Merge pull request #1 from dancard32/k3s-ha

K3s Ansible Automation

.gitignore

@@ -1,3 +1,4 @@
 .vscode
 .secrets/
-.env
+.env
+.ansible/inventory.ini

README.md

@@ -38,7 +38,7 @@ From applications list open Virtual Machine Manager and follow the following ste
 5. After reboot on host computer navigate to the listed browser url and login with user `root` using the password you created
     - At this point the VM can be converted to a template, step 6 to be repeated for _each_ VM
 6. To upload ISO Images navigate to local(proxmox) > ISO Images > upload and install VM's
-    - Debian/Ubuntu systems install `apt-get install -y qemu-guest-agent`
+    - Debian/Ubuntu systems install `sudo apt-get install -y qemu-guest-agent`
     - Redhat based systems install `yum install -y qemu-guest-agent`
 
     Depending on the distribution, the guest agent might not start automatically after the installation.

ansible/collections/requirements.yml

@@ -0,0 +1,7 @@
+---
+collections:
+  - name: ansible.utils
+  - name: community.general
+  - name: ansible.posix
+  - name: kubernetes.core
+  - name: community.Mysql

ansible/group_vars/all.yaml

@@ -0,0 +1,12 @@
+---
+k3s_version: v1.22.3+k3s1
+ansible_user: "dcard"
+systemd_dir: /etc/systemd/system
+server_ip: "{{ hostvars[groups['servers'][0]]['ansible_host'] | default(groups['servers'][0]) }}"
+
+# k3s_token is required  servers can talk together securely
+# this token should be alpha numeric only
+k3s_token: "eyJhbGciOiJSUzI1NiIsImtpZCI6IlVNZG44MXQxZnRib28tS0RHMTYyZ1dqTTlnQWE2QjVyMGd4VDZCSkdDRUEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tY2w3a2MiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImU4ODFmNDVlLTMxNGUtNGUyOC04YmYxLWNiYjI5ODFlNWM2MyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQifQ.ZgFB3OUfxoo1l_7DUBmyIAjyysVrkD7DdnbP_DDBxJ_EqDNnuAkazyv8saYU6SCT621OgCJPH-h2l1O-dwodpUSNHdjSC0pGt2r7hg9pCSC3g-8Y8xeIYwaOh50fWJv-Zqk_1qIvY25jj-UPeMZel-xEG8IPRlpZFi6WdoXwzEMKzgUqatzfcH4Tl_eZGbRuacYpJswiJSjd3Ut626LER0HEB7NtlQtMZOjTTWORorrxdbmIYAxufBxIAAYX_ivTxPTMt_QMu7aqh2qYvrO7IGRHte0ZCWCAA_WtsqNET69W_J0ay2GrkhwLcJk7L4C9tLqq2yQn_9Rtg-RwprsmxQ"
+
+extra_server_args: ""
+extra_agent_args: ""

ansible/hw_provisioning.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Install pre-requisites on Bare Metal
+  hosts: localhost
+  become: true
+  connection: local
+  roles:
+    - installs-apt
+    - installs-snap
+    - installs-pip
+    - metal
+
+- name: Install Docker on Bare Metal and Cluster
+  hosts: k3s_cluster, localhost
+  become: true
+  roles:
+    - docker-install
+
+- name: Gerneate Docker container bind mounts
+  hosts: localhost
+  become: true
+  roles:
+    - docker-mkdir

ansible/inventory.ini

@@ -0,0 +1,19 @@
+[proxmox]
+192.168.122.20 ansible_ssh_user=root ansible_ssh_pass=
+
+# Change this list to the ip addresses of the servers
+[servers]
+192.168.10.115 ansible_ssh_user=dcard ansible_ssh_pass=asdf
+192.168.10.116 ansible_ssh_user=dcard ansible_ssh_pass=asdf
+
+# Change this list to the ip addresses of the agents
+[nodes]
+192.168.10.117 ansible_ssh_user=dcard ansible_ssh_pass=asdf
+192.168.10.118 ansible_ssh_user=dcard ansible_ssh_pass=asdf
+192.168.10.119 ansible_ssh_user=dcard ansible_ssh_pass=asdf
+
+
+# This group helps to better manage the cluster
+[k3s_cluster:children]
+servers
+nodes

ansible/k3s_install.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Install k3s
+  hosts: k3s_cluster
+  become: true
+  roles:
+    - k3s-download
+    - k3s-install
+
+

ansible/k3s_reset.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Reset k3s
+  hosts: k3s_cluster
+  become: true
+  roles:
+    - k3s-reset
+
+

ansible/proxmox_create_vm.yml

@@ -0,0 +1,42 @@
+---
+
+- name: Clone Proxmox VM
+  hosts: proxmox
+  vars_prompt:
+    - name: password
+      prompt: What is your proxmox password?
+
+    - name: vm_names_csv
+      prompt: "Please specify the server names, separated by commas (NO SPACES)"
+      private: false
+  tasks:
+    - set_fact:
+        vm_names: "{{ vm_names_csv.split(',') }}"
+
+    - name: Clone VM
+      proxmox_kvm:
+        api_user: root@pam
+        api_password: "{{ password }}"
+        api_host: 192.168.122.20
+        clone: ubuntu-server
+        name: "{{ item }}"
+        node: proxmox
+        storage: local-lvm
+        format: qcow2
+        timeout: 500
+      loop: "{{ vm_names }}"
+
+
+    - name: Pause for 5 seconds before starting
+      ansible.builtin.pause:
+        seconds: 3
+
+    - name: Start VM
+      proxmox_kvm:
+        api_user: root@pam
+        api_password: "{{ password }}"
+        api_host: 192.168.122.20
+        name: "{{ item }}"
+        node: proxmox
+        state: started
+      loop: "{{ vm_names }}"

ansible/proxmox_delete_vm.yml

@@ -0,0 +1,36 @@
+---
+
+- name: Delete Proxmox VM's
+  hosts: proxmox
+  vars_prompt:
+    - name: password
+      prompt: What is your proxmox password?
+
+    - name: vm_names_csv
+      prompt: "Please specify the server names, separated by commas (NO SPACES)"
+      private: false
+  tasks:
+    - set_fact:
+        vm_names: "{{ vm_names_csv.split(',') }}"
+
+    - name: Stop VM with force
+      proxmox_kvm:
+        api_user    : root@pam
+        api_password: "{{ password }}"
+        api_host    : 192.168.122.20
+        name        : "{{ item }}"
+        node        : proxmox
+        state       : stopped
+        force       : yes
+        timeout: 50
+      loop: "{{ vm_names }}"
+
+    - name: Remove VM
+      proxmox_kvm:
+        api_user    : root@pam
+        api_password: "{{ password }}"
+        api_host    : 192.168.122.20
+        name        : "{{ item }}"
+        node        : proxmox
+        state       : absent
+      loop: "{{ vm_names }}"

ansible/metal/hw_provisioning.yml → ansible/roles/docker-install/tasks/main.yml

@@ -1,36 +1,4 @@
 ---
-- name: (hw_provisioning) Hardware Provisioning
-  hosts: localhost
-  become: true
-  connection: local
-  tasks:
-
-# General Homelab Tools
-  - name: (APT) Install General Tools
-    become: true
-    apt:
-      name: "{{ item }}"
-    with_items:
-      - net-tools
-      - lm-sensors # Used to monitor computer temperatures
-      - powertop # `sudo powertop` displays metrics about computer usage
-      - openssh-server # To allow remote SSH
-
-# Snap installs
-  - name: (SNAP) Install General Tools
-    community.general.snap:
-      name:
-        - kompose
-
-# Set-up Homelab Tools
-  # sudo apt-get install lm-sensors
-  # sudo sensors-detect
-  # sensors
-
-# Proxmox dependencies
-  - name: Install Proxmox Dependencies
-    apt:
-      name: virt-manager
 
 # Docker Install
   - name: Docker - Install docker packages
@@ -96,40 +64,8 @@
   #    dest: /usr/local/bin/docker-compose
   #    mode: 'u+x,g+x'
 
-  - name: Docker - Create $HOME/appdata directory
-    file:
-      path: "~/appdata"
-      state: directory
-      mode: '777'
-    become: false
-
-  - name: Docker - Create service config directories
-    file:
-      path: "~/appdata/{{ item }}"
-      state: directory
-      mode: '777'
-    become: false
-
-    with_items:
-      - heimdall/config
-      - jellyfin/library
-      - jellyfin/movies
-      - jellyfin/tvseries
-      - yacht/config
-      - deluge/config
-      - radarr/config
-      - sonarr/config
-      - pi-hole
-      - pi-hole/dns-masq.d
-      - homeassistant
-      - portainer
-      - guacamole
-      - dashy
-
-
   #- name: Homelab - Adjusting for Docker Service Start-up
   #  systemd:
   #    name: systemd-resolved
   #    state: stopped
-  #    enabled: false
-
+  #    enabled: false

ansible/roles/docker-mkdir/tasks/main.yml

@@ -0,0 +1,31 @@
+---
+
+  - name: Docker - Create $HOME/appdata directory
+    file:
+      path: "~/appdata"
+      state: directory
+      mode: '777'
+    become: false
+
+  - name: Docker - Create service config directories
+    file:
+      path: "~/appdata/{{ item }}"
+      state: directory
+      mode: '777'
+    become: false
+
+    with_items:
+      - heimdall/config
+      - jellyfin/library
+      - jellyfin/movies
+      - jellyfin/tvseries
+      - yacht/config
+      - deluge/config
+      - radarr/config
+      - sonarr/config
+      - pi-hole
+      - pi-hole/dns-masq.d
+      - homeassistant
+      - portainer
+      - guacamole
+      - dashy

ansible/roles/installs-apt/tasks/main.yml

@@ -0,0 +1,15 @@
+---
+
+# General Homelab Tools
+  - name: (APT) Install General Tools
+    become: true
+    apt:
+      name: "{{ item }}"
+    with_items:
+      - net-tools
+      - lm-sensors # Used to monitor computer temperatures
+      - powertop # `sudo powertop` displays metrics about computer usage
+      - openssh-server # To allow remote SSH
+      - sshpass
+      - hardinfo # This is the linux equivalent to device manager - run hardinfo in terminal
+      - ethtool # Used for network debugging

ansible/roles/installs-pip/tasks/main.yml

@@ -0,0 +1,6 @@
+# python pip installs
+  - name: (PIP) Install General Tools
+    ansible.builtin.pip:
+      name:
+        - proxmoxer
+        - netaddr

ansible/roles/installs-snap/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+
+# Snap installs
+  - name: (SNAP) Install General Tools
+    community.general.snap:
+      name:
+        - kompose

ansible/roles/k3s-download/tasks/main.yml

@@ -0,0 +1,36 @@
+---
+
+- name: Download k3s binary x64
+  get_url:
+    url: https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s
+    checksum: sha256:https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/sha256sum-amd64.txt
+    dest: /usr/local/bin/k3s
+    owner: root
+    group: root
+    mode: 0755
+  when: ansible_facts.architecture == "x86_64"
+
+- name: Download k3s binary arm64
+  get_url:
+    url: https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s-arm64
+    checksum: sha256:https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/sha256sum-arm64.txt
+    dest: /usr/local/bin/k3s
+    owner: root
+    group: root
+    mode: 0755
+  when:
+    - ( ansible_facts.architecture is search("arm") and
+        ansible_facts.userspace_bits == "64" ) or
+      ansible_facts.architecture is search("aarch64")
+
+- name: Download k3s binary armhf
+  get_url:
+    url: https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s-armhf
+    checksum: sha256:https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/sha256sum-arm.txt
+    dest: /usr/local/bin/k3s
+    owner: root
+    group: root
+    mode: 0755
+  when:
+    - ansible_facts.architecture is search("arm")
+    - ansible_facts.userspace_bits == "32"

ansible/roles/k3s-install/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+k3s_server_location: /var/lib/rancher/k3s
+pip_version: "23.1.*"
+pip_get_pip_version: "latest"
+pip_executable: "pip"

ansible/roles/k3s-install/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Install k3s on servers
+  import_tasks: server.yml
+  when: inventory_hostname in groups['servers']
+
+- name: Install k3s on nodes
+  import_tasks: node.yml
+  when: inventory_hostname in groups['nodes']