diff --git a/docs/projects/ansible/collection/kubernetes/roles/kubernetes_netbox/index.md b/docs/projects/ansible/collection/kubernetes/roles/kubernetes_netbox/index.md new file mode 100644 index 0000000..0e35e51 --- /dev/null +++ b/docs/projects/ansible/collection/kubernetes/roles/kubernetes_netbox/index.md @@ -0,0 +1,41 @@ +--- +title: NetBox Kubernetes +description: No Fuss Computings Ansible role kubernetes_netbox +date: 2023-10-24 +template: project.html +about: https://gitlab.com/nofusscomputing/projects/ansible/collections/kubernetes +--- + +This Ansible role as part of our collection `nofusscomputing.kubernetes` is intended to be used to setup NetBox so that the settings for deploying a kubernetes cluster can be stored within NetBox. + + +## Role Details + +| Item| Value | Description | +|:---|:---:|:---| +| Dependent Roles | _None_ | | +| Optional Roles | _None_ | | +| Idempotent | _Yes_ | | +| Stats Available | _Not Yet_ | | +| Tags | _Nil_ | | +| Requirements | _None_ | | + + +## Features + +- Adds custom fields to `cluster` object within NetBox that this collection can use to deploy a kubernetes cluster. + + +## Usage + +To configure NetBox, ensure that the NetBox Access variables are set and run playbook `nofusscomputing.netbox.kubernetes_netbox`. This will setup NetBox with the required fields that role [nfc_kubernetes](../nfc_kubernetes/index.md) uses. + + +## Default Variables + + +``` yaml title="defaults/main.yaml" linenums="1" + +--8<-- "roles/kubernetes_netbox/defaults/main.yaml" + +``` diff --git a/galaxy.yml b/galaxy.yml index 1bba1c3..6e1cdaa 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -47,6 +47,7 @@ dependencies: ansible.posix: '>=1.5.4' kubernetes.core: '>=3.0.0' nofusscomputing.firewall: '>=1.1.0' + netbox.netbox: '>=3.16.0' # The URL of the originating SCM repository diff --git a/playbooks/netbox.yaml b/playbooks/netbox.yaml new file mode 100644 index 0000000..4bc9578 --- /dev/null +++ b/playbooks/netbox.yaml @@ -0,0 +1,64 @@ +--- +- name: Install K3s Kubernetes + hosts: |- + {%- if nfc_pb_host is defined -%} + + {{ nfc_pb_host }} + + {%- elif nfc_pb_kubernetes_cluster_name is defined -%} + + kubernetes_cluster_{{ nfc_pb_kubernetes_cluster_name | lower }} + + {%- else -%} + + {%- if ansible_limit is defined -%} + + {{ ansible_limit }} + + {%- else -%} + + localhost + + {%- endif -%} + + {%- endif %} + become: false + gather_facts: false + + + tasks: + + + - name: Configure NetBox for Kubernetes Deployment(s) + ansible.builtin.include_role: + name: kubernetes_netbox + tags: + - always + + + # vars: + + # + # Future feature, add playbook to import to awx + # + # nfc_pb_awx_tower_template: + + + # - name: "Collection/NoFussComputing/Kubernetes/NetBox/Configure" + # ask_credential_on_launch: true + # ask_job_type_on_launch: true + # ask_limit_on_launch: true + # ask_tags_on_launch: true + # ask_variables_on_launch: true + # description: | + # Playbook to Install/Configure Kubernetes using configuration + # from code. + # execution_environment: "No Fuss Computing EE" + # job_type: "check" + # labels: + # - cluster + # - k3s + # - kubernetes + # verbosity: 2 + # use_fact_cache: true + # survey_enabled: false diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..a8aab94 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,2 @@ +pynetbox +pytz diff --git a/roles/defaults/main.yaml b/roles/defaults/main.yaml new file mode 100644 index 0000000..9224619 --- /dev/null +++ b/roles/defaults/main.yaml @@ -0,0 +1,9 @@ +--- + +# +# NetBox Access Variables. Required +# + +# nfc_pb_api_netbox_url: # ENV [NETBOX_API] +# nfc_pb_api_netbox_token: # ENV [NETBOX_TOKEN] +# nfc_pb_api_netbox_validate_cert: true # ENV [NETBOX_VALIDATE_CERT] diff --git a/roles/kubernetes_netbox/meta/main.yaml b/roles/kubernetes_netbox/meta/main.yaml new file mode 100644 index 0000000..fafeca1 --- /dev/null +++ b/roles/kubernetes_netbox/meta/main.yaml @@ -0,0 +1,30 @@ +galaxy_info: + + role_name: kubernetes_netbox + + author: No Fuss Computing + + description: Configure the required items within Netbox to support deploying kubernetes from Netbox configuration. + + issue_tracker_url: https://gitlab.com/nofusscomputing/projects/ansible/collections/kubernetes + + license: MIT + + min_ansible_version: '2.15' + + platforms: + + - name: Debian + versions: + - bullseye + - bookworm + + - name: Ubuntu + versions: + - 21 + + galaxy_tags: + - cluster + - k3s + - kubernetes + - netbox diff --git a/roles/kubernetes_netbox/tasks/cluster.yaml b/roles/kubernetes_netbox/tasks/cluster.yaml new file mode 100644 index 0000000..0ba5502 --- /dev/null +++ b/roles/kubernetes_netbox/tasks/cluster.yaml @@ -0,0 +1,203 @@ +--- + +- name: Configure Firewall + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Configure Firewall + name: nfc_role_kubernetes_configure_firewall + type: boolean + ui_visibility: 'hidden-ifunset' + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: ETCD Enabled + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: ETCD Enabled + name: nfc_role_kubernetes_etcd_enabled + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Install OLM + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Install OLM + name: nfc_role_kubernetes_install_olm + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Install Helm + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Install Helm + name: nfc_role_kubernetes_install_helm + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Install KubeVirt + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Install KubeVirt + name: nfc_role_kubernetes_install_kubevirt + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: KubeVirt Operator Replicas + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: KubeVirt Operator Replicas + name: nfc_role_kubernetes_kubevirt_operator_replicas + type: integer + ui_visibility: hidden-ifunset + # is_cloneable: false + validation_minimum: 1 + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Enable MetalLB + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Enable MetalLB + name: nfc_kubernetes_enable_metallb + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Enable ServiceLB (klipper) + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Enable ServiceLB (klipper) + name: nfc_kubernetes_enable_servicelb + type: boolean + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Pod Subnet + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Pod Subnet + name: nfc_role_kubernetes_pod_subnet + object_type: ipam.prefix + type: object + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost + + +- name: Service Subnet + netbox.netbox.netbox_custom_field: + netbox_url: "{{ lookup('env', 'NETBOX_API') | default(nfc_pb_api_netbox_url) }}" + netbox_token: "{{ lookup('env', 'NETBOX_TOKEN') | default(nfc_pb_api_netbox_token) }}" + data: + content_types: + - virtualization.cluster + default: null + group_name: Kubernetes + label: Service Subnet + name: nfc_role_kubernetes_service_subnet + object_type: ipam.prefix + type: object + ui_visibility: hidden-ifunset + # is_cloneable: false + weight: 100 + state: present + validate_certs: "{{ lookup('env', 'NETBOX_VALIDATE_CERT') | default(nfc_pb_api_netbox_validate_cert) | default(true) | bool }}" + delegate_to: localhost diff --git a/roles/kubernetes_netbox/tasks/main.yaml b/roles/kubernetes_netbox/tasks/main.yaml new file mode 100644 index 0000000..d457255 --- /dev/null +++ b/roles/kubernetes_netbox/tasks/main.yaml @@ -0,0 +1,7 @@ +--- + +- name: Setup NetBox for Kubernetes Cluster Deployments + ansible.builtin.include_tasks: + file: cluster.yaml + tags: + - always