Ansible provisionning (#217)

Ansible provisionning contrib

roles/download/tasks/main.yml

@@ -0,0 +1,36 @@
+---
+
+- name: Delete k3s if already present
+  file:
+    path: /usr/local/bin/k3s
+    state: absent
+
+- name: Download k3s binary x64
+  get_url:                                                           
+      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s
+      dest: /usr/local/bin/k3s
+      owner: root
+      group: root
+      mode: 755
+#  when: ( ansible_facts.userspace_architecture == "x86_64" )
+  when: ( ansible_facts.architecture == "x86_64" )
+
+- name: Download k3s binary arm64
+  get_url:                                                           
+      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-arm64
+      dest: /usr/local/bin/k3s
+      owner: root
+      group: root
+      mode: 755
+  when: ( ansible_facts.architecture is search "arm" and 
+          ansible_facts.userspace_bits == "64" )
+
+- name: Download k3s binary armhf
+  get_url:                                                           
+      url: https://github.com/rancher/k3s/releases/download/{{ k3s_version }}/k3s-armhf
+      dest: /usr/local/bin/k3s
+      owner: root
+      group: root
+      mode: 755
+  when: ( ansible_facts.architecture is search "arm" and 
+          ansible_facts.userspace_bits == "32" )

roles/k3s/master/tasks/main.yml

@@ -0,0 +1,43 @@
+---
+
+- name: Copy K3s service file
+  register: k3s_service
+  template:
+    src: "k3s.service.j2"
+    dest: "{{ systemd_dir }}/k3s.service"
+    owner: root
+    group: root
+    mode: 0755
+
+- name: Enable and check K3s service
+  systemd:
+    name: k3s
+    daemon_reload: yes
+    state: restarted
+    enabled: yes
+
+- name: Register file access mode
+  stat:
+    path: /var/lib/rancher/k3s/server
+  register: p
+
+- name: Change file access node-token
+  file:
+    path: /var/lib/rancher/k3s/server
+    mode: "g+rx,o+rx"
+
+- name: Read Node Token from Master
+  slurp:
+    src: /var/lib/rancher/k3s/server/node-token
+  register: node_token
+
+- name: Store Master Token
+  set_fact: 
+   token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}"
+
+- name: Restore file access 
+  file:
+    path: /var/lib/rancher/k3s/server
+    mode: "{{ p.stat.mode }}"
+
+#- debug: msg="Node TOKEN {{ token }}"

roles/k3s/master/templates/k3s.service.j2

@@ -0,0 +1,16 @@
+[Unit]
+Description=Lightweight Kubernetes
+Documentation=https://k3s.io
+After=network.target
+[Service]
+ExecStartPre=-/sbin/modprobe br_netfilter
+ExecStartPre=-/sbin/modprobe overlay
+ExecStart=/usr/local/bin/k3s server
+KillMode=process
+Delegate=yes
+LimitNOFILE=infinity
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+[Install]
+WantedBy=multi-user.target

roles/k3s/node/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+
+- name: Copy K3s service file
+  template:
+    src: "k3s.service.j2"
+    dest: "{{ systemd_dir }}/k3s.service"
+    owner: root
+    group: root
+    mode: 0755
+
+- name: Enable and check K3s service
+  systemd:
+    name: k3s
+    daemon_reload: yes
+    state: restarted
+    enabled: yes

roles/k3s/node/templates/k3s.service.j2

@@ -0,0 +1,14 @@
+[Unit]
+Description=Lightweight Kubernetes
+Documentation=https://k3s.io
+After=network.target
+[Service]
+ExecStart=/usr/local/bin/k3s agent --server https://{{ master_ip }}:6443 --token {{ hostvars[groups['master'][0]]['token'] }}
+KillMode=process
+Delegate=yes
+LimitNOFILE=infinity
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+[Install]
+WantedBy=multi-user.target

roles/raspbian/tasks/main.yml

@@ -0,0 +1,14 @@
+---
+
+- name: Activating cgroup on Raspbian
+  lineinfile:
+    path: /boot/cmdline.txt
+    regexp: '^(.*rootwait)$'
+    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
+    backrefs: true
+  when: ( ansible_facts.architecture is search "arm" )
+
+- name: Rebooting on Raspbian 
+  shell: reboot now
+  ignore_errors: true
+  when: ( ansible_facts.architecture is search "arm" )