├── aula2 ├── provisioning │ ├── roles │ │ └── create │ │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── handlers │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── provisioning.yml │ │ │ ├── vars │ │ │ └── main.yml │ │ │ ├── README.md │ │ │ └── meta │ │ │ └── main.yml │ ├── main.yml │ └── hosts_example └── install_k8s │ ├── roles │ ├── create-cluster │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ ├── install-helm │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ ├── install-k8s │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── install.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ └── join-workers │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ ├── tasks │ │ └── main.yml │ │ ├── vars │ │ └── main.yml │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── README.md │ │ └── meta │ │ └── main.yml │ ├── hosts_example │ └── main.yml ├── descomplicando-ansible ├── provisioning │ ├── roles │ │ └── create │ │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── handlers │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── provisioning.yml │ │ │ ├── vars │ │ │ └── main.yml │ │ │ ├── README.md │ │ │ └── meta │ │ │ └── main.yml │ ├── main.yml │ └── hosts_example ├── canary-deploy-app │ ├── roles │ │ └── common │ │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── handlers │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── deploy-app.yml │ │ │ ├── vars │ │ │ └── main.yml │ │ │ ├── templates │ │ │ └── app-v2-canary.yml.j2 │ │ │ ├── README.md │ │ │ └── meta │ │ │ └── main.yml │ └── main.yml ├── deploy-app-v1 │ ├── roles │ │ └── common │ │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── handlers │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── deploy-app.yml │ │ │ ├── vars │ │ │ └── main.yml │ │ │ ├── files │ │ │ ├── service-app.yml │ │ │ └── app-v1.yml │ │ │ ├── templates │ │ │ └── app-v1.yml.j2 │ │ │ ├── README.md │ │ │ └── meta │ │ │ └── main.yml │ └── main.yml ├── deploy-app-v2 │ ├── roles │ │ └── common │ │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── handlers │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── deploy-app.yml │ │ │ ├── vars │ │ │ └── main.yml │ │ │ ├── templates │ │ │ ├── app-v1.yml.j2 │ │ │ └── app-v2.yml.j2 │ │ │ ├── README.md │ │ │ └── meta │ │ │ └── main.yml │ └── main.yml └── install_k8s │ ├── roles │ ├── install-helm │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── main.yml │ │ │ ├── install-monit-tools.yml │ │ │ └── install-helm.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ ├── install-k8s │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── install.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ ├── join-workers │ │ ├── tests │ │ │ ├── inventory │ │ │ └── test.yml │ │ ├── vars │ │ │ └── main.yml │ │ ├── defaults │ │ │ └── main.yml │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── main.yml │ │ │ └── join-cluster.yml │ │ ├── README.md │ │ └── meta │ │ │ └── main.yml │ └── create-cluster │ │ ├── tests │ │ ├── inventory │ │ └── test.yml │ │ ├── defaults │ │ └── main.yml │ │ ├── handlers │ │ └── main.yml │ │ ├── tasks │ │ ├── main.yml │ │ └── init-cluster.yml │ │ ├── vars │ │ └── main.yml │ │ ├── README.md │ │ └── meta │ │ └── main.yml │ ├── hosts_example │ └── main.yml ├── README.md ├── .gitignore └── descomplicando_o_ansible.md /aula2/provisioning/roles/create/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for create -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for create -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-helm -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-helm -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-k8s -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for join-workers -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for create-cluster -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for create-cluster -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-k8s -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-k8s -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for create-cluster -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for create-cluster -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-helm -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-helm -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for join-workers -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for join-workers -------------------------------------------------------------------------------- /aula2/provisioning/main.yml: -------------------------------------------------------------------------------- 1 | # main.yml 2 | --- 3 | - hosts: local 4 | roles: 5 | - create 6 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for common -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for common -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for common -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for common -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-k8s -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for create -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for create -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for common -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for common -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # descomplicando-ansible-treinamento 2 | Anotações do curso Descomplicando o Ansible do LinuxTips. 3 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-k8s 3 | - include: install.yml -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-helm -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-helm -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for install-k8s -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for install-k8s -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for create-cluster -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for create-cluster -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/main.yml: -------------------------------------------------------------------------------- 1 | # main.yml 2 | --- 3 | - hosts: local 4 | roles: 5 | - create 6 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for create 3 | - include: provisioning.yml 4 | 5 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - create -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for common 3 | - include: deploy-app.yml -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for common 3 | - include: deploy-app.yml -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for common 3 | - include: deploy-app.yml -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-k8s 3 | - include: install.yml -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-helm -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-k8s -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/main.yml: -------------------------------------------------------------------------------- 1 | - hosts: k8s-master 2 | become: yes 3 | user: ubuntu 4 | roles: 5 | - common 6 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/main.yml: -------------------------------------------------------------------------------- 1 | - hosts: k8s-master 2 | become: yes 3 | user: ubuntu 4 | roles: 5 | - common 6 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/main.yml: -------------------------------------------------------------------------------- 1 | - hosts: k8s-master 2 | become: yes 3 | user: ubuntu 4 | roles: 5 | - common 6 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for join-workers 3 | - include: join-cluster.yml -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for create 3 | - include: provisioning.yml 4 | 5 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - create-cluster -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for create-cluster 3 | - include: init-cluster.yml -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - create -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - common -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - common -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - common -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-k8s -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - create-cluster -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - install-helm -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - join-workers -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for install-helm 3 | - include: install-helm.yml 4 | - include: install-monit-tools.yml -------------------------------------------------------------------------------- /aula2/provisioning/hosts_example: -------------------------------------------------------------------------------- 1 | # hosts 2 | [local] 3 | localhost ansible_connection=local ansible_python_interpreter=python gather_facts=false 4 | 5 | [kubernetes] 6 | xx.xxx.xx.xx 7 | xx.xxx.xx.xx 8 | xx.xxx.xx.xx -------------------------------------------------------------------------------- /aula2/install_k8s/hosts_example: -------------------------------------------------------------------------------- 1 | [k8s-master] 2 | xx.xxx.xxx.xxx 3 | 4 | [k8s-workers] 5 | xx.xxx.xxx.xxx 6 | xx.xxx.xxx.xxx 7 | 8 | [k8s-workers:vars] 9 | K8S_MASTER_NODE_IP=xx.xxx.xxx.xxx 10 | K8S_API_SECURE_PORT=6443 -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/hosts_example: -------------------------------------------------------------------------------- 1 | # hosts 2 | [local] 3 | localhost ansible_connection=local ansible_python_interpreter=python gather_facts=false 4 | 5 | [kubernetes] 6 | xx.xxx.xx.xx 7 | xx.xxx.xx.xx 8 | xx.xxx.xx.xx -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/hosts_example: -------------------------------------------------------------------------------- 1 | [k8s-master] 2 | xx.xxx.xxx.xxx 3 | 4 | [k8s-workers] 5 | xx.xxx.xxx.xxx 6 | xx.xxx.xxx.xxx 7 | 8 | [k8s-workers:vars] 9 | K8S_MASTER_NODE_IP=xx.xxx.xxx.xxx 10 | K8S_API_SECURE_PORT=6443 -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for create-cluster 3 | default_kubernetes_cni_weavenet_manifestUrl: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" 4 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for create 3 | instance_type: t2.medium 4 | security_group: giropops 5 | image: ami-064a0193585662d74 6 | keypair: descomplicando-ansible 7 | region: us-east-1 8 | count: 3 9 | profile: default 10 | -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for common 3 | 4 | # Giropops app 5 | number_replicas: 1 6 | version: 2.0.0 7 | prometheus_scrape: "true" 8 | prometheus_port: 32111 9 | nginx_port: 80 10 | environment: production 11 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for common 3 | 4 | # Giropops app 5 | number_replicas: 10 6 | version: 1.0.0 7 | prometheus_scrape: "true" 8 | prometheus_port: 32111 9 | nginx_port: 80 10 | environment: production 11 | -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for create 3 | instance_type: t2.medium 4 | security_group: giropops 5 | image: ami-064a0193585662d74 6 | keypair: descomplicando-ansible 7 | region: us-east-1 8 | count: 3 9 | profile: default 10 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/tasks/install-monit-tools.yml: -------------------------------------------------------------------------------- 1 | - name: Install Prometheus 2 | shell: helm install {{ deploy_prometheus }} 3 | register: prometheus_result 4 | 5 | - name: Install Grafana 6 | shell: helm install {{ deploy_grafana }} 7 | register: grafana_result 8 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for common 3 | 4 | # Giropops app 5 | number_replicas_old_version: 1 6 | number_replicas_new_version: 10 7 | old_version: 1.0.0 8 | new_version: 2.0.0 9 | prometheus_scrape: "true" 10 | prometheus_port: 32111 11 | nginx_port: 80 12 | environment: production 13 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for install-helm 3 | deploy_prometheus: "--namespace=monitoring --name=prometheus --version=7.0.0 --set alertmanager.persistentVolume.enabled=false,server.persistentVolume.enabled=false stable/prometheus" 4 | deploy_grafana: "--namespace=monitoring --name=grafana --version=1.12.0 --set=adminUser=admin,adminPassword=admin,service.type=NodePort stable/grafana" -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/tasks/deploy-app.yml: -------------------------------------------------------------------------------- 1 | - name: Copying deployment file to host 2 | template: 3 | src: app-v2-canary.yml.j2 4 | dest: /opt/giropops/app-v2-canary.yml 5 | owner: root 6 | group: root 7 | mode: 0644 8 | register: copying_template_register 9 | 10 | - name: Deploy Giropops App deployment 11 | shell: kubectl apply -f /opt/giropops/app-v2-canary.yml 12 | register: deploy_deployment_register 13 | -------------------------------------------------------------------------------- /aula2/install_k8s/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | user: ubuntu 5 | gather_facts: no 6 | pre_tasks: 7 | - name: 'install python' 8 | raw: 'apt-get -y install python' 9 | roles: 10 | - install-k8s 11 | 12 | - hosts: k8s-master 13 | become: yes 14 | user: ubuntu 15 | roles: 16 | - create-cluster 17 | 18 | - hosts: k8s-workers 19 | become: yes 20 | user: ubuntu 21 | roles: 22 | - join-workers 23 | 24 | - hosts: k8s-master 25 | become: yes 26 | user: ubuntu 27 | roles: 28 | - install-helm 29 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | user: ubuntu 5 | gather_facts: no 6 | pre_tasks: 7 | - name: 'install python' 8 | raw: 'apt-get -y install python3' 9 | roles: 10 | - install-k8s 11 | 12 | - hosts: k8s-master 13 | become: yes 14 | user: ubuntu 15 | roles: 16 | - create-cluster 17 | 18 | - hosts: k8s-workers 19 | become: yes 20 | user: ubuntu 21 | roles: 22 | - join-workers 23 | 24 | - hosts: k8s-master 25 | become: yes 26 | user: ubuntu 27 | roles: 28 | - install-helm 29 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/files/service-app.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: giropops 6 | run: nginx 7 | track: stable 8 | name: giropops 9 | namespace: default 10 | spec: 11 | externalTrafficPolicy: Cluster 12 | ports: 13 | - nodePort: 32222 14 | name: http 15 | port: 80 16 | protocol: TCP 17 | targetPort: 80 18 | - nodePort: 32111 19 | name: prometheus 20 | port: 32111 21 | protocol: TCP 22 | targetPort: 32111 23 | selector: 24 | app: giropops 25 | sessionAffinity: None 26 | type: NodePort 27 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Instalando o Docker 2 | shell: curl -fsSL https://get.docker.com | bash - 3 | 4 | - name: Adicionando as chaves repo k8s no apt 5 | apt_key: 6 | url: https://packages.cloud.google.com/apt/doc/apt-key.gpg 7 | state: present 8 | 9 | - name: Adicionando o repo do k8s 10 | apt_repository: 11 | repo: deb http://apt.kubernetes.io/ kubernetes-xenial main 12 | state: present 13 | 14 | - name: Instalando pacotes k8s 15 | apt: 16 | name: "{{ packages }}" 17 | vars: 18 | packages: 19 | - kubelet 20 | - kubeadm 21 | - kubectl 22 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/tasks/install.yml: -------------------------------------------------------------------------------- 1 | - name: Instalando o Docker 2 | shell: curl -fsSL https://get.docker.com | bash - 3 | 4 | - name: Adicionando as chaves repo k8s no apt 5 | apt_key: 6 | url: https://packages.cloud.google.com/apt/doc/apt-key.gpg 7 | state: present 8 | 9 | - name: Adicionando o repo do k8s 10 | apt_repository: 11 | repo: deb http://apt.kubernetes.io/ kubernetes-xenial main 12 | state: present 13 | 14 | - name: Instalando pacotes k8s 15 | apt: 16 | name: "{{ packages }}" 17 | vars: 18 | packages: 19 | - kubelet 20 | - kubeadm 21 | - kubectl 22 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/tasks/join-cluster.yml: -------------------------------------------------------------------------------- 1 | - name: 2 | debug: 3 | msg: "[Worker] K8S_TOKEN_HOLDER K8S token is {{ hostvars['K8S_TOKEN_HOLDER']['token'] }}" 4 | 5 | - name: 6 | debug: 7 | msg: "[Worker] K8S_TOKEN_HOLDER K8S Hash is {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }}" 8 | 9 | - name: "Kubeadm reset node cluster config" 10 | command: 11 | kubeadm reset --force 12 | register: kubeadm-reset_node 13 | 14 | - name: "Kubeadm join" 15 | shell: 16 | kubeadm join --token={{ hostvars['K8S_TOKEN_HOLDER']['token'] }} 17 | --discovery-token-ca-cert-hash sha256:{{ hostvars['K8S_TOKEN_HOLDER']['hash'] }} 18 | {{ K8S_MASTER_NODE_IP }}:{{ K8S_API_SECURE_PORT }} 19 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/files/app-v1.yml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: giropops-v1 5 | spec: 6 | replicas: {{ number_replicas }} 7 | selector: 8 | matchLabels: 9 | app: giropops 10 | template: 11 | metadata: 12 | labels: 13 | app: giropops 14 | version: {{ version }} 15 | annotations: 16 | prometheus.io/scrape: "{{ prometheus_scrape }}" 17 | prometheus.io/port: "{{ prometheus_port }}" 18 | spec: 19 | containers: 20 | - name: giropops 21 | image: linuxtips/nginx-prometheus-exporter:{{ version }} 22 | env: 23 | - name: VERSION 24 | value: {{ version }} 25 | ports: 26 | - containerPort: {{ nginx_port }} 27 | - containerPort: {{ prometheus_port }} 28 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/templates/app-v1.yml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: giropops-v1 5 | spec: 6 | replicas: {{ number_replicas }} 7 | selector: 8 | matchLabels: 9 | app: giropops 10 | template: 11 | metadata: 12 | labels: 13 | app: giropops 14 | version: {{ version }} 15 | annotations: 16 | prometheus.io/scrape: "{{ prometheus_scrape }}" 17 | prometheus.io/port: "{{ prometheus_port }}" 18 | spec: 19 | containers: 20 | - name: giropops 21 | image: linuxtips/nginx-prometheus-exporter:{{ version }} 22 | env: 23 | - name: VERSION 24 | value: {{ version }} 25 | ports: 26 | - containerPort: {{ nginx_port }} 27 | - containerPort: {{ prometheus_port }} 28 | -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/templates/app-v2-canary.yml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: giropops-v2 5 | spec: 6 | replicas: {{ number_replicas }} 7 | selector: 8 | matchLabels: 9 | app: giropops 10 | template: 11 | metadata: 12 | labels: 13 | app: giropops 14 | version: {{ version }} 15 | annotations: 16 | prometheus.io/scrape: "{{ prometheus_scrape }}" 17 | prometheus.io/port: "{{ prometheus_port }}" 18 | spec: 19 | containers: 20 | - name: giropops 21 | image: linuxtips/nginx-prometheus-exporter:{{ version }} 22 | env: 23 | - name: VERSION 24 | value: {{ version }} 25 | ports: 26 | - containerPort: {{ nginx_port }} 27 | - containerPort: {{ prometheus_port }} 28 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/templates/app-v1.yml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: giropops-v1 5 | spec: 6 | replicas: {{ number_replicas_old_version }} 7 | selector: 8 | matchLabels: 9 | app: giropops 10 | template: 11 | metadata: 12 | labels: 13 | app: giropops 14 | version: {{ old_version }} 15 | annotations: 16 | prometheus.io/scrape: "{{ prometheus_scrape }}" 17 | prometheus.io/port: "{{ prometheus_port }}" 18 | spec: 19 | containers: 20 | - name: giropops 21 | image: linuxtips/nginx-prometheus-exporter:{{ old_version }} 22 | env: 23 | - name: VERSION 24 | value: {{ old_version }} 25 | ports: 26 | - containerPort: {{ nginx_port }} 27 | - containerPort: {{ prometheus_port }} 28 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/templates/app-v2.yml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: giropops-v2 5 | spec: 6 | replicas: {{ number_replicas_new_version }} 7 | selector: 8 | matchLabels: 9 | app: giropops 10 | template: 11 | metadata: 12 | labels: 13 | app: giropops 14 | version: {{ new_version }} 15 | annotations: 16 | prometheus.io/scrape: "{{ prometheus_scrape }}" 17 | prometheus.io/port: "{{ prometheus_port }}" 18 | spec: 19 | containers: 20 | - name: giropops 21 | image: linuxtips/nginx-prometheus-exporter:{{ new_version }} 22 | env: 23 | - name: VERSION 24 | value: {{ new_version }} 25 | ports: 26 | - containerPort: {{ nginx_port }} 27 | - containerPort: {{ prometheus_port }} 28 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/tasks/install-helm.yml: -------------------------------------------------------------------------------- 1 | - name: Install helm via curl 2 | shell: curl -L https://git.io/get_helm.sh | bash - 3 | register: helm_result 4 | 5 | - name: Helm init 6 | shell: helm init 7 | register: helm_init_result 8 | 9 | - name: Create service account to tiller 10 | shell: kubectl create serviceaccount --namespace=kube-system tiller 11 | register: tiller_result 12 | 13 | - name: Create clusterrolebinding for tiller 14 | shell: kubectl create clusterrolebinding tiller-cluster-role --clusterrole=cluster-admin --serviceaccount=kube-system:tiller 15 | register: clusterrolebinding_result 16 | 17 | - name: Apply patch to tiller-deploy 18 | shell: kubectl patch deployments -n kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}' 19 | register: patch_result 20 | 21 | - name: Waiting tiller pod 22 | pause: 23 | minutes: 2 24 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/tasks/deploy-app.yml: -------------------------------------------------------------------------------- 1 | - name: Creating Giropops App directory 2 | file: path={{ item }} state=directory 3 | with_items: 4 | - /opt/giropops 5 | - /opt/giropops/logs 6 | - /opt/giropops/conf 7 | register: directory_app_register 8 | 9 | - name: Copying deployment file to host 10 | template: 11 | src: app-v1.yml.j2 12 | dest: /opt/giropops/app-v1.yml 13 | owner: root 14 | group: root 15 | mode: 0644 16 | register: copying_template_register 17 | 18 | - name: Copying service file to host 19 | copy: src={{ item.src }} dest={{ item.dest }} 20 | with_items: 21 | - { src: 'service-app.yml', dest: '/opt/giropops/service-app.yml' } 22 | register: copying_register 23 | 24 | - name: Deploy Giropops App deployment 25 | shell: kubectl apply -f /opt/giropops/app-v1.yml 26 | register: deploy_deployment_register 27 | 28 | - name: Deploy Giropops App service 29 | shell: kubectl apply -f /opt/giropops/service-app.yml 30 | register: deploy_service_register 31 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/tasks/deploy-app.yml: -------------------------------------------------------------------------------- 1 | - name: Copying deployment file app v1 to host 2 | template: 3 | src: app-v1.yml.j2 4 | dest: /opt/giropops/app-v1.yml 5 | owner: root 6 | group: root 7 | mode: 0644 8 | register: copying_app1_template_register 9 | 10 | - name: Copying deployment file app v2 to host 11 | template: 12 | src: app-v2.yml.j2 13 | dest: /opt/giropops/app-v2.yml 14 | owner: root 15 | group: root 16 | mode: 0644 17 | register: copying_app2_template_register 18 | 19 | - name: Deploy new version of Giropops App deployment 20 | shell: kubectl apply -f /opt/giropops/app-v2.yml 21 | register: deployment_v2_register 22 | 23 | - name: Scale down old version of Giropops App deployment 24 | shell: kubectl apply -f /opt/giropops/app-v1.yml 25 | register: deployment_v1_register 26 | 27 | - name: The old version of Giropops App deployment will be removed in two minutes 28 | pause: 29 | minutes: 2 30 | 31 | - name: Delete old version of Giropops App deployment 32 | shell: kubectl delete -f /opt/giropops/app-v1.yml 33 | register: deployment_deleted_register 34 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/tasks/init-cluster.yml: -------------------------------------------------------------------------------- 1 | - name: Reset Cluster 2 | command: 3 | kubeadm reset --force 4 | register: kubeadmin_init 5 | 6 | - name: Initialize Kubernetes master with kubeadm init. 7 | command: 8 | kubeadm init 9 | register: kubeadmin_init 10 | 11 | - name: Ensure .kube directory exists. 12 | file: 13 | path: ~/.kube 14 | state: directory 15 | 16 | - name: Symlink the kubectl admin.conf to ~/.kube/conf. 17 | file: 18 | src: /etc/kubernetes/admin.conf 19 | dest: ~/.kube/config 20 | state: link 21 | 22 | - name: Configure weavenet networking. 23 | shell: kubectl apply -f {{ default_kubernetes_cni_weavenet_manifestUrl }} 24 | register: weavenet_result 25 | 26 | - name: "Cluster token" 27 | shell: kubeadm token list | cut -d ' ' -f1 | sed -n '2p' 28 | register: K8S_TOKEN 29 | 30 | - name: "CA Hash" 31 | shell: openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 32 | register: K8S_MASTER_CA_HASH 33 | 34 | - name: "Add K8S Token and Hash to dummy host" 35 | add_host: 36 | name: "K8S_TOKEN_HOLDER" 37 | token: "{{ K8S_TOKEN.stdout }}" 38 | hash: "{{ K8S_MASTER_CA_HASH.stdout }}" 39 | 40 | - name: 41 | debug: 42 | msg: "[Master] K8S_TOKEN_HOLDER K8S token is {{ hostvars['K8S_TOKEN_HOLDER']['token'] }}" 43 | 44 | - name: 45 | debug: 46 | msg: "[Master] K8S_TOKEN_HOLDER K8S Hash is {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }}" 47 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | MANIFEST 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | .pytest_cache/ 49 | 50 | # Translations 51 | *.mo 52 | *.pot 53 | 54 | # Django stuff: 55 | *.log 56 | local_settings.py 57 | db.sqlite3 58 | 59 | # Flask stuff: 60 | instance/ 61 | .webassets-cache 62 | 63 | # Scrapy stuff: 64 | .scrapy 65 | 66 | # Sphinx documentation 67 | docs/_build/ 68 | 69 | # PyBuilder 70 | target/ 71 | 72 | # Jupyter Notebook 73 | .ipynb_checkpoints 74 | 75 | # pyenv 76 | .python-version 77 | 78 | # celery beat schedule file 79 | celerybeat-schedule 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | 106 | *.pem 107 | *hosts -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/tasks/provisioning.yml: -------------------------------------------------------------------------------- 1 | - name: Criando o Security Group 2 | local_action: 3 | module: ec2_group 4 | name: "{{ security_group }}" 5 | description: Security Group Giropops 6 | profile: "{{ profile }}" 7 | region: "{{ region }}" 8 | rules: 9 | - proto: tcp 10 | from_port: 22 11 | to_port: 22 12 | cidr_ip: 0.0.0.0/0 13 | rules_egress: 14 | - proto: all 15 | cidr_ip: 0.0.0.0/0 16 | register: basic_firewall 17 | 18 | - name: Criando a instancia EC2 19 | local_action: ec2 20 | group={{ security_group }} 21 | instance_type={{ instance_type }} 22 | image={{ image }} 23 | wait=true 24 | region={{ region }} 25 | keypair={{ keypair }} 26 | count={{ count }} 27 | profile={{ profile }} 28 | register: ec2 29 | 30 | - name: Adicionando a instancia ao inventario temp 31 | add_host: name={{ item.public_ip }} groups=giropops-new 32 | with_items: "{{ ec2.instances }}" 33 | 34 | - name: Adicionando a instancia criada no arquivo hosts 35 | local_action: lineinfile 36 | dest="./hosts" 37 | regexp={{ item.public_ip }} 38 | insertafter="[kubernetes]" line={{ item.public_ip }} 39 | with_items: "{{ ec2.instances }}" 40 | 41 | - name: Esperando o SSH 42 | local_action: wait_for 43 | host={{ item.public_ip }} 44 | port=22 45 | state=started 46 | with_items: "{{ ec2.instances }}" 47 | 48 | - name: Adicionando um nome tag na instancia 49 | local_action: ec2_tag resource={{ item.id }} region={{ region }} profile={{ profile }} state=present 50 | with_items: "{{ ec2.instances }}" 51 | args: 52 | tags: 53 | Name: regis-ansible-day2 54 | 55 | - name: Adicionando a maquina criada no known_hosts 56 | shell: ssh-keyscan -H {{ item.public_ip }} >> ~/.ssh/known_hosts 57 | with_items: "{{ ec2.instances }}" 58 | -------------------------------------------------------------------------------- /aula2/provisioning/roles/create/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-helm/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/install-k8s/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/join-workers/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /aula2/install_k8s/roles/create-cluster/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v1/roles/common/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/deploy-app-v2/roles/common/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/canary-deploy-app/roles/common/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/create-cluster/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-helm/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/install-k8s/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/install_k8s/roles/join-workers/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.4 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /descomplicando-ansible/provisioning/roles/create/tasks/provisioning.yml: -------------------------------------------------------------------------------- 1 | - name: Criando o Security Group 2 | local_action: 3 | module: ec2_group 4 | name: "{{ security_group }}" 5 | description: Security Group Giropops 6 | profile: "{{ profile }}" 7 | region: "{{ region }}" 8 | rules: 9 | - proto: tcp 10 | from_port: 22 11 | to_port: 22 12 | cidr_ip: 0.0.0.0/0 13 | rule_desc: SSH 14 | - proto: tcp 15 | from_port: 2379 16 | to_port: 2380 17 | cidr_ip: 0.0.0.0/0 18 | rule_desc: etcd server API 19 | - proto: tcp 20 | from_port: 6443 21 | to_port: 6443 22 | cidr_ip: 0.0.0.0/0 23 | rule_desc: kube-apiserver 24 | - proto: tcp 25 | from_port: 10250 26 | to_port: 10250 27 | cidr_ip: 0.0.0.0/0 28 | rule_desc: Kubelet API 29 | - proto: tcp 30 | from_port: 10251 31 | to_port: 10251 32 | cidr_ip: 0.0.0.0/0 33 | rule_desc: kube-scheduler 34 | - proto: tcp 35 | from_port: 10252 36 | to_port: 10252 37 | cidr_ip: 0.0.0.0/0 38 | rule_desc: kube-controller-manager 39 | - proto: tcp 40 | from_port: 10255 41 | to_port: 10255 42 | cidr_ip: 0.0.0.0/0 43 | rule_desc: Kubelet API Read-only 44 | - proto: tcp 45 | from_port: 30000 46 | to_port: 32767 47 | cidr_ip: 0.0.0.0/0 48 | rule_desc: NodePort Services 49 | rules_egress: 50 | - proto: all 51 | cidr_ip: 0.0.0.0/0 52 | register: basic_firewall 53 | 54 | - name: Criando a instancia EC2 55 | local_action: ec2 56 | group={{ security_group }} 57 | instance_type={{ instance_type }} 58 | image={{ image }} 59 | wait=true 60 | region={{ region }} 61 | keypair={{ keypair }} 62 | count={{ count }} 63 | profile={{ profile }} 64 | register: ec2 65 | 66 | - name: Adicionando a instancia ao inventario temp 67 | add_host: name={{ item.public_ip }} groups=giropops-new 68 | with_items: "{{ ec2.instances }}" 69 | 70 | - name: Adicionando o ip publico da instancia criada no arquivo hosts 71 | local_action: lineinfile 72 | dest="./hosts" 73 | regexp={{ item.public_ip }} 74 | insertafter="[ip-publico]" line={{ item.public_ip }} 75 | with_items: "{{ ec2.instances }}" 76 | 77 | - name: Adicionando o ip privado da instancia criada no arquivo hosts 78 | local_action: lineinfile 79 | dest="./hosts" 80 | regexp={{ item.private_ip }} 81 | insertafter="[ip-privado]" line={{ item.private_ip }} 82 | with_items: "{{ ec2.instances }}" 83 | 84 | - name: Adicionando o ip publico da instancia criada no arquivo install_k8s/hosts 85 | # Deve existir k8s-master 86 | local_action: lineinfile 87 | dest="./../install_k8s/hosts" 88 | insertafter="\[k8s-master\]" 89 | line={{ ec2.instances[0].public_ip }} 90 | 91 | - name: Adicionando o ip publico da instancia criada no arquivo install_k8s/hosts 92 | # Deve existir k8s-workers 93 | local_action: lineinfile 94 | dest="./../install_k8s/hosts" 95 | insertafter="\[k8s-workers\]" 96 | line={{ item.public_ip }} 97 | with_items: "{{ ec2.instances[1:] }}" 98 | 99 | - name: Adicionando o ip privado da instancia criada no arquivo install_k8s/hosts 100 | # Deve existir K8S_MASTER_NODE_IP 101 | local_action: lineinfile 102 | dest="./../install_k8s/hosts" 103 | regexp="^K8S_MASTER_NODE_IP=" 104 | line="K8S_MASTER_NODE_IP={{ ec2.instances[0].private_ip }}" 105 | 106 | - name: Esperando o SSH 107 | local_action: wait_for 108 | host={{ item.public_ip }} 109 | port=22 110 | state=started 111 | with_items: "{{ ec2.instances }}" 112 | 113 | - name: Adicionando um nome tag na instancia 114 | local_action: ec2_tag resource={{ item.id }} region={{ region }} profile={{ profile }} state=present 115 | with_items: "{{ ec2.instances }}" 116 | args: 117 | tags: 118 | Name: RegisAnsible-{{ item.ami_launch_index|int + 1 }} 119 | 120 | - name: Adicionando a maquina criada no known_hosts 121 | shell: ssh-keyscan -H {{ item.public_ip }} >> ~/.ssh/known_hosts 122 | with_items: "{{ ec2.instances }}" 123 | -------------------------------------------------------------------------------- /descomplicando_o_ansible.md: -------------------------------------------------------------------------------- 1 | # Ansible 2 | 3 | ``` 4 | ssh-add chave.pem 5 | ssh ip 6 | 7 | ssh copy id (site) 8 | 9 | ssh-keygen 10 | 11 | ifconfig pra pegar o ip da maquina 12 | 13 | ssh-copy-id 14 | ``` 15 | 16 | No GCloud é o IP interno 17 | 18 | --- 19 | 20 | ## Conectando na máquina 21 | 22 | ``` 23 | ssh -o ServerAliveInterval=30 -i chave.pem host 24 | ``` 25 | 26 | IP externo vs IP interno 27 | 28 | 29 | Nas máquinas trocar o host 30 | 31 | ``` 32 | sudo su - 33 | hostname elliot-01 34 | hostname elliot-02 35 | hostname elliot-03 36 | ``` 37 | 38 | ``` 39 | vim /etc/hostname 40 | 41 | elliot-01 42 | 43 | mkdir ansible 44 | cd ansible 45 | ``` 46 | 47 | Chave ssh 48 | 49 | ``` 50 | scp -i chave.pem chave.pem ubuntu@ec2-...com:/tmp 51 | ``` 52 | 53 | Na outra maquina 54 | 55 | ``` 56 | mv /tmp/chave.pem ~ 57 | 58 | ssh-agent bash 59 | ssh-add chave.pem 60 | ``` 61 | 62 | 63 | ``` 64 | ifconfig eth0 65 | 66 | xxx.xx.xx.xxx elliot-01 67 | 68 | mkdir ansible 69 | cd ansible 70 | 71 | sudo vim /etc/hosts 72 | ``` 73 | 74 | ``` 75 | # hosts 76 | ... 77 | xxx.xx.xx.xx2 elliot-01 78 | xxx.xx.xx.xx3 elliot-02 79 | xxx.xx.xx.xx4 elliot-03 80 | ``` 81 | 82 | Faça o teste com 83 | 84 | ``` 85 | ping elliot-01 86 | ``` 87 | 88 | Agora dentro do ansible 89 | 90 | ``` 91 | mkdir ansible 92 | cd ansible 93 | vim ~/ansible/hosts 94 | ``` 95 | 96 | ``` 97 | # hosts 98 | elliot-01 99 | elliot-02 100 | elliot-03 101 | ``` 102 | 103 | ## Instalação 104 | 105 | ``` 106 | sudo apt install -y software-properties-common 107 | sudo apt-add-repository --yes --update ppa:ansible/ansible 108 | sudo apt update 109 | sudo apt install -y ansible 110 | ``` 111 | 112 | 113 | ### Inventário 114 | 115 | Antes você pode fazer `ssh elliot-01` 116 | 117 | -m é módulo 118 | 119 | ``` 120 | ansible -i hosts all -m ping # opcional -k pra pedir senha 121 | ``` 122 | 123 | ``` 124 | # hosts 125 | [giropops] 126 | elliot-01 127 | 128 | [webservers] 129 | elliot-02 130 | elliot-03 131 | ``` 132 | 133 | ``` 134 | ansible -i hosts webservers -m ping -u usuario -k 135 | ``` 136 | 137 | Para executar comandos digite `-a` 138 | 139 | ``` 140 | ansible -i hosts webservers -a "/sbin/ifconfig" 141 | ``` 142 | 143 | Executando comandos no bash 144 | 145 | ``` 146 | ansible -i hosts webservers -a "bash -c 'uptime'" 147 | ansible -i hosts webservers -m copy -a "scr=hosts dest=/tmp" 148 | ansible -i hosts webservers -m shell -a "uptime" 149 | ansible -i hosts webservers -m git -a "repo=https://github.com/badtuxx/giropops-monitoring.git dest=/tmp/giropops version=HEAD" 150 | ansible -i hosts elliot-02 -m setup 151 | ansible -i hosts elliot-02 -m setup -a "filter=ansible_distribution" 152 | ``` 153 | 154 | ``` 155 | ansible -i hosts all -m apt -a "name=vim state=present" 156 | ``` 157 | 158 | Vai dar permission denied 159 | 160 | ``` 161 | ansible -i hosts all -b -m apt -a "name=vim state=present" 162 | 163 | cd /etc/sudoers.d 164 | vim sudoers 165 | ``` 166 | 167 | 168 | ``` 169 | ubuntu ALL=(ALL) NOPASSWD:ALL 170 | 171 | [giropops:vars] 172 | ansible_python_interpreter=/usr/bin/python3 173 | 174 | mkdir day1 175 | vim nginx_playbook.yml 176 | 177 | # nginx_playbook.yml 178 | --- 179 | - hosts: webservers 180 | become: yes 181 | remote_user: root 182 | tasks: 183 | - name: Instalando o nginx 184 | apt: 185 | name: nginx 186 | state: latest 187 | update_cache: yes 188 | - name: Iniciando o nginx 189 | service: 190 | name: nginx 191 | state: started 192 | - name: Copiando index.html personalizado 193 | copy: 194 | src: index.html 195 | dest: /var/www/html/index.html 196 | - name: Restartando o nginx 197 | service: 198 | name: nginx 199 | state: restarted 200 | ``` 201 | 202 | ``` 203 | ansible-playbook -i hosts nginx_playbook.yml -b 204 | 205 | sudo netstat -atunp 206 | 207 | cd /usr/share/nginx/html 208 | 209 | ``` 210 | 211 | 212 | Crie o index.html 213 | 214 | ``` 215 | ansible-playbook -i hosts nginx_playbook.yml -b 216 | 217 | sudo systemctl restart nginx 218 | ``` 219 | 220 | 221 | ``` 222 | # nginx_playbook.yml 223 | --- 224 | - hosts: webservers 225 | become: yes 226 | remote_user: root 227 | tasks: 228 | - name: Instalando o nginx 229 | apt: 230 | name: nginx 231 | state: latest 232 | update_cache: yes 233 | - name: Iniciando o nginx 234 | service: 235 | name: nginx 236 | state: started 237 | - name: Copiando index.html personalizado 238 | copy: 239 | src: index.html 240 | dest: /var/www/html/index.html 241 | - name: Copiando nginx.conf 242 | copy: 243 | src: nginx.conf 244 | dest: /etc/nginx/nginx.conf 245 | notify: Restartando o nginx 246 | handlers: 247 | - name: Restartando o nginx 248 | service: 249 | name: nginx 250 | state: restarted 251 | ``` 252 | 253 | 254 | ``` 255 | # nginx.conf 256 | ... 257 | ``` 258 | 259 | 260 | --- 261 | 262 | # Aula 2 263 | 264 | Na sua máquina 265 | 266 | ``` 267 | pip install ansible 268 | ``` 269 | 270 | e crie o playbook localmente 271 | 272 | ``` 273 | cd ~/gh/my/descomplicando-ansible-treinamento 274 | mkdir -p aula2/roles 275 | cd aula2 276 | ``` 277 | 278 | 279 | Editando main.yml 280 | 281 | ``` 282 | cat << EOF > main.yml 283 | --- 284 | - hosts: local 285 | roles: 286 | - create 287 | EOF 288 | ``` 289 | 290 | Editando hosts 291 | 292 | ``` 293 | cat << EOF > hosts 294 | [local] 295 | localhost ansible_connection=local ansible_python_interpreter=python gather_facts=false 296 | 297 | [kubernetes] 298 | EOF 299 | ``` 300 | 301 | Copie a chave.pem. 302 | 303 | Criando a pasta `roles`. 304 | 305 | ``` 306 | # Criando pasta 307 | mkdir roles 308 | cd roles 309 | ``` 310 | 311 | ``` 312 | # Criando projeto Ansible 313 | ansible-galaxy init create 314 | 315 | cd create 316 | ``` 317 | 318 | 319 | Google: amazon ec2 ami locator 320 | 321 | https://cloud-images.ubuntu.com/locator/ec2/ 322 | 323 | Criar chave `descomplicando-ansible` na AWS. 324 | 325 | ``` 326 | cat << EOF > vars/main.yml 327 | --- 328 | # vars file for create 329 | instance_type: t2.medium 330 | security_group: giropops 331 | image: ami-064a0193585662d74 332 | keypair: descomplicando-ansible 333 | region: us-east-1 334 | count: 3 335 | EOF 336 | ``` 337 | 338 | ``` 339 | printf "\n- include: provisioning.yml" >> tasks/main.yml 340 | ``` 341 | 342 | 343 | Google: ansible all modules 344 | 345 | 346 | ``` 347 | cat << EOF > tasks/provisioning.yml 348 | - name: Criando o Security Group 349 | local_action: 350 | module: ec2_group 351 | name: "{{ security_group }}" 352 | description: Security Group Giropops 353 | region: "{{ region }}" 354 | rules: 355 | - proto: tcp 356 | from_port: 22 357 | to_port: 22 358 | cidr_ip: 0.0.0.0/0 359 | rules_egress: 360 | - proto: all 361 | cidr_ip: 0.0.0.0/0 362 | register: basic_firewall 363 | 364 | - name: Criando a instancia EC2 365 | local_action: ec2 366 | group={{ security_group }} 367 | instance_type={{ instance_type }} 368 | image={{ image }} 369 | wait=true 370 | region={{ region }} 371 | keypair={{ keypair }} 372 | count={{ count }} 373 | register: ec2 374 | 375 | - name: Adicionando a instancia ao inventario temp 376 | add_host: name={{ item.public_ip }} groups=giropops-new 377 | with_items: "{{ ec2.instances }}" 378 | 379 | - name: Adicionando a instancia criada no arquivo hosts 380 | local_action: lineinfile 381 | dest="./hosts" 382 | regexp={{ item.public_ip }} 383 | insertafter="[kubernetes]" line={{ item.public_ip }} 384 | with_items: "{{ ec2.instances }}" 385 | 386 | - name: Esperando o SSH 387 | local_action: wait_for 388 | host={{ item.public_ip }} 389 | port=22 390 | state=started 391 | with_items: "{{ ec2.instances }}" 392 | 393 | - name: Adicionando um nome tag na instancia 394 | local_action: ec2_tag resource={{ item.id }} region={{ region }} state=present 395 | with_items: "{{ ec2.instances }}" 396 | args: 397 | tags: 398 | Name: regis-ansible-day2 399 | EOF 400 | ``` 401 | 402 | 403 | Em EC2 --> Key Pairs --> Create KeyPair 404 | IAM --> Create User 405 | 406 | Pegar as chaves de acesso. 407 | 408 | ### Exportando AWS_ACCESS_KEY 409 | 410 | ``` 411 | export AWS_ACCESS_KEY_ID="FAKE" 412 | export AWS_SECRET_ACCESS_KEY="FAKE" 413 | ``` 414 | 415 | 416 | > Copie a chave para dentro da pasta `aula2`. 417 | 418 | ``` 419 | cd ~/gh/my/descomplicando-ansible-treinamento/aula2/ 420 | cp ~/Downloads/descomplicando-ansible.pem . 421 | ``` 422 | 423 | Dando permissão de acesso a chave. 424 | 425 | ``` 426 | chmod 0400 descomplicando-ansible.pem 427 | ``` 428 | 429 | Rodando `ssh-add` 430 | 431 | ``` 432 | ssh-add descomplicando-ansible.pem 433 | ``` 434 | 435 | Estando na pasta `aula2`... 436 | 437 | ``` 438 | pip install boto3 439 | ``` 440 | 441 | Executar na mesma pasta do main.yml. 442 | 443 | ``` 444 | # Rodando o Ansible 445 | # Provisionando as máquinas 446 | # Criando as máquinas no EC2. 447 | 448 | ansible-playbook -i hosts main.yml 449 | ``` 450 | 451 | ### Profile 452 | 453 | Se quiser no playbook pode adicionar um profile em todos 454 | 455 | profile: "{{ profile }}" 456 | 457 | Em vars/main.yml coloque 458 | 459 | profile: default # ou giropops 460 | 461 | Requer o arquivo 462 | 463 | ``` 464 | ~/.aws/credentials 465 | ``` 466 | 467 | ``` 468 | # Rodando o Ansible 469 | ansible-playbook -i hosts main.yml 470 | ``` 471 | 472 | Movendo tudo para a pasta `provisioning`. 473 | 474 | ``` 475 | mkdir provisioning 476 | mv descomplicando-ansible.pem hosts hosts_example main.yml provisioning 477 | mv roles provisioning 478 | ``` 479 | 480 | Criando outro playbook. 481 | 482 | ``` 483 | mkdir install_k8s 484 | cd install_k8s 485 | cp ../provisioning/hosts . 486 | cp ../provisioning/main.yml . 487 | mkdir roles 488 | ``` 489 | 490 | Editando o main.yml 491 | 492 | ``` 493 | cat << EOF > main.yml 494 | --- 495 | - hosts: all 496 | become: yes 497 | user: ubuntu 498 | gather_facts: no 499 | pre_tasks: 500 | - name: 'install python' 501 | raw: 'apt-get -y install python' 502 | roles: 503 | - install-k8s 504 | 505 | - hosts: k8s-master 506 | become: yes 507 | user: ubuntu 508 | roles: 509 | - create-cluster 510 | 511 | - hosts: k8s-workers 512 | become: yes 513 | user: ubuntu 514 | roles: 515 | - join-workers 516 | 517 | - hosts: k8s-master 518 | become: yes 519 | user: ubuntu 520 | roles: 521 | - install-helm 522 | EOF 523 | ``` 524 | 525 | Criar os roles 526 | 527 | ``` 528 | cd roles 529 | 530 | ansible-galaxy init install-k8s 531 | ansible-galaxy init create-cluster 532 | ansible-galaxy init join-workers 533 | ansible-galaxy init install-helm 534 | ``` 535 | 536 | ``` 537 | printf "\n- include: install.yml" >> install-k8s/tasks/main.yml 538 | 539 | ``` 540 | 541 | ``` 542 | cat << EOF > install-k8s/tasks/install.yml 543 | - name: Instalando o Docker 544 | shell: curl -fsSL https://get.docker.com | bash - 545 | 546 | - name: Adicionando as chaves repo k8s no apt 547 | apt_key: 548 | url: https://packages.cloud.google.com/apt/doc/apt-key.gpg 549 | state: present 550 | 551 | - name: Adicionando o repo do k8s 552 | apt_repository: 553 | repo: deb http://apt.kubernetes.io/ kubernetes-xenial main 554 | state: present 555 | 556 | - name: Instalando pacotes k8s 557 | apt: 558 | name: "{{ packages }}" 559 | vars: 560 | packages: 561 | - kubelet 562 | - kubeadm 563 | - kubectl 564 | EOF 565 | ``` 566 | 567 | cd .. 568 | 569 | Limpar os IPs de hosts 570 | 571 | E criar as máquinas novamente. 572 | 573 | ``` 574 | cd provisioning 575 | ansible-playbook -i hosts main.yml -u ubuntu 576 | ``` 577 | 578 | Copiar os hosts para 579 | 580 | ``` 581 | cp hosts ../install_k8s/ 582 | 583 | cd ../install_k8s 584 | 585 | printf "\n[k8s-master]\n[k8s-workers]" >> hosts 586 | ``` 587 | 588 | Edite seus grupos e IPs de tal forma que você tenha isso (remova o grupo local): 589 | 590 | ``` 591 | [k8s-master] 592 | x.xx.xx.xx 593 | 594 | [k8s-workers] 595 | xx.xxx.xx.xx 596 | xx.xxx.xx.xx 597 | 598 | [k8s-workers:vars] 599 | K8S_MASTER_NODE_IP=xxx.xx.xx.xxx 600 | K8S_API_SECURE_PORT=6443 601 | ``` 602 | 603 | ``` 604 | # Criando arquivos 605 | cat << EOF > hosts 606 | [k8s-master] 607 | xx.xxx.xxx.xxx 608 | 609 | [k8s-workers] 610 | xx.xxx.xxx.xxx 611 | xx.xxx.xxx.xxx 612 | 613 | [k8s-workers:vars] 614 | K8S_MASTER_NODE_IP=xxx.xx.xx.xxx 615 | K8S_API_SECURE_PORT=6443 616 | EOF 617 | ``` 618 | 619 | Para editar os IPs, vá em provisioning/hosts e digite os novos IPs em install_k8s/hosts... 620 | 621 | ``` 622 | cat ../provisioning/hosts 623 | ``` 624 | 625 | ... para editar o K8S_MASTER_NODE_IP, vá na AWS EC2 e pegue o IP privado da máquina que você definiu como master. 626 | 627 | 628 | 629 | Na pasta install_k8s... 630 | 631 | ``` 632 | ansible-playbook -i hosts main.yml -u ubuntu 633 | ``` 634 | 635 | Vai dar erro de confirmação da conexão ssh 636 | 637 | ``` 638 | ssh ubuntu@xx.xxx.xx.xx 639 | ssh ubuntu@xx.xxx.xx.xx 640 | ssh ubuntu@xx.xxx.xx.xx 641 | ``` 642 | 643 | 644 | 645 | ``` 646 | ansible-playbook -i hosts main.yml 647 | ``` 648 | 649 | Dentro de uma das máquinas, faça: 650 | 651 | ``` 652 | ssh ubuntu@3.81.248.9 653 | 654 | sudo su - 655 | docker --version 656 | kubelet --version 657 | ``` 658 | 659 | Saia do host e volte pra sua máquina 660 | 661 | ``` 662 | ansible -i hosts all -a "docker --version" -u ubuntu 663 | ansible -i hosts all -a "kubectl version" -u ubuntu 664 | ``` 665 | 666 | 667 | Para não precisar confirmar a conexão ssh toda vez, faça: 668 | 669 | ``` 670 | cd ../provisioning/roles/create/ 671 | vim tasks/provisioning.yml 672 | ``` 673 | 674 | e adicione o role a seguir: 675 | 676 | ``` 677 | - name: Adicionando a maquina criada no known_hosts 678 | shell: ssh-keyscan -H {{ item.public_ip }} >> ~/.ssh/known_hosts 679 | with_items: "{{ ec2.instances }}" 680 | ``` 681 | 682 | Delete as máquinas, e crie outras novamente. 683 | 684 | ``` 685 | ansible-playbook -i hosts main.yml -u ubuntu 686 | ``` 687 | 688 | Conecte na máquina novamente. 689 | 690 | ``` 691 | ssh ubuntu@x.xx.xxx.x 692 | ``` 693 | 694 | Vá na pasta install_k8s e rode o playbook novamente. 695 | 696 | ``` 697 | cd ../install_k8s 698 | ssh-agent bash 699 | ssh-add descomplicando-ansible.pem 700 | ansible-playbook -i hosts main.yml -u ubuntu 701 | ``` 702 | 703 | 704 | 705 | 706 | # Aula 3 707 | 708 | ``` 709 | ssh-agent 710 | ssh-add 711 | ``` 712 | 713 | https://www.freecodecamp.org/news/openssl-command-cheatsheet-b441be1e8c4a/ 714 | 715 | https://www.weave.works/blog/weave-net-kubernetes-integration/ 716 | 717 | https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html 718 | 719 | 720 | ``` 721 | ansible-playbook -i hosts main.yml -u ubuntu 722 | 723 | ssh-add chave.pem 724 | ``` 725 | 726 | * provisiong 727 | * install 728 | * create 729 | 730 | ``` 731 | kubeadm token create --print-join-command 732 | ``` 733 | 734 | 735 | ## Começando a aula com dois playbooks: 736 | 737 | * provisioning 738 | * install_k8s 739 | 740 | E quatro pastas em `install_k8s`: 741 | 742 | * create-cluster 743 | * install-helm 744 | * install-k8s 745 | * join-workers 746 | 747 | Após instalado o k8s, precisamos fazer com que ele seja um cluster. 748 | 749 | 750 | Criando uma nova pasta com o conteúdo da aula2. 751 | 752 | ``` 753 | cp -r aula2/ descomplicando-ansible 754 | ``` 755 | 756 | Vá para a pasta `provisioning`. Certifique-se de ter colocado a chave.pem. 757 | 758 | ``` 759 | # Rodando o Ansible 760 | # Provisionando as máquinas 761 | # Criando as máquinas no EC2. 762 | ansible-playbook -i hosts main.yml -u ubuntu 763 | ``` 764 | 765 | 766 | ## install-k8s 767 | 768 | Faça o mesmo na pasta `install_k8s`. 769 | 770 | ``` 771 | # Rodando o Ansible 772 | # Provisionando as máquinas 773 | # Criando as máquinas no EC2. 774 | ansible-playbook -i hosts main.yml -u ubuntu 775 | ``` 776 | 777 | Vá para a pasta... 778 | 779 | ``` 780 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/install_k8s/roles/create-cluster/tasks/ 781 | ``` 782 | 783 | ``` 784 | printf "\n- include: init-cluster.yml" >> main.yml 785 | ``` 786 | 787 | Edite `init-cluster.yml` 788 | 789 | ``` 790 | cat << EOF > init-cluster.yml 791 | - name: Reset Cluster 792 | command: 793 | kubeadm reset --force 794 | register: kubeadmin_init 795 | 796 | - name: Initialize Kubernetes master with kubeadm init. 797 | command: 798 | kubeadm init 799 | register: kubeadmin_init 800 | 801 | - name: Ensure .kube directory exists. 802 | file: 803 | path: ~/.kube 804 | state: directory 805 | 806 | - name: Symlink the kubectl admin.conf to ~/.kube/conf. 807 | file: 808 | src: /etc/kubernetes/admin.conf 809 | dest: ~/.kube/config 810 | state: link 811 | 812 | - name: Configure weavenet networking. 813 | shell: kubectl apply -f {{ default_kubernetes_cni_weavenet_manifestUrl }} 814 | register: weavenet_result 815 | 816 | - name: "Cluster token" 817 | shell: kubeadm token list | cut -d ' ' -f1 | sed -n '2p' 818 | register: K8S_TOKEN 819 | 820 | - name: "CA Hash" 821 | shell: openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 822 | register: K8S_MASTER_CA_HASH 823 | 824 | - name: "Add K8S Token and Hash to dummy host" 825 | add_host: 826 | name: "K8S_TOKEN_HOLDER" 827 | token: "{{ K8S_TOKEN.stdout }}" 828 | hash: "{{ K8S_MASTER_CA_HASH.stdout }}" 829 | 830 | - name: 831 | debug: 832 | msg: "[Master] K8S_TOKEN_HOLDER K8S token is {{ hostvars['K8S_TOKEN_HOLDER']['token'] }}" 833 | 834 | - name: 835 | debug: 836 | msg: "[Master] K8S_TOKEN_HOLDER K8S Hash is {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }}" 837 | EOF 838 | ``` 839 | 840 | Editando vars 841 | 842 | Pesquise por Run Weave Net with Kubernetes in Just One Line 843 | 844 | https://www.weave.works/blog/weave-net-kubernetes-integration/ 845 | 846 | 847 | ``` 848 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/install_k8s/roles/create-cluster 849 | printf '\ndefault_kubernetes_cni_weavenet_manifestUrl: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\\n')"' >> vars/main.yml 850 | ``` 851 | 852 | Rode o playbook 853 | 854 | ``` 855 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/install_k8s 856 | ansible-playbook -i hosts main.yml -u ubuntu 857 | ``` 858 | 859 | Conecte-se nas novas máquinas. Abra 3 terminais, um pra cada máquina. 860 | 861 | 862 | 863 | ``` 864 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/provisioning 865 | ssh-add descomplicando-ansible.pem # nos 3 terminais 866 | ssh ubuntu@54.162.48.173 867 | ssh ubuntu@52.23.179.250 868 | ssh ubuntu@54.81.192.27 869 | ``` 870 | 871 | Em um deles rode: 872 | 873 | ``` 874 | sudo su - 875 | docker ps 876 | kubectl get nodes 877 | ``` 878 | 879 | Fazer join-workers 880 | 881 | ``` 882 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/install_k8s/roles/join-workers 883 | 884 | printf "\n- include: join-cluster.yml" >> tasks/main.yml 885 | 886 | cat << EOF > tasks/join-cluster.yml 887 | - name: 888 | debug: 889 | msg: "[Worker] K8S_TOKEN_HOLDER K8S token is {{ hostvars['K8S_TOKEN_HOLDER']['token'] }}" 890 | 891 | - name: 892 | debug: 893 | msg: "[Worker] K8S_TOKEN_HOLDER K8S Hash is {{ hostvars['K8S_TOKEN_HOLDER']['hash'] }}" 894 | 895 | - name: "Kubeadm reset node cluster config" 896 | command: 897 | kubeadm reset --force 898 | register: kubeadm-reset_node 899 | 900 | - name: "Kubeadm join" 901 | shell: 902 | kubeadm join --token={{ hostvars['K8S_TOKEN_HOLDER']['token'] }} 903 | --discovery-token-ca-cert-hash sha256:{{ hostvars['K8S_TOKEN_HOLDER']['hash'] }} 904 | {{K8S_MASTER_NODE_IP}}:{{K8S_API_SECURE_PORT}} 905 | EOF 906 | ``` 907 | 908 | > Não pode ter swap ligada. 909 | 910 | Pra pegar o token do k8s 911 | 912 | ``` 913 | kubeadm token create --print-join-command 914 | ``` 915 | 916 | Editar hosts 917 | 918 | ``` 919 | cd install_k8s/hosts 920 | vim hosts 921 | 922 | [k8s-workers:vars] 923 | K8S_MASTER_NODE_IP=xxx.xx.xx.xxx 924 | K8S_API_SECURE_PORT=6443 925 | ``` 926 | 927 | Em `K8S_MASTER_NODE_IP` colocar IP interno Private IP. 928 | 929 | Na AWS, editar Security Groups 930 | 931 | Inbound 932 | 933 | Type: All trafic 934 | Protocol: All 935 | Source: custom 936 | 937 | Para o grupo 'giropops'. 938 | 939 | E rodar o playbook novamente. 940 | 941 | ``` 942 | ansible-playbook -i hosts main.yml -u ubuntu 943 | ``` 944 | 945 | Editar 946 | 947 | ``` 948 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/provisioning/roles/create/tasks 949 | vim provisioning.yml 950 | ``` 951 | 952 | ## Install-helm 953 | 954 | ``` 955 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/install_k8s/roles/install-helm/ 956 | printf "\n- include: install-helm.yml\n- include: install-monit-tools.yml" >> tasks/main.yml 957 | ``` 958 | 959 | Editar install-helm.yml 960 | 961 | ``` 962 | cat << EOF > tasks/install-helm.yml 963 | - name: Install helm via curl 964 | shell: curl -L https://git.io/get_helm.sh | bash - 965 | register: helm_result 966 | 967 | - name: Helm init 968 | shell: helm init 969 | register: helm_init_result 970 | 971 | - name: Create service account to tiller 972 | shell: kubectl create serviceaccount --namespace=kube-system tiller 973 | register: tiller_result 974 | 975 | - name: Create clusterrolebinding for tiller 976 | shell: kubectl create clusterrolebinding tiller-cluster-role --clusterrole=cluster-admin --serviceaccount=kube-system:tiller 977 | register: clusterrolebinding_result 978 | 979 | - name: Apply patch to tiller-deploy 980 | shell: kubectl patch deployments -n kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}' 981 | register: patch_result 982 | 983 | - name: Waiting tiller pod 984 | pause: 985 | minutes: 2 986 | EOF 987 | ``` 988 | 989 | Editar install-monit-tools.yml 990 | 991 | ``` 992 | cat << EOF > tasks/install-monit-tools.yml 993 | - name: Install Prometheus 994 | shell: helm install {{ deploy_prometheus }} 995 | register: prometheus_result 996 | 997 | - name: Install Grafana 998 | shell: helm install {{ deploy_grafana }} 999 | register: grafana_result 1000 | EOF 1001 | ``` 1002 | 1003 | Edite `vars/main.yml` 1004 | 1005 | ``` 1006 | printf '\ndeploy_prometheus: "--namespace=monitoring --name=prometheus --version=7.0.0 --set alertmanager.persistentVolume.enabled=false,server.persistentVolume.enabled=false stable/prometheus"' >> vars/main.yml 1007 | 1008 | printf '\ndeploy_grafana: "--namespace=monitoring --name=grafana --version=1.12.0 --set=adminUser=admin,adminPassword=admin,service.type=NodePort stable/grafana"' >> vars/main.yml 1009 | ``` 1010 | 1011 | Entre no nó master, e 1012 | 1013 | ``` 1014 | kubectl get deployment --all-namespaces 1015 | kubectl get services -n monitoring 1016 | kubectl get nodes 1017 | ``` 1018 | 1019 | Vá em Security groups e libere a porta do Grafana 1020 | 1021 | Custom 1022 | TCP 1023 | port: 30730 1024 | description: Grafana 1025 | 1026 | Entre em uma das máquinas pelo browser, na porta 30730 1027 | 1028 | Grafana: admin, admin 1029 | 1030 | No Grafana, clique em *Add Data Source* 1031 | 1032 | Name: Prometheus 1033 | URL: http://prometheus-server 1034 | 1035 | ``` 1036 | kubectl port-forward -n monitoring svc/prometheus-server --address 0.0.0.0 32000:80 1037 | ``` 1038 | 1039 | 1040 | --- 1041 | 1042 | # Aula 4 1043 | 1044 | 1045 | ``` 1046 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/ 1047 | 1048 | mkdir deploy-app-v1 1049 | cd deploy-app-v1 1050 | 1051 | cp ../install_k8s/hosts . 1052 | 1053 | mkdir roles 1054 | cd roles 1055 | ``` 1056 | 1057 | ``` 1058 | ansible-galaxy init common 1059 | 1060 | cd common 1061 | ``` 1062 | 1063 | ``` 1064 | printf "\n- include: deploy-app.yml" >> tasks/main.yml 1065 | ``` 1066 | 1067 | ``` 1068 | cat << EOF > tasks/deploy-app.yml 1069 | - name: Creating Giropops App directory 1070 | file: path={{ item }} state=directory 1071 | with_items: 1072 | - /opt/giropops 1073 | - /opt/giropops/logs 1074 | - /opt/giropops/conf 1075 | register: directory_app_register 1076 | 1077 | - name: Copying deployment file to host 1078 | template: 1079 | src: app-v1.yml.j2 1080 | dest: /opt/giropops/app-v1.yml 1081 | owner: root 1082 | group: root 1083 | mode: 0644 1084 | register: copying_template_register 1085 | 1086 | - name: Copying service file to host 1087 | copy: src={{ item.src }} dest={{ item.dest }} 1088 | with_items: 1089 | - { src: 'service-app.yml', dest: '/opt/giropops/service-app.yml' } 1090 | register: copying_register 1091 | 1092 | - name: Deploy Giropops App deployment 1093 | shell: kubectl apply -f /opt/giropops/app-v1.yml 1094 | register: deploy_deployment_register 1095 | 1096 | - name: Deploy Giropops App service 1097 | shell: kubectl apply -f /opt/giropops/service-app.yml 1098 | register: deploy_service_register 1099 | EOF 1100 | ``` 1101 | 1102 | Editar app-v1.yml 1103 | 1104 | ``` 1105 | cat << EOF > files/app-v1.yml 1106 | apiVersion: extensions/v1beta1 1107 | kind: Deployment 1108 | metadata: 1109 | name: giropops-v1 1110 | spec: 1111 | replicas: {{ number_replicas }} 1112 | template: 1113 | metadata: 1114 | labels: 1115 | app: giropops 1116 | version: {{ version }} 1117 | annotations: 1118 | prometheus.io/scrape: "{{ prometheus_scrape }}" 1119 | prometheus.io/port: "{{ prometheus_port }}" 1120 | spec: 1121 | containers: 1122 | - name: giropops 1123 | image: linuxtips/nginx-prometheus-exporter:{{ version }} 1124 | env: 1125 | - name: VERSION 1126 | value: {{ version }} 1127 | ports: 1128 | - containerPort: {{ nginx_port }} 1129 | - containerPort: {{ prometheus_port }} 1130 | EOF 1131 | ``` 1132 | 1133 | ``` 1134 | cat << EOF > files/service-app.yml 1135 | apiVersion: v1 1136 | kind: Service 1137 | metadata: 1138 | labels: 1139 | app: giropops 1140 | run: nginx 1141 | track: stable 1142 | name: giropops 1143 | namespace: default 1144 | spec: 1145 | externalTrafficPolicy: Cluster 1146 | ports: 1147 | - nodePort: 32222 1148 | name: http 1149 | port: 80 1150 | protocol: TCP 1151 | targetPort: 80 1152 | - nodePort: 32111 1153 | name: prometheus 1154 | port: 32111 1155 | protocol: TCP 1156 | targetPort: 32111 1157 | selector: 1158 | app: giropops 1159 | sessionAffinity: None 1160 | type: NodePort 1161 | EOF 1162 | ``` 1163 | 1164 | ``` 1165 | cat << EOF > vars/main.yml 1166 | --- 1167 | # vars file for common 1168 | 1169 | # Giropops app 1170 | number_replicas: 10 1171 | version: 1.0.0 1172 | prometheus_scrape: "true" 1173 | prometheus_port: 32111 1174 | nginx_port: 80 1175 | environment: production 1176 | EOF 1177 | ``` 1178 | 1179 | Copiar o arquivo 1180 | 1181 | cp files/app-v1.yml templates/app-v1.yml.j2 1182 | 1183 | 1184 | ``` 1185 | cd ../.. 1186 | cat << EOF > main.yml 1187 | - hosts: k8s-master 1188 | become: yes 1189 | user: ubuntu 1190 | roles: 1191 | - common 1192 | EOF 1193 | ``` 1194 | 1195 | 1196 | ### Criar as máquinas e liberar as portas. 1197 | 1198 | Fazer: 1199 | 1200 | 1. provisioning 1201 | 2. install_k8s 1202 | 3. deploy-app-v1 1203 | 1204 | ``` 1205 | cd provisioning 1206 | ansible-playbook -i hosts main.yml -u ubuntu 1207 | ``` 1208 | 1209 | Não esqueça de limpar os ips de hosts 1210 | 1211 | Não esqueça de fazer ssh-add chave.pem 1212 | 1213 | ``` 1214 | cd ../install_k8s 1215 | ansible-playbook -i hosts main.yml -u ubuntu 1216 | ``` 1217 | 1218 | Copiar o hosts para a pasta `deploy-app-v1`. 1219 | 1220 | ``` 1221 | cd ../deploy-app-v1/ 1222 | cp ../install_k8s/hosts . 1223 | ``` 1224 | 1225 | Rodar o playbook. 1226 | 1227 | ``` 1228 | ansible-playbook -i hosts main.yml -u ubuntu 1229 | ``` 1230 | 1231 | O erro sobre `kubectl apply -f` sobre selector, faça o seguinte: 1232 | 1233 | Entre no servidor e faça: 1234 | 1235 | ``` 1236 | kubectl apply -f app-v1.yml 1237 | ``` 1238 | 1239 | Depois edite `app-v1.yml`: 1240 | 1241 | ``` 1242 | ... 1243 | replicas: {{ number_replicas }} 1244 | selector: 1245 | matchLabels: 1246 | app: giropops 1247 | ``` 1248 | 1249 | Se tudo der certo, você pode fazer: 1250 | 1251 | ``` 1252 | # no servidor 1253 | kubectl get svc 1254 | ``` 1255 | 1256 | Depois vá na AWS, EC2, clique na instância e clique lá embaixo em Security groups. 1257 | 1258 | Inbound: All trafic, anywhere 1259 | 1260 | Você pode navegar a partir da url do servidor na porta 32222. 1261 | 1262 | http://PUBLIC_IP:32222 1263 | 1264 | ``` 1265 | source <(kubectl completion bash) 1266 | kubectl logs giropops-v1-689bf72kcus --follow # pra ver os logs 1267 | ``` 1268 | 1269 | E 1270 | 1271 | http://PUBLIC_IP:32111/metrics 1272 | 1273 | Pra ver todos os outros serviços digite: 1274 | 1275 | ``` 1276 | kubectl get svc --all-namespaces 1277 | ``` 1278 | 1279 | O Grafana está na porta PORT. 1280 | 1281 | Add data source 1282 | 1283 | Name: Prometheus Server 1284 | 1285 | Type: Prometheus 1286 | 1287 | URL: http://prometheus-server 1288 | 1289 | 1290 | New Dashboard > Graph > Edit 1291 | 1292 | Data Source: Prometheus Server 1293 | 1294 | ``` 1295 | sum(rate(nginx_http_requests{app='giropops'}[5m])) by (version) 1296 | ``` 1297 | 1298 | Legend format: {{version}} 1299 | 1300 | Display 1301 | 1302 | 1303 | ## App v2 1304 | 1305 | Crie deploy-app-v2 1306 | 1307 | ``` 1308 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible 1309 | mkdir -p deploy-app-v2/roles 1310 | cd deploy-app-v2/roles 1311 | ansible-galaxy init common 1312 | ``` 1313 | 1314 | Volte dois níveis... 1315 | 1316 | ``` 1317 | cd ../.. 1318 | ``` 1319 | 1320 | Crie canary-deploy-app 1321 | 1322 | ``` 1323 | mkdir -p canary-deploy-app/roles 1324 | cd canary-deploy-app/roles 1325 | ansible-galaxy init common 1326 | ``` 1327 | 1328 | Em canary-deploy-app, faça: 1329 | 1330 | ``` 1331 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/canary-deploy-app/roles/common 1332 | ``` 1333 | 1334 | Crie uma task: 1335 | 1336 | ``` 1337 | printf "\n- include: deploy-app.yml" >> tasks/main.yml 1338 | ``` 1339 | 1340 | ``` 1341 | cat << EOF > tasks/deploy-app.yml 1342 | - name: Copying deployment file to host 1343 | template: 1344 | src: app-v2-canary.yml.j2 1345 | dest: /opt/giropops/app-v2-canary.yml 1346 | owner: root 1347 | group: root 1348 | mode: 0644 1349 | register: copying_template_register 1350 | 1351 | - name: Deploy Giropops App deployment 1352 | shell: kubectl apply -f /opt/giropops/app-v2-canary.yml 1353 | register: deploy_deployment_register 1354 | EOF 1355 | ``` 1356 | 1357 | ``` 1358 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/canary-deploy-app/roles/common/ 1359 | 1360 | cat << EOF > templates/app-v2-canary.yml.j2 1361 | apiVersion: apps/v1 1362 | kind: Deployment 1363 | metadata: 1364 | name: giropops-v2 1365 | spec: 1366 | replicas: {{ number_replicas }} 1367 | selector: 1368 | matchLabels: 1369 | app: giropops 1370 | template: 1371 | metadata: 1372 | labels: 1373 | app: giropops 1374 | version: {{ version }} 1375 | annotations: 1376 | prometheus.io/scrape: "{{ prometheus_scrape }}" 1377 | prometheus.io/port: "{{ prometheus_port }}" 1378 | spec: 1379 | containers: 1380 | - name: giropops 1381 | image: linuxtips/nginx-prometheus-exporter:{{ version }} 1382 | env: 1383 | - name: VERSION 1384 | value: {{ version }} 1385 | ports: 1386 | - containerPort: {{ nginx_port }} 1387 | - containerPort: {{ prometheus_port }} 1388 | EOF 1389 | ``` 1390 | 1391 | ``` 1392 | cat << EOF > vars/main.yml 1393 | --- 1394 | # vars file for common 1395 | 1396 | # Giropops app 1397 | number_replicas: 1 1398 | version: 2.0.0 1399 | prometheus_scrape: "true" 1400 | prometheus_port: 32111 1401 | nginx_port: 80 1402 | environment: production 1403 | EOF 1404 | ``` 1405 | 1406 | Depois copie 1407 | 1408 | ``` 1409 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/ 1410 | cp deploy-app-v1/main.yml canary-deploy-app/ 1411 | cp deploy-app-v1/hosts canary-deploy-app/ 1412 | cd canary-deploy-app 1413 | ``` 1414 | 1415 | Rode o playbook 1416 | 1417 | ``` 1418 | ansible-playbook -i hosts main.yml 1419 | ``` 1420 | 1421 | Para conferir no servidor, digite: 1422 | 1423 | ``` 1424 | kubectl get deploy 1425 | ``` 1426 | 1427 | Agora vamos em: 1428 | 1429 | ``` 1430 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/deploy-app-v2/roles/common 1431 | 1432 | printf "\n- include: deploy-app.yml" >> tasks/main.yml 1433 | 1434 | cat << EOF > tasks/deploy-app.yml 1435 | - name: Copying deployment file app v1 to host 1436 | template: 1437 | src: app-v1.yml.j2 1438 | dest: /opt/giropops/app-v1.yml 1439 | owner: root 1440 | group: root 1441 | mode: 0644 1442 | register: copying_app1_template_register 1443 | 1444 | - name: Copying deployment file app v2 to host 1445 | template: 1446 | src: app-v2.yml.j2 1447 | dest: /opt/giropops/app-v2.yml 1448 | owner: root 1449 | group: root 1450 | mode: 0644 1451 | register: copying_app2_template_register 1452 | 1453 | - name: Deploy new version of Giropops App deployment 1454 | shell: kubectl apply -f /opt/giropops/app-v2.yml 1455 | register: deployment_v2_register 1456 | 1457 | - name: Scale down old version of Giropops App deployment 1458 | shell: kubectl apply -f /opt/giropops/app-v1.yml 1459 | register: deployment_v1_register 1460 | 1461 | - name: The old version of Giropops App deployment will be removed in two minutes 1462 | pause: 1463 | minutes: 2 1464 | 1465 | - name: Delete old version of Giropops App deployment 1466 | shell: kubectl delete -f /opt/giropops/app-v1.yml 1467 | register: deployment_deleted_register 1468 | EOF 1469 | ``` 1470 | 1471 | ``` 1472 | cat << EOF > templates/app-v1.yml.j2 1473 | apiVersion: apps/v1 1474 | kind: Deployment 1475 | metadata: 1476 | name: giropops-v1 1477 | spec: 1478 | replicas: {{ number_replicas_old_version }} 1479 | selector: 1480 | matchLabels: 1481 | app: giropops 1482 | template: 1483 | metadata: 1484 | labels: 1485 | app: giropops 1486 | version: {{ old_version }} 1487 | annotations: 1488 | prometheus.io/scrape: "{{ prometheus_scrape }}" 1489 | prometheus.io/port: "{{ prometheus_port }}" 1490 | spec: 1491 | containers: 1492 | - name: giropops 1493 | image: linuxtips/nginx-prometheus-exporter:{{ old_version }} 1494 | env: 1495 | - name: VERSION 1496 | value: {{ old_version }} 1497 | ports: 1498 | - containerPort: {{ nginx_port }} 1499 | - containerPort: {{ prometheus_port }} 1500 | EOF 1501 | ``` 1502 | 1503 | ``` 1504 | cat << EOF > templates/app-v2.yml.j2 1505 | apiVersion: apps/v1 1506 | kind: Deployment 1507 | metadata: 1508 | name: giropops-v2 1509 | spec: 1510 | replicas: {{ number_replicas_new_version }} 1511 | selector: 1512 | matchLabels: 1513 | app: giropops 1514 | template: 1515 | metadata: 1516 | labels: 1517 | app: giropops 1518 | version: {{ new_version }} 1519 | annotations: 1520 | prometheus.io/scrape: "{{ prometheus_scrape }}" 1521 | prometheus.io/port: "{{ prometheus_port }}" 1522 | spec: 1523 | containers: 1524 | - name: giropops 1525 | image: linuxtips/nginx-prometheus-exporter:{{ new_version }} 1526 | env: 1527 | - name: VERSION 1528 | value: {{ new_version }} 1529 | ports: 1530 | - containerPort: {{ nginx_port }} 1531 | - containerPort: {{ prometheus_port }} 1532 | EOF 1533 | ``` 1534 | 1535 | ``` 1536 | cat << EOF > vars/main.yml 1537 | --- 1538 | # vars file for common 1539 | 1540 | # Giropops app 1541 | number_replicas_old_version: 1 1542 | number_replicas_new_version: 10 1543 | old_version: 1.0.0 1544 | new_version: 2.0.0 1545 | prometheus_scrape: "true" 1546 | prometheus_port: 32111 1547 | nginx_port: 80 1548 | environment: production 1549 | EOF 1550 | ``` 1551 | 1552 | Copiando main e hosts 1553 | 1554 | ``` 1555 | cd ~/gh/my/descomplicando-ansible-treinamento/descomplicando-ansible/deploy-app-v2 1556 | cp ../deploy-app-v1/main.yml . 1557 | cp ../deploy-app-v1/hosts . 1558 | ``` 1559 | 1560 | Rodando o playbook 1561 | 1562 | ``` 1563 | ansible-playbook -i hosts main.yml 1564 | ``` 1565 | 1566 | 1567 | 1568 | # Aula 5 1569 | 1570 | * Criar uma máquina Ubuntu 1571 | 1572 | ``` 1573 | sudo su - 1574 | ``` 1575 | 1576 | # instalar ansible 1577 | 1578 | ``` 1579 | sudo apt install -y software-properties-common 1580 | sudo apt-add-repository --yes --update ppa:ansible/ansible 1581 | sudo apt update 1582 | sudo apt install -y ansible 1583 | ``` 1584 | 1585 | # instalar docker 1586 | 1587 | ``` 1588 | curl -fsSL https://get.docker.com | bash - 1589 | 1590 | apt-get install -y python-pip 1591 | 1592 | pip install docker-compose==1.9.0 1593 | 1594 | apt-get install -y nodejs npm 1595 | 1596 | npm install npm --global 1597 | ``` 1598 | 1599 | Clonar o repo do Ansible awx 1600 | 1601 | ``` 1602 | git clone https://github.com/ansible/awx.git 1603 | 1604 | cd awx/installer 1605 | 1606 | cat install.yml 1607 | cat inventory 1608 | ``` 1609 | 1610 | 1611 | 1612 | Gerar um secretkey 1613 | 1614 | ``` 1615 | openssl rand -hex 32 1616 | ``` 1617 | 1618 | ``` 1619 | ... 1620 | project_data_dir 1621 | 1622 | grep -v '^#' inventory | grep - '^$' > inventory_limpo 1623 | ``` 1624 | 1625 | --- 1626 | 1627 | ``` 1628 | localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python" 1629 | [all:vars] 1630 | dockerhub_base=ansible 1631 | awx_task_hostname=awx 1632 | awx_web_hostname=awxweb 1633 | postgres_data_dir=/var/lib/pgdocker 1634 | host_port=8080 1635 | host_port_ssl=443 1636 | docker_compose_dir=/var/lib/awx 1637 | pg_username=awx 1638 | pg_password=giropops 1639 | pg_admin_password=giropops 1640 | pg_database=awx 1641 | pg_port=5432 1642 | rabbitmq_password=giropops 1643 | rabbitmq_erlang_cookie=cookiemonster 1644 | admin_user=admin 1645 | admin_password=giropops 1646 | create_preload_data=True 1647 | secret_key=91f1db6f6d7691121bcfa62708d59c2cd3f4aa9bd6f6d25f261395684c659dd3 1648 | project_data_dir=/var/lib/awx/projects 1649 | ``` 1650 | 1651 | --- 1652 | 1653 | ``` 1654 | ansible-playbook -i inventory install.yml 1655 | 1656 | docker ps 1657 | ``` 1658 | 1659 | Security group 1660 | 1661 | All traffic 1662 | 1663 | Entra no ip 1664 | 1665 | Criar um projeto 1666 | 1667 | ``` 1668 | cd awx/project 1669 | mkdir opa 1670 | cd opa 1671 | ansible-galaxy init opa 1672 | ``` 1673 | 1674 | --------------------------------------------------------------------------------