DevOps/software-infrastructure
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

v0.0.19

Browse Source
This commit is contained in:
Eric Meehan 2024-10-10 11:37:23 -04:00
parent 3e51c67453
commit 2f3f4a8d2c
14 changed files with 463 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -16,3 +16,6 @@
[submodule "roles/ericomeehan.kraken-bot"]
path = roles/ericomeehan.kraken-bot
url = https://git.eom.dev/ansible-role-kraken-bot
[submodule "roles/ericomeehan.qemu-network"]
path = roles/ericomeehan.qemu-network
url = https://git.eom.dev/ansible-role-qemu-network

42
bmcluster.yaml
View File

@ -1,13 +1,38 @@
---
# Master playbook for eom.dev
- name: Initialize systems
hosts: clusters
- name: Initialize servers
hosts: servers
become: true
roles:
- role: ericomeehan.debian
vars:
is_new_host: true
- role: ericomeehan.ericomeehan
- role: ericomeehan.nvidia_driver
vars:
nvidia_driver_debian_install_tesla_driver: true
when:
- nvidia_driver_needed == true
- role: ericomeehan.qemu-network
- name: Wait for virtual machines to boot
- name: Copy SSH ID to virtual machines
- name: Initialize virtual machines
hosts: vms
become: true
roles:
- role: ericomeehan.debian
vars:
is_new_host: true
- role: ericomeehan.ericomeehan
- name: Initialize cluster nodes
- name: Initialize load balancers
hosts: load_balancers
become: true
- name: Initialize Kubernetes clusters
hosts: clusters
become: true
pre_tasks:
@ -37,11 +62,8 @@
- role: geerlingguy.containerd
- role: geerlingguy.kubernetes
- role: geerlingguy.helm
when: kubernetes_role == 'control_plane'
- role: ericomeehan.nvidia_driver
vars:
- nvidia_driver_debian_install_tesla_driver: true
when: nvidia_driver_needed == true
when:
- kubernetes_role == 'control-plane'
- name: Deploy services
hosts: alpha-control-plane
@ -50,8 +72,4 @@
become: true
roles:
- role: ericomeehan.eom
vars:
target_namespace: prod
- role: ericomeehan.gondwana
vars:
target_namespace: prod

71
eom.dev.yaml Normal file
View File

@ -0,0 +1,71 @@
---
# Master playbook for eom.dev
- name: Initialize servers
hosts: servers
become: true
roles:
- role: ericomeehan.debian
- role: ericomeehan.ericomeehan
- role: ericomeehan.nvidia_driver
when: nvidia_driver_needed == true
- role: ericomeehan.qemu_network
- name: Initialize clusters
hosts: clusters
become: true
pre_tasks:
- name: Update sysctl configuration to enable IPv4 packet forwarding
lineinfile:
path: /etc/sysctl.conf
line: 'net.ipv4.ip_forward = 1'
state: present
- name: Update sysctl configuration to enable IPv6 packet forwarding
lineinfile:
path: /etc/sysctl.conf
line: 'net.ipv6.conf.all.forwarding = 1'
state: present
- name: Reload sysctl configuration
command: sysctl --system
- name: Enable br_netfilter kernel module
command: modprobe br_netfilter
- name: Add the module to a configuration file for persistence
lineinfile:
path: /etc/modules-load.d/modules.conf
line: "br_netfilter"
- name: Install kubernetes library
apt:
name: python3-kubernetes
state: present
roles:
- role: geerlingguy.containerd
- role: geerlingguy.kubernetes
- role: geerlingguy.helm
when: kubernetes_role == 'control_plane'
- name: Initialize gateway
hosts: gateway
become: true
roles:
- role: ericomeehan.gateway
- name: Initialize vpn
hosts: vpn
become: true
roles:
- role: ericomeehan.vpn
- name: Initialize nfs
hosts: nfs
become: true
roles:
- role: ericomeehan.nfs
- name: Deploy services
hosts: control-plane
vars_files:
- vars/secrets.yaml
become: true
roles:
- role: ericomeehan.eom
- role: ericomeehan.gondwana
- role: ericomeehan.kraken-bot

6
eom.yaml
View File

@ -1,10 +1,8 @@
---
- name: Deploy eom.dev one service at a time
hosts: alpha-control-plane
hosts: imac
become: true
vars:
target_namespace: prod
vars_files:
- ../secrets.yaml
roles:
- role: ericomeehan.eom
- role: ericomeehan.ericomeehan

43
helm.yaml Normal file
View File

@ -0,0 +1,43 @@
---
# Playbook for deploying helm charts
- name: Deploy WordPress using Helm
hosts: alpha-control-plane
become: true
vars:
wordpress_chart_version: "9.0.1"
wordpress_release_name: "wordpress"
wordpress_database_password: "your_database_password"
wordpress_service_type: "ClusterIP"
wordpress_service_port: 80
wordpress_persistence_enabled: true
wordpress_persistence_storageClass: "standard"
wordpress_persistence_size: "20Gi"
tasks:
- name: Add Helm repository for WordPress
helm_repo:
name: bitnami
state: present
url: https://charts.bitnami.com/bitnami
- name: Install WordPress Helm chart
helm_chart:
name: "{{ wordpress_release_name }}"
chart: "wordpress"
repo: "bitnami"
version: "{{ wordpress_chart_version }}"
values:
global:
imageRegistry: "docker.io"
service:
type: "{{ wordpress_service_type }}"
port: "{{ wordpress_service_port }}"
wordpressUsername: "your_wordpress_username"
wordpressPassword: "your_wordpress_password"
wordpressEmail: "your_wordpress_email"
wordpressDatabase:
password: "{{ wordpress_database_password }}"
persistence:
enabled: "{{ wordpress_persistence_enabled }}"
storageClass: "{{ wordpress_persistence_storageClass }}"
size: "{{ wordpress_persistence_size }}"

49
host_vars/alpha-worker-0.yml
View File

@ -2,3 +2,52 @@
# Host vars for alpha-worker-0
nvidia_driver_needed: true
nvidia_driver_tesla: true
qemu_cluster_networks:
- name: lan
bridge: br1
interfaces:
- eno2np1
address: 10.0.0.2
netmask: 255.255.255.0
gateway: 10.0.0.254
qemu_cluster_machines:
- name: nfs
ram_mb: 4096
vcpus: 1
networks:
- lan
- name: control-plane
ram_mb: 4096
vcpus: 1
networks:
- lan
- name: worker-0
ram_mb: 16384
vcpus: 1
networks:
- lan
- name: worker-1
ram_mb: 16384
vcpus: 1
networks:
- lan
- name: worker-2
ram_mb: 16384
vcpus: 1
networks:
- lan
- name: worker-3
ram_mb: 16384
vcpus: 1
networks:
- lan
- name: worker-4
ram_mb: 16384
vcpus: 1
networks:
- lan
- name: worker-5
ram_mb: 16384
vcpus: 1
networks:
- lan

36
host_vars/poweredge-r350.yaml Normal file
View File

@ -0,0 +1,36 @@
# Host vars for poweredge-r350
qemu_network_networks:
- name: wan
bridge: br0
interfaces:
- eno1np0
use_dhcp: true
- name: lan
bridge: br1
interfaces:
- eno2np1
use_dhcp: false
address: 10.0.0.1
netmask: 255.0.0.0
gateway: 10.0.0.254
qemu_network_machines:
- name: gateway
ram_mb: 2048
vcpus: 1
networks:
- wan
- lan
disks:
- filename: gateway-vda
type: qcow2
target_dev: vda
- name: vpn
ram_mb: 2048
vcpus: 1
networks:
- wan
- lan
disks:
- filename: vpn-vda
type: qcow2
target_dev: vda

90
host_vars/poweredge-t640.yaml Normal file
View File

@ -0,0 +1,90 @@
---
# Host vars for poweredge-t640
nvidia_driver_needed: true
nvidia_driver_tesla: true
qemu_network_networks:
- name: lan
bridge: br1
interfaces:
- eno2np1
use_dhcp: false
address: 10.0.0.0
netmask: 255.255.0.0
gateway: 10.0.0.1
qemu_network_disks:
- name: nfs-vda
type: qcow2
from: eom-base.qcow2
- name: nfs-vdb
type: qcow2
size: 16T
- name: control-plane-vda
type: qcow2
from: eom-base.qcow2
- name: worker-0-vda
type: qcow2
from: eom-base.qcow2
- name: worker-1-vda
type: qcow2
from: eom-base.qcow2
- name: worker-2-vda
type: qcow2
from: eom-base.qcow2
qemu_network_machines:
- name: nfs
ram_mb: 4096
vcpus: 1
networks:
- lan
disks:
- filename: nfs-vda
type: qcow2
target_dev: vda
- filename: nfs-vdb
type: qcow2
target_dev: vda
- name: control-plane
ram_mb: 4096
vcpus: 1
networks:
- lan
disks:
- filename: control-plane-vda
type: qcow2
target_dev: vda
- name: worker-0
ram_mb: 16384
vcpus: 1
networks:
- lan
disks:
- filename: worker-0-vda
type: qcow2
target_dev: vda
- name: worker-1
ram_mb: 16384
vcpus: 1
networks:
- lan
disks:
- filename: worker-1-vda
type: qcow2
target_dev: vda
- name: worker-2
ram_mb: 16384
vcpus: 1
networks:
- lan
disks:
- filename: worker-2-vda
type: qcow2
target_dev: vda
- name: worker-3
ram_mb: 16384
vcpus: 1
networks:
- lan
disks:
- filename: worker-3-vda
type: qcow2
target_dev: vda

28
inventories/attlocal.yml
View File

@ -10,8 +10,34 @@ all:
imac:
ansible-host: 192.168.1.139
servers:
children:
hosts:
poweredge-r350:
ansible-host: 192.168.1.137
poweredge-t640:
ansible-host: 192.168.1.138
vms:
hosts:
gateway:
ansible-host: 10.0.0.1
vpn:
ansible-host: 10.0.0.2
nfs:
ansible-host: 10.0.0.3
load_balancers:
children:
alpha:
hosts:
alpha-load-balancer:
ansible-host: 10.0.1.0
clusters:
children:
alpha:
hosts:
alpha-control-plane:
ansible-host: 10.0.1.1
alpha-worker-0:
ansible-host: 10.0.1.2
alpha-worker-1:
ansible-host: 10.0.1.3
alpha-worker-2:
ansible-host: 10.0.1.4

28
qemu.yaml Normal file
View File

@ -0,0 +1,28 @@
---
# Playbook for QEMU
- name: Prepare virtualization environment
hosts: alpha-worker-0
become: true
vars:
qemu_network_networks:
- name: lan
bridge: br1
interfaces:
- eno2np1
use_dhcp: false
address: 10.0.0.2
netmask: 255.255.255.0
gateway: 10.0.0.254
qemu_network_machines:
- name: nfs
ram_mb: 4096
vcpus: 1
networks:
- lan
disks:
- filename: nfs-vda
type: qcow2
target_dev: vda
- filename: nfs-vdb
type: qcow2
target_dev: vda

1
roles/ericomeehan.qemu-network Submodule

@ -0,0 +1 @@
Subproject commit aa1a12a3f5cdf6398b4f6dbc2df00e48a55542c4

52
templates/vm_template.xml.j2 Normal file
View File

@ -0,0 +1,52 @@
<domain type='kvm'>
<name>{{ vm_name }}</name>
<memory unit='MiB'>{{ vm_ram_mb }}</memory>
<vcpu placement='static'>{{ vm_vcpus }}</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-5.2'>hvm</type>
<boot dev='hd'/>
</os>
<cpu mode='host-model' check='none'/>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='{{ libvirt_pool_dir }}/{{ vm_name }}.qcow2'/>
<target dev='vda' bus='virtio'/>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</disk>
<interface type='network'>
<source network='{{ vm_net }}'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
<channel type='unix'>
<target type='virtio' name='org.qemu.guest_agent.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</memballoon>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
</rng>
</devices>
</domain>

13
test.yaml Normal file
View File

@ -0,0 +1,13 @@
---
- name: Create a copy of an existing qcow2 image
hosts: localhost
gather_facts: no
tasks:
- name: Create a new qcow2 image from an existing one
libvirt_volume:
name: new-image.qcow2
source: /home/eric/Downloads/debian-12-nocloud-amd64.qcow2
pool: default
format: qcow2
state: present

18
virtual-machine.yaml Normal file
View File

@ -0,0 +1,18 @@
---
# Playbook for base virtual-machine
- name: Initialize system
hosts: imac
become: true
vars_files:
- ../secrets.yaml
roles:
- role: ericomeehan.debian
vars:
is_new_host: true
- role: ericomeehan.ericomeehan
tasks:
- name: Install additional packages
apt:
update_cache: true
name:
- cloud-init