Merge pull request #26 from mrlesmithjr/convert-to-submodules

Convert to submodules
mrlesmithjr · Sep 6, 2019 · 844d0e1 · 844d0e1
2 parents 2c46533 + 3949aeb
commit 844d0e1
Show file tree

Hide file tree

Showing 283 changed files with 147 additions and 9,655 deletions.
diff --git a/.gitmodules b/.gitmodules
@@ -0,0 +1,36 @@
+[submodule "deployments/consul-helm"]
+	path = deployments/consul-helm
+	url = https://github.com/hashicorp/consul-helm.git
+[submodule "roles/ansible-apt-cacher-ng"]
+	path = roles/ansible-apt-cacher-ng
+	url = https://github.com/mrlesmithjr/ansible-apt-cacher-ng.git
+[submodule "roles/ansible-change-hostname"]
+	path = roles/ansible-change-hostname
+	url = https://github.com/mrlesmithjr/ansible-change-hostname.git
+[submodule "roles/ansible-dnsmasq"]
+	path = roles/ansible-dnsmasq
+	url = https://github.com/mrlesmithjr/ansible-dnsmasq.git
+[submodule "roles/ansible-docker"]
+	path = roles/ansible-docker
+	url = https://github.com/mrlesmithjr/ansible-docker.git
+[submodule "roles/ansible-etc-hosts"]
+	path = roles/ansible-etc-hosts
+	url = https://github.com/mrlesmithjr/ansible-etc-hosts.git
+[submodule "roles/ansible-glusterfs"]
+	path = roles/ansible-glusterfs
+	url = https://github.com/mrlesmithjr/ansible-glusterfs.git
+[submodule "roles/ansible-isc-dhcp"]
+	path = roles/ansible-isc-dhcp
+	url = https://github.com/mrlesmithjr/ansible-isc-dhcp.git
+[submodule "roles/ansible-k8s"]
+	path = roles/ansible-k8s
+	url = https://github.com/mrlesmithjr/ansible-k8s.git
+[submodule "roles/ansible-ntp"]
+	path = roles/ansible-ntp
+	url = https://github.com/mrlesmithjr/ansible-ntp.git
+[submodule "roles/ansible-sshd"]
+	path = roles/ansible-sshd
+	url = https://github.com/mrlesmithjr/ansible-sshd.git
+[submodule "roles/ansible-timezone"]
+	path = roles/ansible-timezone
+	url = https://github.com/mrlesmithjr/ansible-timezone.git
diff --git a/README.md b/README.md
@@ -1,12 +1,12 @@
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-**Table of Contents**  *generated with [DocToc](https://github.com/thlorenz/doctoc)*
 
 - [ansible-rpi-k8s-cluster](#ansible-rpi-k8s-cluster)
   - [Background](#background)
     - [Why?](#why)
     - [How It Works](#how-it-works)
   - [Requirements](#requirements)
+    - [Cloning Repo](#cloning-repo)
     - [Software](#software)
       - [Ansible](#ansible)
       - [Kubernetes CLI Tools](#kubernetes-cli-tools)
@@ -104,10 +104,10 @@ rpi-k8s-5 ansible_host=192.168.100.131
 
 The first node provides the following services for our cluster:
 
--   DHCP for all of the other nodes (only listening on `eth0`)
--   Gateway services for other nodes to connect to the internet and such.
-    -   An IPTABLES Masquerade rule NATs traffic from `eth0` through `wlan0`
--   [Apt-Cacher NG](https://www.unix-ag.uni-kl.de/~bloch/acng/) - A package caching proxy to speed up package downloads/installs.
+- DHCP for all of the other nodes (only listening on `eth0`)
+- Gateway services for other nodes to connect to the internet and such.
+  - An IPTABLES Masquerade rule NATs traffic from `eth0` through `wlan0`
+- [Apt-Cacher NG](https://www.unix-ag.uni-kl.de/~bloch/acng/) - A package caching proxy to speed up package downloads/installs.
 
 > NOTE: You can also define a static route on your LAN network firewall (if supported)
 > for the subnet (`192.168.100.0/24` in my case) to the wireless IP address that
@@ -119,6 +119,15 @@ For Kubernetes networking we are using [Weave Net](https://www.weave.works/docs/
 
 ## Requirements
 
+### Cloning Repo
+
+Because we use submodules for many components within this project, we need to
+ensure that we get them as part of the cloning process.
+
+```bash
+git clone https://github.com/mrlesmithjr/ansible-rpi-k8s-cluster.git --recurse-submodules
+```
+
 ### Software
 
 The following is a list of the required packages to be installed on your `Ansible`
@@ -137,7 +146,7 @@ there are many different ways to install `kubectl` so head over to the official
 
 > NOTE: The Ansible playbook [playbooks/deployments.yml](playbooks/deployments.yml)
 > fetches the `admin.conf` from the K8s master and copies this to your local
-> $HOME/.kube/config. This allows us to run `kubectl` commands remotely to the
+> \$HOME/.kube/config. This allows us to run `kubectl` commands remotely to the
 > cluster. There is a catch here though. The certificate is signed with the
 > internal IP address of the K8s master. So in order for this to work correctly
 > you will need to setup a static route on your firewall (if supported) to the
@@ -150,12 +159,12 @@ there are many different ways to install `kubectl` so head over to the official
 The following list is the hardware which I am using currently while developing
 this.
 
--   5 x [Raspberry Pi 3](http://amzn.to/2EbDKfq)
--   2 x [6pack - Cat 6 - Flat Ethernet Cables](http://amzn.to/2nKvywD)
--   1 x [Anker PowerPort 6 - 60W 6-Port Charging Hub](http://amzn.to/2ERkV2q)
--   5 x [Samsung 32GB 95MB/s MicroSD Evo Memory Card](http://amzn.to/2skSlno)
--   1 x [GeauxRobot Raspberry Pi 3 5-Layer Dog Bone Stack Case](http://amzn.to/2Edbqcw)
--   1 x 8-Port Ethernet Switch
+- 5 x [Raspberry Pi 3](http://amzn.to/2EbDKfq)
+- 2 x [6pack - Cat 6 - Flat Ethernet Cables](http://amzn.to/2nKvywD)
+- 1 x [Anker PowerPort 6 - 60W 6-Port Charging Hub](http://amzn.to/2ERkV2q)
+- 5 x [Samsung 32GB 95MB/s MicroSD Evo Memory Card](http://amzn.to/2skSlno)
+- 1 x [GeauxRobot Raspberry Pi 3 5-Layer Dog Bone Stack Case](http://amzn.to/2Edbqcw)
+- 1 x 8-Port Ethernet Switch
 
 ### OS
 
@@ -426,6 +435,7 @@ The key's randomart image is:
 ```
 
 ##### Fixing Broken GlusterFS Repo
+
 If you experience the following [issue](https://github.com/mrlesmithjr/ansible-rpi-k8s-cluster/issues/7) you can
 run the playbook [fix_glusterfs_repo.yml](playbooks/fix_glusterfs_repo.yml) which
 will remove the broken `3.10` repo. Once that is done you should be good to go
@@ -811,11 +821,11 @@ spec:
         - mountPath: /mnt/glusterfs
           name: glusterfsvol
   volumes:
-  - name: glusterfsvol
-    glusterfs:
-      endpoints: glusterfs-cluster
-      path: volume-1
-      readOnly: false
+    - name: glusterfsvol
+      glusterfs:
+        endpoints: glusterfs-cluster
+        path: volume-1
+        readOnly: false
 ```
 
 ## Monitoring
@@ -887,6 +897,6 @@ MIT
 
 Larry Smith Jr.
 
--   [EverythingShouldBeVirtual](http://everythingshouldbevirtual.com)
--   [@mrlesmithjr](https://www.twitter.com/mrlesmithjr)
--   <mailto:mrlesmithjr@gmail.com>
+- [EverythingShouldBeVirtual](http://everythingshouldbevirtual.com)
+- [@mrlesmithjr](https://www.twitter.com/mrlesmithjr)
+- <mailto:mrlesmithjr@gmail.com>
diff --git a/ansible.cfg b/ansible.cfg
@@ -84,7 +84,7 @@ callback_whitelist = profile_tasks
 #sudo_flags = -H -S -n
 
 # SSH timeout
-#timeout = 10
+timeout = 300
 
 # default user to use for playbooks if user is not specified
 # (/usr/bin/ansible will use current user as default)
@@ -303,7 +303,7 @@ ansible_managed = Ansible managed
 # ssh arguments to use
 # Leaving off ControlPersist will result in poor performance, so use
 # paramiko on older platforms rather than removing it, -C controls compression use
-#ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
+ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
 
 # The base directory for the ControlPath sockets.
 # This is the "%(directory)s" in the control_path option

diff --git a/deployments/consul-helm b/deployments/consul-helm
diff --git a/inventory/group_vars/all/all.yml b/inventory/group_vars/all/all.yml
@@ -21,7 +21,7 @@ dhcp_scope_start_range: "{{ dhcp_scope_subnet }}.128"
 dhcp_scope_subnet: 192.168.100
 
 # Defines jumphost IP address to use as bastion host to reach isolated hosts
-jumphost_ip: 172.16.24.186
+jumphost_ip: "{{ hostvars[groups['rpi_k8s_master'][0]]['ansible_host'] }}"
 
 # Defines IPTABLES rules to define on jumphost
 jumphost_iptables_rules:

diff --git a/inventory/group_vars/all/apt-cacher-ng.yml b/inventory/group_vars/all/apt-cacher-ng.yml
@@ -3,4 +3,4 @@
 apt_cacher_server: "{{ groups['rpi_k8s_master'][0] }}"
 
 # Defines if apt-caching should be used for clients
-enable_apt_caching: true
+enable_apt_caching: false
diff --git a/inventory/group_vars/all/dnsmasq.yml b/inventory/group_vars/all/dnsmasq.yml
@@ -29,6 +29,8 @@ dnsmasq_dhcp_scopes:
     end: "{{ dhcp_scope_end_range }}"
     netmask: "{{ dhcp_scope_netmask }}"
 
+dnsmasq_disable_lo: true
+
 # Defines if DHCP services are provided by DNSMASQ
 dnsmasq_enable_dhcp: true
 

diff --git a/inventory/group_vars/all/k8s.yml b/inventory/group_vars/all/k8s.yml
@@ -5,18 +5,17 @@ k8s_cluster_group: rpi_k8s
 
 k8s_cluster_init_skip_ca_verification: true
 
-k8s_dashboard: https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard-arm.yaml
+k8s_dashboard: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard-arm.yaml
 
 k8s_helm_architecture: arm
 
 k8s_helm_install: true
 
 k8s_helm_version: 2.8.1
 
-k8s_pod_network_config: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
+# k8s_pod_network_config: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
 # k8s_pod_network_config: https://gist.githubusercontent.com/mrlesmithjr/eab451b45641db6c108ca3f362563621/raw/93569a17d4085975fc2305ae117ce720766174ec/weave-daemonset-2.2.0.yaml
 
 k8s_users:
   - user: pi
-
-k8s_version: 1.11.2
+# k8s_version: 1.11.2
diff --git a/inventory/hosts.inv b/inventory/hosts.inv
@@ -3,7 +3,7 @@ rpi_k8s_master
 rpi_k8s_slaves
 
 [rpi_k8s_master]
-rpi-k8s-1 ansible_host=172.16.24.186
+rpi-k8s-1 ansible_host=192.168.1.102
 
 [rpi_k8s_slaves]
 rpi-k8s-2 ansible_host=192.168.100.128