k8s-playground/setup/setup.yml

---
- hosts: all
  tasks:
    - name: deactivate swap
      command: swapoff -a
      when:
        - ansible_swaptotal_mb != 0
      notify: disable swap
    - name: upgrade all the packages
      apt:
        name: '*'
        state: latest
        update_cache: yes
      tags: ['initial', 'never']
    - name: install deps
      apt:
        name: ['aptitude', 'sudo', 'nfs-common', 'apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'linux-headers-amd64']
        state: present
    - name: import docker gpg key
      apt_key:
        url: "https://download.docker.com/linux/debian/gpg"
        state: present
    - name: add docker repository
      apt_repository:
        repo: "deb [arch=amd64] https://download.docker.com/linux/debian {{ansible_lsb.codename}} stable"
        state: present
    - name: install docker
      apt:
        update_cache: yes
        name: ['docker-ce', 'python-pip', 'python-setuptools']
        state: present
    - name: configure docker
      template:
        src: templates/daemon.json
        dest: /etc/docker/daemon.json
      notify: restart docker
    - name: enable & start docker
      systemd:
        name: docker
        enabled: yes
        state: started
    - name: install wireguard repo
      apt_repository:
        repo: "deb http://deb.debian.org/debian/ unstable main"
        state: present
    - name: pin unstables
      blockinfile:
        path: /etc/apt/preferences.d/limit-unstable
        create: yes
        block: |
          Package: *
          Pin: release a=unstable
          Pin-Priority: 90          
    - name: install wireguard
      apt:
        update_cache: yes
        name: wireguard
        state: present
    - name: configure wireguard interface
      template:
        src: templates/wireguard.cfg
        dest: /etc/network/interfaces.d/wireguard.cfg
      notify: restart wireguard
    - name: configure wireguard connections
      template:
        src: templates/wg-k8s.conf
        dest: /etc/wireguard/wg-k8s.conf
      notify: restart wireguard

    - name: install k8s apt key
      apt_key:
        url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
        state: present
    - name: add k8s repository
      apt_repository:
        repo: "deb https://apt.kubernetes.io/ kubernetes-xenial main"
        state: present
    - name: install k8s
      apt:
        update_cache: yes
        name: ["kubelet", "kubeadm", "kubectl"]
        state: present
    - name: configure cgroup driver in kubelet
      lineinfile:
        path: /var/lib/kubelet/config.yaml
        line: 'cgroupDriver: systemd'
        regexp: '^cgroupDriver:.*'
    - name: configure kubeadm-env
      template:
        src: templates/kubeadm-flags.env
        dest: /var/lib/kubelet/kubeadm-flags.env
    - name: restart system
      command: reboot
      tags: ['initial', 'never']

  handlers:
    - name: disable swap
      lineinfile:
        path: /etc/fstab
        regexp: '.*swap.*'
        state: absent
    - name: restart wireguard
      shell: ifdown wg-k8s; ifup wg-k8s
    - name: restart docker
      service:
        name: docker
        state: restarted

- hosts: control
  tasks:
    - name: install haproxy
      apt:
        name: haproxy
        state: present
      notify: restart haproxy
    - name: copy haproxy template
      template:
        src: templates/haproxy.cfg
        dest: /etc/haproxy/haproxy.cfg
      notify: restart haproxy
    - name: enable haproxy service
      service:
        name: haproxy
        enabled: true
      notify: restart haproxy
  handlers:
    - name: restart haproxy
      service:
        name: haproxy
        state: restarted

- hosts: cluster-control01
  tasks:
    - name: init kubeadm
      shell: kubeadm init --apiserver-advertise-address 10.42.23.11 --pod-network-cidr=10.244.0.0/16 > kubeadm.log
      args:
        creates: kubeadm.log
    - name: fetch kubeadm.log from control
      fetch:
        src: kubeadm.log
        dest: kubeadm-{{ inventory_hostname }}.log
        flat: yes
    - name: configure kubectl
      shell: mkdir .kube; cp /etc/kubernetes/admin.conf $HOME/.kube/config
      args:
        creates: .kube/config
    - name: setup networking
      shell: kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/rbac.yaml > canal.log && kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/canal.yaml >> canal.log
      args:
        creates: canal.log

- hosts: worker
  tasks:
    - name: fetch join command
      command: tail -2 kubeadm-cluster-control01.log
      register: joincommand
      delegate_to: localhost
        
    - name: join cluster
      shell: "{{ joincommand.stdout }} > kubeadm.log"
      args:
        creates: kubeadm.log
    - name: fetch kubeadm.log
      fetch:
        src: kubeadm.log
        dest: kubeadm-{{ inventory_hostname }}.log
        flat: yes