Merge branch 'release/4.0.0'

Author: hswong3i

CHANGELOG.md

@@ -1,3 +1,10 @@
 # AlviStack-Ansible
 
-## 0.0.1 - TBC
+## 4.1.0 - TBC
+
+### Major Changes
+
+## 4.0.0 - 2019-11-05
+
+  - Initial release for Ansible 2.9 or higher
+  - Support both Ubuntu 16.04/18.04 or RHEL/CentOS 7 or openSUSE Leap 15.1

README.md

@@ -6,11 +6,140 @@
 
 Ansible playbooks for deploying AlviStack.
 
+AlviStack-Ansible provides Ansible playbooks and roles for the deployment and configuration of an [Kubernetes](https://github.com/kubernetes/kubernetes) environment.
+
 ## Requirements
 
-This playbook require Ansible 2.8 or higher.
+This playbook require Ansible 2.9 or higher.
+
+This playbook was designed for Ubuntu 16.04/18.04 or RHEL/CentOS 7 or openSUSE Leap 15.1.
+
+## Quick Start
+
+### Bootstrap Ansible and Roles
+
+Start by cloning the Alvistack-Ansible repository, checkout the corresponding branch, and init with `git submodule`, then bootstrap Python3 + Ansible with provided helper script:
+
+    # GIT clone the development branch
+    git clone --branch develop https://github.com/alvistack/alvistack-ansible
+    cd alvistack-ansible
+    
+    # Setup Roles with GIT submodule
+    git submodule init
+    git submodule sync
+    git submodule update
+    
+    # Bootstrap Ansible
+    ./scripts/bootstrap-ansible.sh
+    
+    # Confirm the version of Python3, PIP3 and Ansible
+    python3 --version
+    pip3 --version
+    ansible --version
+
+### AIO
+
+All-in-one (AIO) build is a great way to perform an Kubernetes build for:
+
+  - A development environment
+  - An overview of how all the Kubernetes services fit together
+  - A simple lab deployment
+
+This deployment will setup the follow components:
+
+  - [Flannel](https://github.com/coreos/flannel)
+  - [Dashboard](https://github.com/kubernetes/dashboard)
+  - [NGINX Ingress Controller](https://github.com/kubernetes/ingress-nginx)
+  - [cert-manager](https://github.com/jetstack/cert-manager)
+  - [Local Path Provisioner](https://github.com/rancher/local-path-provisioner)
+
+Simply run the playbooks with sample AIO inventory:
+
+    # Run playbooks
+    ansible-playbook -i inventory/aio/hosts playbooks/setup-aio.yml
+    
+    # Confirm the version and status of Kubernetes
+    kubectl version
+    kubectl get node
+    kubectl get pod --all-namespaces
+
+### Production
+
+For production environment we should backed with [Ceph File System](https://docs.ceph.com/docs/master/cephfs/) for [Kubernetes Persistent Volumes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/).
+
+Moreover, using [Weave Net](https://github.com/weaveworks/weave) as network plugin so we could support [Kubernetes Network Policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/).
+
+Finally, in order to avoid [Single Point of Failure](https://en.wikipedia.org/wiki/Single_point_of_failure), at least 3 instances for CephFS and 3 instances for Kubernetes is recommended.
+
+This deployment will setup the follow components:
+
+  - [Ceph](https://ceph.io/)
+  - [Weave Net](https://github.com/weaveworks/weave)
+  - [Dashboard](https://github.com/kubernetes/dashboard)
+  - [NGINX Ingress Controller](https://github.com/kubernetes/ingress-nginx)
+  - [cert-manager](https://github.com/jetstack/cert-manager)
+  - [CephFS Volume Provisioner](https://github.com/kubernetes-incubator/external-storage/tree/master/ceph/cephfs)
+
+Start by copying the sample inventory for customization:
+
+    # Copy sample inventory
+    cp -rfp inventory/sample inventory/myinventory
+
+Once update `inventory/myinventory/hosts` as per your production environment, now run the playbooks:
+
+    # Run playbooks
+    ansible-playbook -i inventory/myinventory/hosts playbooks/setup-everything.yml
+    ansible-playbook -i inventory/myinventory/hosts playbooks/setup-ansible.yml
+    
+    # Confirm the version and status of Ceph
+    ceph --version
+    ceph --status
+    ceph health detail
+    
+    # Confirm the version and status of Kubernetes
+    kubectl version
+    kubectl get node
+    kubectl get pod --all-namespaces
+
+Moreover, we don't setup the Ceph OSD and Ceph MDS for you, which you should set it up once manually according to your production environment, e.g.:
+
+    # Initialize individual OSDs
+    ceph-volume lvm create --bluestore --data /dev/sdb
+    ceph-volume lvm create --bluestore --data /dev/sdc
+    ceph-volume lvm create --bluestore --data /dev/sdd
+    ceph-volume lvm activate --all
+    
+    # Create OSD pool for RBD
+    ceph osd pool create rbd 8 8
+    ceph osd pool set rbd size 3
+    ceph osd pool set rbd min_size 2
+    
+    # Create OSD pool for CephFS Metadata
+    ceph osd pool create cephfs_metadata 32 32
+    ceph osd pool set cephfs_metadata size 3
+    ceph osd pool set cephfs_metadata min_size 2
+    
+    # Create OSD pool for CephFS data
+    ceph osd pool create cephfs_data 128 128
+    ceph osd pool set cephfs_data size 3
+    ceph osd pool set cephfs_data min_size 2
+    
+    # Create CephFS
+    ceph fs new cephfs cephfs_metadata cephfs_data
+    ceph fs set cephfs standby_count_wanted 0
+    ceph fs set cephfs max_mds 1
+
+### Molecule
+
+You could also run our [Molecule](https://molecule.readthedocs.io/en/stable/) test cases if you have [LXD](https://lxd.readthedocs.io/en/latest/) or [Vagrant](https://www.vagrantup.com/) installed, e.g.
+
+    # Run Molecule on Ubuntu 18.04 with LXD
+    molecule converge -s ubuntu-18.04
+    
+    # Run Molecule on Ubuntu 18.04 with Vagrant
+    molecule converge -s ubuntu-18.04-vagrant
 
-This playbook was designed for Ubuntu 16.04/18.04 or RHEL/CentOS 7 or openSUSE Leap 15.0.
+Please refer to [.travis.yml](.travis.yml) for more information on running Molecule and LXD.
 
 ## License
 

inventory/aio/group_vars/all/all.yml

@@ -0,0 +1,95 @@
+---
+
+# ceph-common
+ceph_fsid: "{{ hostvars[groups['ceph-mon'][0]].ansible_machine_id | to_uuid }}"
+ceph_mon_initial_members: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ host }},
+  {%- endfor -%}
+ceph_mon_host: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ hostvars[host].ansible_default_ipv4.address }},
+  {%- endfor -%}
+ceph_public_network: "{{ (ansible_default_ipv4.network + '/' + ansible_default_ipv4.netmask) | ipaddr('net') }}"
+ceph_cluster_network: "{{ (ansible_default_ipv4.network + '/' + ansible_default_ipv4.netmask) | ipaddr('net') }}"
+
+# etcd
+etcd_cert_file: "/etc/kubernetes/pki/etcd/server.crt"
+etcd_key_file: "/etc/kubernetes/pki/etcd/server.key"
+etcd_trusted_ca_file: "/etc/kubernetes/pki/etcd/ca.crt"
+etcd_peer_cert_file: "/etc/kubernetes/pki/etcd/peer.crt"
+etcd_peer_key_file: "/etc/kubernetes/pki/etcd/peer.key"
+etcd_peer_trusted_ca_file: "/etc/kubernetes/pki/etcd/ca.crt"
+etcd_listen_peer_urls: "https://{{ ansible_default_ipv4.address }}:2380,https://127.0.0.1:2380"
+etcd_listen_client_urls: "https://{{ ansible_default_ipv4.address }}:2379,https://127.0.0.1:2379"
+etcd_initial_advertise_peer_urls: "https://{{ ansible_default_ipv4.address }}:2380"
+etcd_initial_cluster: >-
+  {%- for host in ansible_play_hosts -%}
+  {{ host }}=https://{{ hostvars[host].ansible_default_ipv4.address }}:2380,
+  {%- endfor -%}
+etcd_advertise_client_urls: "https://{{ ansible_default_ipv4.address }}:2379"
+etcd_csr_subject_alt_name: >-
+  {%- for host in ansible_play_hosts -%}
+  DNS:{{ host }},
+  {%- endfor -%}
+  DNS:localhost,
+  {%- for host in ansible_play_hosts -%}
+  IP:{{ hostvars[host].ansible_default_ipv4.address }},
+  {%- endfor -%}
+  IP:127.0.0.1
+etcd_peer_csr_subject_alt_name: >-
+  {%- for host in ansible_play_hosts -%}
+  DNS:{{ host }},
+  {%- endfor -%}
+  DNS:localhost,
+  {%- for host in ansible_play_hosts -%}
+  IP:{{ hostvars[host].ansible_default_ipv4.address }},
+  {%- endfor -%}
+  IP:127.0.0.1
+
+# kubernetes
+kubernetes_cluster_name: "{{ hostvars[groups['kube-master'][0]].ansible_machine_id | to_uuid }}"
+kubernetes_etcd_external_endpoints: >-
+  {%- for host in ansible_play_hosts -%}
+  https://{{ hostvars[host].ansible_default_ipv4.address }}:2379,
+  {%- endfor -%}
+kubelet_node_ip: "{{ ansible_default_ipv4.address }}"
+kube_apiserver_advertise_address: "{{ ansible_default_ipv4.address }}"
+kube_apiserver_bind_port: "6443"
+kube_apiserver_endpoint: "{{ hostvars[groups['kube-master'][0]].ansible_default_ipv4.address }}:{{ kube_apiserver_bind_port }}"
+kube_apiserver_csr_subject_alt_name: >-
+  {%- for host in ansible_play_hosts -%}
+  DNS:{{ host }},
+  {%- endfor -%}
+  DNS:localhost,
+  {%- for host in ansible_play_hosts -%}
+  IP:{{ hostvars[host].ansible_default_ipv4.address }},
+  {%- endfor -%}
+  IP:127.0.0.1
+kube_proxy_conntrack:
+  maxPerCore: 32768
+  min: 131072
+
+# kubernetes-cephfs-provisioner
+cephfs_provisioner_monitors: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ hostvars[host].ansible_default_ipv4.address }}:6789,
+  {%- endfor -%}
+
+# kubernetes-rbd-provisioner
+rbd_provisioner_monitors: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ hostvars[host].ansible_default_ipv4.address }}:6789,
+  {%- endfor -%}
+
+# kubernetes-csi-cephfs
+csi_cephfs_monitors: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ hostvars[host].ansible_default_ipv4.address }}:6789,
+  {%- endfor -%}
+
+# kubernetes-csi-rbd
+csi_rbd_monitors: >-
+  {%- for host in groups['ceph-mon'] -%}
+  {{ hostvars[host].ansible_default_ipv4.address }}:6789,
+  {%- endfor -%}

inventory/aio/host_vars/localhost.yml

@@ -0,0 +1 @@
+---

inventory/aio/hosts

@@ -0,0 +1,26 @@
+[all]
+localhost ansible_connectio=local
+
+[ansible]
+localhost
+
+[ceph-mon]
+localhost
+
+[ceph-mgr]
+localhost
+
+[ceph-osd]
+localhost
+
+[ceph-mds]
+localhost
+
+[ceph-rgw]
+localhost
+
+[kube-master]
+localhost
+
+[kube-node]
+localhost

inventory/sample/hosts

@@ -1,23 +1,49 @@
+[all]
+ansible ansible_host=172.24.0.11
+ceph11  ansible_host=172.24.1.11
+ceph12  ansible_host=172.24.1.12
+ceph13  ansible_host=172.24.1.13
+kube11  ansible_host=172.24.2.11
+kube12  ansible_host=172.24.2.12
+kube13  ansible_host=172.24.2.13
+kube14  ansible_host=172.24.2.14
+kube15  ansible_host=172.24.2.15
+kube16  ansible_host=172.24.2.16
+
 [ansible]
-localhost
+ansible
 
 [ceph-mon]
-localhost
+ceph11
+ceph12
+ceph13
 
 [ceph-mgr]
-localhost
+ceph11
+ceph12
+ceph13
 
 [ceph-osd]
-localhost
+ceph11
+ceph12
+ceph13
 
 [ceph-mds]
-localhost
+ceph11
+ceph12
+ceph13
 
 [ceph-rgw]
-localhost
+ceph11
+ceph12
+ceph13
 
 [kube-master]
-localhost
+kube11
+kube12
+kube13
 
 [kube-node]
-localhost
+kube14
+kube15
+kube16