cody/multi-cloud-kubernetes
1
0
Fork 0
mirror of https://github.com/jcwimer/multi-cloud-kubernetes synced 2026-03-24 17:34:43 +00:00
Code Issues Releases Wiki Activity

Added a README and a Makefile

Browse Source
This commit is contained in:
Jacob Cody Wimer
2020-10-19 15:03:40 -04:00
parent b0cbe65d92
commit 175f7ccc34
9 changed files with 60 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Makefile Normal file
View File

@@ -0,0 +1,10 @@
deploy: install-terraform run-deploy
install-terraform:
bash bin/install-terraform.sh
run-deploy:
bash bin/deploy.sh
destroy:
bash bin/destroy.sh

36
README.md Normal file
View File

@@ -0,0 +1,36 @@
# multi-cloud-kubernetes
This is example code for how I deploy a cross cloud Kubernetes cluster to my home openstack, ramnode openstack, and digital ocean.
# Run
### Set ENVS on test.env
1. DIGITALOCEAN_ACCESS_TOKEN - api token to interact with Digital Ocean. Used by `terraform-code/digitalocean.tf`
RAMNODE_USERNAME - ramnode openstack username. Used by `terraform-code/ramnode.tf`
RAMNODE_PASSWORD - ramnode openstack password. Used by `terraform-code/ramnode.tf`
HOME_USERNAME - home openstack username. Used by `terraform-code/home.tf`
HOME_PASSWORD - home openstack password. Used by `terraform-code/home.tf`
ZEROTIER_NETWORK - zerotier network id. Used by `terraform-code/user-data.sh`
CLOUDFLARE_API - cloudflare api token. Used by `ansible/roles/kubernetes/templates/cloudflare-updater.yaml` to be passed to the cloudflare updater pod.
LONGHORN_USERNAME - any username you want to use for basic auth http for longhorn. Used by `ansible/roles/longhorn/templates/longhorn-ingress.yaml`. Basic auth created by `bin/longhorn-basic-auth.sh`
LONGHORN_PASSWORD - any password you want to use for basic auth http for longhorn. Used by `ansible/roles/longhorn/templates/longhorn-ingress.yaml`. Basic auth created by `bin/longhorn-basic-auth.sh`
Then run `source test.env`
### NOTES
1. My personal domain (codywimer.com) is hard coded throughout this project. If replicating, you'll have to change this.
2. My home openstack cloud and ramnodes openstack envs are hard coded in `terraform-code/home.tf` and `terraform-code/ramnode.tf`
### Deploy
`make deploy`
This will take your ENV's, pass them to terraform and ansible (see `bin/deploy.sh`) and do the following:
1. Install terraform in this repo
2. Run terraform to deploy cloud resources. Instances will be pre-configured via `terraform-code/user-data.sh` and use a Debian 10 cloud image.
3. Terraform will ouput an ansible inventory to `hosts.cfg`
4. Ansible will be run to deploy Kubernetes via RKE. It will create the `rke` directory where you will find `rke/kube_config_rke-k8s.yaml` to run `kubectl` commands after Kubernetes is deployed.
### Deploy Notes
1. The `rke` directory contains your kube config file as stated above, a state file rke uses when configuring, `rke/rke-k8s.yaml` which is the rke cluster config, `rke/auth` which is the Kubernetes secret for http basic auth for Longhorn, the `rke/configs` directory which has default resources deployed into Kubernetes, and the `rke/lonhorn` directory which has the Longhorn configs.
2. The Terraform state file is located at `terraform-code/terraform.tfstate`
### Destroy
`make destroy`

1
ansible/roles/longhorn/tasks/main.yml
View File

@@ -35,6 +35,7 @@
KUBECONFIG: "{{ rke_directory }}/kube_config_rke-k8s.yaml" KUBECONFIG: "{{ rke_directory }}/kube_config_rke-k8s.yaml"
delegate_to: localhost delegate_to: localhost
run_once: true run_once: true
ignore_errors: yes
- name: Install Longhorn Extras - name: Install Longhorn Extras
command: kubectl apply -f {{ rke_directory }}/longhorn/ command: kubectl apply -f {{ rke_directory }}/longhorn/

3
deploy.sh → bin/deploy.sh
View File

@@ -18,6 +18,9 @@ ${project_dir}/terraform apply -auto-approve -refresh=true \
-var "ramnode_username=${RAMNODE_USERNAME}" \ -var "ramnode_username=${RAMNODE_USERNAME}" \
-var "ramnode_password=${RAMNODE_PASSWORD}" \ -var "ramnode_password=${RAMNODE_PASSWORD}" \
-var "do_token=${DIGITALOCEAN_ACCESS_TOKEN}" -var "do_token=${DIGITALOCEAN_ACCESS_TOKEN}"
bash ${project_dir}/bin/longhorn-basic-auth.sh
cd ${project_dir}/ansible cd ${project_dir}/ansible
pipenv sync pipenv sync
pipenv run bash run-ansible.sh pipenv run bash run-ansible.sh

0
destroy.sh → bin/destroy.sh
View File

0
install-terraform.sh → bin/install-terraform.sh
View File

7
bin/longhorn-basic-auth.sh Normal file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
project_dir=$(git rev-parse --show-toplevel)
cd ${project_dir}
mkdir -p ${project_dir}/rke
USER=$LONGHORN_USERNAME; PASSWORD=$LONGHORN_PASSWORD; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> ${project_dir}rke/auth

1
example-longhorn-basic-auth.sh
View File

@@ -1 +0,0 @@
USER=<USERNAME_HERE>; PASSWORD=<PASSWORD_HERE>; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> rke/auth

4
test.env
View File

@@ -4,4 +4,6 @@ export RAMNODE_PASSWORD=
export HOME_USERNAME= export HOME_USERNAME=
export HOME_PASSWORD= export HOME_PASSWORD=
export ZEROTIER_NETWORK= export ZEROTIER_NETWORK=
export CLOUDFLARE_API= export CLOUDFLARE_API=
export LONGHORN_USERNAME=
export LONGHORN_PASSWORD=