Initial commit

roles/docker/tasks/main.yml

+---
+- include: install.yml
+- include: configure.yml

roles/docker/templates/create_cbr.j2

+#!/bin/bash
+
+# Create calico bridge cbr0 if it doesn't exist
+ifaces=$(ifconfig -a | sed 's/[ \t].*//;/^\(lo\|\)$/d' |tr '\n' ' ')
+if ! [[ "${ifaces}" =~ "cbr0" ]];then
+   brctl addbr cbr0
+   ip link set cbr0 up
+fi
+
+# Configure calico bridge ip
+br_ips=$(ip addr list cbr0 |grep "inet " |cut -d' ' -f6)
+if ! [[ "${br_ips}" =~ "{{ br_addr }}/{{ overlay_network_host_prefix }}" ]];then
+       ip a add {{ br_addr }}/{{ overlay_network_host_prefix }} dev cbr0
+fi

roles/docker/templates/cron_docker-gc.j2

+#!/bin/sh
+
+test -x {{ bin_dir }}/docker-gc || exit 0
+{{ bin_dir }}/docker-gc

roles/docker/templates/debian.list.j2

+deb http://debian.arkena.net/debian/ {{ ansible_distribution_release }} main contrib non-free
+deb-src http://debian.arkena.net/debian/ {{ ansible_distribution_release }} main contrib non-free
+deb http://debian.arkena.net/debian/ {{ ansible_distribution_release }}-updates main contrib non-free
+deb-src http://debian.arkena.net/debian/ {{ ansible_distribution_release }}-updates main contrib non-free
+deb http://debian.arkena.net/debian-security/ {{ ansible_distribution_release }}/updates main contrib non-free
+deb-src http://debian.arkena.net/debian-security {{ ansible_distribution_release }}/updates main contrib non-free
+deb http://debian.arkena.net/debian/ {{ ansible_distribution_release }}-backports main contrib
+deb-src http://debian.arkena.net/debian/ {{ ansible_distribution_release }}-backports main contrib
+deb http://debian.arkena.net/debian-smartjog/ {{ ansible_distribution_release }} smartjog
+deb-src http://debian.arkena.net/debian-smartjog/ {{ ansible_distribution_release }} smartjog

roles/docker/templates/default-docker.j2

+# Docker Upstart and SysVinit configuration file
+
+# Customize location of Docker binary (especially for development testing).
+#DOCKER="/usr/local/bin/docker"
+
+# Use DOCKER_OPTS to modify the daemon startup options.
+{% if overlay_network_plugin is defined and overlay_network_plugin == "calico" %}
+DOCKER_OPTS="--bridge=cbr0 --iptables=false --ip-masq=false"
+{% endif %}
+
+# If you need Docker to use an HTTP proxy, it can also be specified here.
+#export http_proxy="http://127.0.0.1:3128/"
+
+# This is also a handy place to tweak where Docker's temporary files go.
+#export TMPDIR="/mnt/bigdrive/docker-tmp"

roles/docker/templates/docker.list.j2

+deb https://apt.dockerproject.org/repo debian-{{ ansible_distribution_release }} main

roles/docker/vars/main.yml

+---
+dockerhub_user: arkenadev
+dockerhub_pass: 4rk3n4d3v
+dockerhub_email: smaine.kahlouch@gmail.com 

roles/download/defaults/main.yml

+---
+etcd_download_url: https://github.com/coreos/etcd/releases/download
+flannel_download_url: https://github.com/coreos/flannel/releases/download
+kube_download_url: https://github.com/GoogleCloudPlatform/kubernetes/releases/download
+calico_download_url: https://github.com/Metaswitch/calico-docker/releases/download

roles/download/tasks/calico.yml

+---
+- name: Create calico release directory
+  local_action: file
+     path={{ local_release_dir }}/calico/bin
+     recurse=yes
+     state=directory
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Check if calicoctl has been downloaded
+  local_action: stat
+     path={{ local_release_dir }}/calico/bin/calicoctl
+  register: c_tar
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+# issues with get_url module and redirects, to be tested again in the near future
+- name: Download calico
+  local_action: shell
+    curl -o {{ local_release_dir }}/calico/bin/calicoctl -Ls {{ calico_download_url }}/{{ calico_version }}/calicoctl
+  when: not c_tar.stat.exists
+  register: dl_calico
+  delegate_to: "{{ groups['kube-master'][0] }}"

roles/download/tasks/etcd.yml

+---
+- name: Create etcd release directory
+  local_action: file
+     path={{ local_release_dir }}/etcd/bin
+     recurse=yes
+     state=directory
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Check if etcd release archive has been downloaded
+  local_action: stat
+     path={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz
+  register: e_tar
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+# issues with get_url module and redirects, to be tested again in the near future
+- name: Download etcd
+  local_action: shell
+    curl -o {{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz -Ls {{ etcd_download_url }}/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-amd64.tar.gz
+  when: not e_tar.stat.exists
+  register: dl_etcd
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Extract etcd archive
+  local_action: unarchive
+     src={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz
+     dest={{ local_release_dir }}/etcd copy=no
+  when: dl_etcd|changed
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Pick up only etcd binaries
+  local_action: copy
+     src={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64/{{ item }}
+     dest={{ local_release_dir }}/etcd/bin
+  with_items:
+    - etcdctl
+    - etcd
+  when: dl_etcd|changed
+
+- name: Delete unused etcd files
+  local_action: file
+     path={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64 state=absent
+  when: dl_etcd|changed

roles/download/tasks/flannel.yml

+---
+- name: Create flannel release directory
+  local_action: file
+     path={{ local_release_dir }}/flannel
+     recurse=yes
+     state=directory
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Check if flannel release archive has been downloaded
+  local_action: stat
+     path={{ local_release_dir }}/flannel/flannel-{{ flannel_version }}-linux-amd64.tar.gz
+  register: f_tar
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+# issues with get_url module and redirects, to be tested again in the near future
+- name: Download flannel
+  local_action: shell
+    curl -o {{ local_release_dir }}/flannel/flannel-{{ flannel_version }}-linux-amd64.tar.gz -Ls {{ flannel_download_url }}/v{{ flannel_version }}/flannel-{{ flannel_version }}-linux-amd64.tar.gz
+  when: not f_tar.stat.exists
+  register: dl_flannel
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Extract flannel archive
+  local_action: unarchive
+     src={{ local_release_dir }}/flannel/flannel-{{ flannel_version }}-linux-amd64.tar.gz
+     dest={{ local_release_dir }}/flannel copy=no
+  when: dl_flannel|changed
+  delegate_to: "{{ groups['kube-master'][0] }}"
+
+- name: Pick up only flannel binaries
+  local_action: copy
+     src={{ local_release_dir }}/flannel/flannel-{{ flannel_version }}/flanneld
+     dest={{ local_release_dir }}/flannel/bin
+  when: dl_flannel|changed
+
+- name: Delete unused flannel files
+  local_action: file
+     path={{ local_release_dir }}/flannel/flannel-{{ flannel_version }} state=absent
+  when: dl_flannel|changed

roles/download/tasks/kubernetes.yml

+---
+- name: Create kubernetes release directory
+  local_action: file
+     path={{ local_release_dir }}/kubernetes
+     state=directory
+
+- name: Check if kubernetes release archive has been downloaded
+  local_action: stat
+     path={{ local_release_dir }}/kubernetes/kubernetes.tar.gz
+  register: k_tar
+
+# issues with get_url module and redirects, to be tested again in the near future
+- name: Download kubernetes
+  local_action: shell
+    curl -o {{ local_release_dir }}/kubernetes/kubernetes.tar.gz -Ls {{ kube_download_url }}/{{ kube_version }}/kubernetes.tar.gz
+  when: not k_tar.stat.exists or k_tar.stat.checksum != "{{ kube_sha1 }}"
+  register: dl_kube
+
+- name: Compare kubernetes archive checksum
+  local_action: stat
+     path={{ local_release_dir }}/kubernetes/kubernetes.tar.gz
+  register: k_tar
+  failed_when: k_tar.stat.checksum != "{{ kube_sha1 }}"
+  when: dl_kube|changed
+
+- name: Extract kubernetes archive
+  local_action: unarchive
+     src={{ local_release_dir }}/kubernetes/kubernetes.tar.gz
+     dest={{ local_release_dir }}/kubernetes copy=no
+  when: dl_kube|changed
+
+- name: Extract kubernetes binaries archive
+  local_action: unarchive
+     src={{ local_release_dir }}/kubernetes/kubernetes/server/kubernetes-server-linux-amd64.tar.gz
+     dest={{ local_release_dir }}/kubernetes copy=no
+  when: dl_kube|changed
+
+- name: Pick up only kubernetes binaries
+  local_action: synchronize
+     src={{ local_release_dir }}/kubernetes/kubernetes/server/bin
+     dest={{ local_release_dir }}/kubernetes
+  when: dl_kube|changed
+
+- name: Delete unused kubernetes files
+  local_action: file
+     path={{ local_release_dir }}/kubernetes/kubernetes state=absent
+  when: dl_kube|changed

roles/download/tasks/main.yml

+---
+- include: kubernetes.yml
+- include: etcd.yml
+- include: calico.yml
+- include: flannel.yml

roles/download/vars/main.yml

+---
+etcd_version: v2.2.0
+flannel_version: 0.5.3
+
+kube_version: v1.0.6
+kube_sha1: 289f9a11ea2f3cfcc6cbd50d29c3d16d4978b76c
+
+calico_version: v0.5.1

roles/etcd/handlers/main.yml

+---
+- name: restart daemons
+  command: /bin/true
+  notify:
+    - reload systemd
+    - restart etcd2
+
+- name: reload systemd
+  command: systemctl daemon-reload
+
+- name: restart etcd2
+  service: name=etcd2 state=restarted
+
+- name: Save iptables rules
+  command: service iptables save

roles/etcd/tasks/configure.yml

+---
+- name: Disable ferm
+  service: name=ferm state=stopped enabled=no
+
+- name: Create etcd2 environment vars dir
+  file: path=/etc/systemd/system/etcd2.service.d state=directory
+
+- name: Write etcd2 config file
+  template: src=etcd2.j2 dest=/etc/systemd/system/etcd2.service.d/10-etcd2-cluster.conf
+  notify:
+    - reload systemd
+    - restart etcd2
+
+- name: Ensure etcd2 is running
+  service: name=etcd2 state=started enabled=yes

roles/etcd/tasks/install.yml

+---
+- name: Create etcd user
+  user: name=etcd shell=/bin/nologin home=/var/lib/etcd2
+
+- name: Install etcd binaries
+  copy: 
+     src={{ local_release_dir }}/etcd/bin/{{ item }}
+     dest={{ bin_dir }}
+     owner=etcd
+     mode=u+x
+  with_items:
+    - etcdctl
+    - etcd
+  notify:
+    - restart daemons
+
+- name: Create etcd2 binary symlink
+  file: src=/usr/local/bin/etcd dest=/usr/local/bin/etcd2 state=link
+
+- name: Copy etcd2.service systemd file
+  template:
+    src: systemd-etcd2.service.j2
+    dest: /lib/systemd/system/etcd2.service
+  notify: restart daemons

roles/etcd/tasks/main.yml

+---
+- include: install.yml
+- include: configure.yml

roles/etcd/templates/etcd2.j2

+# etcd2.0
+[Service]
+{% if inventory_hostname in groups['kube-master'] %}
+Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{ ansible_default_ipv4.address }}:2379,http://{{ ansible_default_ipv4.address }}:4001"
+Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{ ansible_default_ipv4.address }}:2380"
+Environment="ETCD_INITIAL_CLUSTER=master=http://{{ ansible_default_ipv4.address }}:2380"
+Environment="ETCD_INITIAL_CLUSTER_STATE=new"
+Environment="ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcd"
+Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379,http://0.0.0.0:4001"
+Environment="ETCD_LISTEN_PEER_URLS=http://:2380,http://{{ ansible_default_ipv4.address }}:7001"
+Environment="ETCD_NAME=master"
+{% else %}
+Environment="ETCD_ADVERTISE_CLIENT_URLS=http://0.0.0.0:2379,http://0.0.0.0:4001"
+Environment="ETCD_INITIAL_CLUSTER=master=http://{{ groups['kube-master'][0] }}:2380"
+Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379,http://0.0.0.0:4001"
+Environment="ETCD_PROXY=on"
+{% endif %}

roles/etcd/templates/systemd-etcd2.service.j2

+[Unit]
+Description=etcd2
+Conflicts=etcd.service
+
+[Service]
+User=etcd
+Environment=ETCD_DATA_DIR=/var/lib/etcd2
+Environment=ETCD_NAME=%m
+ExecStart={{ bin_dir }}/etcd2
+Restart=always
+RestartSec=10s
+LimitNOFILE=40000
+
+[Install]
+WantedBy=multi-user.target