WIP: refactor to align with documentation (#122)

* refactor to align with documentation Signed-off-by: Michael Fornaro <[email protected]> * remove examples that are outdated Signed-off-by: Michael Fornaro <[email protected]> * revert some unintended changes Signed-off-by: Michael Fornaro <[email protected]> * revert some unintended changes Signed-off-by: Michael Fornaro <[email protected]> * remove cilium helm implementation and align with quick install method Signed-off-by: Michael Fornaro <[email protected]> * addressing PR comments Signed-off-by: Michael Fornaro <[email protected]>
raspbernetes · May 4, 2021 · e7b192b · e7b192b
1 parent 5358dcc
commit e7b192b
Show file tree

Hide file tree

Showing 19 changed files with 142 additions and 448 deletions.
diff --git a/.envrc b/.envrc
@@ -0,0 +1,2 @@
+export KUBECONFIG=$(expand_path ./ansible/playbooks/output/k8s-config.yaml)
+export ANSIBLE_CONFIG=$(expand_path ./ansible/ansible.cfg)
diff --git a/ansible/example/group_vars/all.yml b/ansible/example/group_vars/all.yml
diff --git a/ansible/example/group_vars/masters.yml b/ansible/example/group_vars/masters.yml
diff --git a/ansible/family_vars/debian.yml b/ansible/family_vars/debian.yml
@@ -13,3 +13,8 @@ common_packages:
   - net-tools
   - python3-openssl # Needed for ansible 'openssl_certificate_info' module
   - python-openshift
+
+kubernetes_packages:
+  - apt-transport-https
+  - ca-certificates
+  - curl
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
@@ -16,14 +16,14 @@
 ####
 # Role - kubernetes
 ####
-# kubernetes_kubectl_version: 1.20.4-00
-# kubernetes_kubelet_version: 1.20.4-00
-# kubernetes_kubeadm_version: 1.20.4-00
+kubernetes_kubectl_version: 1.21.0-00
+kubernetes_kubelet_version: 1.21.0-00
+kubernetes_kubeadm_version: 1.21.0-00
 
 ####
 # Role - keepalived
 ####
-# keepalived_vip: ""
+# keepalived_vip: ''
 # keepalived_interface: "{{ ansible_default_ipv4['interface'] }}"
 
 ####

diff --git a/ansible/group_vars/cluster.yml b/ansible/group_vars/cluster.yml
@@ -5,7 +5,7 @@ cluster_extra_sans:
 cluster_control_plane_endpoint: '{{ keepalived_vip }}:8443'
 
 # Specify the Kubernetes version, current release is v1.20.4
-cluster_kubernetes_version: 'v1.20.4'
+cluster_kubernetes_version: 'v1.21.0'
 
 cluster_apiserver_enable_admission_plugins:
   - 'NodeRestriction'

diff --git a/ansible/group_vars/masters.yml b/ansible/group_vars/masters.yml
@@ -1,10 +1,4 @@
 ---
-####
-# Role - keepalived
-####
-# keepalived_vip: ''
-# keepalived_interface: "{{ ansible_default_ipv4['interface'] }}"
-
 ####
 # Role - cluster
 ####

diff --git a/ansible/inventory b/ansible/inventory
@@ -1,4 +1,3 @@
-
 [all]
 k8s-controlplane-01 hostname=k8s-controlplane-01 ansible_host=192.168.1.121 ansible_user=pi
 k8s-controlplane-02 hostname=k8s-controlplane-02 ansible_host=192.168.1.122 ansible_user=pi

diff --git a/ansible/playbooks/all.yml b/ansible/playbooks/all.yml
@@ -7,7 +7,7 @@
       fail:
         msg: "Only python3 is supported, you're running {{ ansible_facts['python_version'] }} locally"
       when: ansible_facts['python']['version']['major'] != 3
-- import_playbook: docker_cache.yml
+# - import_playbook: docker_cache.yml
 - import_playbook: common.yml
 - import_playbook: masters.yml
 - import_playbook: cluster.yml
diff --git a/ansible/roles/cluster/tasks/main.yml b/ansible/roles/cluster/tasks/main.yml
@@ -65,6 +65,10 @@
     kubeadm_join_token: '{{ generated_token.stdout }}'
   run_once: true
 
+- name: pull control plane images
+  command: kubeadm config images pull
+  when: inventory_hostname == groups["controlplane"]
+
 - name: 'initialize | perform cluster initialization on primary control node'
   include_tasks: 'initialize.yml'
   when:

diff --git a/ansible/roles/cni/tasks/cilium.yml b/ansible/roles/cni/tasks/cilium.yml
@@ -1,58 +1,5 @@
 ---
-
-# See https://github.com/cilium/cilium/issues/10645
-- name: set net.ipv4.conf.*.rp_filter to 0 for systemd 245 workaround
-  ansible.posix.sysctl:
-    name: '{{ item }}'
-    value: '0'
-    sysctl_file: /etc/sysctl.d/98-override_cilium_rp_filter.conf
-    reload: false
-  loop:
-    - net.ipv4.conf.all.rp_filter
-    - net.ipv4.conf.default.rp_filter
-  notify: restart systemd-sysctl
-
-- name: mount sys-fs-bpf
-  ansible.posix.mount:
-    path: /sys/fs/bpf
-    src: bpffs
-    opts: defaults
-    state: mounted
-    fstype: bpf
-
-- name: add Cilium Helm Repo
-  community.kubernetes.helm_repository:
-    name: cilium
-    repo_url: "https://helm.cilium.io/"
-
-- name: deploy Cilium
-  community.kubernetes.helm:
-    name: cilium
-    chart_ref: cilium/cilium
-    release_namespace: kube-system
-    chart_version: "{{ cni_cilium_helm_version }}"
-    values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}"
-
-- name: patch cilium-operator for helm chart bug
-  community.kubernetes.k8s:
-    state: present
-    definition:
-      apiVersion: apps/v1
-      kind: Deployment
-      metadata:
-        name: cilium-operator
-        namespace: kube-system
-      spec:
-        template:
-          spec:
-            containers:
-              - name: cilium-operator
-                image: cilium/operator-dev:{{ cni_cilium_image_version }}
-
-
-- name: Apply kube-router manifests
-  community.kubernetes.k8s:
-    state: present
-    template: 'generic-kuberouter-only-advertise-routes.yaml.j2'
-  when:
-    - cni_kube_router_enabled
+- name: applying cilium
+  command:
+    cmd: kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/v1.9/install/kubernetes/quick-install.yaml
+    creates: /etc/cni/net.d/10-cilium.conflist
diff --git a/ansible/roles/cni/templates/generic-kuberouter-only-advertise-routes.yaml.j2 b/ansible/roles/cni/templates/generic-kuberouter-only-advertise-routes.yaml.j2