forked from kubealex/libvirt-k8s-provisioner
-
Notifications
You must be signed in to change notification settings - Fork 0
/
04_provisioning_vms.yml
187 lines (175 loc) · 10.3 KB
/
04_provisioning_vms.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
---
- name: This play provisions k8s VMs based on intial config
hosts: vm_host
vars_files:
- vars/k8s_cluster.yml
tasks:
- name: Enumerate Nodes
ansible.builtin.set_fact:
cp_nodes_count: "{{ k8s.control_plane.vms }}"
worker_nodes_count: "{{ k8s.worker_nodes.vms - (rook_ceph.rook_cluster_size if rook_ceph.install_rook else 0) }}"
rook_nodes_count: "{{ rook_ceph.rook_cluster_size if rook_ceph.install_rook else 0 }}"
loadbalancer_count: "{{ 1 if k8s.control_plane.vms > 1 or k8s.worker_nodes.vms > 1 else 0 }}"
- name: Ensure cluster VMs are in place
community.general.terraform:
complex_vars: true
project_path: "{{ workspace_directory.base_path }}/clusters/{{ k8s.cluster_name | default('k8s-test', true) }}"
force_init: true
variables:
pool_name: "{{ k8s.cluster_name | default('k8s-test', true) }}"
network_name: "{{ k8s.cluster_name | default('k8s-test', true) }}"
network_domain: "{{ k8s.network.domain | default('k8s.test', true) }}"
network_cidr: '{{ k8s.network.network_cidr | default("192.168.200.0/24", true) | split(",") }}'
network_dns_enabled: true
network_dns_local: true
network_dhcp_enabled: true
network_dnsmasq_options:
server: "/{{ k8s.network.domain | default('k8s.test', true) }}/{{ k8s.network.network_cidr | default('192.168.200.0/24', true) | ansible.utils.next_nth_usable(1) }}" # noqa yaml[line-length]
os_firmware: "{{ '/usr/share/OVMF/OVMF_CODE.fd' if ansible_distribution == 'Ubuntu' else '/usr/share/edk2/ovmf/OVMF_CODE.fd' }}"
master_instance_hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-master"
master_instance_domain: "{{ k8s.network.domain | default('k8s.test', true) }}"
master_instance_libvirt_pool: "{{ k8s.cluster_name | default('k8s-test', true) }}"
master_instance_volume_size: "{{ k8s.control_plane.disk }}"
master_instance_cpu: "{{ k8s.control_plane.vcpu }}"
master_instance_memory: "{{ k8s.control_plane.mem }}"
master_instance_count: "{{ k8s.control_plane.vms }}"
master_instance_cloud_image: "/tmp/{{ image_name }}.qcow2"
master_instance_uefi_enabled: "{{ false if k8s.cluster_os == 'CentOS' else true }}"
master_instance_cloud_user:
username: '{{ k8s.vm_user | default("kube", true) }}'
password: '{{ k8s.vm_password | default("kuberocks", true) | password_hash("sha512", rounds=4096) }}'
sshkey: "{{ k8s_key_pub | trim }}"
master_instance_network_interfaces:
- interface_network: "{{ k8s.cluster_name | default('k8s-test', true) }}"
worker_instance_hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-worker"
worker_instance_domain: "{{ k8s.network.domain | default('k8s.test', true) }}"
worker_instance_libvirt_pool: "{{ k8s.cluster_name | default('k8s-test', true) }}"
worker_instance_volume_size: "{{ k8s.worker_nodes.disk }}"
worker_instance_cpu: "{{ k8s.worker_nodes.vcpu }}"
worker_instance_memory: "{{ k8s.worker_nodes.mem }}"
worker_instance_count: "{{ (k8s.worker_nodes.vms - rook_ceph.rook_cluster_size) if rook_ceph.install_rook else k8s.worker_nodes.vms }}"
worker_instance_uefi_enabled: "{{ false if k8s.cluster_os == 'CentOS' else true }}"
worker_instance_cloud_image: "/tmp/{{ image_name }}.qcow2"
worker_instance_cloud_user:
username: '{{ k8s.vm_user | default("kube", true) }}'
password: '{{ k8s.vm_password | default("kuberocks", true) | password_hash("sha512", rounds=4096) }}'
sshkey: "{{ k8s_key_pub | trim }}"
worker_instance_network_interfaces:
- interface_network: "{{ k8s.cluster_name | default('k8s-test', true) }}"
worker_rook_enabled: "{{ rook_ceph.install_rook }}"
worker_rook_instance_hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-worker-rook"
worker_rook_instance_domain: "{{ k8s.network.domain | default('k8s.test', true) }}"
worker_rook_instance_libvirt_pool: "{{ k8s.cluster_name | default('k8s-test', true) }}"
worker_rook_instance_volume_size: "{{ k8s.worker_nodes.disk }}"
worker_rook_instance_cpu: "{{ k8s.worker_nodes.vcpu }}"
worker_rook_instance_memory: "{{ k8s.worker_nodes.mem }}"
worker_rook_instance_count: "{{ rook_ceph.rook_cluster_size }}"
worker_rook_instance_uefi_enabled: "{{ false if k8s.cluster_os == 'CentOS' else true }}"
worker_rook_instance_cloud_image: "/tmp/{{ image_name }}.qcow2"
worker_rook_instance_additional_volume_size: "{{ rook_ceph.volume_size }}"
worker_rook_instance_cloud_user:
username: '{{ k8s.vm_user | default("kube", true) }}'
password: '{{ k8s.vm_password | default("kuberocks", true) | password_hash("sha512", rounds=4096) }}'
sshkey: "{{ k8s_key_pub | trim }}"
worker_rook_instance_network_interfaces:
- interface_network: "{{ k8s.cluster_name | default('k8s-test', true) }}"
loadbalancer_enabled: "{{ loadbalancer_count | bool }}"
loadbalancer_instance_hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-loadbalancer"
loadbalancer_instance_domain: "{{ k8s.network.domain | default('k8s.test', true) }}"
loadbalancer_instance_libvirt_pool: "{{ k8s.cluster_name | default('k8s-test', true) }}"
loadbalancer_instance_volume_size: 25
loadbalancer_instance_cpu: 1
loadbalancer_instance_memory: 4
loadbalancer_instance_count: "{{ loadbalancer_count }}"
loadbalancer_instance_uefi_enabled: "{{ false if k8s.cluster_os == 'CentOS' else true }}"
loadbalancer_instance_cloud_image: "/tmp/{{ image_name }}.qcow2"
loadbalancer_instance_cloud_user:
username: '{{ k8s.vm_user | default("kube", true) }}'
password: '{{ k8s.vm_password | default("kuberocks", true) | password_hash("sha512", rounds=4096) }}'
sshkey: "{{ k8s_key_pub | trim }}"
loadbalancer_instance_network_interfaces:
- interface_network: "{{ k8s.cluster_name | default('k8s-test', true) }}"
state: present
become: true
register: output_terraform
- name: Add masters to given group
ansible.builtin.add_host:
hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-master{{ '-' ~ item if cp_nodes_count | int > 1 else '' }}.{{ k8s.network.domain | default('k8s.test', true) }}" # noqa yaml[line-length]
ansible_ssh_private_key_file: "{{ playbook_dir }}//id_rsa_{{ k8s.cluster_name | default('k8s-test', true) }}"
ansible_user: kube
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
groups:
- "masters"
group_children: "k8s_nodes"
loop: "{{ range(0, k8s.control_plane.vms) | list }}"
delegate_to: localhost
- name: Add workers to given group
ansible.builtin.add_host:
hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-worker{{ '-' ~ item if worker_nodes_count | int > 1 else '' }}.{{ k8s.network.domain | default('k8s.test', true) }}" # noqa yaml[line-length]
ansible_ssh_private_key_file: "{{ playbook_dir }}//id_rsa_{{ k8s.cluster_name | default('k8s-test', true) }}"
ansible_user: kube
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
groups:
- "workers"
group_children: "k8s_nodes"
loop: "{{ range(0, worker_nodes_count | int) | list }}"
delegate_to: localhost
- name: Add rook workers to given group
ansible.builtin.add_host:
hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-worker-rook{{ '-' ~ item if rook_nodes_count | int > 1 else '' }}.{{ k8s.network.domain | default('k8s.test', true) }}" # noqa yaml[line-length]
ansible_ssh_private_key_file: "{{ playbook_dir }}//id_rsa_{{ k8s.cluster_name | default('k8s-test', true) }}"
ansible_user: kube
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
groups:
- "workers"
group_children: "k8s_nodes"
loop: "{{ range(0, rook_nodes_count | int) | list }}"
delegate_to: localhost
when: rook_ceph.install_rook
- name: Add loadbalancer to inventory
when: loadbalancer_count | bool
ansible.builtin.add_host:
hostname: "{{ k8s.cluster_name | default('k8s-test', true) }}-loadbalancer.{{ k8s.network.domain | default('k8s.test', true) }}"
ansible_ssh_private_key_file: "{{ playbook_dir }}//id_rsa_{{ k8s.cluster_name | default('k8s-test', true) }}"
ansible_user: kube
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
groups:
- "loadbalancer"
delegate_to: localhost
- name: Ensure to clean known_hosts
ansible.builtin.known_hosts:
host: "{{ item }}"
path: ~/.ssh/known_hosts
state: absent
loop: "{{ query('inventory_hostnames', 'all:!vm_host') }}"
delegate_to: localhost
- name: Check connection and set facts
hosts: masters,workers,loadbalancer
gather_facts: false
tasks:
- name: Wait 600 seconds for target connection to become reachable/usable
ansible.builtin.wait_for_connection:
timeout: 600
delay: 0
- name: Wait for cloud init to finish
community.general.cloud_init_data_facts:
filter: status
register: cloud_init_state
until: "cloud_init_state.cloud_init_data_facts.status.v1.stage is defined and not cloud_init_state.cloud_init_data_facts.status.v1.stage"
retries: 50
delay: 5
- name: Ping host to check status
ansible.builtin.ping:
- name: Add hosts to correct groups
ansible.builtin.group_by:
key: "{{ group_children }}"
when: group_children is defined
- name: Extract facts from setup
ansible.builtin.setup:
register: machine_facts
- name: Set relevant facts for the host
ansible.builtin.set_fact:
host_ip: "{{ machine_facts.ansible_facts.ansible_default_ipv4.address }}"
host_interface: "{{ machine_facts.ansible_facts.ansible_default_ipv4.interface }}"
host_mac: "{{ machine_facts.ansible_facts.ansible_default_ipv4.macaddress }}"
host_fqdn: "{{ machine_facts.ansible_facts.ansible_fqdn }}"