Merge pull request NatiSayada#4 from NatiSayada/metallb

Metallb and Argocd

README.md

@@ -11,7 +11,6 @@ This is based on the great work that <https://github.com/itwars> done with Ansib
 ## How to
 for updated documentation check out my [medium](https://medium.com/@ssnetanel/build-a-kubernetes-cluster-using-k3s-on-proxmox-via-ansible-and-terraform-c97c7974d4a5).
 
-
 ### Proxmox setup
 
 This setup is relaying on cloud-init images.
@@ -114,24 +113,27 @@ our terraform file also creates a dynamic host file for Ansible, so we need to c
 cp -R inventory/sample inventory/my-cluster
 ```
 
-Rename the file `terraform/vars.sample` to `terraform/vars.tf` and update all the vars.
-there you can select how many nodes would you like to have on your cluster and configure the name of the base image.
+Rename the file `terraform/variables.tfvars.sample` to `terraform/variables.tfvars` and update all the vars.
+there you can select how many nodes would you like to have on your cluster and configure the name of the base image. its also importent to update the ssh key that is going to be used and proxmox host address.
 to run the Terrafom, you will need to cd into `terraform` and run:
 
 ```bash
+cd terraform/
 terraform init
-terraform plan
-terraform apply
+terraform plan --var-file=variables.tfvars
+terraform apply --var-file=variables.tfvars
 ```
 
 it can take some time to create the servers on Proxmox but you can monitor them over Proxmox.
-it shoul look like this now:
+it should look like this now:
 
 ![alt text](pics/h0Ha98fXyO.png)
 
 ### Ansible setup
 
-First, update the var file in `inventory/my-cluster/group_vars/all.yml` and update the user name that you're selected in the cloud-init setup.
+First, update the var file in `inventory/my-cluster/group_vars/all.yml` and update the ```ansible_user``` that you're selected in the cloud-init setup. you can also choose if you wold like to install metallb and argocd. if you are installing metallb, you should also specified an ip range for metallb. 
+
+if you are running multiple clusters in your kubeconfig file, make sure to disable ```copy_kubeconfig```.
 
 after you run the Terrafom file, your file should look like this:
 
@@ -153,13 +155,32 @@ node
 Start provisioning of the cluster using the following command:
 
 ```bash
-Ansible-playbook site.yml -i inventory/my-cluster/hosts.ini
+# cd to the project root folder
+cd ..
+
+# run the playbook
+ansible-playbook -i inventory/my-cluster/hosts.ini site.yml
 ```
 
-## Kubeconfig
+It can a few minutes, but once its done, you should have a k3s cluster up and running.
 
-To get access to your **Kubernetes** cluster just
+### Kubeconfig
+
+The ansible should already copy the file to your ~/.kube/config (if you enable the ```copy_kubeconfig``` in  ```inventory/my-cluster/group_vars/all.yml```), but if you are having issues you can scp and check the status again.
 
 ```bash
 scp debian@master_ip:~/.kube/config ~/.kube/config
 ```
+
+### Argocd
+To get argocd initial password run the following:
+
+```
+kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
+```
+
+## Enjoy!
+
+Kubernets is realy fun to learn and there is so muche things that you can automate.
+
+Have fun :)

inventory/sample/group_vars/all.yml

@@ -5,3 +5,9 @@ systemd_dir: /etc/systemd/system
 master_ip: "{{ hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0]) }}"
 extra_server_args: "--write-kubeconfig-mode=644"
 extra_agent_args: ""
+copy_kubeconfig: true
+metallb: false
+metallb_version: "v0.12.1"
+metallb_range: "192.168.3.93-192.168.3.94"
+argocd: false
+argocd_service_type: LoadBalancer

roles/k3s/master/tasks/main.yml

@@ -80,3 +80,4 @@
     src: /etc/rancher/k3s/k3s.yaml
     dest: ~/.kube/config
     flat: true
+  when: copy_kubeconfig

roles/k3s/master/templates/k3s.service.j2

@@ -28,4 +28,7 @@ ExecStartPre=-/sbin/modprobe br_netfilter
 ExecStartPre=-/sbin/modprobe overlay
 ExecStart=/usr/local/bin/k3s \
 server \
---write-kubeconfig-mode 644 \
+--write-kubeconfig-mode 644 \
+{% if metallb is sameas true %}
+--disable servicelb \
+{% endif %}

roles/postconfig/localhost/tasks/main.yml

@@ -9,7 +9,7 @@
     path: ~/.kube/config
     regexp: "https://127.0.0.1:6443"
     replace: "https://{{ master_ip }}:6443"
-  when: kubeconfig_path
+  when: kubeconfig_path and copy_kubeconfig
 
 - name: Change k3s.yaml permissions to 644
   file:
@@ -33,3 +33,33 @@
     ~/get-helm-3.sh
   when: not helm_check.stat.exists
   changed_when: true
+
+- name: Install metallb
+  shell: |
+    kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/{{ metallb_version }}/manifests/namespace.yaml
+    kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/{{ metallb_version }}/manifests/metallb.yaml
+  when: metallb
+
+- name: configure metallb range
+  shell: |
+    cat <<EOF | kubectl apply -f -
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      namespace: metallb-system
+      name: config
+    data:
+      config: |
+        address-pools:
+        - name: default
+          protocol: layer2
+          addresses:
+          - {{ metallb_range }}
+  when: metallb
+
+- name: Install argocd
+  shell: |
+    kubectl create namespace argocd
+    kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
+    kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "{{ argocd_service_type }}"}}'
+  when: argocd

terraform/main.tf

@@ -13,7 +13,7 @@ provider "proxmox" {
   pm_password     = var.pm_password
   pm_tls_insecure = var.pm_tls_insecure
   pm_parallel     = 10
-  pm_timeout      = 300
+  pm_timeout      = 600
   #  pm_debug = true
   pm_log_enable = true
   pm_log_file   = "terraform-plugin-proxmox.log"
@@ -35,6 +35,15 @@ resource "proxmox_vm_qemu" "proxmox_vm_master" {
 
   ipconfig0 = "ip=${var.master_ips[count.index]}/${var.networkrange},gw=${var.gateway}"
 
+  lifecycle {
+    ignore_changes = [
+      ciuser,
+      sshkeys,
+      disk,
+      network
+    ]
+  }
+
 }
 
 resource "proxmox_vm_qemu" "proxmox_vm_workers" {
@@ -49,6 +58,15 @@ resource "proxmox_vm_qemu" "proxmox_vm_workers" {
 
   ipconfig0 = "ip=${var.worker_ips[count.index]}/${var.networkrange},gw=${var.gateway}"
 
+  lifecycle {
+    ignore_changes = [
+      ciuser,
+      sshkeys,
+      disk,
+      network
+    ]
+  }  
+
 }
 
 data "template_file" "k8s" {