-
Notifications
You must be signed in to change notification settings - Fork 0
/
provision.yml
94 lines (81 loc) · 3.44 KB
/
provision.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
---
# Add all to common group, which will execute playbook in roles/common/tasks/main.yml automatically
# If it is part of the nodes ansible group, the VM will execute stuff in the roles/nodes
- name: Move helm chart to controller
hosts: controller
tasks:
- name: Copy directory
copy:
src: helm-chart
dest: /home/vagrant/
mode: 0755
owner: vagrant
- name: Install helm, k3s
hosts: controller
tasks:
- name: Install helm
shell: |
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm
- name: Installing k3s
shell: |
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable traefik --write-kubeconfig-mode=644 --node-external-ip 192.168.56.3 --flannel-external-ip 192.168.56.3" sh -
- name: Add config to path
shell: |
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
- name: Get k3s token
command: sudo cat /var/lib/rancher/k3s/server/node-token
register: K3STOKEN
- name: Get localhost usr
set_fact:
playbook_user: "{{ lookup('env', 'USER')}}"
- name: Write token to file
copy:
content: "{{ K3STOKEN.stdout }}"
dest: /tmp/k3stoken.txt
delegate_to: localhost
become_user: "{{ playbook_user }}"
- name: Download istioctl
shell: |
curl -L https://istio.io/downloadIstio | sh -
- name: Install Istio through helm
shell: |
helm repo add istio https://istio-release.storage.googleapis.com/charts
helm repo update
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
kubectl create namespace istio-system
helm upgrade --install istio-base istio/base -n istio-system
helm upgrade --install istiod istio/istiod -n istio-system
helm upgrade --install istio-ingressgateway istio/gateway -n istio-system
- name: Label namespace for istio injection
command: kubectl label namespace default istio-injection=enabled
- name: Deploy the helm chart
command: helm install url-phishing-checker helm-chart --kubeconfig /etc/rancher/k3s/k3s.yaml
- name: Add prometheus and grafana
shell: |
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
helm install prometheus prometheus-community/prometheus --kubeconfig /etc/rancher/k3s/k3s.yaml
helm install grafana grafana/grafana --kubeconfig /etc/rancher/k3s/k3s.yaml
- name: Install K3S and join on nodes
hosts: nodes
tasks:
- name: Get localhost user
set_fact:
playbook_user: "{{ lookup('env', 'USER')}}"
- name: Get token from file
slurp:
src: "/tmp/k3stoken.txt"
delegate_to: localhost
become_user: "{{ playbook_user }}"
register: k3stokenencoded
- name: Decode token
set_fact:
decoded_token: "{{ k3stokenencoded.content | b64decode }}"
- name: Install and join
shell: |
curl -sfL https://get.k3s.io | K3S_URL=https://192.168.56.3:6443 K3S_TOKEN={{ decoded_token }} sh -