ansible

terraform/ansible-files/README.md

@@ -0,0 +1,59 @@
+# Ansible Playbooks for k3s Cluster Installation
+
+This directory contains Ansible playbooks to install a k3s cluster with one master node and multiple worker nodes.
+
+## Files Overview
+
+- `inventory.ini`: Contains the inventory of master and worker nodes
+- `main-playbook.yml`: Main playbook that orchestrates the entire installation
+- `install-k3s-master.yml`: Installs k3s on the master node
+- `install-k3s-workers.yml`: Installs k3s agents on worker nodes and joins them to the master
+- `verify-cluster.yml`: Verifies the cluster status after installation
+- `k3s.service.j2`: Template for the k3s master systemd service
+- `k3s-agent.service.j2`: Template for the k3s agent systemd service
+- `ansible.cfg`: Ansible configuration file
+
+## Prerequisites
+
+- Ansible installed on the control machine
+- SSH access to all target machines with sudo privileges
+- Target machines running a supported Linux distribution
+
+## Variables
+
+The playbooks use the following variables:
+- `master_ip`: IP address of the master node
+- `k3s_download_url`: URL to download the k3s binary
+- `k3s_token`: Token for joining worker nodes to the cluster
+
+## Usage
+
+To run the complete installation:
+
+```bash
+ansible-playbook -i inventory.ini main-playbook.yml
+```
+
+To run only the master installation:
+
+```bash
+ansible-playbook -i inventory.ini install-k3s-master.yml
+```
+
+To run only the worker installation:
+
+```bash
+ansible-playbook -i inventory.ini install-k3s-workers.yml
+```
+
+To verify the cluster status:
+
+```bash
+ansible-playbook -i inventory.ini verify-cluster.yml
+```
+
+## Configuration
+
+Edit the `inventory.ini` file to match your environment:
+- Update IP addresses of master and worker nodes
+- Update SSH credentials as needed

terraform/ansible-files/ansible.cfg

@@ -0,0 +1,8 @@
+[defaults]
+host_key_checking = False
+timeout = 60
+remote_user = root
+inventory = ./inventory.ini
+
+[inventory]
+enable_plugins = host_list, script, auto, yaml, ini

terraform/ansible-files/install-k3s-master.yml

@@ -0,0 +1,68 @@
+---
+- name: Install k3s on master node
+  hosts: master
+  become: yes
+  vars:
+    k3s_version: "v1.35.0+k3s1"
+    k3s_download_url: "http://download.9981.tech/k3s-v1.35.0%2Bk3s1"
+    master_ip: "47.113.186.215"
+    k3s_token: "my-secret-token"
+
+  tasks:
+    - name: Stop and cleanup any existing k3s installation
+      shell: |
+        systemctl stop k3s 2>/dev/null || true
+        pkill -f k3s 2>/dev/null || true
+        rm -f /etc/systemd/system/k3s.service
+        rm -rf /var/lib/rancher/k3s
+        rm -rf /etc/rancher/k3s
+        rm -rf /root/.kube
+      register: cleanup_result
+      ignore_errors: yes
+
+    - name: Print cleanup status
+      debug:
+        msg: "Cleanup completed on master node"
+
+    - name: Check if k3s binary exists
+      stat:
+        path: /usr/local/bin/k3s
+      register: k3s_binary
+
+    - name: Download k3s binary
+      get_url:
+        url: "{{ k3s_download_url }}"
+        dest: /usr/local/bin/k3s
+        mode: '0755'
+      when: not k3s_binary.stat.exists
+
+    - name: Print k3s binary status
+      debug:
+        msg: "k3s binary already exists, skipping download"
+      when: k3s_binary.stat.exists
+
+    - name: Create k3s systemd service file
+      template:
+        src: k3s.service.j2
+        dest: /etc/systemd/system/k3s.service
+        mode: '0644'
+
+    - name: Reload systemd daemon
+      systemd:
+        daemon_reload: yes
+
+    - name: Enable and start k3s service
+      systemd:
+        name: k3s
+        enabled: yes
+        state: started
+
+    - name: Wait for node-token file to be created
+      wait_for:
+        path: /var/lib/rancher/k3s/server/node-token
+        timeout: 300
+      register: token_wait
+
+    - name: Display success message
+      debug:
+        msg: "k3s master node installed and running successfully"

terraform/ansible-files/install-k3s-workers.yml

@@ -0,0 +1,94 @@
+---
+- name: Install k3s agents and join them to master
+  hosts: master
+  become: yes
+  vars:
+    master_ip: "47.113.186.215"
+    k3s_download_url: "http://download.9981.tech/k3s-v1.35.0%2Bk3s1"
+
+  tasks:
+    - name: Fetch the node token from master
+      slurp:
+        src: /var/lib/rancher/k3s/server/node-token
+      register: node_token_result
+
+    - name: Set node token fact
+      set_fact:
+        node_token: "{{ node_token_result.content | b64decode | trim }}"
+
+    - name: Copy node token to worker nodes
+      copy:
+        content: "{{ node_token }}"
+        dest: /root/node-token
+      delegate_to: "{{ item }}"
+      loop: 
+        - "101.201.78.54"
+        - "47.120.61.39"
+      delegate_facts: yes
+
+- name: Install k3s on worker nodes and join to cluster
+  hosts: workers
+  become: yes
+  vars:
+    master_ip: "47.113.186.215"
+    k3s_download_url: "http://download.9981.tech/k3s-v1.35.0%2Bk3s1"
+
+  tasks:
+    - name: Stop and cleanup any existing k3s installation on workers
+      shell: |
+        systemctl stop k3s-agent 2>/dev/null || true
+        pkill -f k3s 2>/dev/null || true
+        rm -rf /var/lib/rancher/k3s
+        rm -f /etc/systemd/system/k3s-agent.service
+        systemctl daemon-reload 2>/dev/null || true
+      register: cleanup_result
+      ignore_errors: yes
+
+    - name: Print cleanup status
+      debug:
+        msg: "Cleanup completed on worker node {{ inventory_hostname }}"
+
+    - name: Check if k3s binary exists
+      stat:
+        path: /usr/local/bin/k3s
+      register: k3s_binary
+
+    - name: Download k3s binary
+      get_url:
+        url: "{{ k3s_download_url }}"
+        dest: /usr/local/bin/k3s
+        mode: '0755'
+      when: not k3s_binary.stat.exists
+
+    - name: Print k3s binary status
+      debug:
+        msg: "k3s binary already exists on worker {{ inventory_hostname }}, skipping download"
+      when: k3s_binary.stat.exists
+
+    - name: Create k3s-agent systemd service file
+      template:
+        src: k3s-agent.service.j2
+        dest: /etc/systemd/system/k3s-agent.service
+        mode: '0644'
+
+    - name: Reload systemd daemon
+      systemd:
+        daemon_reload: yes
+
+    - name: Enable and start k3s-agent service
+      systemd:
+        name: k3s-agent
+        enabled: yes
+        state: started
+
+    - name: Wait for k3s-agent to start
+      wait_for:
+        port: 10250
+        host: "{{ inventory_hostname }}"
+        timeout: 300
+        delay: 10
+      ignore_errors: yes
+
+    - name: Display success message
+      debug:
+        msg: "k3s agent installed and joined to cluster on worker {{ inventory_hostname }}"

terraform/ansible-files/inventory.ini

@@ -0,0 +1,10 @@
+[master]
+47.113.186.215 ansible_user=root ansible_password=Xs261617
+
+[workers]
+101.201.78.54 ansible_user=root ansible_password=Xs261617
+47.120.61.39 ansible_user=root ansible_password=Xs261617
+
+[k3s_cluster:children]
+master
+workers

terraform/ansible-files/k3s-agent.service.j2

@@ -0,0 +1,21 @@
+[Unit]
+Description=Lightweight Kubernetes
+Documentation=https://k3s.io
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=notify
+ExecStart=/usr/local/bin/k3s agent --server https://{{ master_ip }}:6443 --token-file /root/node-token --node-name worker-node-{{ inventory_hostname.replace('.', '-') }} --node-external-ip={{ inventory_hostname }} --data-dir /var/lib/rancher/k3s
+KillMode=process
+Delegate=yes
+LimitNOFILE=1048576
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+TimeoutStartSec=0
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target

terraform/ansible-files/k3s.service.j2

@@ -0,0 +1,13 @@
+[Unit]
+Description=Lightweight Kubernetes
+Documentation=https://k3s.io
+After=network-online.target
+
+[Service]
+Type=exec
+ExecStart=/usr/local/bin/k3s server --tls-san {{ master_ip }} --advertise-address {{ master_ip }} --disable=traefik --disable=servicelb --disable=metrics-server --token={{ k3s_token }} --https-listen-port=6443 --pause-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6 --system-default-registry=registry.cn-hangzhou.aliyuncs.com
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target

terraform/ansible-files/main-playbook.yml

@@ -0,0 +1,23 @@
+---
+- name: Install k3s cluster using Ansible
+  hosts: localhost
+  connection: local
+  gather_facts: no
+
+  tasks:
+    - name: Display welcome message
+      debug:
+        msg: "Starting k3s cluster installation with Ansible"
+
+    - name: Run k3s master installation
+      import_playbook: install-k3s-master.yml
+
+    - name: Run k3s workers installation and join to cluster
+      import_playbook: install-k3s-workers.yml
+
+    - name: Verify cluster status
+      import_playbook: verify-cluster.yml
+
+    - name: Display completion message
+      debug:
+        msg: "k3s cluster installation completed successfully!"

terraform/ansible-files/verify-cluster.yml

@@ -0,0 +1,45 @@
+---
+- name: Verify k3s cluster status
+  hosts: master
+  become: yes
+
+  tasks:
+    - name: Wait for k3s server to be ready
+      wait_for:
+        path: /var/lib/rancher/k3s/server/manifests
+        timeout: 300
+
+    - name: Check if kubectl is available
+      command: which kubectl
+      register: kubectl_check
+      changed_when: false
+
+    - name: Get cluster nodes status
+      command: kubectl get nodes
+      register: nodes_status
+      environment:
+        KUBECONFIG: /etc/rancher/k3s/k3s.yaml
+      when: kubectl_check.rc == 0
+      failed_when: false
+
+    - name: Display cluster nodes status
+      debug:
+        msg: "{{ nodes_status.stdout_lines }}"
+      when: nodes_status is succeeded
+
+    - name: Get cluster info
+      command: kubectl cluster-info
+      register: cluster_info
+      environment:
+        KUBECONFIG: /etc/rancher/k3s/k3s.yaml
+      when: kubectl_check.rc == 0
+      failed_when: false
+
+    - name: Display cluster info
+      debug:
+        msg: "{{ cluster_info.stdout_lines }}"
+      when: cluster_info is succeeded
+
+    - name: Display verification complete message
+      debug:
+        msg: "Cluster verification completed"