Deployment: Add Ansible setup to deploy with microk8s (#296)

- adds an ansible/ directory for management deployments, starting with microk8s
- has a microk8s role
      we will need to add workers
- has a playbook with variables that can install most places

Author: kayiwa

ansible/.editorconfig

@@ -0,0 +1,24 @@
+root = true
+
+# Defaults for all editor files
+[*]
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+trim_trailing_whitespace = true
+
+# YAML is fussy about indenting and charset
+[*.yml]
+indent_style = space
+indent_size = 2
+continuation_indent_size = unset
+charset = utf-8
+
+# Markdown is fussy about indenting
+[*.md]
+indent_style = space
+indent_size = 4
+
+# Jinja2 template files
+[*.j2]
+end_of_line = lf

ansible/.tool-versions

@@ -0,0 +1,2 @@
+direnv 2.32.1
+python 3.10.6

ansible/Pipfile

@@ -0,0 +1,18 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+ansible = "==6.2.0"
+molecule = {extras = ["docker"], version = "==4.0.1"}
+certifi = "*"
+ansible-lint = "==6.4.0"
+yamllint = "==1.27.1"
+ansible-core = "==2.13"
+docker = "*"
+
+[dev-packages]
+
+[requires]
+python_version = "3.10"

ansible/Pipfile.lock

@@ -0,0 +1 @@
+3.2.1.4 # ip address of your endpoint

ansible/inventory/hosts.example

@@ -0,0 +1,7 @@
+---
+- name: install microk8s
+  hosts: "{{ your_ip }}"
+  remote_user: "{{ your_user }}"
+  become: true
+  roles:
+    - role: ../roles/microk8s

ansible/playbooks/install_microk8s.yml

@@ -0,0 +1,14 @@
+---
+skip_list:
+  - ANSIBLE0002
+  - ANSIBLE0006
+  - ANSIBLE0010
+  - ANSIBLE0016
+  - '303'
+  - '305'
+  - '306'
+  - '403'
+  - '503'
+  - '204'
+use_default_rules: true
+verbosity: 1

ansible/roles/microk8s/.ansible-lint

@@ -0,0 +1,37 @@
+---
+# Based on ansible-lint config
+extends: default
+
+ignore: |
+  venv/
+  .venv/
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable

ansible/roles/microk8s/.yamllint

@@ -0,0 +1,48 @@
+Role Name
+=========
+
+Installs and configures [MicroK8s](https://microk8s.io/)
+
+Requirements
+------------
+
+
+Role Variables
+--------------
+
+Add plugins you need installed with the following. (in the example below we are
+adding `istio`)
+
+```yaml
+microk8s_plugins:
+  istio: true                            # Core Istio service mesh services
+```
+
+more information at [defaults/main.yml](defaults/main.yml)
+
+You will want to make sure you add a value for `users` above. This will be the
+user that runs microk8s
+
+Dependencies
+------------
+
+The example here has been tested with Docker's Runtime
+
+Example Playbook
+----------------
+
+replace this with the IP address of your endpoint
+
+```yaml
+---
+- name: install microk8s
+  hosts: "{{ your_ip }}"
+  remote_user: "{{ your_user }}"
+  become: true
+  roles:
+    - role: ../roles/microk8s
+```
+License
+-------
+
+ISC

ansible/roles/microk8s/README.md

@@ -0,0 +1,37 @@
+---
+# defaults file for microk8s
+#
+# version management
+microk8s_version: "1.24/stable"
+microk8s_disable_snap_autoupdate: false
+
+# plugin configuration
+microk8s_dns_resolvers: 149.112.112.112,9.9.9.9
+registry_size: 20Gi
+microk8s_plugins:
+  dns: "{{ microk8s_dns_resolvers }}"     # CoreDNS
+  host-access: true                       # Allow Pods connecting to Host services smoothly
+  ingress: true                           # Ingress controller for external access
+  metrics-server: true                    # K8s Metrics Server for API access to service metrics
+  rbac: true                              # Role-Based Access Control for authorisation
+  storage: true                           # Storage class; allocates storage from host directory
+  registry: "size={{ registry_size }}"    # Private image registry exposed on localhost:32000
+  dashboard: true                         # The Kubernetes dashboard
+  gpu: false                              # Automatic enablement of Nvidia CUDA
+  helm3: true                             # Helm 3 - Kubernetes package manager
+
+helm3_repositories:
+  - name: stable
+    url: https://charts.helm.sh/stable
+
+# users to make members of microk8s group
+users: []
+
+# enable high-availability?
+microk8s_enable_ha: false
+
+# hostgroup whose members will form high-availability cluster
+microk8s_group_ha: "microk8s_ha"
+
+# regex to select IP address for joining nodes in HA setup
+microk8s_ip_regex_ha: "([0-9]{1,3}[\\.]){3}[0-9]{1,3}"