From 1c586813a2bcfcf5775d8794502f34756e74687d Mon Sep 17 00:00:00 2001 From: Khue Doan Date: Sat, 14 Dec 2024 21:46:27 +0700 Subject: [PATCH] refactor: move dev cluster to master Easier to test and less maintenance --- .gitignore | 2 +- Makefile | 19 +++++++++++++++---- docs/installation/post-installation.md | 2 +- metal/Makefile | 2 +- metal/inventories/prod.yml | 1 + metal/roles/k3s/tasks/main.yml | 2 +- scripts/argocd-admin-password | 4 +++- scripts/get-dns-config | 2 +- scripts/get-status | 2 +- scripts/get-wireguard-config | 2 +- scripts/kanidm-reset-password | 2 +- scripts/onboard-user | 2 +- system/Makefile | 3 ++- system/argocd/values-dev.yaml | 13 +++++++++++++ system/argocd/values-prod.yaml | 13 +++++++++++++ system/argocd/values.yaml | 2 ++ system/bootstrap.yml | 1 + 17 files changed, 59 insertions(+), 15 deletions(-) create mode 100644 system/argocd/values-dev.yaml create mode 100644 system/argocd/values-prod.yaml diff --git a/.gitignore b/.gitignore index 636d3568..23eec48a 100644 --- a/.gitignore +++ b/.gitignore @@ -5,5 +5,5 @@ book/ *.log *.png *.tgz -*kubeconfig.yaml +*kubeconfig*.yaml Chart.lock diff --git a/Makefile b/Makefile index 78307058..d9d53d3d 100644 --- a/Makefile +++ b/Makefile @@ -2,23 +2,26 @@ .PHONY: * .EXPORT_ALL_VARIABLES: -KUBECONFIG = $(shell pwd)/metal/kubeconfig.yaml +env ?= dev +KUBECONFIG = $(shell pwd)/metal/kubeconfig-${env}.yaml KUBE_CONFIG_PATH = $(KUBECONFIG) -default: metal system external smoke-test post-install clean +default: metal system external smoke-test post-install configure: ./scripts/configure git status metal: - make -C metal + [ "$(env)" = "dev" ] \ + && make k3d \ + || make -C metal system: make -C system external: - make -C external + [ "$(env)" != "dev" ] && make -C external smoke-test: make -C test filter=Smoke @@ -40,9 +43,17 @@ test: clean: docker compose --project-directory ./metal/roles/pxe_server/files down + k3d cluster delete homelab-dev docs: mkdocs serve git-hooks: pre-commit install + +info: + kubectl cluster-info + +k3d: + k3d cluster start homelab-dev || k3d cluster create --config metal/k3d-${env}.yaml + k3d kubeconfig get homelab-dev > metal/kubeconfig-${env}.yaml diff --git a/docs/installation/post-installation.md b/docs/installation/post-installation.md index 02b7104b..c7fa5872 100644 --- a/docs/installation/post-installation.md +++ b/docs/installation/post-installation.md @@ -6,7 +6,7 @@ Save the following files to a safe location like a password manager (if you're u - `~/.ssh/id_ed25519` - `~/.ssh/id_ed25519.pub` -- `./metal/kubeconfig.yaml` +- `./metal/kubeconfig-prod.yaml` - `~/.terraform.d/credentials.tfrc.json` - `./external/terraform.tfvars` diff --git a/metal/Makefile b/metal/Makefile index 43008306..0fedf2ca 100644 --- a/metal/Makefile +++ b/metal/Makefile @@ -1,7 +1,7 @@ .POSIX: env ?= prod -export KUBECONFIG = $(shell pwd)/kubeconfig.yaml +export KUBECONFIG = $(shell pwd)/kubeconfig-${env}.yaml default: boot cluster diff --git a/metal/inventories/prod.yml b/metal/inventories/prod.yml index 775c86a9..bfc47c15 100644 --- a/metal/inventories/prod.yml +++ b/metal/inventories/prod.yml @@ -1,5 +1,6 @@ all: vars: + env: prod control_plane_endpoint: 192.168.1.100 load_balancer_ip_pool: - 192.168.1.224/27 diff --git a/metal/roles/k3s/tasks/main.yml b/metal/roles/k3s/tasks/main.yml index 21cd85c0..6c32b8a2 100644 --- a/metal/roles/k3s/tasks/main.yml +++ b/metal/roles/k3s/tasks/main.yml @@ -91,7 +91,7 @@ - name: Write Kubernetes config file with the correct cluster address ansible.builtin.copy: content: "{{ kubeconfig_base64.content | b64decode | replace('127.0.0.1', control_plane_endpoint) }}" - dest: "{{ playbook_dir }}/kubeconfig.yaml" + dest: "{{ playbook_dir }}/kubeconfig-{{ env }}.yaml" mode: 0600 delegate_to: localhost run_once: true diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password index d84aff50..f30f0be5 100755 --- a/scripts/argocd-admin-password +++ b/scripts/argocd-admin-password @@ -1,5 +1,7 @@ #!/bin/sh +set -eu + echo "WARNING: ArgoCD admin can do anything in the cluster, only use it for just enough initial setup or in emergencies." >&2 -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d diff --git a/scripts/get-dns-config b/scripts/get-dns-config index e864f588..36a4c729 100755 --- a/scripts/get-dns-config +++ b/scripts/get-dns-config @@ -1,4 +1,4 @@ #!/bin/sh -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml kubectl get ingress --all-namespaces --no-headers --output custom-columns="ADDRESS:.status.loadBalancer.ingress[0].ip,HOST:.spec.rules[0].host" diff --git a/scripts/get-status b/scripts/get-status index 2060e908..393b9b92 100755 --- a/scripts/get-status +++ b/scripts/get-status @@ -1,6 +1,6 @@ #!/bin/sh -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml kubectl get applicationsets --namespace argocd kubectl get applications --namespace argocd diff --git a/scripts/get-wireguard-config b/scripts/get-wireguard-config index 87f402cd..8750233d 100755 --- a/scripts/get-wireguard-config +++ b/scripts/get-wireguard-config @@ -4,7 +4,7 @@ set -eu PEER="${1}" -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml kubectl -n wireguard exec -it deployment/wireguard -- /app/show-peer "${PEER}" kubectl -n wireguard exec -it deployment/wireguard -- cat "/config/peer_${PEER}/peer_${PEER}.conf" diff --git a/scripts/kanidm-reset-password b/scripts/kanidm-reset-password index 9597becc..b15c4fd4 100755 --- a/scripts/kanidm-reset-password +++ b/scripts/kanidm-reset-password @@ -5,5 +5,5 @@ set -eu account="${1}" echo "WARNING: Kanidm admin can do anything in the cluster, only use it for just enough initial setup or in emergencies." >&2 -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml kubectl exec -it -n kanidm statefulset/kanidm -- kanidmd recover-account "${account}" diff --git a/scripts/onboard-user b/scripts/onboard-user index 8cfe2d47..6cc24e8f 100755 --- a/scripts/onboard-user +++ b/scripts/onboard-user @@ -4,7 +4,7 @@ username="${1}" fullname="${2}" mail="${3}" -export KUBECONFIG=./metal/kubeconfig.yaml +export KUBECONFIG=./metal/kubeconfig-${env}.yaml host="$(kubectl get ingress --namespace kanidm kanidm --output jsonpath='{.spec.rules[0].host}')" kanidm person create "${username}" "${fullname}" --url "https://${host}" --name idm_admin diff --git a/system/Makefile b/system/Makefile index 2fbf29f0..ad478ed2 100644 --- a/system/Makefile +++ b/system/Makefile @@ -1,8 +1,9 @@ .POSIX: -export KUBECONFIG = $(shell pwd)/../metal/kubeconfig.yaml +export KUBECONFIG = $(shell pwd)/../metal/kubeconfig-${env}.yaml .PHONY: bootstrap bootstrap: ansible-playbook \ + --extra-vars "env=${env}" \ bootstrap.yml diff --git a/system/argocd/values-dev.yaml b/system/argocd/values-dev.yaml new file mode 100644 index 00000000..45007cd4 --- /dev/null +++ b/system/argocd/values-dev.yaml @@ -0,0 +1,13 @@ +argo-cd: + global: + domain: argocd.127-0-0-1.nip.io +argocd-apps: + applicationsets: + root: + template: + spec: + source: + helm: + valueFiles: + - values-dev.yaml + ignoreMissingValueFiles: true diff --git a/system/argocd/values-prod.yaml b/system/argocd/values-prod.yaml new file mode 100644 index 00000000..8e6cf328 --- /dev/null +++ b/system/argocd/values-prod.yaml @@ -0,0 +1,13 @@ +argo-cd: + global: + domain: argocd.khuedoan.com +argocd-apps: + applicationsets: + root: + template: + spec: + source: + helm: + valueFiles: + - values-dev.yaml + ignoreMissingValueFiles: true diff --git a/system/argocd/values.yaml b/system/argocd/values.yaml index bd07fd1e..d1c1da82 100644 --- a/system/argocd/values.yaml +++ b/system/argocd/values.yaml @@ -53,6 +53,8 @@ argocd-apps: repoURL: *repoURL path: '{{path}}' targetRevision: *revision + helm: + ignoreMissingValueFiles: true syncPolicy: automated: prune: true diff --git a/system/bootstrap.yml b/system/bootstrap.yml index 37d5c1b7..8c7b3a17 100644 --- a/system/bootstrap.yml +++ b/system/bootstrap.yml @@ -25,6 +25,7 @@ release_namespace: argocd dependency_update: true values_files: + - "argocd/values-{{ env }}.yaml" - "argocd/{{ (first_install.resources | length == 0) | ternary('values-seed.yaml', 'values.yaml') }}" register: argocd_manifests