├── README.md ├── install_k8s ├── .kshrc ├── hosts ├── main.yml └── roles │ ├── create-cluster │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── init-cluster.yml │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml │ ├── install-helm │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── install-helm.yml │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml │ ├── install-k8s │ ├── .travis.yml │ ├── README.md │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── install.yml │ │ └── main.yml │ ├── tests │ │ ├── inventory │ │ └── test.yml │ └── vars │ │ └── main.yml │ └── join-workers │ ├── .travis.yml │ ├── README.md │ ├── defaults │ └── main.yml │ ├── handlers │ └── main.yml │ ├── meta │ └── main.yml │ ├── tasks │ ├── join-cluster.yml │ └── main.yml │ ├── tests │ ├── inventory │ └── test.yml │ └── vars │ └── main.yml └── provisioning ├── hosts ├── main.yml └── roles └── criando-instancias ├── .travis.yml ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── main.yml └── provisioning.yml ├── tests ├── inventory └── test.yml └── vars └── main.yml /README.md: -------------------------------------------------------------------------------- 1 | # Treinamento Descomplicando o ansible. 2 | 3 | Projeto para instalação de um cluster k82 utilizando o ansible + AWS 4 | Projeto com contribuição dos alunos. 5 | 6 | ## Fases dos projeto 7 | ``` 8 | - Provisioning => criar as instancias para o nosso cluster 9 | - Install_k8s => Instalacao do cluster 10 | - Deploy_app => Deploy de uma aplicacao 11 | - Extra => Segredo 12 | ``` 13 | 14 | ## License 15 | [MIT](https://choosealicense.com/licenses/mit/) 16 | -------------------------------------------------------------------------------- /install_k8s/.kshrc: -------------------------------------------------------------------------------- 1 | jset -o vi-tabcomplete 2 | set -o vi 3 | stty erase ^? 4 | -------------------------------------------------------------------------------- /install_k8s/hosts: -------------------------------------------------------------------------------- 1 | [k8s-master] 2 | 3 | [k8s-workers] 4 | 5 | [k8s-workers:vars] 6 | K8S_MASTER_NODE_IP= 7 | K8S_API_SECURE_PORT=6443 8 | -------------------------------------------------------------------------------- /install_k8s/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | remote_user: ubuntu 5 | gather_facts: no 6 | pre_tasks: 7 | 8 | - name: 'Atualizando o repo' 9 | raw: 'apt-get update' 10 | - name: 'Instalando Pyhton' 11 | raw: 'apt-get install -y python' 12 | 13 | roles: 14 | - { role: install-k8s, tags: ["install_k8s_role"] } 15 | 16 | - hosts: k8s-master 17 | become: yes 18 | user: ubuntu 19 | roles: 20 | 21 | - { role: create-cluster, tags: ["create_cluster_role"] } 22 | - { role: install-helm, tags: ["install_helm_role"] } 23 | 24 | - hosts: k8s-workers 25 | become: yes 26 | user: ubuntu 27 | roles: 28 | 29 | - { role: join-workers, tags: ["join_workers_role"] } 30 | 31 | 32 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for create-cluster -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for create-cluster -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/tasks/init-cluster.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Removendo cluster antigo 3 | command: 4 | kubeadm reset --force 5 | register: kubeadm_reset 6 | 7 | - name: Inicializando o cluster k8s 8 | command: 9 | kubeadm init 10 | register: kubeadm_init 11 | 12 | - name: Criando o diretorio .kube 13 | file: 14 | path: ~/.kube 15 | state: directory 16 | 17 | - name: Linkando o arquivo admin.conf para o ~/.kube/config 18 | file: 19 | src: /etc/kubernetes/admin.conf 20 | dest: ~/.kube/config 21 | state: link 22 | 23 | - name: Configurando o pod network WeaveNet 24 | shell: kubectl apply -f "{{ default_url_weavenet }}" 25 | register: weavenet_result 26 | 27 | - name: Pegando o token para adicionar os workers no cluster 28 | shell: kubeadm token list | cut -d ' ' -f1 | sed -n '2p' 29 | register: k8s_token 30 | 31 | - name: CA Hash 32 | shell: openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 33 | register: k8s_master_ca_hash 34 | 35 | - name: Adicionando o token e o hash em um dummy hosts 36 | add_host: 37 | name: "K8S_TOKEN_HOLDER" 38 | token: "{{ k8s_token.stdout }}" 39 | hash: "{{ k8s_master_ca_hash.stdout }}" 40 | 41 | - name: 42 | debug: 43 | msg: "[MASTER] K8S_TOKEN_HOLDER - O token e {{ hostvars['K8S_TOKEN_HOLDER']['token'] }}" 44 | 45 | - name: 46 | debug: 47 | msg: "[MASTER] K8S_TOKEN_HOLDER - O hash e {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }}" 48 | 49 | 50 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for create-cluster 3 | - include: init-cluster.yml 4 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - create-cluster -------------------------------------------------------------------------------- /install_k8s/roles/create-cluster/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for create-cluster 3 | default_url_weavenet: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" 4 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-helm -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-helm -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/tasks/install-helm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Download helm 4 | get_url: 5 | url: "{{ helm_url }}" 6 | dest: /tmp/get_helm.sh 7 | mode: 0775 8 | ignore_errors: true 9 | register: download 10 | 11 | #- name: 12 | # debug: var=download 13 | 14 | - name: Instalando Helm 15 | shell: 16 | /tmp/get_helm.sh 17 | when: 18 | - download.failed|bool == false 19 | register: install_helm 20 | 21 | - name: 22 | debug: var=install_helm 23 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-helm 3 | - include: install-helm.yml 4 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-helm -------------------------------------------------------------------------------- /install_k8s/roles/install-helm/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-helm 3 | helm_url: https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 4 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-k8s -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-k8s -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: instalando o docker 3 | shell: curl -fsSl https://get.docker.com | bash 4 | 5 | - name: Adicionando as chaves do repo apt do k8s 6 | apt_key: 7 | url: https://packages.cloud.google.com/apt/doc/apt-key.gpg 8 | state: present 9 | 10 | - name: Adicionando o repo do kubernets 11 | apt_repository: 12 | repo: deb https://apt.kubernetes.io/ kubernetes-xenial main 13 | state: present 14 | 15 | - name: Instalando os pacotes kubeadm kubenet kubectl 16 | apt: 17 | name: "{{ packages }}" 18 | vars: 19 | packages: 20 | - kubelet 21 | - kubeadm 22 | - kubectl 23 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-k8s 3 | - include: install.yml 4 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-k8s -------------------------------------------------------------------------------- /install_k8s/roles/install-k8s/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-k8s -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for join-workers -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for join-workers -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/tasks/join-cluster.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: 3 | debug: 4 | msg: "[WORKER] K8S_TOKEN_HOLDER o token e: {{ hostvars['K8S_TOKEN_HOLDER']['token'] }} " 5 | 6 | - name: 7 | debug: 8 | msg: "[WORKER] K8S_TOKEN_HOLDER o hash e: {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }} " 9 | 10 | - name: Removendo o cluster 11 | command: 12 | kubeadm reset --force 13 | register: kubeadm_reset 14 | 15 | - name: Adicionando o worker ao cluster k8s 16 | shell: 17 | kubeadm join --token={{ hostvars['K8S_TOKEN_HOLDER']['token'] }} 18 | --discovery-token-ca-cert-hash sha256:{{ hostvars['K8S_TOKEN_HOLDER']['hash'] }} 19 | {{ K8S_MASTER_NODE_IP }}:{{ K8S_API_SECURE_PORT }} 20 | 21 | -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for join-workers 3 | - include: join-cluster.yml 4 | -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - join-workers -------------------------------------------------------------------------------- /install_k8s/roles/join-workers/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for join-workers -------------------------------------------------------------------------------- /provisioning/hosts: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local ansible_python_interpreter=/usr/bin/python3 gather_facts=false 3 | 4 | [kubernetes] 5 | 172.31.38.166 6 | 172.31.40.145 7 | 172.31.47.152 8 | 3.89.39.202 9 | 35.175.206.214 10 | 3.80.205.200 11 | -------------------------------------------------------------------------------- /provisioning/main.yml: -------------------------------------------------------------------------------- 1 | - hosts: local 2 | roles: 3 | - criando-instancias 4 | 5 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for criando-instancias -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for criando-instancias -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include: provisioning.yml 3 | 4 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/tasks/provisioning.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Criando o security group 3 | local_action: 4 | module: ec2_group 5 | name: "{{ sec_group_name }}" 6 | description: sg giropops 7 | profile: "{{ profile }}" 8 | region: "{{ region }}" 9 | rules: 10 | - proto: tcp 11 | from_port: 22 12 | to_port: 22 13 | cidr_ip: 0.0.0.0/0 14 | rule_desc: SSH 15 | - proto: tcp 16 | from_port: 2379 17 | to_port: 2380 18 | cidr_ip: 0.0.0.0/0 19 | rule_desc: etcd server API 20 | - proto: tcp 21 | from_port: 6443 22 | to_port: 6443 23 | cidr_ip: 0.0.0.0/0 24 | rule_desc: kube-apiserver 25 | - proto: tcp 26 | from_port: 10250 27 | to_port: 10250 28 | cidr_ip: 0.0.0.0/0 29 | rule_desc: Kubelet API 30 | - proto: tcp 31 | from_port: 10251 32 | to_port: 10251 33 | cidr_ip: 0.0.0.0/0 34 | rule_desc: kube-scheduler 35 | - proto: tcp 36 | from_port: 10252 37 | to_port: 10252 38 | cidr_ip: 0.0.0.0/0 39 | rule_desc: kube-controller-manager 40 | - proto: tcp 41 | from_port: 10255 42 | to_port: 10255 43 | cidr_ip: 0.0.0.0/0 44 | rule_desc: Kubelet API Read-only 45 | - proto: tcp 46 | from_port: 30000 47 | to_port: 32767 48 | cidr_ip: 0.0.0.0/0 49 | rule_desc: NodePort Services 50 | - proto: tcp 51 | from_port: 6781 52 | to_port: 6781 53 | cidr_ip: 0.0.0.0/0 54 | rule_desc: WeaveNet Metric 55 | - proto: tcp 56 | from_port: 6782 57 | to_port: 6782 58 | cidr_ip: 0.0.0.0/0 59 | rule_desc: WeaveNet Metric 60 | - proto: tcp 61 | from_port: 6783 62 | to_port: 6783 63 | cidr_ip: 0.0.0.0/0 64 | rule_desc: WeaveNet 65 | - proto: udp 66 | from_port: 6783 67 | to_port: 6783 68 | cidr_ip: 0.0.0.0/0 69 | rule_desc: Weavenet 70 | - proto: udp 71 | from_port: 6784 72 | to_port: 6784 73 | cidr_ip: 0.0.0.0/0 74 | rule_desc: Weavenet 75 | rules_egress: 76 | - proto: all 77 | cidr_ip: 0.0.0.0/0 78 | register: basic_firewall 79 | 80 | - name: Criando a instancia EC2 81 | local_action: ec2 82 | group={{ sec_group_name }} 83 | instance_type={{ instance_type }} 84 | image={{ image }} 85 | profile={{ profile }} 86 | wait=true 87 | region={{ region }} 88 | keypair={{ keypair }} 89 | count={{ count }} 90 | register: ec2 91 | 92 | - name: Adicionando a instancia ao inventario temp 93 | add_host: name={{ item.public_ip }} groups=giropops-new 94 | with_items: "{{ ec2.instances }}" 95 | 96 | - name: Adicionando o IP publico da instancia criada ao arquivo hosts 97 | local_action: lineinfile 98 | dest="./hosts" 99 | regexp={{ item.public_ip }} 100 | insertafter="[kubernetes]" line={{ item.public_ip }} 101 | with_items: "{{ ec2.instances }}" 102 | 103 | 104 | - name: Adicionando o IP privada da instancia criada ao arquivo hosts 105 | local_action: lineinfile 106 | dest="./hosts" 107 | regexp={{ item.private_ip }} 108 | insertafter="[kubernetes]" line={{ item.private_ip }} 109 | with_items: "{{ ec2.instances }}" 110 | 111 | - name: Esperando o SSH 112 | local_action: wait_for 113 | host={{ item.public_ip }} 114 | port=22 115 | state=started 116 | with_items: "{{ ec2.instances }}" 117 | 118 | - name: Adicionando uma tag na instancia 119 | local_action: ec2_tag resource={{ item.id }} region={{ region }} profile={{ profile }} state=present 120 | with_items: "{{ ec2.instances }}" 121 | args: 122 | tags: 123 | Name: ansible-{{ item.ami_launch_index|int + 1 }} 124 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - criando-instancias -------------------------------------------------------------------------------- /provisioning/roles/criando-instancias/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for criando-instancias 3 | 4 | instance_type: t2.medium 5 | sec_group_name: giropops 6 | image: ami-07ebfd5b3428b6f4d 7 | keypair: ansible-class 8 | region: us-east-1 9 | count: 3 10 | profile: giropops 11 | 12 | --------------------------------------------------------------------------------