From 110d5143b70c35dae588fb4a30b5a3213c6f1b92 Mon Sep 17 00:00:00 2001
From: Rafael Laszlo <rlacko99@gmail.com>
Date: Fri, 19 Nov 2021 20:55:05 +0100
Subject: [PATCH] Update kubespray config
---
.../k8s-01/credentials/kubeadm_certificate_key.creds | 1 +
.../k8s-01/group_vars/k8s_cluster/k8s-cluster.yml | 8 ++++----
ansible/k8s/kubespray/inventory/k8s-01/hosts.yaml | 12 ++++++------
ansible/maze/main/base.yaml | 5 +++++
4 files changed, 16 insertions(+), 10 deletions(-)
create mode 100644 ansible/k8s/kubespray/inventory/k8s-01/credentials/kubeadm_certificate_key.creds
diff --git a/ansible/k8s/kubespray/inventory/k8s-01/credentials/kubeadm_certificate_key.creds b/ansible/k8s/kubespray/inventory/k8s-01/credentials/kubeadm_certificate_key.creds
new file mode 100644
index 0000000..de8d526
--- /dev/null
+++ b/ansible/k8s/kubespray/inventory/k8s-01/credentials/kubeadm_certificate_key.creds
@@ -0,0 +1 @@
+dd5689f3dCda9a8dc245c6dEfEcA1FFdA3Ece3DAB6De3dd2d4DcB1f0a995CcCa
diff --git a/ansible/k8s/kubespray/inventory/k8s-01/group_vars/k8s_cluster/k8s-cluster.yml b/ansible/k8s/kubespray/inventory/k8s-01/group_vars/k8s_cluster/k8s-cluster.yml
index 24c8251..01b8c6a 100644
--- a/ansible/k8s/kubespray/inventory/k8s-01/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/ansible/k8s/kubespray/inventory/k8s-01/group_vars/k8s_cluster/k8s-cluster.yml
@@ -42,7 +42,7 @@ kube_oidc_auth: true
## Variables for OpenID Connect Configuration https://kubernetes.io/docs/admin/authentication/
## To use OpenID you have to deploy additional an OpenID Provider (e.g Dex, Keycloak, ...)
-kube_oidc_url: https://dex.k8s-01.sch.bme.hu
+kube_oidc_url: https://dex.maze.sch.bme.hu
kube_oidc_client_id: dex-k8s-authenticator
## Optional settings for OIDC
# kube_oidc_ca_file: "{{ kube_cert_dir }}/ca.pem"
@@ -245,9 +245,9 @@ podsecuritypolicy_enabled: false
## Supplementary addresses that can be added in kubernetes ssl keys.
## That can be useful for example to setup a keepalived virtual IP
supplementary_addresses_in_ssl_keys:
- - "152.66.192.33"
- - "k8s-01.sch.bme.hu"
- - "api.k8s-01.sch.bme.hu"
+ - "152.66.211.122"
+ - "maze.sch.bme.hu"
+ - "api.maze.sch.bme.hu"
## Running on top of openstack vms with cinder enabled may lead to unschedulable pods due to NoVolumeZoneConflict restriction in kube-scheduler.
## See https://github.com/kubernetes-sigs/kubespray/issues/2141
diff --git a/ansible/k8s/kubespray/inventory/k8s-01/hosts.yaml b/ansible/k8s/kubespray/inventory/k8s-01/hosts.yaml
index 9a86400..3f207ed 100644
--- a/ansible/k8s/kubespray/inventory/k8s-01/hosts.yaml
+++ b/ansible/k8s/kubespray/inventory/k8s-01/hosts.yaml
@@ -6,37 +6,37 @@ all:
master-01:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.11
+ ansible_host: master-01.internal.maze
ip: 192.168.98.11
access_ip: 192.168.98.11
master-02:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.12
+ ansible_host: master-02.internal.maze
ip: 192.168.98.12
access_ip: 192.168.98.12
master-03:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.13
+ ansible_host: master-03.internal.maze
ip: 192.168.98.13
access_ip: 192.168.98.13
worker-01:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.21
+ ansible_host: worker-01.internal.maze
ip: 192.168.98.21
access_ip: 192.168.98.21
worker-02:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.22
+ ansible_host: worker-02.internal.maze
ip: 192.168.98.22
access_ip: 192.168.98.22
worker-03:
ansible_user: ubuntu
ansible_become: yes
- ansible_host: 192.168.98.23
+ ansible_host: worker-03.internal.maze
ip: 192.168.98.23
access_ip: 192.168.98.23
children:
diff --git a/ansible/maze/main/base.yaml b/ansible/maze/main/base.yaml
index cffe339..05bcab1 100644
--- a/ansible/maze/main/base.yaml
+++ b/ansible/maze/main/base.yaml
@@ -10,3 +10,8 @@
state: present
key: "{{ item }}"
loop: "{{ ssh_keys }}"
+ - name: Install packages
+ package:
+ state: present
+ name:
+ - nfs-kernel-server
--
GitLab