Merge pull request ppc64le-cloud#76 from valen-mascarenhas14/master

Power Cloud Robot · web-flow · commit 0626b5ea2529 · 2024-11-20T10:28:01.000+05:30
Ansible playbook added for knative &amp; tekton
diff --git a/group_vars/all b/group_vars/all
@@ -79,3 +79,6 @@ etcd_version: v3.5.9
 cni_plugins_version: v1.3.0
 cni_plugins_url: https://github.com/containernetworking/plugins/releases/download
 cni_plugins_tarball: "cni-plugins-linux-{{ ansible_architecture }}-{{ cni_plugins_version }}.tgz"
+
+# NFS server details
+nfs_directory: "/var/nfsshare"
diff --git a/install-k8s-kn-tkn.yml b/install-k8s-kn-tkn.yml
@@ -0,0 +1,18 @@
+- name: Install Runtime and Kubernetes
+  hosts:
+    - masters
+    - workers
+  roles:
+    - runtime
+    - download-k8s
+    - install-k8s
+
+- name: Install networking - calico
+  hosts: masters
+  roles:
+    - install-calico
+
+- name: Install nfs server & client
+  hosts: masters
+  roles:
+    - install-nfs
diff --git a/roles/install-nfs/files/class.yaml b/roles/install-nfs/files/class.yaml
@@ -0,0 +1,7 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: managed-nfs-storage
+provisioner: fuseim.pri/ifs # or choose another name, must match deployment's env PROVISIONER_NAME'
+parameters:
+  archiveOnDelete: "false"
diff --git a/roles/install-nfs/files/rbac.yaml b/roles/install-nfs/files/rbac.yaml
@@ -0,0 +1,65 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: default
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: nfs-client-provisioner-runner
+rules:
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "create", "delete"]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create", "update", "patch"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: run-nfs-client-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: nfs-client-provisioner-runner
+  apiGroup: rbac.authorization.k8s.io
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: leader-locking-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: default
+rules:
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get", "list", "watch", "create", "update", "patch"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: leader-locking-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: default
+subjects:
+  - kind: ServiceAccount
+    name: nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: default
+roleRef:
+  kind: Role
+  name: leader-locking-nfs-client-provisioner
+  apiGroup: rbac.authorization.k8s.io
diff --git a/roles/install-nfs/tasks/main.yaml b/roles/install-nfs/tasks/main.yaml
@@ -0,0 +1,87 @@
+---
+- name: Install prereq & nfs client packages
+  yum:
+    name: "{{ packages }}"
+    state: present
+  vars:
+    packages:
+      - nfs-utils
+      - nfs4-acl-tools  
+
+- name: Create nfs share folder
+  file:
+    path: "{{ nfs_directory }}"
+    state: directory
+    mode: 0755
+    recurse: yes
+
+- name: Add shared directory in exports file
+  ansible.builtin.lineinfile:
+    path: /etc/exports
+    regexp: "{{ nfs_directory }}"
+    line: "{{ nfs_directory }} *(rw,sync,no_root_squash)"
+    state: present
+
+- name: Start services
+  block:
+    - name: Start rpcbind
+      systemd:
+        name: rpcbind
+        enabled: yes
+        state: restarted
+
+    - name: Start nfs-server
+      systemd:
+        name: nfs-server
+        enabled: yes
+        state: restarted
+
+- name: Expose shared directory to nfs server
+  command: exportfs -arv   
+
+- name: Copy nfs client resource files to /tmp
+  copy:
+    src: "{{ item }}"
+    dest: /tmp/
+  with_fileglob:
+    - "*"
+
+- name: Fetch NFS server host IP
+  shell: kubectl get nodes -o wide | grep 'master' | awk '{print $6}'
+  register: nfs_server_ip
+
+- name: Deploy NFS client provisioner
+  template:
+    src: nfs-client-provisioner.yaml.j2
+    dest: /tmp/deployment.yaml
+  vars:
+    nfs_server: "{{ nfs_server_ip.stdout }}"
+
+- name: remove taint
+  command: "kubectl taint nodes --all node-role.kubernetes.io/control-plane-"
+
+- name: Apply RBAC configuration
+  command: kubectl create -f /tmp/rbac.yaml
+  ignore_errors: true
+
+- name: Apply StorageClass configuration
+  command: kubectl create -f /tmp/class.yaml
+  ignore_errors: true
+
+- name: Apply Deployment configuration
+  command: kubectl create -f /tmp/deployment.yaml
+  ignore_errors: true
+
+- name: Wait for pods to start
+  command: >
+    kubectl get pods -l app=nfs-client-provisioner
+    -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}'
+  register: pod_status
+  retries: 20
+  delay: 6
+  until: pod_status.stdout == "True"
+
+- name: Mark managed-nfs-storage as default storage class
+  command: >
+    kubectl patch storageclass managed-nfs-storage
+    -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
diff --git a/roles/install-nfs/templates/nfs-client-provisioner.yaml.j2 b/roles/install-nfs/templates/nfs-client-provisioner.yaml.j2
@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nfs-client-provisioner
+  labels:
+    app: nfs-client-provisioner
+  namespace: default
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: nfs-client-provisioner
+  template:
+    metadata:
+      labels:
+        app: nfs-client-provisioner
+    spec:
+      serviceAccountName: nfs-client-provisioner
+      containers:
+        - name: nfs-client-provisioner
+          image: k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2
+          volumeMounts:
+            - name: nfs-client-root
+              mountPath: /persistentvolumes
+          env:
+            - name: PROVISIONER_NAME
+              value: fuseim.pri/ifs
+            - name: NFS_SERVER
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.hostIP
+            - name: NFS_PATH
+              value: {{ nfs_directory }}
+      volumes:
+        - name: nfs-client-root
+          nfs:
+            server: "{{ nfs_server }}"
+            path: {{ nfs_directory }}
