local/bin/
extra_opts:
- "--add-file"
- "k9s"
mode: a+x
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: azure-cli installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: true
tasks:
- name: install deps
apt:
name: "{{item}}"
state: present
update_cache: yes
loop:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- lsb-release
- name: Get the distribution codename
command: lsb_release -sc
register: lsb_codename
- name: add official GPG key
apt_key:
url: https://packages.microsoft.com/keys/microsoft.asc
state: present
- name: add apt repository for azure-cli
apt_repository:
repo: "deb https://packages.microsoft.com/repos/azure-cli/ {{ lsb_codename.stdout }} main"
state: present
- name: install azure-cli
apt:
name: azure-cli
state: latest
update_cache: yes
- name: kubelogin installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: true
tasks:
- name: install kubectl (again) and kubelogin using azure-cli
shell: 'az aks install-cli'
- name: awscli installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
become: true
tasks:
- name: snap installer
community.general.snap:
name: aws-cli
classic: yes
- name: ingress installer
hosts: k8sdev
tasks:
- name: add ingress-nginx repo
kubernetes.core.helm_repository:
name: ingress-nginx
repo_url: "https://kubernetes.github.io/ingress-nginx"
- name: deploy ingress-nginx chart
kubernetes.core.helm:
name: ingress-nginx
chart_ref: ingress-nginx/ingress-nginx
release_namespace: kube-system
values:
controller:
service:
type: NodePort
nodePorts:
http: 30080
https: 30443
- name: kube-ps1 installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: git checkout
git:
repo: https://github.com/jonmosco/kube-ps1.git
dest: "{{ ansible_env.HOME }}/.kube-ps1"
- name: update .bashrc
lineinfile:
path: "{{ ansible_env.HOME }}/.bashrc"
regexp: 'source \$HOME/\.kube-ps1.*'
line: |
source $HOME/.kube-ps1/kube-ps1.sh && PS1='\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\] $(kube_ps1)\$ '
- name: kubectx and kubens installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: git checkout
git:
repo: https://github.com/ahmetb/kubectx.git
dest: "{{ ansible_env.HOME }}/.kubectx"
- name: make kubectx script executable
file:
path: "{{ ansible_env.HOME }}/.kubectx/kubectx"
mode: a+x
- name: make kubens script executable
file:
path: "{{ ansible_env.HOME }}/.kubectx/kubens"
mode: a+x
- name: create kctx symbolic link
become: yes
file:
src: "{{ ansible_env.HOME }}/.kubectx/kubectx"
dest: /usr/local/bin/kctx
state: link
- name: create kns symbolic link
become: yes
file:
src: "{{ ansible_env.HOME }}/.kubectx/kubens"
dest: /usr/local/bin/kns
state: link
- name: enable auto-completion for kctx
become: yes
file:
src: "{{ ansible_env.HOME }}/.kubectx/completion/kubectx.bash"
dest: /etc/bash_completion.d/kctx
state: link
- name: enable auto-completion for kns
become: yes
file:
src: "{{ ansible_env.HOME }}/.kubectx/completion/kubens.bash"
dest: /etc/bash_completion.d/kns
state: link
- name: tmux installer
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: install tmux
become: yes
apt:
name: tmux
state: present
update_cache: yes
- name: git checkout ohmytmux
git:
repo: https://github.com/gpakosz/.tmux.git
dest: "{{ ansible_env.HOME }}/.tmux"
- name: link configuration file in user home
file:
src: "{{ ansible_env.HOME }}/.tmux/.tmux.conf"
dest: "{{ ansible_env.HOME }}/.tmux.conf"
state: link
- name: copy local configuration file to user home
copy:
src: "{{ ansible_env.HOME }}/.tmux/.tmux.conf.local"
remote_src: yes
dest: "{{ ansible_env.HOME }}/"
- name: apt cleaner
hosts: k8sdev, k8sdevlite, k8sdevdocker
tasks:
- name: Remove dependencies that are no longer required and useless packages from the cache
become: yes
apt:
autoremove: yes
autoclean: true