From 711211a2c96e7b164a94fdcd9f547ef4894820cc Mon Sep 17 00:00:00 2001 From: "p.pofuk" Date: Fri, 20 Sep 2024 15:50:25 +0200 Subject: [PATCH 1/4] fix: specify kubelogin version --- .github/workflows/configure-cluster.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/configure-cluster.yml b/.github/workflows/configure-cluster.yml index 6cce437..029cc9f 100644 --- a/.github/workflows/configure-cluster.yml +++ b/.github/workflows/configure-cluster.yml @@ -47,6 +47,8 @@ jobs: - name: Setup kubelogin uses: azure/use-kubelogin@v1 + with: + kubelogin-version: 'v0.1.4' - name: Set Cluster Context uses: azure/aks-set-context@v3 From 3f66488383a1b131aeebf1586c898262686f357f Mon Sep 17 00:00:00 2001 From: "p.pofuk" Date: Fri, 20 Sep 2024 16:10:13 +0200 Subject: [PATCH 2/4] add: nginx ingress role and playbook --- .github/workflows/configure-cluster.yml | 5 ++-- playbook.yml | 13 ++++++++++ roles/nginx_ingress/README.md | 23 +++++++++++++++++ roles/nginx_ingress/defaults/main.yml | 5 ++++ roles/nginx_ingress/handlers/main.yml | 2 ++ roles/nginx_ingress/meta/main.yml | 34 +++++++++++++++++++++++++ roles/nginx_ingress/tasks/main.yml | 24 +++++++++++++++++ roles/nginx_ingress/tests/inventory | 2 ++ roles/nginx_ingress/tests/test.yml | 5 ++++ roles/nginx_ingress/vars/main.yml | 2 ++ 10 files changed, 113 insertions(+), 2 deletions(-) create mode 100644 playbook.yml create mode 100644 roles/nginx_ingress/README.md create mode 100644 roles/nginx_ingress/defaults/main.yml create mode 100644 roles/nginx_ingress/handlers/main.yml create mode 100644 roles/nginx_ingress/meta/main.yml create mode 100644 roles/nginx_ingress/tasks/main.yml create mode 100644 roles/nginx_ingress/tests/inventory create mode 100644 roles/nginx_ingress/tests/test.yml create mode 100644 roles/nginx_ingress/vars/main.yml diff --git a/.github/workflows/configure-cluster.yml b/.github/workflows/configure-cluster.yml index 029cc9f..b698b50 100644 --- a/.github/workflows/configure-cluster.yml +++ b/.github/workflows/configure-cluster.yml @@ -57,6 +57,7 @@ jobs: cluster-name: wp06cluster admin: true - - name: List all pods + - name: Execute Ansible Playbooks run: | - kubectl get pods --all-namespaces + ansible-playbook -v playbook.yml + diff --git a/playbook.yml b/playbook.yml new file mode 100644 index 0000000..f48d3b5 --- /dev/null +++ b/playbook.yml @@ -0,0 +1,13 @@ +--- +- name: Deploy multiple NGINX ingress controllers + hosts: localhost + roles: + - role: nginx_ingress + vars: + namespace: ingress-nginx-1 + release_name: ingress-nginx-1 + + - role: nginx_ingress + vars: + namespace: ingress-nginx-2 + release_name: ingress-nginx-2 diff --git a/roles/nginx_ingress/README.md b/roles/nginx_ingress/README.md new file mode 100644 index 0000000..43074e3 --- /dev/null +++ b/roles/nginx_ingress/README.md @@ -0,0 +1,23 @@ +NGINX Ingress +========= + +Install nginx ingress controller using helm charts. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Example Playbook +---------------- +TODO + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/nginx_ingress/defaults/main.yml b/roles/nginx_ingress/defaults/main.yml new file mode 100644 index 0000000..7392291 --- /dev/null +++ b/roles/nginx_ingress/defaults/main.yml @@ -0,0 +1,5 @@ +--- +namespace: ingress-nginx +release_name: ingress-nginx +azure_lb_health_probe_path: /healthz +external_traffic_policy: Local diff --git a/roles/nginx_ingress/handlers/main.yml b/roles/nginx_ingress/handlers/main.yml new file mode 100644 index 0000000..046fed3 --- /dev/null +++ b/roles/nginx_ingress/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for nginx_ingress diff --git a/roles/nginx_ingress/meta/main.yml b/roles/nginx_ingress/meta/main.yml new file mode 100644 index 0000000..ea68190 --- /dev/null +++ b/roles/nginx_ingress/meta/main.yml @@ -0,0 +1,34 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/nginx_ingress/tasks/main.yml b/roles/nginx_ingress/tasks/main.yml new file mode 100644 index 0000000..22f3863 --- /dev/null +++ b/roles/nginx_ingress/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Add the ingress-nginx Helm repository + community.kubernetes.helm_repo: + name: ingress-nginx + repo_url: https://kubernetes.github.io/ingress-nginx + +- name: Update Helm repositories + community.kubernetes.helm: + name: ingress-nginx + update_repo_cache: true + +- name: Install the ingress-nginx chart + community.kubernetes.helm: + name: "{{ release_name }}" + chart_ref: ingress-nginx/ingress-nginx + release_name: "{{ release_name }}" + create_namespace: true + namespace: "{{ namespace }}" + values: + controller: + service: + annotations: + service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: "{{ azure_lb_health_probe_path }}" + externalTrafficPolicy: "{{ external_traffic_policy }}" diff --git a/roles/nginx_ingress/tests/inventory b/roles/nginx_ingress/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/nginx_ingress/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/nginx_ingress/tests/test.yml b/roles/nginx_ingress/tests/test.yml new file mode 100644 index 0000000..753bbf9 --- /dev/null +++ b/roles/nginx_ingress/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - nginx_ingress diff --git a/roles/nginx_ingress/vars/main.yml b/roles/nginx_ingress/vars/main.yml new file mode 100644 index 0000000..7a5f46c --- /dev/null +++ b/roles/nginx_ingress/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for nginx_ingress From 7816629d7dec5a3cf1c121886f25f5a94c8a5c27 Mon Sep 17 00:00:00 2001 From: "p.pofuk" Date: Fri, 20 Sep 2024 16:40:13 +0200 Subject: [PATCH 3/4] fix: syntax errors --- roles/nginx_ingress/tasks/main.yml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/roles/nginx_ingress/tasks/main.yml b/roles/nginx_ingress/tasks/main.yml index 22f3863..be3f2ba 100644 --- a/roles/nginx_ingress/tasks/main.yml +++ b/roles/nginx_ingress/tasks/main.yml @@ -1,22 +1,18 @@ --- - name: Add the ingress-nginx Helm repository - community.kubernetes.helm_repo: - name: ingress-nginx + community.kubernetes.helm_repository: + repo_name: ingress-nginx repo_url: https://kubernetes.github.io/ingress-nginx -- name: Update Helm repositories - community.kubernetes.helm: - name: ingress-nginx - update_repo_cache: true - - name: Install the ingress-nginx chart community.kubernetes.helm: name: "{{ release_name }}" chart_ref: ingress-nginx/ingress-nginx release_name: "{{ release_name }}" create_namespace: true - namespace: "{{ namespace }}" - values: + release_namespace: "{{ namespace }}" + update_repo_cache: true + release_values: controller: service: annotations: From 5efd50068cffe3f372c8bd3011d7735aef891b9d Mon Sep 17 00:00:00 2001 From: "p.pofuk" Date: Fri, 20 Sep 2024 17:57:02 +0200 Subject: [PATCH 4/4] add: ingress class name --- playbook.yml | 2 ++ roles/nginx_ingress/defaults/main.yml | 1 + roles/nginx_ingress/tasks/main.yml | 2 ++ 3 files changed, 5 insertions(+) diff --git a/playbook.yml b/playbook.yml index f48d3b5..4b2ccb6 100644 --- a/playbook.yml +++ b/playbook.yml @@ -6,8 +6,10 @@ vars: namespace: ingress-nginx-1 release_name: ingress-nginx-1 + ingress_class_name: nginx-1 - role: nginx_ingress vars: namespace: ingress-nginx-2 release_name: ingress-nginx-2 + ingress_class_name: nginx-2 diff --git a/roles/nginx_ingress/defaults/main.yml b/roles/nginx_ingress/defaults/main.yml index 7392291..6cc8066 100644 --- a/roles/nginx_ingress/defaults/main.yml +++ b/roles/nginx_ingress/defaults/main.yml @@ -3,3 +3,4 @@ namespace: ingress-nginx release_name: ingress-nginx azure_lb_health_probe_path: /healthz external_traffic_policy: Local +ingress_class_name: nginx diff --git a/roles/nginx_ingress/tasks/main.yml b/roles/nginx_ingress/tasks/main.yml index be3f2ba..21a0bbd 100644 --- a/roles/nginx_ingress/tasks/main.yml +++ b/roles/nginx_ingress/tasks/main.yml @@ -14,6 +14,8 @@ update_repo_cache: true release_values: controller: + ingressClassResource: + name: "{{ ingress_class_name }}" service: annotations: service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: "{{ azure_lb_health_probe_path }}"