Add loadbalancer
guppy
parent
9156341792
commit
78a9db4489
|
|
@ -1,5 +1,5 @@
|
||||||
# K8s cluster on Debian 11
|
# K8s cluster on Debian 11
|
||||||
Tested successfully on 14/05/2023 with kubernetes 1.27.1, containerd 1.6.21 and flannel 1.1.2
|
Tested successfully on 14/05/2023 with kubernetes 1.27.1, containerd 1.6.21, flannel 1.1.2, ingress-nginx and PureLB
|
||||||
Durée approximative du deployment: 8 minutes
|
Durée approximative du deployment: 8 minutes
|
||||||
|
|
||||||
kubeadm version
|
kubeadm version
|
||||||
|
|
@ -14,7 +14,7 @@ cf https://git.metatux.fr:3001/GRETA/TP-IaC-Ansible
|
||||||
|
|
||||||
## Prepare les noeuds et fait l'installation de kubernetes
|
## Prepare les noeuds et fait l'installation de kubernetes
|
||||||
> ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../terraform/hosts.ini pre-start.yaml
|
> ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../terraform/hosts.ini pre-start.yaml
|
||||||
## Initialisation du cluster + join des workes, ajout de flannel, openebs, ingress-nginx, helm.
|
## Initialisation du cluster + join des workers, ajout de flannel, openebs, ingress-nginx, purelb, helm.
|
||||||
## Mise en service de Gitea
|
## Mise en service de Gitea
|
||||||
> ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../terraform/hosts.ini start.yaml
|
> ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../terraform/hosts.ini start.yaml
|
||||||
## Si besoin de reset le cluster
|
## Si besoin de reset le cluster
|
||||||
|
|
|
||||||
|
|
@ -12,3 +12,8 @@ gitea:
|
||||||
replicacount: 3
|
replicacount: 3
|
||||||
servicetype: LoadBalancer
|
servicetype: LoadBalancer
|
||||||
externalips: 192.168.230.10
|
externalips: 192.168.230.10
|
||||||
|
metallb:
|
||||||
|
iprange: 192.168.230.100-192.168.230.200
|
||||||
|
purelb:
|
||||||
|
pool: 192.168.230.100-192.168.230.200
|
||||||
|
subnet: 192.168.230.0/24
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- hosts: control-plane
|
- hosts: control-plane
|
||||||
name: "Install OpenEBS Storagee provider"
|
name: "Install OpenEBS Storage provider"
|
||||||
roles:
|
roles:
|
||||||
- role: openebs
|
- role: openebs
|
||||||
run_once: True
|
run_once: True
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,20 @@
|
||||||
src: values.yaml.j2
|
src: values.yaml.j2
|
||||||
dest: /tmp/values.yaml
|
dest: /tmp/values.yaml
|
||||||
|
|
||||||
# TODO: Add a wait_for condition to test if ingress-nginx avalaible
|
- name: get Ingress-nginx internal IP
|
||||||
|
shell: >
|
||||||
|
kubectl get svc -A | grep ingress-nginx-controller-admission | awk '{print $4}'
|
||||||
|
register: nginxip
|
||||||
|
delay: 10
|
||||||
|
|
||||||
|
# Add a wait_for condition to test if ingress-nginx avalaible
|
||||||
|
- name: Attente du démarrage d Ingress Nginx
|
||||||
|
retries: 6
|
||||||
|
wait_for:
|
||||||
|
host: "{{ nginxip.stdout }}"
|
||||||
|
port: 443
|
||||||
|
delay: 10
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: install gitea via helm
|
- name: install gitea via helm
|
||||||
shell: |
|
shell: |
|
||||||
|
|
@ -13,14 +26,39 @@
|
||||||
helm repo update
|
helm repo update
|
||||||
helm install -f /tmp/values.yaml gitea gitea-charts/gitea
|
helm install -f /tmp/values.yaml gitea gitea-charts/gitea
|
||||||
|
|
||||||
- name: Attente du démarrage de Gitea
|
- name: Is pod gitea-0 running
|
||||||
|
shell: kubectl get pods | grep gitea-0 | awk '{print $3}'
|
||||||
|
register: gitearunning
|
||||||
|
until: "'Running' in gitearunning.stdout"
|
||||||
|
retries: 6
|
||||||
|
delay: 10
|
||||||
|
|
||||||
|
- name: get Gitea http IP
|
||||||
|
shell: >
|
||||||
|
kubectl get svc | grep gitea-http | awk '{print $4}'
|
||||||
|
register: giteaip
|
||||||
|
|
||||||
|
- name:
|
||||||
|
debug:
|
||||||
|
msg: IP du serveur http Gitea {{ giteaip.stdout }}
|
||||||
|
|
||||||
|
- name: get Gitea http port
|
||||||
|
shell: >
|
||||||
|
kubectl get svc | grep gitea-http | awk '{print $5}' | sed 's/3000://;s/\/TCP//'
|
||||||
|
register: giteaport
|
||||||
|
|
||||||
|
- name:
|
||||||
|
debug:
|
||||||
|
msg: Port du serveur http Gitea {{ giteaport.stdout }}
|
||||||
|
|
||||||
|
- name: Attente du démarrage du serveur web Gitea
|
||||||
retries: 6
|
retries: 6
|
||||||
wait_for:
|
wait_for:
|
||||||
host: "{{ gitea.externalips }}"
|
host: "{{ giteaip.stdout }}"
|
||||||
port: 3000
|
port: "{{ giteaport.stdout }}"
|
||||||
delay: 10
|
delay: 10
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name:
|
- name:
|
||||||
debug:
|
debug:
|
||||||
msg: Le serveur Gitea est operationel est joignable sur http://{{ gitea.externalips }}:3000
|
msg: Le serveur Gitea est operationel et joignable sur http://{{ giteaip.stdout }}:{{ giteaport.stdout }}
|
||||||
|
|
|
||||||
|
|
@ -95,7 +95,7 @@ service:
|
||||||
nodePort:
|
nodePort:
|
||||||
externalTrafficPolicy:
|
externalTrafficPolicy:
|
||||||
externalIPs:
|
externalIPs:
|
||||||
- {{ gitea.externalips }}
|
# - {{ gitea.externalips }}
|
||||||
ipFamilyPolicy:
|
ipFamilyPolicy:
|
||||||
ipFamilies:
|
ipFamilies:
|
||||||
loadBalancerSourceRanges: []
|
loadBalancerSourceRanges: []
|
||||||
|
|
@ -114,13 +114,13 @@ service:
|
||||||
## @param service.ssh.annotations SSH service annotations
|
## @param service.ssh.annotations SSH service annotations
|
||||||
ssh:
|
ssh:
|
||||||
type: {{ gitea.servicetype }}
|
type: {{ gitea.servicetype }}
|
||||||
port: 22
|
port: 2222
|
||||||
clusterIP: None
|
clusterIP: None
|
||||||
loadBalancerIP:
|
loadBalancerIP:
|
||||||
nodePort:
|
nodePort:
|
||||||
externalTrafficPolicy:
|
externalTrafficPolicy:
|
||||||
externalIPs:
|
externalIPs:
|
||||||
- {{ gitea.externalips }}
|
# - {{ gitea.externalips }}
|
||||||
ipFamilyPolicy:
|
ipFamilyPolicy:
|
||||||
ipFamilies:
|
ipFamilies:
|
||||||
hostPort:
|
hostPort:
|
||||||
|
|
@ -344,12 +344,12 @@ gitea:
|
||||||
# customEmailUrl:
|
# customEmailUrl:
|
||||||
|
|
||||||
## @param gitea.config Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
|
## @param gitea.config Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
|
||||||
config: {}
|
config:
|
||||||
# APP_NAME: "Gitea: Git with a cup of tea"
|
# APP_NAME: "Gitea: Git with a cup of tea"
|
||||||
# RUN_MODE: dev
|
# RUN_MODE: dev
|
||||||
#
|
#
|
||||||
# server:
|
server:
|
||||||
# SSH_PORT: 22
|
SSH_PORT: 2222
|
||||||
#
|
#
|
||||||
# security:
|
# security:
|
||||||
# PASSWORD_COMPLEXITY: spec
|
# PASSWORD_COMPLEXITY: spec
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,19 @@
|
||||||
|
- name: Enable structARP on kube-proxy
|
||||||
|
shell: |
|
||||||
|
kubectl get configmap kube-proxy -n kube-system -o yaml | \
|
||||||
|
sed -e "s/strictARP: false/strictARP: true/" | \
|
||||||
|
kubectl apply -f - -n kube-system
|
||||||
|
|
||||||
|
- name: install MetalLB
|
||||||
|
shell: |
|
||||||
|
helm repo add metallb https://metallb.github.io/metallb
|
||||||
|
helm install metallb metallb/metallb --create-namespace --namespace metallb-system
|
||||||
|
|
||||||
- name: copy MetalLB config
|
- name: copy MetalLB config
|
||||||
become: yes
|
become: yes
|
||||||
template:
|
template:
|
||||||
src: metallb-config.yaml
|
src: metallb-config.yaml
|
||||||
dest: /etc/metallb-config.yaml
|
dest: /tmp/metallb-config.yaml
|
||||||
|
|
||||||
- name: install MetalLB
|
|
||||||
command: kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.9/config/manifests/metallb-native.yaml
|
|
||||||
|
|
||||||
- name: install MetalLB config
|
- name: install MetalLB config
|
||||||
command: kubectl apply -f /etc/metallb-config.yaml
|
command: kubectl apply -f /tmp/metallb-config.yaml
|
||||||
|
|
|
||||||
|
|
@ -2,11 +2,11 @@
|
||||||
apiVersion: metallb.io/v1beta1
|
apiVersion: metallb.io/v1beta1
|
||||||
kind: IPAddressPool
|
kind: IPAddressPool
|
||||||
metadata:
|
metadata:
|
||||||
name: nat
|
name: first-pool
|
||||||
namespace: metallb-system
|
namespace: metallb-system
|
||||||
spec:
|
spec:
|
||||||
addresses:
|
addresses:
|
||||||
- "{{ metalrange }}"
|
- "{{ metallb.iprange }}"
|
||||||
---
|
---
|
||||||
apiVersion: metallb.io/v1beta1
|
apiVersion: metallb.io/v1beta1
|
||||||
kind: L2Advertisement
|
kind: L2Advertisement
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
configInline:
|
||||||
|
address-pools:
|
||||||
|
- name: default
|
||||||
|
protocol: layer2
|
||||||
|
addresses:
|
||||||
|
- {{ metallb.iprange }}
|
||||||
|
|
@ -7,7 +7,7 @@
|
||||||
- name: install PureLB
|
- name: install PureLB
|
||||||
command: kubectl apply -f https://gitlab.com/api/v4/projects/purelb%2Fpurelb/packages/generic/manifest/0.0.1/purelb-complete.yaml
|
command: kubectl apply -f https://gitlab.com/api/v4/projects/purelb%2Fpurelb/packages/generic/manifest/0.0.1/purelb-complete.yaml
|
||||||
retries: 2
|
retries: 2
|
||||||
delays: 5
|
delay: 5
|
||||||
|
|
||||||
- name: install PureLB config
|
- name: install PureLB config
|
||||||
command: kubectl apply -f /etc/purelb-config.yaml
|
command: kubectl apply -f /etc/purelb-config.yaml
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,6 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
local:
|
local:
|
||||||
v4pools:
|
v4pools:
|
||||||
- subnet: '{{ lbsubnet }}'
|
- subnet: '{{ purelb.subnet }}'
|
||||||
pool: '{{ lbpool }}'
|
pool: '{{ purelb.pool }}'
|
||||||
aggregation: /25
|
aggregation: default
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@
|
||||||
- import_playbook: kubernetes-worker.yaml
|
- import_playbook: kubernetes-worker.yaml
|
||||||
- import_playbook: openebs.yaml
|
- import_playbook: openebs.yaml
|
||||||
- import_playbook: ingress-nginx.yaml
|
- import_playbook: ingress-nginx.yaml
|
||||||
|
- import_playbook: purelb.yaml
|
||||||
|
#- import_playbook: metallb.yaml
|
||||||
- import_playbook: helm.yaml
|
- import_playbook: helm.yaml
|
||||||
- import_playbook: gitea-helm.yaml
|
- import_playbook: gitea-helm.yaml
|
||||||
#- import_playbook: purelb.yaml
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue