Added changes from pfisterer/edsc-microk8s-playbook

solamarpreet · Oct 11, 2022 · 4fef3a9 · 4fef3a9
1 parent 1afb486
commit 4fef3a9
Show file tree

Hide file tree

Showing 3 changed files with 95 additions and 31 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,4 +30,4 @@ override.tf.json
 *tfplan*
 
 ansible/hosts
-kube.config
+kubeconfig
diff --git a/ansible/kubeconfig b/ansible/kubeconfig
diff --git a/ansible/playbooks/microk8s.yml b/ansible/playbooks/microk8s.yml
@@ -13,27 +13,100 @@
       reboot:
 
     - name: Updating snaps
-      shell: snap refresh
+      command: snap refresh
+      retries: 3
+      delay: 5
+      register: result
+      until: result is not failed 
 
     - name: Rebooting instances
       reboot:
 
     - name: Installing microk8s
       command: snap install microk8s --classic --channel=latest/stable
 
-    - name: Waiting for microk8s to start
-      command: microk8s status --wait-ready
+    - name: Wait for microk8s to be ready
+      shell: "microk8s status --wait-ready"
+      changed_when: False
+
+    - name: Add user 'ubuntu' to group microk8s
+      user:
+        name: "ubuntu"
+        groups: ["microk8s"]
+        append: True
+
+    - name: Set File Descriptor Limits for Microk8s
+      lineinfile:
+        dest: /var/snap/microk8s/current/args/containerd-env
+        line: "ulimit -n 65536"
+        state: present
 
 
 - name: Configuring Master node
   hosts: ocarm1
   become: yes
   tasks:
+
+    - name: Check IP is already included in the template
+      shell: "cat /var/snap/microk8s/current/certs/csr.conf.template | grep '= {{ansible_host}}' | wc -l"
+      register: ip_included
+      changed_when: False
+
+    - name: Get highest entry in the list of IPs (conf)
+      shell: "cat /var/snap/microk8s/current/certs/csr.conf | sed -nr 's/IP\\.([0-9]+).*/\\1/p' | sort | tail -n 1"
+      register: csr_output
+      when: ip_included.stdout_lines[0]|int == 0
+
+    - name: Get highest entry in the list of IPs (template)
+      shell: "cat /var/snap/microk8s/current/certs/csr.conf.template | sed -nr 's/IP\\.([0-9]+).*/\\1/p' | sort | tail -n 1"
+      register: csr_template_output
+      when: ip_included.stdout_lines[0]|int == 0
+
+    - name: Add IP entry
+      lineinfile:
+        path: /var/snap/microk8s/current/certs/csr.conf.template
+        insertafter: "^IP.{{csr_template_output.stdout_lines[0]}} = .*"
+        line: "IP.{{csr_output.stdout_lines[0]|int + 1}} = {{ansible_host}}"
+      register: csr_mod_result
+      when: ip_included.stdout_lines[0]|int == 0
+
+    - name: Restart microk8s (stop)
+      shell: "microk8s stop"
+      when: ip_included.stdout_lines[0]|int == 0
+      retries: 5
+      delay: 10
+      register: result
+      until: result.rc == 0
+
+    - name: Sleep for 10 seconds
+      ansible.builtin.wait_for:
+        timeout: 10
+
+    - name: Restart microk8s (start)
+      shell: "microk8s start"
+      when: ip_included.stdout_lines[0]|int == 0
+      retries: 5
+      delay: 10
+      register: result
+      until: result.rc == 0
+
+    - name: Wait for microk8s to be ready after updating the CSR
+      shell: "microk8s status --wait-ready"
+      changed_when: False
+      retries: 5
+      delay: 10
+      register: result
+      until: result.rc == 0
+      when: ip_included.stdout_lines[0]|int == 0
+
     - name: Enable ingress addon
       command: microk8s enable ingress
 
-    - name: Add DNS record
-      shell: "echo {{ hostvars['ocarm2']['private_ip'] }} ocarm2 | tee -a /etc/hosts"
+    - name: Add DNS record to hosts file
+      lineinfile:
+        dest: /etc/hosts
+        line: "{{ hostvars['ocarm2']['private_ip'] }} ocarm2"
+        state: present
 
     - name: Copying worker node token
       shell: microk8s add-node --format=short | grep -m 1 "microk8s.*"
@@ -48,8 +121,11 @@
   hosts: ocarm2
   become: yes
   tasks:
-    - name: Add DNS record
-      shell: "echo {{ hostvars['ocarm1']['private_ip'] }} ocarm1 | tee -a /etc/hosts"
+    - name: Add DNS record to hosts file
+      lineinfile:
+        dest: /etc/hosts
+        line: "{{ hostvars['ocarm1']['private_ip'] }} ocarm1"
+        state: present
 
     - name: Joining cluster
       command: "{{ hostvars['ocarm1']['token'] }} --worker"
@@ -69,14 +145,21 @@
     - name: Adding role to worker node
       command: microk8s kubectl label node ocarm2 kubernetes.io/role=worker
 
-    - name: Generating kube config file
-      shell: microk8s config > /tmp/kubeconfig
+    - name: Write config to file
+      shell: "microk8s.config > /tmp/conf-with-external-ip; chmod 600 /tmp/conf-with-external-ip"
+
+    - name: Replace IP in config file
+      replace:
+        path: "/tmp/conf-with-external-ip"
+        regexp: 'server: https://[0-9\\.]+:16443'
+        replace: "server: https://{{ ansible_host }}:16443"
 
-    - name: Fetching kube config file for local kubectl access
+    - name: Download kubeconf
       fetch:
-        src: /tmp/kubeconfig
+        src: /tmp/conf-with-external-ip
         dest: ../kubeconfig
         flat: yes
+        fail_on_missing: yes
 
     - name: Linking Control Plane IP to DuckDNS
       uri: