DevOps/software-infrastructure
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

v0.0.6

Browse Source
This commit is contained in:
Eric Meehan 2024-07-06 22:10:33 +00:00
parent 4dae39b470
commit b78e8e4242
29 changed files with 128 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
group_vars/alpha.yml
View File

@ -1,5 +0,0 @@
---
# Group vars for alpha cluster
kubernetes_pod_network:
cni: 'flannel'
cidr: '10.0.0.0/16'

19
host_vars/alpha-control-plane.yml
View File

@ -1,21 +1,2 @@
---
# Host vars for alpha-control-plane
network_interfaces: "
# The primary network interface
auto eno8303
iface eno8303 inet static
address 10.0.0.2/16
iface eno8303 inet6 static
address fc00:6572:6963:a::2/64
# The secondary network interface
allow-hotplug eno8403
iface eno8403 inet dhcp
"

19
host_vars/alpha-worker-0.yml
View File

@ -1,22 +1,3 @@
---
# Host vars for alpha-worker-0
network_interfaces: "
# The primary network interface
auto eno1np0
iface eno1np0 inet static
address 10.0.0.3/16
iface eno1np0 inet6 static
address fc00:6572:6963:a::3/64
# The secondary network interface
allow-hotplug eno2np1
iface eno2np1 inet dhcp
"
nvidia: true

4
inventories/attlocal.yml
View File

@ -8,8 +8,8 @@ all:
control_plane:
hosts:
alpha-control-plane:
ansible-host: 192.168.1.103
ansible-host: 192.168.1.116
workers:
hosts:
alpha-worker-0:
ansible-host: 192.168.1.102
ansible-host: 192.168.1.125

57
kubernetes_test.yml Normal file
View File

@ -0,0 +1,57 @@
---
- name: Minecraft Deployment
hosts: alpha-control-plane
become: true
tasks:
- name: Create a Deployment
kubernetes.core.k8s:
definition:
apiVersion: apps/v1
kind: Deployment
metadata:
name: minecraft-deployment
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: minecraft
template:
metadata:
labels:
app: minecraft
spec:
containers:
- name: minecraft-container
image: itzg/minecraft-server
ports:
- containerPort: 24454
- containerPort: 25565
env:
- name: EULA
value: "TRUE"
- name: TYPE
value: FABRIC
- name: MODS
value: "https://download.geysermc.org/v2/projects/geyser/versions/latest/builds/latest/downloads/fabric,https://cdn.modrinth.com/data/bWrNNfkb/versions/D4KXqjtC/Floodgate-Fabric-2.2.3-SNAPSHOT%2Bbuild.28.jar,https://cdn.modrinth.com/data/9eGKb6K1/versions/COYWChTc/voicechat-fabric-1.21-2.5.18.jar"
- name: Expose Deployment as a Service
kubernetes.core.k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: minecraft-service
namespace: default
spec:
selector:
app: myapp
ports:
- port: 24454
protocol: UDP
name: minecraft-port-24454
- port: 25565
protocol: TCP
name: minecraft-port-25565
type: NodePort

29
nvidia_test.yml
View File

@ -1,25 +1,8 @@
# my playbook
- name: Install Nvidia drivers
hosts: alpha-worker-0
---
- name: Prepare cluster environments
hosts: clusters
become: true
pre_tasks:
- name: Add contrib & non-free repository
replace:
dest: /etc/apt/sources.list
regexp: '^(deb(?!.* contrib).*)'
replace: '\1 contrib non-free'
- name: Install Linux headers
apt:
name: linux-headers-{{ ansible_kernel }}
state: present
roles:
- role: nvidia.nvidia_driver # should run after cluster install
vars:
# See https://github.com/NVIDIA/ansible-role-nvidia-driver#role-variables
nvidia_driver_skip_reboot: no
nvidia_driver_branch: "555"
nvidia_driver_ubuntu_cuda_repo_baseurl: 'https://developer.download.nvidia.com/compute/cuda/repos/debian12/x86_64' # enforced 'debian11'
nvidia_driver_ubuntu_cuda_keyring_package: "cuda-keyring_1.1-1_all.deb"
nvidia_driver_ubuntu_install_from_cuda_repo: yes
nvidia_driver_persistence_mode_on: yes
ansible_distribution: Ubuntu # forcing in to the ubuntu part of the role
- role: nvidia.nvidia_driver
when:
- nvidia == true

38
roles/ericomeehan.configure_network/README.md
View File

@ -1,38 +0,0 @@
ericomeehan.configure_network
=========
Role to configure network interfaces for eom.dev.
Requirements
------------
None
Role Variables
--------------
network_interfaces: A string defining network interfaces for a Debian node
Dependencies
------------
None
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
Eric O'Neill Meehan

2
roles/ericomeehan.configure_network/defaults/main.yml
View File

@ -1,2 +0,0 @@
---
# defaults file for configure_network

2
roles/ericomeehan.configure_network/handlers/main.yml
View File

@ -1,2 +0,0 @@
---
# handlers file for configure_network

34
roles/ericomeehan.configure_network/meta/main.yml
View File

@ -1,34 +0,0 @@
galaxy_info:
author: your name
description: your role description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Choose a valid license ID from https://spdx.org - some suggested licenses:
# - BSD-3-Clause (default)
# - MIT
# - GPL-2.0-or-later
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: license (GPL-2.0-or-later, MIT, etc)
min_ansible_version: 2.1
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

12
roles/ericomeehan.configure_network/tasks/Debian_firewall.yml
View File

@ -1,12 +0,0 @@
---
# tasks file for Debian_firewall
- name: Copy nftables configuration template
template:
src: "nftables.conf.j2"
dest: /etc/nftables.conf
- name: Enable nftables
service:
name: nftables
state: started
enabled: true

6
roles/ericomeehan.configure_network/tasks/Debian_interfaces.yml
View File

@ -1,6 +0,0 @@
---
# tasks file for Debian_interfaces
- name: Configure network interfaces for a Debian node
template:
src: "Debian_interfaces.j2"
dest: /etc/network/interfaces

7
roles/ericomeehan.configure_network/tasks/main.yml
View File

@ -1,7 +0,0 @@
---
# tasks file for configure_network
- include_tasks: Debian_interfaces.yml
when: ansible_os_family == "Debian"
- include_tasks: Debian_firewall.yml
when: ansible_os_family == "Debian"

10
roles/ericomeehan.configure_network/templates/Debian_interfaces.j2
View File

@ -1,10 +0,0 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
{{ network_interfaces }}

2
roles/ericomeehan.configure_network/tests/inventory
View File

@ -1,2 +0,0 @@
localhost

5
roles/ericomeehan.configure_network/tests/test.yml
View File

@ -1,5 +0,0 @@
---
- hosts: localhost
remote_user: root
roles:
- configure_network

2
roles/ericomeehan.configure_network/vars/main.yml
View File

@ -1,2 +0,0 @@
---
# vars file for configure_network

31
roles/ericomeehan.nvidia_driver_debian/tasks/main.yml
View File

@ -5,28 +5,31 @@
dest: /etc/apt/sources.list
regexp: '^(deb(?!.* contrib).*)'
replace: '\1 contrib non-free'
- name: Update apt
become: yes
apt:
update_cache: yes
when: nvidia == true
- name: Install Linux headers
apt:
name: linux-headers-{{ ansible_kernel }}
state: present
- name: Install Nvidia driver
- name: Install Nvidia and CUDA drivers
apt:
name: nvidia-driver
state: present
- name: Install necessary firmware
apt:
name: firmware-misc-nonfree
state: present
- name: Install CUDA drivers
apt:
name: nvidia-cuda-dev
state: present
- name: Install CUDA toolkit
apt:
name: nvidia-cuda-toolkit
state: present
name:
- nvidia-driver
- firmware-misc-nonfree
- nvidia-cuda-dev
- nvidia-cuda-toolkit
- name: Rebooting the system
ansible.builtin.reboot:
- name: Wait for SSH connection
ansible.builtin.wait_for_connection:
timeout: 300

38
roles/ericomeehan.save_initial_configuration/README.md
View File

@ -1,38 +0,0 @@
Dump debconf database
=========
Dumps the debconf database after a fresh Debian installation.
Requirements
------------
None
Role Variables
--------------
None
Dependencies
------------
None
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- role: ericomeehan.dump-debconf-database
License
-------
BSD
Author Information
------------------
Eric O'Neill Meehan

2
roles/ericomeehan.save_initial_configuration/defaults/main.yml
View File

@ -1,2 +0,0 @@
---
# defaults file for dump_debconf_database

2
roles/ericomeehan.save_initial_configuration/handlers/main.yml
View File

@ -1,2 +0,0 @@
---
# handlers file for dump_debconf_database

34
roles/ericomeehan.save_initial_configuration/meta/main.yml
View File

@ -1,34 +0,0 @@
galaxy_info:
author: your name
description: your role description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Choose a valid license ID from https://spdx.org - some suggested licenses:
# - BSD-3-Clause (default)
# - MIT
# - GPL-2.0-or-later
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: license (GPL-2.0-or-later, MIT, etc)
min_ansible_version: 2.1
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

23
roles/ericomeehan.save_initial_configuration/tasks/dump_debconf_db.yml
View File

@ -1,23 +0,0 @@
---
# tasks file for dump_debconf_db
- name: Install debconf-utils
apt:
name: debconf-utils
state: present
- name: Check if /root/preseed.txt exists
stat:
path: /root/preseed.txt
register: preseed_file
- name: Create preseed file
command: echo "#_preseed_V1" > /root/preseed.txt
when: not preseed_file.stat.exists
- name: Append installer's debconf database to the file
command: debconf-get-selections --installer >> /root/preseed.txt
when: not preseed_file.stat.exists
- name: Append debconf database to the file
command: debconf-get-selections >> /root/preseed.txt
when: not preseed_file.stat.exists

4
roles/ericomeehan.save_initial_configuration/tasks/main.yml
View File

@ -1,4 +0,0 @@
---
# tasks file for dump_debconf_database
- include_tasks: dump_debconf_db.yml
when: ansible_os_family == "Debian"

2
roles/ericomeehan.save_initial_configuration/tests/inventory
View File

@ -1,2 +0,0 @@
localhost

5
roles/ericomeehan.save_initial_configuration/tests/test.yml
View File

@ -1,5 +0,0 @@
---
- hosts: localhost
remote_user: root
roles:
- dump_debconf_database

2
roles/ericomeehan.save_initial_configuration/vars/main.yml
View File

@ -1,2 +0,0 @@
---
# vars file for dump_debconf_database

53
site.yml
View File

@ -1,11 +1,41 @@
---
# Master playbook for eom.dev
- name: Initial OS configuration
- name: Initialize systems
hosts: all
become: true
roles:
- role: ericomeehan.save_initial_configuration
- role: ericomeehan.configure_network
tasks:
- name: Install debconf-utils
apt:
name: debconf-utils
state: present
- name: Check if /root/preseed.txt exists
stat:
path: /root/preseed.txt
register: preseed_file
- name: Create preseed file
command: echo "#_preseed_V1" > /root/preseed.txt
when: not preseed_file.stat.exists
- name: Append installer's debconf database to the file
command: debconf-get-selections --installer >> /root/preseed.txt
when: not preseed_file.stat.exists
- name: Append debconf database to the file
command: debconf-get-selections >> /root/preseed.txt
when: not preseed_file.stat.exists
- name: Copy nftables configuration template
template:
src: "nftables.conf.j2"
dest: /etc/nftables.conf
- name: Enable nftables
service:
name: nftables
state: started
enabled: true
- name: Prepare cluster environments
hosts: clusters
@ -16,23 +46,32 @@
path: /etc/sysctl.conf
line: 'net.ipv4.ip_forward = 1'
state: present
- name: Update sysctl configuration to enable IPv6 packet forwarding
lineinfile:
path: /etc/sysctl.conf
line: 'net.ipv6.conf.all.forwarding = 1'
state: present
- name: Reload sysctl configuration
command: sysctl --system
- name: Enable br_netfilter kernel module
command: modprobe br_netfilter
- name: Add the module to a configuration file for persistence
lineinfile:
path: /etc/modules-load.d/modules.conf
line: "br_netfilter"
- name: Install kubernetes library
apt:
name: python3-kubernetes
state: present
roles:
- role: geerlingguy.containerd
- role: geerlingguy.kubernetes
- role: ericomeehan.nvidia_driver_debian
when: nvidia == true and ansible_os_family == 'Debian'
tasks:
when:
- nvidia == true

0
roles/ericomeehan.configure_network/templates/nftables.conf.j2 → templates/nftables.conf.j2
View File