Add Kube VIP to cluster

Closes #11

.ansible-lint

@@ -131,6 +131,7 @@ profile: null
 # :end-before: "###\n"
 # ```
 skip_list:
+  - command-instead-of-module
   - command-instead-of-shell
   - loop-var-prefix[missing]
   - no-changed-when

index.md

@@ -34,6 +34,12 @@ roles/index
 ```{index} ansible; roles
 ```
 
+```{graphviz}
+digraph roles {
+   reset -> init -> join -> kv
+}
+```
+
 ## Readme
 
 ```{toctree}
@@ -77,6 +83,10 @@ kube-vip
    on a bare metal {term}`K8S` cluster. More information is available
    [here](https://kube-vip.io/docs/installation/static/).
 
+kubie
+   A handy tool for switching k8s contexts and namespaces. More information is
+   available [here](https://github.com/sbstp/kubie).
+
 K8S
    Kubernetes; Ancient Greek for navigator or guide, in modern English usage
    it is a container orchestration system designed by Google and documented

roles/index.md

@@ -39,14 +39,20 @@ the way to use these roles is this.
    ansible-playbook -t join site.yml
    ```
 
-4. Copy your updated {term}`kubeconfig` from the init role's file folder to
+4. Enable Kube-VIP on the control planes.
+
+   ```{code-block} shell
+   ansible-playbook -t kv site.yml
+   ```
+
+5. Copy your updated {term}`kubeconfig` from the init role's file folder to
    the appropriate directory.
 
    ```{code-block} shell
    cp roles/init/files/admin.conf $HOME/.kube/config
    ```
 
-5. Verify that your connection works and the cluster is up.
+6. Verify that your connection works and the cluster is up.
 
    ```{code-block} shell
    kubectl get nodes

roles/init/index.md

@@ -10,10 +10,7 @@ title: K8S HA Control Plane Init
 ---
 
 {term}`HA` Clusters with Kubeadm is helped with use of the tool
-[kube-vip](https://kube-vip.io/docs/installation/static/).
-
-More information about the process for HA setup is available
-[here](https://github.com/kubernetes/kubeadm/blob/main/docs/ha-considerations.md#kube-vip).
+{term}`kube-vip`.
 
 A handy tool for switching k8s contexts is called
 [kubie](https://github.com/sbstp/kubie).

roles/join/index.md

@@ -9,18 +9,11 @@ date: 2024-07-24
 title: HA K8S Join Control Planes
 ---
 
-[HA Clusters with Kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/)
-is helped with use of the tool
-[kube-vip](https://kube-vip.io/docs/installation/static/).
-
-More information about the process for HA setup is available
-[here](https://github.com/kubernetes/kubeadm/blob/main/docs/ha-considerations.md#kube-vip).
-
-A handy tool for switching k8s contexts is called
-[kubie](https://github.com/sbstp/kubie).
-
 ## Tasks
 
+This role joins remaining control planes to the new cluster. It should be run
+after the init role and before the kv role.
+
 ```{literalinclude} /roles/join/tasks/main.yml
 :language: yaml
 ```

roles/kv/index.md

@@ -0,0 +1,25 @@
+---
+abstract: >-
+    This role creates and installs a Kube-VIP manifest onto all control planes.
+authors:
+    - name: Xander Harris
+      email: [email protected]
+date: 2024-07-24
+title: HA K8S Kube-VIP
+---
+
+Deployment of HA K8S Clusters with Kubeadm is helped with use of the tool
+{term}`kube-vip`. This role uses the static pods version of the network,
+which is best for bare metal deployments.
+
+## Tasks
+
+This role enables {term}`kube-vip` for cluster networking. This role should
+be run after the join role.
+
+```{literalinclude} /roles/kv/tasks/main.yml
+:language: yaml
+```
+
+```{sectionauthor} Xander Harris <[email protected]>
+```

roles/kv/tasks/main.yml

@@ -0,0 +1,55 @@
+---
+- name: Ensure manifests directory
+  ansible.builtin.file:
+    state: directory
+    recurse: true
+    dest: /etc/kubernetes/manifests
+    owner: kube
+    group: kube
+    mode: ug+rw,o+r
+- name: Install prerequisites for creating the manifest
+  community.general.pacman:
+    name: "{{ item }}"
+    state: present
+  loop:
+    - curl
+    - jq
+- name: Fetch the Kube-VIP version
+  ansible.builtin.shell:
+    cmd: >-
+      curl -sL https://api.github.com/repos/kube-vip/kube-vip/releases | jq -r ".[0].name"
+  register: init_kvv
+- name: Output registered value
+  ansible.builtin.debug:
+    var: init_kvv.stdout
+- name: Check if alias is already defined
+  ansible.builtin.lineinfile:
+    state: absent
+    path: "/root/.bashrc"
+    regexp: "^alias\ kube-vip="
+  check_mode: true
+  changed_when: false # This just makes things look prettier in the logs
+  register: check
+- name: Add an alias to bash rc files.
+  ansible.builtin.lineinfile:
+    state: present
+    path: /root/.bashrc
+    line: >-
+      alias kube-vip="ctr image pull ghcr.io/kube-vip/kube-vip:$KVVERSION; ctr run --rm --net-host ghcr.io/kube-vip/kube-vip:$KVVERSION vip /kube-vip"
+  environment:
+    KVVERSION: "{{ init_kvv.stdout }}"
+  when: check.found == 0
+- name: Deploy the manifest
+  ansible.builtin.shell:
+    cmd: |-
+      kube-vip manifest pod \
+        --interface $INTERFACE \
+        --address $VIP \
+        --controlplane \
+        --services \
+        --arp \
+        --leaderElection | tee /etc/kubernetes/manifests/kube-vip.yaml
+  environment:
+    INTERFACE: "{{ kv_interface }}"
+    KVVERSION: "{{ init_kvv.stdout }}"
+    VIP: "{{ kv_aa }}"

roles/reset/index.md

@@ -9,6 +9,9 @@ title: Reset Cluster
 
 ## Reset Role Usage
 
+This role should generally be executed first to attempt to create a fresh
+environment.
+
 ```{literalinclude} /roles/reset/tasks/main.yml
 :language: yaml
 ```

roles/reset/tasks/main.yml

@@ -33,3 +33,11 @@
   ansible.builtin.file:
     dest: /root/reset.md
     state: absent
+- name: Stop containerd
+  ansible.builtin.service:
+    state: stopped
+    name: containerd
+- name: Start containerd
+  ansible.builtin.service:
+    state: started
+    name: containerd

site.yml

@@ -29,3 +29,10 @@
     - role: join
       tags:
         - join
+- name: Kube VIP
+  hosts: kcp
+  become: true
+  roles:
+    - role: kv
+      tags:
+        - kv