From 6682483facf8887899e58e04af22ac415707ddb1 Mon Sep 17 00:00:00 2001 From: Maciej Wereski Date: Wed, 28 Jul 2021 13:31:56 +0000 Subject: noheat: deploy kubernetes Issue-ID: INT-1601 Signed-off-by: Maciej Wereski Change-Id: Ia9e567b867e6cd0f7988be7c53c034f3335f0320 --- deployment/noheat/cluster-rke/ansible/create.yml | 4 ++ .../ansible/roles/setup_k8s/defaults/main.yml | 3 ++ .../ansible/roles/setup_k8s/tasks/main.yml | 33 ++++++++++++++ .../roles/setup_k8s/templates/cluster.yml.j2 | 52 ++++++++++++++++++++++ 4 files changed, 92 insertions(+) create mode 100644 deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml create mode 100644 deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml create mode 100644 deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2 diff --git a/deployment/noheat/cluster-rke/ansible/create.yml b/deployment/noheat/cluster-rke/ansible/create.yml index 00e5f230a..49a48d4c2 100644 --- a/deployment/noheat/cluster-rke/ansible/create.yml +++ b/deployment/noheat/cluster-rke/ansible/create.yml @@ -25,3 +25,7 @@ hosts: control,workers roles: - role: setup_docker +- name: Deploy k8s + hosts: operator0 + roles: + - role: setup_k8s diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml new file mode 100644 index 000000000..527238dc0 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml @@ -0,0 +1,3 @@ +--- +rke_version: "1.2.11" +k8s_version: "v1.19.13-rancher1-1" diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml new file mode 100644 index 000000000..53d7b8167 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml @@ -0,0 +1,33 @@ +- name: Download RKE + get_url: + url: "https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64" + dest: "{{ ansible_user_dir }}/rke" + mode: '0700' + +- name: Prepare RKE configuration + template: + src: "cluster.yml.j2" + dest: "{{ ansible_user_dir }}/cluster.yml" + mode: '0400' + +- name: Run RKE + command: + cmd: "./rke up" + chdir: "{{ ansible_user_dir }}" + creates: "{{ ansible_user_dir }}/kube_config_cluster.yml" + +- name: Create k8s directory + file: + name: "{{ ansible_user_dir }}/.kube" + state: directory + mode: '0700' + +- name: Set k8s config + command: "mv {{ ansible_user_dir }}/kube_config_cluster.yml {{ ansible_user_dir }}/.kube/config" + +- name: Get kubectl + become: yes + get_url: + url: "https://dl.k8s.io/release/{{ k8s_version.split('-')[0] }}/bin/linux/amd64/kubectl" + dest: "/usr/local/bin/" + mode: '0555' diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2 b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2 new file mode 100644 index 000000000..992805233 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2 @@ -0,0 +1,52 @@ +# An example of an HA Kubernetes cluster for ONAP +nodes: +{% for host in (groups['control'] | list() ) %} +- address: "{{ hostvars[host]['ansible_host'] }}" + port: "22" + role: + - controlplane + - etcd + hostname_override: "onap-control-{{ loop.index }}" + user: {{ ansible_user_id }} + ssh_key_path: "{{ ansible_ssh_private_key_file }}" +{% endfor %} +{% for host in (groups['workers'] | list()) %} +- address: "{{ hostvars[host]['ansible_host'] }}" + port: "22" + role: + - worker + hostname_override: "onap-k8s-{{ loop.index }}" + user: {{ ansible_user_id }} + ssh_key_path: "{{ ansible_ssh_private_key_file }}" +{% endfor %} +services: + kube-api: + service_cluster_ip_range: 10.43.0.0/16 + pod_security_policy: false + always_pull_images: false + kube-controller: + cluster_cidr: 10.42.0.0/16 + service_cluster_ip_range: 10.43.0.0/16 + kubelet: + cluster_domain: cluster.local + cluster_dns_server: 10.43.0.10 + fail_swap_on: false +network: + plugin: canal +authentication: + strategy: x509 +ssh_key_path: "{{ ansible_ssh_private_key_file }}" +ssh_agent_auth: false +authorization: + mode: rbac +ignore_docker_version: false +kubernetes_version: "{{ k8s_version }}" +private_registries: +- url: nexus3.onap.org:10001 + user: docker + password: docker + is_default: true +cluster_name: "onap" +restore: + restore: false + snapshot_name: "" -- cgit 1.2.3-korg