From 128e74d8fa221a20298874836fa3d6bb28b65989 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Mon, 11 Dec 2023 22:12:37 -0300 Subject: [PATCH 1/8] Update configuration files and scripts --- benchmarks/disk-benchmark.sh | 0 example.config.yml | 25 ++++++++--------- example.hosts.ini | 12 ++++----- group_vars/all.yml | 3 ++- main.yml | 37 +++++++++++++++----------- tasks/networking/static-networking.yml | 26 +++++++++++++++--- tasks/storage/filesystem.yml | 10 ++++++- 7 files changed, 74 insertions(+), 39 deletions(-) mode change 100755 => 100644 benchmarks/disk-benchmark.sh diff --git a/benchmarks/disk-benchmark.sh b/benchmarks/disk-benchmark.sh old mode 100755 new mode 100644 diff --git a/example.config.yml b/example.config.yml index 39b39ad..df8118a 100644 --- a/example.config.yml +++ b/example.config.yml @@ -1,20 +1,21 @@ --- -ipv4_subnet_prefix: "10.1.1" +ipv4_subnet_prefix: "192.168.23" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username reverse_tunnel_vps_hostname: my-vps-hostname -storage_type: filesystem # options: 'filesystem', 'zfs' -storage_zfs_pool_name: zfsdata +storage_type: filesystem # options: 'filesystem', 'zfs' +storage_zfs_pool_name: tank #storage_nfs_dir: '{{ storage_zfs_pool_name }}' # Use this for 'zfs' -storage_nfs_dir: "srv" # Use this for 'filesystem' -storage_nfs_share_name: nfsshare +storage_nfs_dir: "srv" # Use this for 'filesystem' +storage_nfs_share_name: ssd # svr/ssd +storage_nfs_mount_drive: /dev/sda1 -drupal_image: drupal:9.3-apache -drupal_hash_salt: OTk4MTYzYWI4N2E2MGIxNjlmYmQ2MTA4 -drupal_trusted_host_patterns: '^.+$' -drupal_database_password: 'drupal' -drupal_base_web_path: '/var/www/html/sites/default/' -drupal_config_sync_directory: 'sites/default/files/config_OTk4MTYzY' -drupal_extra_settings_php: '' +# drupal_image: drupal:9.3-apache +# drupal_hash_salt: OTk4MTYzYWI4N2E2MGIxNjlmYmQ2MTA4 +# drupal_trusted_host_patterns: '^.+$' +# drupal_database_password: 'drupal' +# drupal_base_web_path: '/var/www/html/sites/default/' +# drupal_config_sync_directory: 'sites/default/files/config_OTk4MTYzY' +# drupal_extra_settings_php: '' diff --git a/example.hosts.ini b/example.hosts.ini index 90c7b11..291ac8c 100644 --- a/example.hosts.ini +++ b/example.hosts.ini @@ -1,5 +1,5 @@ [control_plane] -node1.local ip_host_octet=1 +node1.local ip_host_octet=61 # Uncomment below when working on cluster through VPS tunnel host. #[control_plane:vars] @@ -8,17 +8,17 @@ node1.local ip_host_octet=1 #ansible_host='my-vps-host-or-ip' [nodes] -node2.local ip_host_octet=2 -node3.local ip_host_octet=3 -node4.local ip_host_octet=4 +node2.local ip_host_octet=62 +node3.local ip_host_octet=63 +# node4.local ip_host_octet=4 # Uncomment below when working on cluster through VPS tunnel host. #[nodes:vars] #ansible_ssh_common_args='-o ProxyCommand="ssh -p 2222 -W %h:%p -q pi@my-vps-host-or-ip"' [storage] -node3.local +node1.local [cluster:children] control_plane -nodes +nodes \ No newline at end of file diff --git a/group_vars/all.yml b/group_vars/all.yml index 9148d3d..24ad639 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,3 +1,4 @@ --- # Set to 'pi' for Raspberry Pi OS. -ansible_user: pi +ansible_user: rafael +group_name: rafael diff --git a/main.yml b/main.yml index 967323e..a03b5c5 100644 --- a/main.yml +++ b/main.yml @@ -8,11 +8,6 @@ - name: reboot-pi ansible.builtin.reboot: - - name: restart nfs - ansible.builtin.service: - name: nfs-server - state: restarted - vars_files: - config.yml @@ -33,12 +28,17 @@ dest: "~/k3s_install.sh" mode: a+x - - name: Configure storage node. hosts: storage gather_facts: false become: true + handlers: + - name: restart nfs + ansible.builtin.service: + name: nfs-server + state: restarted + vars_files: - config.yml @@ -46,7 +46,6 @@ - name: Set up storage. include_tasks: tasks/storage/{{ storage_type }}.yml - - name: Configure the control plane. hosts: control_plane gather_facts: false @@ -72,6 +71,16 @@ ansible.builtin.set_fact: node_token: "{{ node_token_output.stdout_lines[0] }}" + - name: Get stats of a EXTERNALLY-MANAGED file + ansible.builtin.stat: + path: /usr/lib/python3.11/EXTERNALLY-MANAGED + register: python_stat + + - name: Move the EXTERNALLY-MANAGED to EXTERNALLY-MANAGED.old so can install python3 + ansible.builtin.shell: >- + mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.old + when: python_stat.stat.exists + - name: Ensure required dependencies are installed. ansible.builtin.package: name: @@ -91,7 +100,6 @@ state: present become: true - - name: Configure the worker nodes. hosts: nodes gather_facts: false @@ -112,16 +120,15 @@ - name: Set up Helm. import_playbook: tasks/kubernetes/helm.yml - tags: ['helm'] + tags: ["helm"] - name: Set up NFS PVCs. import_playbook: tasks/kubernetes/nfs.yml - tags: ['nfs'] + tags: ["nfs"] - name: Set up Prometheus. import_playbook: tasks/kubernetes/prometheus.yml - tags: ['prometheus'] - -- name: Set up Drupal. - import_playbook: tasks/kubernetes/drupal.yml - tags: ['drupal'] + tags: ["prometheus"] +# - name: Set up Drupal. +# import_playbook: tasks/kubernetes/drupal.yml +# tags: ['drupal'] diff --git a/tasks/networking/static-networking.yml b/tasks/networking/static-networking.yml index b866ab7..401262c 100644 --- a/tasks/networking/static-networking.yml +++ b/tasks/networking/static-networking.yml @@ -20,6 +20,23 @@ - ../../config.yml tasks: + - name: Ensure dhcpcd5 is installed. # whe you're using raspbian lite, need to install dhcpcd5 manually + ansible.builtin.apt: + name: dhcpcd5 + state: present + + # - name: Disable dns and change to unmanaged in NetworkManager + # - Edit the NetworkManager Configuration File + # https://devicetests.com/stop-network-manager-updating-resolv-conf + # + # 1 - sudo nano /etc/NetworkManager/NetworkManager.conf + # [main] + # dns=none + # rc-manager=unmanaged + + # 2 - sudo nano /etc/dhcpcd.conf + # option domain_name_servers, domain_name, REMOVE THIS opt domain_search + - name: Configure static IP address on each node. ansible.builtin.blockinfile: path: /etc/dhcpcd.conf @@ -37,10 +54,11 @@ path: /etc/hosts marker: "# ANSIBLE MANAGED - static ip config {mark}" block: | - {{ ipv4_subnet_prefix }}.1 node1.local node1 - {{ ipv4_subnet_prefix }}.2 node2.local node2 - {{ ipv4_subnet_prefix }}.3 node3.local node3 - {{ ipv4_subnet_prefix }}.4 node4.local node4 + {{ ipv4_subnet_prefix }}.61 node1.local node1 + {{ ipv4_subnet_prefix }}.62 node2.local node2 + {{ ipv4_subnet_prefix }}.63 node3.local node3 + + # {{ ipv4_subnet_prefix }}.4 node4.local node4 - name: Set active Internet gateway interface on control plane. ansible.builtin.blockinfile: diff --git a/tasks/storage/filesystem.yml b/tasks/storage/filesystem.yml index 810c193..1ad1600 100644 --- a/tasks/storage/filesystem.yml +++ b/tasks/storage/filesystem.yml @@ -3,10 +3,18 @@ ansible.builtin.file: dest: "/{{ storage_nfs_dir }}/{{ storage_nfs_share_name }}" owner: root - group: pi + group: "{{ group_name }}" state: directory mode: 0777 +- name: Ensure the NFS volume is mounted from "external storage". + ansible.posix.mount: + src: "{{ storage_nfs_mount_drive }}" + path: "/{{ storage_nfs_dir }}/{{ storage_nfs_share_name }}" + fstype: ext4 + state: mounted + when: storage_nfs_mount_drive | length + - name: Ensure NFS is installed. ansible.builtin.apt: name: nfs-kernel-server From 416fd09302bfd3d84d56eabc7a843f86b37fef72 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Thu, 1 Feb 2024 21:29:51 -0300 Subject: [PATCH 2/8] Updated example.hosts.ini and tasks/networking/static-networking.yml files --- example.hosts.ini | 2 +- tasks/networking/static-networking.yml | 19 ++++++++++++++----- tasks/storage/filesystem.yml | 2 +- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/example.hosts.ini b/example.hosts.ini index 291ac8c..308eb45 100644 --- a/example.hosts.ini +++ b/example.hosts.ini @@ -10,7 +10,7 @@ node1.local ip_host_octet=61 [nodes] node2.local ip_host_octet=62 node3.local ip_host_octet=63 -# node4.local ip_host_octet=4 +node4.local ip_host_octet=64 # Uncomment below when working on cluster through VPS tunnel host. #[nodes:vars] diff --git a/tasks/networking/static-networking.yml b/tasks/networking/static-networking.yml index 401262c..f2f7283 100644 --- a/tasks/networking/static-networking.yml +++ b/tasks/networking/static-networking.yml @@ -25,15 +25,25 @@ name: dhcpcd5 state: present + - name: Deactivated the IPv6 to not use wrong domain search Greatek. + ansible.builtin.blockinfile: + path: /etc/sysctl.conf + marker: "# ANSIBLE MANAGED - deactivated the IPv6" + block: | + net.ipv6.conf.all.disable_ipv6 = 1 + net.ipv6.conf.default.disable_ipv6 = 1 + net.ipv6.conf.lo.disable_ipv6 = 1 + # - name: Disable dns and change to unmanaged in NetworkManager # - Edit the NetworkManager Configuration File # https://devicetests.com/stop-network-manager-updating-resolv-conf - # - # 1 - sudo nano /etc/NetworkManager/NetworkManager.conf + # + # 1 - sudo nano /etc/NetworkManager/NetworkManager.conf # added these lines below to the [main] section: # [main] + # ... # dns=none # rc-manager=unmanaged - + # 2 - sudo nano /etc/dhcpcd.conf # option domain_name_servers, domain_name, REMOVE THIS opt domain_search @@ -57,8 +67,7 @@ {{ ipv4_subnet_prefix }}.61 node1.local node1 {{ ipv4_subnet_prefix }}.62 node2.local node2 {{ ipv4_subnet_prefix }}.63 node3.local node3 - - # {{ ipv4_subnet_prefix }}.4 node4.local node4 + {{ ipv4_subnet_prefix }}.64 node4.local node4 - name: Set active Internet gateway interface on control plane. ansible.builtin.blockinfile: diff --git a/tasks/storage/filesystem.yml b/tasks/storage/filesystem.yml index 1ad1600..9bf4fdd 100644 --- a/tasks/storage/filesystem.yml +++ b/tasks/storage/filesystem.yml @@ -13,7 +13,7 @@ path: "/{{ storage_nfs_dir }}/{{ storage_nfs_share_name }}" fstype: ext4 state: mounted - when: storage_nfs_mount_drive | length + when: storage_nfs_mount_drive_enable - name: Ensure NFS is installed. ansible.builtin.apt: From 54a46cd7b5582102a9f387eab4060a676ea658bf Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Wed, 10 Apr 2024 04:22:42 -0300 Subject: [PATCH 3/8] Update static-networking.yml and example.config.yml --- example.config.yml | 21 +++++------ example.hosts.ini | 13 +++---- tasks/networking/static-networking.yml | 51 ++++++++++++++++---------- 3 files changed, 48 insertions(+), 37 deletions(-) diff --git a/example.config.yml b/example.config.yml index df8118a..591ab5b 100644 --- a/example.config.yml +++ b/example.config.yml @@ -1,21 +1,20 @@ --- -ipv4_subnet_prefix: "192.168.23" +ipv4_subnet_prefix: "10.1.1" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username reverse_tunnel_vps_hostname: my-vps-hostname storage_type: filesystem # options: 'filesystem', 'zfs' -storage_zfs_pool_name: tank +storage_zfs_pool_name: zfsdata #storage_nfs_dir: '{{ storage_zfs_pool_name }}' # Use this for 'zfs' storage_nfs_dir: "srv" # Use this for 'filesystem' -storage_nfs_share_name: ssd # svr/ssd -storage_nfs_mount_drive: /dev/sda1 +storage_nfs_share_name: nfsshare -# drupal_image: drupal:9.3-apache -# drupal_hash_salt: OTk4MTYzYWI4N2E2MGIxNjlmYmQ2MTA4 -# drupal_trusted_host_patterns: '^.+$' -# drupal_database_password: 'drupal' -# drupal_base_web_path: '/var/www/html/sites/default/' -# drupal_config_sync_directory: 'sites/default/files/config_OTk4MTYzY' -# drupal_extra_settings_php: '' +drupal_image: drupal:9.3-apache +drupal_hash_salt: OTk4MTYzYWI4N2E2MGIxNjlmYmQ2MTA4 +drupal_trusted_host_patterns: "^.+$" +drupal_database_password: "drupal" +drupal_base_web_path: "/var/www/html/sites/default/" +drupal_config_sync_directory: "sites/default/files/config_OTk4MTYzY" +drupal_extra_settings_php: "" diff --git a/example.hosts.ini b/example.hosts.ini index 308eb45..d56b3a1 100644 --- a/example.hosts.ini +++ b/example.hosts.ini @@ -1,23 +1,22 @@ [control_plane] -node1.local ip_host_octet=61 +node1.local ip_host_octet=1 # Uncomment below when working on cluster through VPS tunnel host. #[control_plane:vars] -#ansible_port='2222' -#ansible_user='pi' + @@ -8,17 +8,17 @@ node1.local ip_host_octet=1 #ansible_host='my-vps-host-or-ip' [nodes] -node2.local ip_host_octet=62 -node3.local ip_host_octet=63 -node4.local ip_host_octet=64 +node2.local ip_host_octet=2 +node3.local ip_host_octet=3 +node4.local ip_host_octet=4 # Uncomment below when working on cluster through VPS tunnel host. #[nodes:vars] #ansible_ssh_common_args='-o ProxyCommand="ssh -p 2222 -W %h:%p -q pi@my-vps-host-or-ip"' [storage] -node1.local +node3.local [cluster:children] control_plane diff --git a/tasks/networking/static-networking.yml b/tasks/networking/static-networking.yml index f2f7283..e71739f 100644 --- a/tasks/networking/static-networking.yml +++ b/tasks/networking/static-networking.yml @@ -23,7 +23,7 @@ - name: Ensure dhcpcd5 is installed. # whe you're using raspbian lite, need to install dhcpcd5 manually ansible.builtin.apt: name: dhcpcd5 - state: present + state: absent - name: Deactivated the IPv6 to not use wrong domain search Greatek. ansible.builtin.blockinfile: @@ -47,16 +47,29 @@ # 2 - sudo nano /etc/dhcpcd.conf # option domain_name_servers, domain_name, REMOVE THIS opt domain_search + # - name: Configure static IP address on each node. + # ansible.builtin.blockinfile: + # path: /etc/dhcpcd.conf + # marker: "# ANSIBLE MANAGED - static ip {mark}" + # block: | + # interface eth0 + # static ip_address={{ ipv4_subnet_prefix }}.{{ ip_host_octet }}/24 + # static routers={{ ipv4_subnet_prefix }}.1 + # static domain_name_servers={{ ipv4_subnet_prefix }}.1 + # notify: restart dhcpcd + - name: Configure static IP address on each node. ansible.builtin.blockinfile: - path: /etc/dhcpcd.conf + path: /etc/network/interfaces.d/eth0 marker: "# ANSIBLE MANAGED - static ip {mark}" block: | - interface eth0 - static ip_address={{ ipv4_subnet_prefix }}.{{ ip_host_octet }}/24 - static routers={{ ipv4_subnet_prefix }}.1 - static domain_name_servers={{ ipv4_subnet_prefix }}.1 - notify: restart dhcpcd + auto eth0 + allow-hotplug eth0 + iface eth0 inet static + address {{ ipv4_subnet_prefix }}.{{ ip_host_octet }} + netmask {{ ipv4_subnet_netmask }} + gateway {{ ipv4_subnet_prefix }}.1 + create: true # TODO: This doesn't use hosts as defined in inventory. Convert to template? - name: Configure hosts file so nodes can see each other by hostname. @@ -69,15 +82,15 @@ {{ ipv4_subnet_prefix }}.63 node3.local node3 {{ ipv4_subnet_prefix }}.64 node4.local node4 - - name: Set active Internet gateway interface on control plane. - ansible.builtin.blockinfile: - path: /etc/dhcpcd.conf - marker: "# ANSIBLE MANAGED - Internet routing metric {mark}" - block: | - interface {{ active_internet_interface }} - metric 100 - delegate_to: "{{ groups['control_plane'][0] }}" - run_once: true - notify: - - restart dhcpcd - - restart autossh + # - name: Set active Internet gateway interface on control plane. + # ansible.builtin.blockinfile: + # path: /etc/dhcpcd.conf + # marker: "# ANSIBLE MANAGED - Internet routing metric {mark}" + # block: | + # interface {{ active_internet_interface }} + # metric 100 + # delegate_to: "{{ groups['control_plane'][0] }}" + # run_once: true + # notify: + # - restart dhcpcd + # - restart autossh From 8cbdbb8097493137f16dfa9b4fcbe02fe01df531 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Wed, 10 Apr 2024 04:51:57 -0300 Subject: [PATCH 4/8] Refactor playbook structure and add tags for easier management --- main.yml | 10 +++++++--- tasks/networking/static-networking.yml | 14 -------------- 2 files changed, 7 insertions(+), 17 deletions(-) diff --git a/main.yml b/main.yml index 31bbf38..34b2522 100644 --- a/main.yml +++ b/main.yml @@ -40,6 +40,7 @@ dest: "~/k3s_install.sh" mode: a+x + - name: Configure storage node. hosts: storage gather_facts: false @@ -58,6 +59,7 @@ - name: Set up storage. include_tasks: tasks/storage/{{ storage_type }}.yml + - name: Configure the control plane. hosts: control_plane gather_facts: false @@ -118,6 +120,7 @@ state: present become: true + - name: Configure the worker nodes. hosts: nodes gather_facts: false @@ -138,15 +141,16 @@ - name: Set up Helm. import_playbook: tasks/kubernetes/helm.yml - tags: ["helm"] + tags: ['helm'] - name: Set up NFS PVCs. import_playbook: tasks/kubernetes/nfs.yml - tags: ["nfs"] + tags: ['nfs'] - name: Set up Prometheus. import_playbook: tasks/kubernetes/prometheus.yml - tags: ["prometheus"] + tags: ['prometheus'] + # - name: Set up Drupal. # import_playbook: tasks/kubernetes/drupal.yml # tags: ['drupal'] diff --git a/tasks/networking/static-networking.yml b/tasks/networking/static-networking.yml index 252637c..d50ccd1 100644 --- a/tasks/networking/static-networking.yml +++ b/tasks/networking/static-networking.yml @@ -23,20 +23,6 @@ ansible.builtin.stat: path: /etc/dhcpcd.conf register: dhcpcd_file_result - - - name: Configure static IP address (via interfaces eth0). - ansible.builtin.blockinfile: - path: /etc/network/interfaces.d/eth0 - marker: "# ANSIBLE MANAGED - static ip {mark}" - block: | - auto eth0 - allow-hotplug eth0 - iface eth0 inet static - address {{ ipv4_subnet_prefix }}.{{ ip_host_octet }} - netmask {{ ipv4_subnet_netmask }} - gateway {{ ipv4_subnet_prefix }}.1 - create: true - when: not dhcpcd_file_result.stat.exists - name: Configure static IP address (dhcpcd). ansible.builtin.blockinfile: From 0ab067db46d75829cd484dabc1329f4991342cc7 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Wed, 27 Nov 2024 01:54:39 -0300 Subject: [PATCH 5/8] Add environment variables to example.config.yml and populate /etc/environment in main.yml --- example.config.yml | 7 ++++++- main.yml | 13 +++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/example.config.yml b/example.config.yml index 403af7f..faeef69 100644 --- a/example.config.yml +++ b/example.config.yml @@ -22,4 +22,9 @@ ipv4_gateway: "10.1.1.1" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username -reverse_tunnel_vps_hostname: my-vps-hostname \ No newline at end of file +reverse_tunnel_vps_hostname: my-vps-hostname +os_environment: + - key: CF_API_EMAIL + value: websec.prod_settings + - key: CF_DNS_API_TOKEN + value: admin \ No newline at end of file diff --git a/main.yml b/main.yml index 34b2522..e27dd60 100644 --- a/main.yml +++ b/main.yml @@ -40,6 +40,15 @@ dest: "~/k3s_install.sh" mode: a+x + - name: Populate /etc/environment + lineinfile: + path: "/etc/environment" + state: present + regexp: "^{{ item.key }}=" + line: "{{ item.key }}={{ item.value}}" + with_items: "{{ os_environment }}" + become: true + no_log: true - name: Configure storage node. hosts: storage @@ -59,7 +68,6 @@ - name: Set up storage. include_tasks: tasks/storage/{{ storage_type }}.yml - - name: Configure the control plane. hosts: control_plane gather_facts: false @@ -84,6 +92,7 @@ - name: Set node_token fact. ansible.builtin.set_fact: node_token: "{{ node_token_output.stdout_lines[0] }}" + when: node_token_output.stdout_lines | length > 0 - name: Get stats of a EXTERNALLY-MANAGED file ansible.builtin.stat: @@ -120,7 +129,6 @@ state: present become: true - - name: Configure the worker nodes. hosts: nodes gather_facts: false @@ -138,6 +146,7 @@ args: chdir: "~" creates: /var/lib/rancher/k3s/agent/kubelet.kubeconfig + when: hostvars[groups['control_plane'][0]].node_token is defined - name: Set up Helm. import_playbook: tasks/kubernetes/helm.yml From ff2b35482b702bfd0d305eff45b61fff6106f461 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Fri, 6 Dec 2024 02:47:33 -0300 Subject: [PATCH 6/8] Remove unused environment variables from example.config.yml and clean up main.yml --- example.config.yml | 7 +------ main.yml | 10 ---------- 2 files changed, 1 insertion(+), 16 deletions(-) diff --git a/example.config.yml b/example.config.yml index faeef69..403af7f 100644 --- a/example.config.yml +++ b/example.config.yml @@ -22,9 +22,4 @@ ipv4_gateway: "10.1.1.1" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username -reverse_tunnel_vps_hostname: my-vps-hostname -os_environment: - - key: CF_API_EMAIL - value: websec.prod_settings - - key: CF_DNS_API_TOKEN - value: admin \ No newline at end of file +reverse_tunnel_vps_hostname: my-vps-hostname \ No newline at end of file diff --git a/main.yml b/main.yml index e27dd60..90c6893 100644 --- a/main.yml +++ b/main.yml @@ -40,16 +40,6 @@ dest: "~/k3s_install.sh" mode: a+x - - name: Populate /etc/environment - lineinfile: - path: "/etc/environment" - state: present - regexp: "^{{ item.key }}=" - line: "{{ item.key }}={{ item.value}}" - with_items: "{{ os_environment }}" - become: true - no_log: true - - name: Configure storage node. hosts: storage gather_facts: false From 613c1125a16a193b4bb4991f552aca22f3a7d206 Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Mon, 30 Dec 2024 01:39:35 -0300 Subject: [PATCH 7/8] Update configuration and playbook for user and group changes, restart NFS service, and clean up commented tasks --- example.config.yml | 3 +-- group_vars/all.yml | 4 ++-- main.yml | 38 +++++++++++------------------------- tasks/storage/filesystem.yml | 2 +- 4 files changed, 15 insertions(+), 32 deletions(-) diff --git a/example.config.yml b/example.config.yml index 403af7f..04bdabb 100644 --- a/example.config.yml +++ b/example.config.yml @@ -18,8 +18,7 @@ drupal_extra_settings_php: '' # These networking variables are only necessary if using optional static and # remote networking features in the `tasks/networking` playbooks. ipv4_subnet_prefix: "10.1.1" -ipv4_gateway: "10.1.1.1" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username -reverse_tunnel_vps_hostname: my-vps-hostname \ No newline at end of file +reverse_tunnel_vps_hostname: my-vps-hostname diff --git a/group_vars/all.yml b/group_vars/all.yml index 24ad639..592260c 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,4 +1,4 @@ --- # Set to 'pi' for Raspberry Pi OS. -ansible_user: rafael -group_name: rafael +ansible_user: pi +group_name: pi diff --git a/main.yml b/main.yml index 90c6893..200bf69 100644 --- a/main.yml +++ b/main.yml @@ -8,6 +8,11 @@ - name: reboot-pi ansible.builtin.reboot: + - name: restart nfs + ansible.builtin.service: + name: nfs-server + state: restarted + vars_files: - config.yml @@ -40,17 +45,12 @@ dest: "~/k3s_install.sh" mode: a+x + - name: Configure storage node. hosts: storage gather_facts: false become: true - handlers: - - name: restart nfs - ansible.builtin.service: - name: nfs-server - state: restarted - vars_files: - config.yml @@ -58,6 +58,7 @@ - name: Set up storage. include_tasks: tasks/storage/{{ storage_type }}.yml + - name: Configure the control plane. hosts: control_plane gather_facts: false @@ -82,17 +83,6 @@ - name: Set node_token fact. ansible.builtin.set_fact: node_token: "{{ node_token_output.stdout_lines[0] }}" - when: node_token_output.stdout_lines | length > 0 - - - name: Get stats of a EXTERNALLY-MANAGED file - ansible.builtin.stat: - path: /usr/lib/python3.11/EXTERNALLY-MANAGED - register: python_stat - - - name: Move the EXTERNALLY-MANAGED to EXTERNALLY-MANAGED.old so can install python3 - ansible.builtin.shell: >- - mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.old - when: python_stat.stat.exists - name: Ensure required dependencies are installed. ansible.builtin.package: @@ -105,12 +95,6 @@ state: present become: true - - name: Ignore PEP 668 because it's silly. - ansible.builtin.file: - path: /usr/lib/python3.11/EXTERNALLY-MANAGED - state: absent - become: true - - name: Ensure required Python libraries are installed. ansible.builtin.pip: name: @@ -119,6 +103,7 @@ state: present become: true + - name: Configure the worker nodes. hosts: nodes gather_facts: false @@ -136,7 +121,6 @@ args: chdir: "~" creates: /var/lib/rancher/k3s/agent/kubelet.kubeconfig - when: hostvars[groups['control_plane'][0]].node_token is defined - name: Set up Helm. import_playbook: tasks/kubernetes/helm.yml @@ -150,6 +134,6 @@ import_playbook: tasks/kubernetes/prometheus.yml tags: ['prometheus'] -# - name: Set up Drupal. -# import_playbook: tasks/kubernetes/drupal.yml -# tags: ['drupal'] +- name: Set up Drupal. + import_playbook: tasks/kubernetes/drupal.yml + tags: ['drupal'] diff --git a/tasks/storage/filesystem.yml b/tasks/storage/filesystem.yml index 9bf4fdd..fa54dff 100644 --- a/tasks/storage/filesystem.yml +++ b/tasks/storage/filesystem.yml @@ -3,7 +3,7 @@ ansible.builtin.file: dest: "/{{ storage_nfs_dir }}/{{ storage_nfs_share_name }}" owner: root - group: "{{ group_name }}" + group: pi state: directory mode: 0777 From 40ad11f62aa44035e42eb43e2bebf5b945a1aafd Mon Sep 17 00:00:00 2001 From: Rafael Sousa Date: Mon, 30 Dec 2024 01:41:58 -0300 Subject: [PATCH 8/8] Add ipv4_gateway to example.config.yml, remove group_name from all.yml, and move NFS restart to handlers in main.yml --- example.config.yml | 1 + group_vars/all.yml | 1 - main.yml | 17 ++++++++++++----- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/example.config.yml b/example.config.yml index 04bdabb..f8d9267 100644 --- a/example.config.yml +++ b/example.config.yml @@ -18,6 +18,7 @@ drupal_extra_settings_php: '' # These networking variables are only necessary if using optional static and # remote networking features in the `tasks/networking` playbooks. ipv4_subnet_prefix: "10.1.1" +ipv4_gateway: "10.1.1.1" active_internet_interface: "wlan0" reverse_tunnel_enable: false reverse_tunnel_vps_username: my-vps-username diff --git a/group_vars/all.yml b/group_vars/all.yml index 592260c..9148d3d 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,4 +1,3 @@ --- # Set to 'pi' for Raspberry Pi OS. ansible_user: pi -group_name: pi diff --git a/main.yml b/main.yml index 200bf69..051910e 100644 --- a/main.yml +++ b/main.yml @@ -8,11 +8,6 @@ - name: reboot-pi ansible.builtin.reboot: - - name: restart nfs - ansible.builtin.service: - name: nfs-server - state: restarted - vars_files: - config.yml @@ -51,6 +46,12 @@ gather_facts: false become: true + handlers: + - name: restart nfs + ansible.builtin.service: + name: nfs-server + state: restarted + vars_files: - config.yml @@ -95,6 +96,12 @@ state: present become: true + - name: Ignore PEP 668 because it's silly. + ansible.builtin.file: + path: /usr/lib/python3.11/EXTERNALLY-MANAGED + state: absent + become: true + - name: Ensure required Python libraries are installed. ansible.builtin.pip: name: