SergANT/cicd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added playbook and role for k8s-ha-api

Browse Source
This commit is contained in:
Sergei Bobkov
2025-08-23 13:39:33 +03:00
parent fb73056312
commit 8efad362a0
10 changed files with 118 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/README.md Normal file
View File

@ -0,0 +1 @@
# Ansible playbooks and roles.

7
ansible/playbooks/k8s-ha-api.yaml Normal file
View File

@ -0,0 +1,7 @@
---
- hosts: "{{ hosts_target }}"
become: true
gather_facts: true
roles:
- k8s-ha-api

1
ansible/roles/k8s-ha-api/defaults/main.yml Normal file
View File

@ -0,0 +1 @@
---

0
ansible/roles/k8s-ha-api/files/.gitkeep Normal file
View File

14
ansible/roles/k8s-ha-api/handlers/main.yml Normal file
View File

@ -0,0 +1,14 @@
---
- name: Restart_haproxy
systemd_service:
name: haproxy
state: restarted
enabled: true
- name: Restart_keepalived
systemd_service:
name: keepalived
state: restarted
enabled: true

36
ansible/roles/k8s-ha-api/tasks/main.yml Normal file
View File

@ -0,0 +1,36 @@
---
- block:
- name: Run "apt update / upgrade"
apt:
upgrade: yes
update_cache: yes
retries: 10
delay: 30
- name: Install haproxy keepalived etc
apt:
state: latest
pkg: "{{ pkg_list }}"
- name: Create /etc/haproxy/haproxy.cfg
template:
src: haproxy.cfg.j2
dest: "/etc/haproxy/haproxy.cfg"
owner: root
group: root
mode: '0644'
notify: Restart_haproxy
- name: Create /etc/keepalived/keepalived.conf
template:
src: keepalived.conf.j2
dest: "/etc/keepalived/keepalived.conf"
owner: root
group: root
mode: '0644'
notify: Restart_keepalived
when: ansible_distribution == "Debian" and ansible_distribution_major_version == "12"

4
ansible/roles/k8s-ha-api/tasks/ping.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: ping
ping:

26
ansible/roles/k8s-ha-api/templates/haproxy.cfg.j2 Normal file
View File

@ -0,0 +1,26 @@
global
log /dev/log local0
log /dev/log local1 notice
daemon
maxconn 2000
defaults
log global
mode tcp
option tcplog
option dontlognull
timeout connect 10s
timeout client 1m
timeout server 1m
retries 3
frontend kubernetes_api
bind *:6443
default_backend k8s_masters
backend k8s_masters
option tcp-check
balance roundrobin
{% for srv in haproxy_backend_server %}
server {{ srv.backend_name }} {{ srv.backend_ip }}:{{ srv.backend_port }} check fall 3 rise 2
{% endfor %}

14
ansible/roles/k8s-ha-api/templates/keepalived.conf.j2 Normal file
View File

@ -0,0 +1,14 @@
vrrp_instance VI_1 {
state {{ hostvars[inventory_hostname].state }}
interface {{ ansible_default_ipv4.interface }}
virtual_router_id 51
priority {{ hostvars[inventory_hostname].priority }}
advert_int 1
authentication {
auth_type PASS
auth_pass {{ keepalived_auth_pass }}
}
virtual_ipaddress {
{{ keepalived_vip }}
}
}

15
ansible/roles/k8s-ha-api/vars/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
pkg_list:
- haproxy
- keepalived
haproxy_bind_port: "8443"
haproxy_backend_server:
- { backend_name: "k8s-cr01", backend_ip: "192.168.111.191", backend_port: "6443"}
- { backend_name: "k8s-cr02", backend_ip: "192.168.111.192", backend_port: "6443"}
- { backend_name: "k8s-cr03", backend_ip: "192.168.111.193", backend_port: "6443"}
keepalived_vip: "192.168.111.100/24"
keepalived_auth_pass: "1q2w3e4r"