prskr/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

chore: remove obsolete Ansible config

Browse source
This commit is contained in:
Peter 2024-05-08 18:11:32 +02:00
parent e6de9656aa
commit c88a489a6d
Signed by: prskr
GPG key ID: F56BED6903BC5E37
10 changed files with 2 additions and 306 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
k8s/configure_cluster.yaml
View file

@ -5,6 +5,6 @@
# - role: coder
# - role: prometheus
# - role: postgres
# - role: hcloud
- role: hcloud
# - role: fider
- role: nextcloud
# - role: nextcloud

9
k8s/roles/download/tasks/main.yml
View file

@ -1,9 +0,0 @@
---
- name: Download k3s binary
ansible.builtin.get_url:
url: https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/k3s
checksum: sha256:https://github.com/k3s-io/k3s/releases/download/{{ k3s_version }}/sha256sum-amd64.txt
dest: /usr/local/bin/k3s
owner: root
group: root
mode: 0755

35
k8s/roles/hcloud/tasks/main.yml
View file

@ -1,35 +0,0 @@
---
- name: Create Hcloud token secret
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: hcloud
namespace: kube-system
data:
token: "{{ HcloudToken | b64encode }}"
network: "{{ 'k8s-net' | b64encode }}"
- name: Add Hcloud chart repo
kubernetes.core.helm_repository:
name: hcloud
repo_url: https://charts.hetzner.cloud
- name: Deploy cloud-controller-manager
kubernetes.core.helm:
name: hccm
chart_ref: hcloud/hcloud-cloud-controller-manager
release_namespace: kube-system
chart_version: "1.19.0"
release_values: "{{ lookup('template', 'values.hccm.yml.j2') | from_yaml }}"
- name: Deploy hcloud CSI driver
kubernetes.core.helm:
name: hcloud-csi-driver
chart_ref: hcloud/hcloud-csi
release_namespace: kube-system
chart_version: "2.6.0"
release_values: "{{ lookup('template', 'values.csi.yml.j2') | from_yaml }}"

10
k8s/roles/hcloud/templates/values.csi.yml.j2
View file

@ -1,10 +0,0 @@
controller:
hcloudToken:
existingSecret:
name: hcloud
key: token
metrics:
enabled: true
serviceMonitor:
enabled: true

13
k8s/roles/hcloud/templates/values.hccm.yml.j2
View file

@ -1,13 +0,0 @@
monitoring:
podMonitor:
enabled: true
networking:
enabled: true
clusterCIDR: 10.42.0.0/24
env:
HCLOUD_LOAD_BALANCERS_USE_PRIVATE_IP:
value: "true"
HCLOUD_LOAD_BALANCERS_LOCATION:
value: "hel1"

7
k8s/roles/postgres/files/values.postgres15.yaml
View file

@ -1,7 +0,0 @@
auth:
existingSecret: postgres-credentials
primary:
persistence:
storageClass: hcloud-volumes
size: 8Gi

36
k8s/roles/postgres/tasks/main.yml
View file

@ -1,36 +0,0 @@
---
- name: Create postgres namespace
kubernetes.core.k8s:
name: postgres
api_version: v1
kind: Namespace
state: present
definition:
metadata:
labels:
prometheus: default
- name: Create Postgres secret
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
namespace: postgres
data:
postgres-password: "{{ PostgresPassword | b64encode }}"
- name: Add Bitnami chart repo
kubernetes.core.helm_repository:
name: bitnami
repo_url: https://charts.bitnami.com/bitnami
- name: Deploy Postgres 15
kubernetes.core.helm:
name: postgres-15
chart_ref: bitnami/postgresql
release_namespace: postgres
chart_version: "12.6.4"
release_values: "{{ lookup('ansible.builtin.file', 'values.postgres15.yaml') | from_yaml }}"

16
k8s/roles/prereq/tasks/main.yml
View file

@ -1,16 +0,0 @@
---
- name: Enable IPv4 forwarding
sysctl:
name: net.ipv4.ip_forward
value: "1"
state: present
reload: yes
- name: Enable IPv6 forwarding
sysctl:
name: net.ipv6.conf.all.forwarding
value: "1"
state: present
reload: yes
when: ansible_all_ipv6_addresses

51
k8s/roles/prometheus/tasks/main.yaml
View file

@ -1,51 +0,0 @@
---
- name: Add Prometheus chart repo
kubernetes.core.helm_repository:
name: prometheus-community
repo_url: https://prometheus-community.github.io/helm-charts
- name: Create observability namespace
kubernetes.core.k8s:
name: observability-system
api_version: v1
kind: Namespace
state: present
definition:
metadata:
labels:
prometheus: default
- name: Create Grafana admin credentials secret
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: grafana-admin-credentials
namespace: observability-system
data:
user: "{{ grafana.admin.user | b64encode }}"
password: "{{ grafana.admin.password | b64encode }}"
# - name: Update Prometheus operator CRDs
# kubernetes.core.k8s:
# state: present
# definition: "{{ lookup('ansible.builtin.url', item, split_lines=False) | from_yaml }}"
# loop:
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
- name: Deploy Prometheus chart
kubernetes.core.helm:
name: prometheus
chart_ref: prometheus-community/kube-prometheus-stack
release_namespace: observability-system
chart_version: 47.3.0
update_repo_cache: true
release_values: "{{ lookup('ansible.builtin.template', 'values.yaml.j2') | from_yaml }}"

127
k8s/roles/prometheus/templates/values.yaml.j2
View file

@ -1,127 +0,0 @@
commonLabels:
prometheus: default
admin:
existingSecret: grafana-admin-credentials
userKey: user
passwordKey: password
defaultRules:
rules:
etcd: false
prometheus:
prometheusSpec:
retention: 7d
serviceMonitorNamespaceSelector:
matchLabels:
prometheus: default
serviceMonitorSelector:
matchLabels:
prometheus: default
ruleSelector:
matchLabels:
prometheus: default
ruleNamespaceSelector:
matchLabels:
prometheus: default
podMonitorSelector:
matchLabels:
prometheus: default
podMonitorNamespaceSelector:
matchLabels:
prometheus: default
resources:
requests:
memory: 3Gi
cpu: 500m
limits:
memory: 4Gi
cpu: 800m
storageSpec:
volumeClaimTemplate:
spec:
storageClassName: hcloud-volumes
resources:
requests:
storage: 15Gi
alertmanager:
enabled: false
kubeEtcd:
enabled: false
kubeControllerManager:
enabled: true
endpoints: ['{{ master_ip }}']
service:
enabled: true
port: 10257
targetPort: 10257
serviceMonitor:
enabled: true
https: true
kubeScheduler:
enabled: true
endpoints: ['{{ master_ip }}']
service:
enabled: true
port: 10259
targetPort: 10259
serviceMonitor:
enabled: true
https: true
kubeProxy:
enabled: true
endpoints: ['{{ master_ip }}']
service:
enabled: true
port: 10249
targetPort: 10249
grafana:
ingress:
enabled: true
hosts:
- grafana.icb4dc0.de
grafana.ini:
server:
domain: grafana.icb4dc0.de
root_url: "https://%(domain)s"
database:
type: postgres
host: default-cluster-primary.postgres.svc:5432
name: grafana
user: "{{ grafana.db.user }}"
password: "{{ grafana.db.password }}"
ssl_mode: require
auth:
disable_login_form: true
auth.generic_oauth:
name: Gitea
icon: signin
enabled: "true"
client_id: {{ grafana.auth.clientId }}
client_secret: {{ grafana.auth.clientSecret }}
empty_scopes: true
auth_url: https://code.icb4dc0.de/login/oauth/authorize
token_url: https://code.icb4dc0.de/login/oauth/access_token
api_url: https://code.icb4dc0.de/login/oauth/userinfo
persistence:
enabled: false
storageClassName: hcloud-volumes
prometheus-node-exporter:
prometheus:
monitor:
additionalLabels:
prometheus: default
kube-state-metrics:
prometheus:
monitor:
additionalLabels:
prometheus: default