mirror of
https://github.com/khuedoan/homelab.git
synced 2024-12-22 16:04:32 +07:00
feat(k3s): install kube-vip for HA control plane
This commit is contained in:
parent
b98060294d
commit
23f695b8fb
@ -2,5 +2,3 @@ ansible_user: root
|
||||
ansible_ssh_private_key_file: ~/.ssh/id_ed25519
|
||||
ssh_public_key: "{{ lookup('file', '~/.ssh/id_ed25519.pub') }}"
|
||||
dns_server: "8.8.8.8"
|
||||
load_balancer_ip_pool:
|
||||
- 192.168.1.224/27
|
||||
|
@ -1,3 +1,8 @@
|
||||
all:
|
||||
vars:
|
||||
control_plane_endpoint: 192.168.1.100
|
||||
load_balancer_ip_pool:
|
||||
- 192.168.1.224/27
|
||||
metal:
|
||||
children:
|
||||
masters:
|
||||
|
@ -2,7 +2,11 @@ k3s_version: v1.28.3+k3s2
|
||||
k3s_config_file: /etc/rancher/k3s/config.yaml
|
||||
k3s_token_file: /etc/rancher/node/password
|
||||
k3s_service_file: /etc/systemd/system/k3s.service
|
||||
k3s_data_dir: /var/lib/rancher/k3s
|
||||
k3s_kubeconfig_file: /etc/rancher/k3s/k3s.yaml
|
||||
k3s_server_config:
|
||||
tls-san:
|
||||
- "{{ control_plane_endpoint }}"
|
||||
disable:
|
||||
- local-storage
|
||||
- servicelb
|
||||
|
@ -24,6 +24,7 @@
|
||||
loop:
|
||||
- /etc/rancher/k3s
|
||||
- /etc/rancher/node
|
||||
- "{{ k3s_data_dir }}/agent/pod-manifests"
|
||||
|
||||
- name: Check if k3s token file exists on the first node
|
||||
run_once: true
|
||||
@ -62,6 +63,16 @@
|
||||
- src: k3s.service.j2
|
||||
dest: "{{ k3s_service_file }}"
|
||||
|
||||
- name: Copy kube-vip manifests
|
||||
when: "'masters' in group_names"
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: 0644
|
||||
loop:
|
||||
- src: kube-vip.yaml.j2
|
||||
dest: "{{ k3s_data_dir }}/agent/pod-manifests/kube-vip.yaml"
|
||||
|
||||
- name: Enable k3s service
|
||||
ansible.builtin.systemd:
|
||||
name: k3s
|
||||
@ -74,12 +85,12 @@
|
||||
- name: Get Kubernetes config file
|
||||
run_once: true
|
||||
ansible.builtin.slurp:
|
||||
src: /etc/rancher/k3s/k3s.yaml
|
||||
src: "{{ k3s_kubeconfig_file }}"
|
||||
register: kubeconfig_base64
|
||||
|
||||
- name: Write Kubernetes config file with the correct cluster address
|
||||
ansible.builtin.copy:
|
||||
content: "{{ kubeconfig_base64.content | b64decode | replace('127.0.0.1', hostvars[groups['masters'][0]].ansible_host) }}"
|
||||
content: "{{ kubeconfig_base64.content | b64decode | replace('127.0.0.1', control_plane_endpoint) }}"
|
||||
dest: "{{ playbook_dir }}/kubeconfig.yaml"
|
||||
mode: 0600
|
||||
delegate_to: localhost
|
||||
|
@ -1,7 +1,7 @@
|
||||
{% if inventory_hostname == groups['masters'][0] %}
|
||||
cluster-init: true
|
||||
{% else %}
|
||||
server: https://{{ hostvars[groups['masters'][0]].ansible_host }}:6443
|
||||
server: https://{{ control_plane_endpoint }}:6443
|
||||
{% endif %}
|
||||
token-file: {{ k3s_token_file }}
|
||||
{% if 'masters' in group_names %}
|
||||
|
39
metal/roles/k3s/templates/kube-vip.yaml.j2
Normal file
39
metal/roles/k3s/templates/kube-vip.yaml.j2
Normal file
@ -0,0 +1,39 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: kube-vip
|
||||
namespace: kube-system
|
||||
spec:
|
||||
containers:
|
||||
- name: kube-vip
|
||||
image: ghcr.io/kube-vip/kube-vip:v0.6.4
|
||||
args:
|
||||
- manager
|
||||
env:
|
||||
- name: address
|
||||
value: {{ control_plane_endpoint }}
|
||||
- name: vip_arp
|
||||
value: "true"
|
||||
- name: cp_enable
|
||||
value: "true"
|
||||
- name: vip_leaderelection
|
||||
value: "true"
|
||||
- name: lb_enable
|
||||
value: "true"
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
volumeMounts:
|
||||
- mountPath: /etc/kubernetes/admin.conf
|
||||
name: kubeconfig
|
||||
hostAliases:
|
||||
- hostnames:
|
||||
- kubernetes
|
||||
ip: 127.0.0.1
|
||||
hostNetwork: true
|
||||
volumes:
|
||||
- hostPath:
|
||||
path: {{ k3s_kubeconfig_file }}
|
||||
name: kubeconfig
|
Loading…
Reference in New Issue
Block a user