Mercurial > code > home > repos > infra
diff kube.py @ 12:15c5ce7c74b5
refactor, cleanup, split large deploys
| author | drewp@bigasterisk.com |
|---|---|
| date | Thu, 11 Nov 2021 23:31:21 -0800 |
| parents | 226f3c8419b2 |
| children | 0c1496e11b8f |
line wrap: on
line diff
--- a/kube.py Thu Nov 11 22:46:32 2021 -0800 +++ b/kube.py Thu Nov 11 23:31:21 2021 -0800 @@ -1,7 +1,7 @@ from pyinfra import host -from pyinfra.operations import server, files, apt, ssh, systemd -from pyinfra.facts.server import LinuxDistribution, Arch from pyinfra.facts.files import FindInFile +from pyinfra.facts.server import Arch, LinuxDistribution +from pyinfra.operations import files, server, systemd bang_is_old = True # remove after upgrade is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux'] @@ -10,20 +10,16 @@ k3s_version = 'v1.21.2+k3s1' master_ip = "10.5.0.1" -token = open('secrets/k3s_token', 'rt').read().strip() - server.sysctl(key='net.ipv4.ip_forward', value="1", persist=True) server.sysctl(key='net.ipv6.conf.all.forwarding', value="1", persist=True) -# - role: download -if host.get_fact(Arch) == 'x86_64': - src = f'https://github.com/rancher/k3s/releases/download/{k3s_version}/k3s' -else: - src = f'https://github.com/rancher/k3s/releases/download/{k3s_version}/k3s-armhf' +tail = 'k3s' if host.get_fact(Arch) == 'x86_64' else 'k3s-armhf' +files.download(src=f'https://github.com/rancher/k3s/releases/download/{k3s_version}/{tail}', + dest='/usr/local/bin/k3s', + user='root', + group='root', + mode='755') -files.download(src=src, dest='/usr/local/bin/k3s', user='root', group='root', mode='755') - -# - role: raspbian if is_pi: old_cmdline = host.get_fact(FindInFile, path='/boot/cmdline.txt', pattern=r'.*')[0] print(repr(old_cmdline)) @@ -38,20 +34,17 @@ ]) # needs reboot if this changed -# - role: registries_fix # See https://github.com/rancher/k3s/issues/1802 and https://rancher.com/docs/k3s/latest/en/installation/private-registry/ files.directory(path='/etc/rancher/k3s') -files.template(src='templates/registries.yaml.j2', dest='/etc/rancher/k3s/registries.yaml') +files.template(src='templates/kube/registries.yaml.j2', dest='/etc/rancher/k3s/registries.yaml') -if host.name == 'bang': - # - role: k3s/master +if host.name == 'bang': # master files.template( - src='templates/k3s-server.service.j2', + src='templates/kube/k3s-server.service.j2', dest='/etc/systemd/system/k3s.service', master_ip=master_ip, ) systemd.service(service='k3s.service', daemon_reload=True, enabled=True, restarted=True) - # /var/lib/rancher/k3s/server/node-token will soon contain secrets/k3s_token # one-time thing at cluster create time? not sure # - name: Replace https://localhost:6443 by https://master-ip:6443 @@ -61,9 +54,11 @@ # --kubeconfig ~{{ ansible_user }}/.kube/config if host.name in ['slash', 'dash', 'frontbed', 'garage']: # nodes - # - role: k3s/node + # /var/lib/rancher/k3s/server/node-token is the source of the string in secrets/k3s_token + token = open('secrets/k3s_token', 'rt').read().strip() + files.template( - src='templates/k3s-node.service.j2', + src='templates/kube/k3s-node.service.j2', dest='/etc/systemd/system/k3s-node.service', master_ip=master_ip, token=token, @@ -74,15 +69,6 @@ if host.name in ['bang', 'slash', 'dash']: # hosts to admin from files.link(path='/usr/local/bin/kubectl', target='/usr/local/bin/k3s') files.directory(path='/home/drewp/.kube', user='drewp', group='drewp') - # files.template( - # src='templates/kube-config.j2', - # dest='/home/drewp/.kube/config', - # user='drewp', - # group='drewp', - # mode='600', - # master_ip=master_ip, - # token=token, - # ) files.line(path="/home/drewp/.zshrc", line="KUBECONFIG", replace='export KUBECONFIG=/etc/rancher/k3s/k3s.yaml') files.chown(target='/etc/rancher/k3s/k3s.yaml', user='root', group='drewp')