feat: Add dynamic NAS and VPS options

This commit is contained in:
Tanguy Herbron 2024-02-28 12:21:26 +01:00
parent 32e58c32cf
commit bdbf8ea389
5 changed files with 67 additions and 15 deletions

View File

@ -35,17 +35,23 @@ install_libvirt:
@echo "Creating components using libvirt..."
@vagrant up --provider=libvirt
wg:
@cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=false enable_wireguard=true enable_k3s=false"
ansible:
@cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=true enable_wireguard=true enable_k3s=true"
INV_LIST="-i ../inventory/lab.yml"; \
if [ x"${VPS}" != "x" ]; then \
INV_LIST="$${INV_LIST} -i ../inventory/outside.yml"; \
fi; \
if [ x"${NAS}" != "x" ]; then \
INV_LIST="$${INV_LIST} -i ../inventory/nas.yml"; \
fi; \
cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook $${INV_LIST} init.yml --extra-vars 'enable_setup=true enable_wireguard=true enable_k3s=true'
@make get_k3s_credentials
k3s_reset:
@echo "Resetting k3s configuration..."
@cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml k3s-ansible/reset.yml
@cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/nas.yml -i ../inventory/lab.yml -i ../inventory/outsider.yml k3s-ansible/reset.yml
@make ansible
@make get_k3s_credentials
@ -61,6 +67,6 @@ get_k3s_credentials:
@echo "Retrieving k3s credentials locally..."
@vagrant ssh -c "sudo cat /home/creator/.kube/config" hb-wide-1 > ~/.kube/config-halia
@sed -i 's/127.0.*:/192.168.56.101:/g' ~/.kube/config-halia
@kube-merge
@curl https://git.halis.io/therbron/dotfiles/raw/branch/master/.bin/kube-merge | bash
@kubectl get nodes --context halia

View File

@ -6,11 +6,40 @@
- vagrant-scp
## Setup
Clone the whole repository, including submodules
```
git clone --recurse-submodules -j8 https://git.halis.io/athens-school/Homelab
```
Update submodules after cloning the repository
```
git submodule update --init --recursive
```
### Enable ingress for internet access
For ingress node connected to the internet, I recommend using a VPS of either choice, acting as the public input to the cluster.<br />
To do so, complete the IP in the `inventory/outsider.yml` file.
This VPS needs to be pre-configured with [this script](https://git.halis.io/athens-school/ISO-repository/raw/branch/master/quick-installer.sh).
## Run
### Basic
To run the project as is, creating k3s nodes only
```
make up
```
### Enable NAS
If you wish to also create a NAS VM, set the `NAS` environment variable
```
NAS=true make up
```
### Enable ingress
If you wish to also enable a Kubernetes Ingress using an external VPS, set the `VPS` environment variable after setting your VPS up in the `Setup` section
```
VPS=true make up
```
## TODO
- Detect default network interface

9
Vagrantfile vendored
View File

@ -1,3 +1,5 @@
enable_nas = ENV["NAS"] || false
Vagrant.configure("2") do |config|
config.vm.box = "debian/bullseye64"
config.vm.synced_folder '.', '/vagrant', disabled: true # Allows WSL call to work within WSL filesystem
@ -16,13 +18,14 @@ Vagrant.configure("2") do |config|
boxes = [
{ :name => "hb-slim-1", :ip => "192.168.56.11"},
{ :name => "hb-slim-2", :ip => "192.168.56.12"},
{ :name => "hb-slim-3", :ip => "192.168.56.13"},
{ :name => "hb-wide-1", :ip => "192.168.56.101", :cpus => 2, :memory => 4096},
{ :name => "hb-wide-2", :ip => "192.168.56.102", :cpus => 2, :memory => 4096},
{ :name => "hb-wide-3", :ip => "192.168.56.103", :cpus => 2, :memory => 4096},
{ :name => "nas", :ip => "192.168.56.200", :cpus => 2, :memory => 4096, :drive => { name: "extra_disk", size: "30GB" }},
]
if enable_nas != false
boxes.push({ :name => "nas", :ip => "192.168.56.200", :cpus => 2, :memory => 4096, :drive => { name: "extra_disk", size: "30GB" }})
end
boxes.each do |opts|
config.vm.define opts[:name] do |box|
box.vm.hostname = opts[:name]

View File

@ -50,13 +50,6 @@ all:
- size=slim
headscale:
network: beta
nas:
ansible_host: 192.168.56.200
is_nas: true
hostname: nas
wireguard_ip: 10.20.0.100
headscale:
network: beta
children:
master:
hosts:
@ -85,7 +78,6 @@ all:
hb-slim-1:
hb-slim-2:
hb-slim-3:
nas:
vars:
ansible_ssh_private_key_file: ~/.ssh/creator
ansible_user: creator

22
inventory/nas.yml Normal file
View File

@ -0,0 +1,22 @@
all:
hosts:
nas:
ansible_host: 192.168.56.200
is_nas: true
hostname: nas
wireguard_ip: 10.20.0.100
headscale:
network: beta
children:
headscale_client:
nas:
vars:
ansible_ssh_private_key_file: ~/.ssh/creator
ansible_user: creator
ansible_become_password: aberation
ansible_ssh_port: 22
k3s_version: v1.28.5+k3s1
token: "aberation" # Use ansible vault if you want to keep it secret
api_endpoint: "{{ hostvars[groups['server'][0]]['ansible_tailscale0'].ipv4.address | default(groups['server'][0]) }}"
extra_server_args: "--disable traefik --advertise-address {{hostvars[inventory_hostname]['ansible_tailscale0'].ipv4.address}} --flannel-iface tailscale0 --tls-san {{ ansible_host }} --disable servicelb {{ ['--node-label']|product(hostvars[inventory_hostname]['k3s_label'])|map('join', ' ')|join(' ') }}"
extra_agent_args: "--flannel-iface tailscale0 --node-external-ip {{hostvars[inventory_hostname]['ansible_default_ipv4']['address']}} {{ ['--node-label']|product(hostvars[inventory_hostname]['k3s_label'])|map('join', ' ')|join(' ') }}"