break: switch from k3s to k0s (in docker)

- replace k3s with k0s - remove argocd-init.yml - remove pb_install.yml - add docker-compose.yml for k0s setup - add k0s-config.yaml for k0s configuration - add metallb loadbalancer - add metallb ip pool - add openebs local storage - update README 🤖
2024-08-31 00:22:48 +02:00 · 2024-08-31 00:22:48 +02:00 · 818b504fd5
commit 818b504fd5
parent e6a1e45cbd
7 changed files with 139 additions and 153 deletions
--- a/.renovaterc.json
+++ b/.renovaterc.json
@ -4,26 +4,14 @@
    "local>infrastructure/renovate-config"
  ],
  "customManagers": [
    {
      "customType": "regex",
      "description": "k3s",
      "fileMatch": [
        "pb_install\\.yml"
      ],
      "matchStrings": [
        "\\s+INSTALL_K3S_CHANNEL:\\s(?<currentValue>.*)"
      ],
      "depNameTemplate": "k3s-io/k3s",
      "datasourceTemplate": "github-releases"
    },
    {
      "customType": "regex",
      "description": "ArgoCD",
      "fileMatch": [
-        "argocd-init\\.yml$"
+        "k0s-config\\.yaml$"
      ],
      "matchStrings": [
-        "\\s+chart:\\s(?<depName>.*)\\n\\s+repo:\\s(?<registryUrl>.*)\\n\\s+version:\\s(?<currentValue>.*)\\n"
+        "\\s+version:\\s(?<currentValue>.*)\\s+#\\s+depName=(?<depName>.*)\\s+repoUrl=(?<registryUrl>.*)"
      ],
      "datasourceTemplate": "helm"
    },
@ -41,18 +29,5 @@
      "matchStringsStrategy": "combination",
      "datasourceTemplate": "helm"
    }
  ],
  "packageRules": [
    {
      "description": "Merged updates not applied by gitops",
      "matchPackageNames": [
        "k3s-io/k3s",
        "argo-cd",
        "argocd-apps"
      ],
      "prBodyNotes": [
        ":warning: **Manual Intervention**: This update needs manual deployment. Please review and take appropriate action."
      ]
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -1,5 +1,6 @@
-# Kubernetes Baseline
+# k0s Kubernetes + Baseline
 * [k0s](https://docs.k0sproject.io/stable/)
 * [ArgoCD](https://argoproj.github.io/cd/)
  * [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/)
  * [cert-manager](https://cert-manager.io/)
@ -9,18 +10,21 @@
  * [keel](https://keel.sh)
  * [reloader](https://github.com/stakater/Reloader)
-## Installation (k3s + baseline)
+## Run (k0s + baseline)
-`ansible-playbook -i <host|ip>, pb_install.yml`
+`docker compose up`
-## Installation (baseline only)
+### Get kubeconfig
-make sure kubectl is configure to reach the destination cluster, then:
+`docker compose exec -it k0s k0s kubeconfig admin`
 `kubectl apply -f argocd-init.yml`
 ## Notes
 ### openebs
 When running in docker `/run/udev/` does not exist, but is required by `openebs`.
 Simple fix is `docker compose exec -it k0s mkdir /run/udev/`
 ### ArgoCD
 To retrieve the initial admin password use
--- a/argocd-init.yml
+++ b/argocd-init.yml
@ -1,76 +0,0 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: argocd
 ---
 apiVersion: helm.cattle.io/v1
 kind: HelmChart
 metadata:
  name: argocd
  namespace: kube-system
 spec:
  # do not change order! (needed for renovate)
  chart: argo-cd
  repo: https://argoproj.github.io/argo-helm
  version: 7.5.0
  targetNamespace: argocd
  valuesContent: |-
    server:
      replicas: 1
    applicationSet:
      enabled: false
    notifications:
      enabled: false
    dex:
      enabled: false
 ---
 apiVersion: helm.cattle.io/v1
 kind: HelmChart
 metadata:
  name: argocd-apps
  namespace: kube-system
 spec:
  # do not change order! (needed for renovate)
  chart: argocd-apps
  repo: https://argoproj.github.io/argo-helm
  version: 2.0.0
  targetNamespace: argocd
  valuesContent: |-
    projects:
      baseline:
        namespace: argocd
        finalizers:
          - resources-finalizer.argocd.argoproj.io
        sourceRepos:
          - '*'
        destinations:
          - namespace: '*'
            server: '*'
        clusterResourceWhitelist:
          - group: '*'
            kind: '*'
    applications:
      baseline:
        project: baseline
        finalizers:
          - resources-finalizer.argocd.argoproj.io
        source:
          repoURL: 'https://git.smsvc.net/k8s/baseline.git'
          targetRevision: HEAD
          path: manifests/
          directory:
            recurse: true
        destination:
          server: 'https://kubernetes.default.svc'
          namespace: argocd
        syncPolicy:
          automated:
            prune: true
            selfHeal: true
          retry:
            limit: 5
            backoff:
              duration: 5s
              factor: 2
              maxDuration: 5m
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,19 @@
 services:
  k0s:
    image: docker.io/k0sproject/k0s:v1.30.4-k0s.0
    command: k0s controller --config=/etc/k0s/config.yaml --enable-worker --no-taints
    stop_grace_period: 15s
    hostname: k8s.smsvc.net
    privileged: true
    cgroup: host
    network_mode: host
    volumes:
      - k0s-data:/var/lib/k0s/
      - k0s-storage:/var/openebs/
      - k0s-run:/run/
      - ./k0s-config.yaml:/etc/k0s/config.yaml
 volumes:
  k0s-data:
  k0s-storage:
  k0s-run:
--- a/k0s-config.yaml
+++ b/k0s-config.yaml
@ -0,0 +1,97 @@
 ---
 apiVersion: k0s.k0sproject.io/v1beta1
 kind: ClusterConfig
 metadata:
  name: k0s
 spec:
  api:
    sans:
    - k8s.smsvc.net
  telemetry:
    enabled: false
  extensions:
    helm:
      repositories:
        - name: argocd
          url: https://argoproj.github.io/argo-helm
        - name: metallb
          url: https://metallb.github.io/metallb
        - name: openebs-internal
          url: https://openebs.github.io/charts
      charts:
        - name: openebs
          chartname: openebs-internal/openebs
          version: 3.10.0  # depName=openebs repoUrl=https://openebs.github.io/charts
          namespace: openebs
          order: 0
          values: |
            localprovisioner:
              hostpathClass:
                enabled: true
                isDefaultClass: true
        - name: metallb
          chartname: metallb/metallb
          version: 0.14.8 # depName=metallb repoUrl=https://metallb.github.io/metallb
          namespace: metallb
          order: 0
        - name: argocd
          chartname: argocd/argo-cd
          version: 7.5.0  # depName=argo-cd repoUrl=https://argoproj.github.io/argo-helm
          namespace: argocd
          order: 1
          values: |
            applicationSet:
              enabled: false
            notifications:
              enabled: false
            dex:
              enabled: false
        - name: argocd-apps
          chartname: argocd/argocd-apps
          version: 2.0.0  # depName=argocd-apps repoUrl=https://argoproj.github.io/argo-helm
          namespace: argocd
          order: 2
          values: |
            projects:
              baseline:
                namespace: argocd
                finalizers:
                  - resources-finalizer.argocd.argoproj.io
                sourceRepos:
                  - '*'
                destinations:
                  - namespace: '*'
                    server: '*'
                clusterResourceWhitelist:
                  - group: '*'
                    kind: '*'
            applications:
              baseline:
                project: baseline
                finalizers:
                  - resources-finalizer.argocd.argoproj.io
                source:
                  repoURL: 'https://git.smsvc.net/k8s/baseline.git'
                  targetRevision: HEAD
                  path: manifests/
                  directory:
                    recurse: true
                destination:
                  server: 'https://kubernetes.default.svc'
                  namespace: argocd
                syncPolicy:
                  automated:
                    prune: true
                    selfHeal: true
                  retry:
                    limit: 5
                    backoff:
                      duration: 5s
                      factor: 2
                      maxDuration: 5m
--- a/manifests/metallb-address-pool.yml
+++ b/manifests/metallb-address-pool.yml
@ -0,0 +1,10 @@
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
  name: metallb-address-pool
  namespace: metallb
  annotations:
 spec:
  addresses:
  - 194.55.14.183/32
--- a/pb_install.yml
+++ b/pb_install.yml
@ -1,43 +0,0 @@
 ---
 - name: Install k3s server
  hosts: all
  gather_facts: false
  tags: k3s-server
  tasks:
    - name: Download k3s install script
      ansible.builtin.get_url:
        url: https://get.k3s.io
        dest: /usr/local/bin/k3s_install.sh
        mode: "755"
    - name: Install k3s server
      ansible.builtin.command: "k3s_install.sh"
      environment:
        INSTALL_K3S_CHANNEL: v1.30.4+k3s1
        INSTALL_K3S_EXEC: "--disable=traefik --tls-san {{ inventory_hostname }}"
      changed_when: false
    - name: Start and enable k3s server
      ansible.builtin.service:
        name: k3s
        state: started
        enabled: true
    - name: Add restart cronjob
      ansible.builtin.cron:
        name: "restart k3s (and regenerate certs if necessary)"
        special_time: monthly
        job: "systemctl restart k3s"
    - name: Get kubeconfig
      ansible.builtin.fetch:
        src: /etc/rancher/k3s/k3s.yaml
        dest: kubeconfig_{{ ansible_host }}.yml
        flat: true
 - name: Deploy baseline
  hosts: all
  gather_facts: false
  tags: baseline
  tasks:
    - name: Copy manifest
      ansible.builtin.copy:
        src: argocd-init.yml
        dest: /var/lib/rancher/k3s/server/manifests/argocd-init.yml
        mode: "644"