djpbessems/Packer.Images
djpbessems/Packer.Images
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix linting error;Add workload cluster generation/configuration
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Danny Bessems 2023-01-05 16:42:20 +01:00
parent edc19464e2
commit 6c3867fb57
3 changed files with 61 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml
View File

@ -49,8 +49,8 @@
status_code: [200, 401] status_code: [200, 401]
register: api_readycheck register: api_readycheck
until: api_readycheck.json.apiVersion is defined until: api_readycheck.json.apiVersion is defined
retries: "{{ playbook.retries }}" retries: "{{ playbook.retries }}"
delay: "{{ playbook.delays.medium }}" delay: "{{ playbook.delays.medium }}"
- name: Install kubectl tab-completion - name: Install kubectl tab-completion
ansible.builtin.shell: ansible.builtin.shell:

41
ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
View File

@ -92,7 +92,48 @@
chdir: /opt/metacluster/cluster-api chdir: /opt/metacluster/cluster-api
register: clusterctl_newcluster register: clusterctl_newcluster
# TODO: move to git repo
- name: Save workload cluster manifest - name: Save workload cluster manifest
ansible.builtin.copy: ansible.builtin.copy:
dest: /opt/metacluster/cluster-api/new-cluster.yaml dest: /opt/metacluster/cluster-api/new-cluster.yaml
content: "{{ clusterctl_newcluster.stdout }}" content: "{{ clusterctl_newcluster.stdout }}"
- name: Apply workload cluster manifest
kubernetes.core.k8s:
definition: >-
{{ clusterctl_newcluster.stdout }}
wait: yes
kubeconfig: "{{ kubeconfig.path }}"
- name: Initialize tempfile
ansible.builtin.tempfile:
state: file
register: capi_kubeconfig
- name: Retrieve kubeconfig
ansible.builtin.command:
cmd: kubectl config view --raw
register: capi_kubectl_config
- name: Store kubeconfig in tempfile
ansible.builtin.copy:
dest: "{{ capi_kubeconfig.path }}"
content: "{{ capi_kubectl_config.stdout }}"
mode: 0600
no_log: true
- name: Generate serviceaccount
# TODO: move to GitOps
kubernetes.core.k8s:
template: serviceaccount.j2
state: present
kubeconfig: "{{ capi_kubeconfig.path }}"
vars:
_template:
account:
name: argocd-sa
namespace: default
clusterrolebinding:
name: argocd-crb
- name: Apply cni plugin manifest
# TODO: move to GitOps
kubernetes.core.k8s:
src: /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
state: present
wait: yes
kubeconfig: "{{ capi_kubeconfig.path }}"

18
ansible/roles/firstboot/files/ansible_payload/templates/serviceaccount.j2 Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ _template.clusterrolebinding.name }}
subjects:
- kind: ServiceAccount
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io