Working k8s cluster

2020-04-04 12:18:18 +02:00 · 2020-04-04 12:18:18 +02:00 · f48650456b
parent 36be4c2d3c
commit f48650456b
10 changed files with 114 additions and 39 deletions
--- a/README.md
+++ b/README.md
@ -7,12 +7,19 @@ Infrapuzzle is the newly restructured way of implementing my private infrastruct
 * host directory storage
 * Ingress via host network

-## Bootstrap
+## terraform

-Bootstrap is documented in the subfolders [REAMDE](./bootstrap/README.md)
+[Documentation in subfolder](./terraform/README.md). It takes care of setting DNS records on OVH nameservers.
+
+## bootstrap
+
+[Documentation in subfolder](./bootstrap/README.md). It takes care of setting up the k8s cluster itself, including a vagrant dev environment.
+
+## k8s
+
+[Documentation in subfolder](./k8s/README.md). The services themselfes.

 ## Links used

 * [ingress via host network](https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network)
 * [Install K8s with Kubespray](https://kubernetes.io/docs/setup/production-environment/tools/kubespray/)
-* 
--- a/bootstrap/README.md
+++ b/bootstrap/README.md
@ -4,6 +4,7 @@ The following lines document hwo to initalize a fresh cluster. On a real cluster

 ```sh
 git clone https://github.com/kubernetes-sigs/kubespray.git
+#git clone git@github.com:iptizer/kubespray.git
 ./init_kubespray.sh
 cd kubespray
 vagrant up
--- a/bootstrap/dev.inventory
+++ b/bootstrap/dev.inventory
--- a/bootstrap/init.sh
+++ b/bootstrap/init.sh
@ -0,0 +1,45 @@
+#!/bin/sh
+echo "######################################################################################"
+echo "##  Reinit repository"
+rm -rf kubespray
+git clone https://github.com/kubernetes-sigs/kubespray.git
+
+echo "######################################################################################"
+echo "##  Activating python3 venv"
+VENVDIR=venv
+virtualenv --python=/usr/bin/python3.7 $VENVDIR
+source $VENVDIR/bin/activate
+pip install -r kubespray/requirements.txt
+
+
+echo "######################################################################################"
+echo "##  Customizing vagrant dev env"
+mkdir -p kubespray/vagrant
+cat << EOF > kubespray/vagrant/config.rb
+\$instance_name_prefix = "k8s"
+\$vm_cpus = 4
+\$num_instances = 1
+\$os = "centos"
+\$subnet = "10.0.20"
+\$network_plugin = "calico"
+\$shared_folders = { 'temp/docker_rpms' => "/var/cache/yum/x86_64/7/docker-ce/packages" }
+\$kube_node_instances_with_disks_number = 0
+EOF
+
+# make the rpm cache
+mkdir -p kubespray/temp/docker_rpms
+
+echo "###############"
+echo "Now cd to kubespray and 'vagrant up'"
+echo ""
+echo "export KUBECONFIG=\"$( pwd )/kubespray/inventory/sample/artifacts/admin.conf\""
+
+
+echo "######################################################################################"
+echo "##  Preparing real prod environment"
+cp -r kubespray/inventory/sample kubespray/inventory/prod
+rm kubespray/inventory/prod/inventory.ini
+cp ./prod.ini kubespray/inventory/prod/inventory.ini
+echo "to deploy execute:"
+echo "$ cd kubespray"
+echo "$ ansible-playbook -i inventory/prod/inventory.ini cluster.yml"
--- a/bootstrap/init_kubespray.sh
+++ b/bootstrap/init_kubespray.sh
@ -1,31 +0,0 @@
-#!/bin/sh
-
-# use virtualenv to install all python requirements
-VENVDIR=venv
-virtualenv --python=/usr/bin/python3.7 $VENVDIR
-source $VENVDIR/bin/activate
-pip install -r kubespray/requirements.txt
-
-# prepare an inventory to test with
-INV=dev
-mv kubespray/${INV} kubespray/${INV}.bak &> /dev/null
-cp -a kubespray/inventory/sample kubespray/${INV}
-
-# customize the vagrant environment
-mkdir -p kubespray/vagrant
-cat << EOF > kubespray/vagrant/config.rb
-\$instance_name_prefix = "k9s"
-\$vm_cpus = 4
-\$num_instances = 1
-\$os = "centos"
-\$subnet = "10.0.20"
-\$network_plugin = "flannel"
-\$inventory = "$INV"
-\$shared_folders = { 'temp/docker_rpms' => "/var/cache/yum/x86_64/7/docker-ce/packages" }
-\$kube_node_instances_with_disks_number = 0
-EOF
-
-# make the rpm cache
-mkdir -p kubespray/temp/docker_rpms
-
-echo "Now cd to kubespray and 'vagrant up'"
--- a/bootstrap/prod.ini
+++ b/bootstrap/prod.ini
@ -0,0 +1,40 @@
+# ## Configure 'ip' variable to bind kubernetes services on a
+# ## different ip than the default iface
+# ## We should set etcd_member_name for etcd cluster. The node that is not a etcd member do not need to set the value, or can set the empty string value.
+[all]
+ns3032787.ip-91-121-84.eu ansible_host=91.121.84.190 etcd_member_name=etcd1 ansible_become=yes ansible_become_method=sudo ansible_python_interpreter=/usr/bin/python3
+# node1 ansible_host=95.54.0.12  # ip=10.3.0.1 etcd_member_name=etcd1
+# node2 ansible_host=95.54.0.13  # ip=10.3.0.2 etcd_member_name=etcd2
+# node3 ansible_host=95.54.0.14  # ip=10.3.0.3 etcd_member_name=etcd3
+# node4 ansible_host=95.54.0.15  # ip=10.3.0.4 etcd_member_name=etcd4
+# node5 ansible_host=95.54.0.16  # ip=10.3.0.5 etcd_member_name=etcd5
+# node6 ansible_host=95.54.0.17  # ip=10.3.0.6 etcd_member_name=etcd6
+
+# ## configure a bastion host if your nodes are not directly reachable
+# bastion ansible_host=x.x.x.x ansible_user=some_user
+
+[kube-master]
+ns3032787.ip-91-121-84.eu
+# node1
+# node2
+
+[etcd]
+ns3032787.ip-91-121-84.eu
+# node1
+# node2
+# node3
+
+[kube-node]
+ns3032787.ip-91-121-84.eu
+# node2
+# node3
+# node4
+# node5
+# node6
+
+[calico-rr]
+
+[k8s-cluster:children]
+kube-master
+kube-node
+calico-rr
--- a/terraform/1.58532e+09
+++ b/terraform/1.58532e+09
--- a/terraform/ovh.tf
+++ b/terraform/ovh.tf
@ -49,7 +49,7 @@ resource "ovh_domain_zone_record" "haumdaucher_domain" {
    subdomain = ""
    fieldtype = "A"
    ttl = local.ttl
-    target = "91.121.64.43"
+    target = "91.121.84.190"
 }


--- a/terraform/terraform.tfstate
+++ b/terraform/terraform.tfstate
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "0.12.20",
-  "serial": 67,
+  "serial": 69,
  "lineage": "8aff5d23-05f6-10eb-0ae6-1084c787677e",
  "outputs": {},
  "resources": [
@ -217,7 +217,7 @@
            "fieldtype": "A",
            "id": "5106871420",
            "subdomain": "",
-            "target": "91.121.64.43",
+            "target": "91.121.84.190",
            "ttl": 60,
            "zone": "haumdaucher.de"
          },
--- a/terraform/terraform.tfstate.backup
+++ b/terraform/terraform.tfstate.backup
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "0.12.20",
-  "serial": 65,
+  "serial": 67,
  "lineage": "8aff5d23-05f6-10eb-0ae6-1084c787677e",
  "outputs": {},
  "resources": [
@ -352,6 +352,19 @@
          },
          "private": "bnVsbA=="
        },
+        {
+          "index_key": "corona-api",
+          "schema_version": 0,
+          "attributes": {
+            "fieldtype": "CNAME",
+            "id": "5110478866",
+            "subdomain": "corona-api",
+            "target": "moritzgraf.de.",
+            "ttl": 60,
+            "zone": "moritzgraf.de"
+          },
+          "private": "bnVsbA=="
+        },
        {
          "index_key": "git",
          "schema_version": 0,