From 6f57f55b974529ce3499701d86f68aadda1b67d0 Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Mon, 30 Oct 2023 16:54:48 +0100 Subject: [PATCH] feat(DHCP): Reconfigure IP addesses and ansible inventory Ansible inventory can now be static with static IPs provisioned by Vangard. The documentation has also been updated to include how the configuration of the ingress node can be node from any VPS provider. --- Makefile | 12 +++---- README.md | 7 +++++ Vagrantfile | 14 ++++----- inventory/group_vars | 1 + inventory/lab.yml | 71 ++++++++++++++++++++++++++++++++++++++++++ inventory/outsider.yml | 30 ++++++++++++++++++ 6 files changed, 122 insertions(+), 13 deletions(-) create mode 120000 inventory/group_vars create mode 100644 inventory/lab.yml create mode 100644 inventory/outsider.yml diff --git a/Makefile b/Makefile index 99ae67e..df5ae89 100644 --- a/Makefile +++ b/Makefile @@ -1,18 +1,18 @@ -install: +install_vb: vagrant up - cd ansible && $(MAKE) install + cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=true enable_wireguard=true enable_k3s=true" make get_k3s_credentials k3s_reset: - cd ansible && $(MAKE) uninstall - cd ansible && $(MAKE) k3s - get_k3s_credentials + cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml k3s-ansible/reset.yml + cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=true enable_wireguard=true enable_k3s=true" + make get_k3s_credentials destroy: vagrant destroy -f get_k3s_credentials: vagrant ssh -c "sudo cat /home/creator/.kube/config" hb-wide-1 > ~/.kube/config-halia - sed -i 's/10.20.*:/10.10.0.101:/g' ~/.kube/config-halia + sed -i 's/10.20.*:/192.168.56.101:/g' ~/.kube/config-halia kube-merge kubectl get nodes --context halia diff --git a/README.md b/README.md index c3777ef..5c2204b 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,13 @@ - ansible - vagrant-scp +## Setup + +For ingress node connected to the internet, I recommend using a VPS of either choice, acting as the public input to the cluster. +To do so, complete the IP in the `inventory/outsider.yml` file. + +This VPS needs to be pre-configured with [this script](https://git.halis.io/athens-school/ISO-repository/raw/branch/master/quick-installer.sh). + ## Script - Detect WSL or Linux - Detect default network interface diff --git a/Vagrantfile b/Vagrantfile index 3f82fcc..0c84e44 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,7 +1,7 @@ Vagrant.configure("2") do |config| config.vm.box = "debian/bullseye64" config.vm.synced_folder '.', '/vagrant', disabled: true # Allows WSL call to work within WSL filesystem - config.vm.provision :shell, path: "https://git.halis.io/athens-school/ISO-repository/raw/branch/master/quick-installer.sh", run: "always" + config.vm.provision :shell, path: "https://git.halis.io/athens-school/ISO-repository/raw/branch/master/quick-installer.sh", run: "once" config.vm.provider "virtualbox" do |v| v.memory = 1024 @@ -9,17 +9,17 @@ Vagrant.configure("2") do |config| end boxes = [ - { :name => "hb-slim-1", :mac => "080027117BED"}, - { :name => "hb-slim-2", :mac => "0800276FAEEC"}, - { :name => "hb-slim-3", :mac => "080027202C0B"}, - { :name => "hb-wide-1", :mac => "080027F3F85F", :cpus => 2, :memory => 4096}, - { :name => "hb-wide-2", :mac => "080027A74FDB", :cpus => 2, :memory => 4096}, + { :name => "hb-slim-1", :ip => "192.168.56.11"}, + { :name => "hb-slim-2", :ip => "192.168.56.12"}, + { :name => "hb-slim-3", :ip => "192.168.56.13"}, + { :name => "hb-wide-1", :ip => "192.168.56.101", :cpus => 2, :memory => 4096}, + { :name => "hb-wide-2", :ip => "192.168.56.102", :cpus => 2, :memory => 4096}, ] boxes.each do |opts| config.vm.define opts[:name] do |box| box.vm.hostname = opts[:name] - box.vm.network "public_network", bridge: "Intel(R) I211 Gigabit Network Connection", :mac => opts[:mac] + box.vm.network "private_network", ip: opts[:ip] box.vm.provider "virtualbox" do |v| if !opts[:memory].nil? v.memory = opts[:memory] diff --git a/inventory/group_vars b/inventory/group_vars new file mode 120000 index 0000000..ac7a063 --- /dev/null +++ b/inventory/group_vars @@ -0,0 +1 @@ +../ansible/inventory/group_vars/ \ No newline at end of file diff --git a/inventory/lab.yml b/inventory/lab.yml new file mode 100644 index 0000000..f525620 --- /dev/null +++ b/inventory/lab.yml @@ -0,0 +1,71 @@ +all: + hosts: + hb-wide-1: + ansible_host: 192.168.56.101 + is_nas: false + hostname: hb-wide-1 + wireguard_ip: 10.20.0.1 + k3s_label: + - type=worker + - size=wide + hb-wide-2: + ansible_host: 192.168.56.102 + is_nas: false + hostname: hb-wide-2 + wireguard_ip: 10.20.0.2 + k3s_label: + - type=worker + - size=wide + hb-slim-1: + ansible_host: 192.168.56.11 + is_nas: false + hostname: hb-slim-1 + wireguard_ip: 10.20.0.11 + k3s_label: + - type=worker + - size=slim + hb-slim-2: + ansible_host: 192.168.56.12 + is_nas: false + hostname: hb-slim-2 + wireguard_ip: 10.20.0.12 + k3s_label: + - type=worker + - size=slim + hb-slim-3: + ansible_host: 192.168.56.13 + is_nas: false + hostname: hb-slim-3 + wireguard_ip: 10.20.0.13 + k3s_label: + - type=worker + - size=slim + children: + master: + hosts: + hb-wide-1: + node: + hosts: + hb-wide-2: + hb-slim-1: + hb-slim-2: + hb-slim-3: + etcd_cluster: + hosts: + hb-wide-1: + hb-wide-2: + hb-slim-1: + hb-slim-2: + hb-slim-3: + k3s_cluster: + children: + master: + node: + vars: + ansible_ssh_private_key_file: ~/.ssh/creator + ansible_user: creator + ansible_become_password: aberation + ansible_ssh_port: 22 + ufw_enabled: false + wireguard_port: 51820 + wireguard_mask_bits: 8 diff --git a/inventory/outsider.yml b/inventory/outsider.yml new file mode 100644 index 0000000..d0ca127 --- /dev/null +++ b/inventory/outsider.yml @@ -0,0 +1,30 @@ +all: + hosts: + outsider: + ansible_host: + is_nas: false + hostname: outsider + wireguard_ip: 10.20.0.254 + k3s_label: + - type=outbound + children: + node: + hosts: + outsider: + etcd_cluster: + hosts: + outsider: + replica: + hosts: + outsider: + k3s_cluster: + children: + node: + vars: + ansible_ssh_private_key_file: ~/.ssh/creator + ansible_user: creator + ansible_become_password: aberation + ansible_ssh_port: 22 + ufw_enabled: false + wireguard_port: 51820 + wireguard_mask_bits: 8