README.md 2.46 KB
Newer Older
kaiyou's avatar
kaiyou committed
1
This playbook is meant to deploy hepto pods, i.e. pddman pods that embeds wesher and k3s.
kaiyou's avatar
kaiyou committed
2

kaiyou's avatar
kaiyou committed
3
It can be used either to deploy an entire cluster, or to add nodes to a cluster that you do not own entirely (especially if you do not own the master).
kaiyou's avatar
kaiyou committed
4

kaiyou's avatar
kaiyou committed
5
# Hepto pods?
6

kaiyou's avatar
kaiyou committed
7
A hepto *pod* is the base unit of a hepto cluster. It is based on podman and systemd and made of two containers: a wesher instance that joins an encrypted cluster network, and k3s, the container orchestrator.
8

kaiyou's avatar
kaiyou committed
9
A hepto cluster is made of multiple hepto *pods*, one of which is the master. Any physical host (or virtual machine for that matter) can host any number of hepto *pods*, that may belong to various hepto clusters.
kaiyou's avatar
kaiyou committed
10

kaiyou's avatar
kaiyou committed
11
# Requirements
kaiyou's avatar
kaiyou committed
12

kaiyou's avatar
kaiyou committed
13
Each hepto *pod* must have its own IPv4 or IPv6, independent of the physical host own addresses. If your physical host is hosted by a provider that only grants you a single IPv4 and IPv6, unfortunately you cannot run hepto at this point.
kaiyou's avatar
kaiyou committed
14

kaiyou's avatar
kaiyou committed
15
On each host, python must be installed for ansible to run properly: 
kaiyou's avatar
kaiyou committed
16
17

```
kaiyou's avatar
kaiyou committed
18
sudo apt install python 
kaiyou's avatar
kaiyou committed
19
20
```

kaiyou's avatar
kaiyou committed
21
# Create an inventory file
22

kaiyou's avatar
kaiyou committed
23
Create a `hosts.ini` file that contains details about your hepto *pods*. For each hepto *pod*, you must specify:
kaiyou's avatar
kaiyou committed
24
25
26
27
 - a name, which must be unique across all clusters that run on your physical hosts;
 - the physical host is meant to run on;
 - the network interface it will use to contact other pods;
 - the network configuration it will use to contact other pods.
kaiyou's avatar
kaiyou committed
28

kaiyou's avatar
kaiyou committed
29
30
You must also specify general variables, including:
 - the pod name of the master;
kaiyou's avatar
kaiyou committed
31
 - the public address of the master for other hepto *pods* to join;
kaiyou's avatar
kaiyou committed
32
33
 - a 32 bytes overlay key, used to secure network communications inside the cluster;
 - a 32 bytes cluster key, used to restrict access to the master.
kaiyou's avatar
kaiyou committed
34

kaiyou's avatar
kaiyou committed
35
The final configuration file might look like:
kaiyou's avatar
kaiyou committed
36
37

```
kaiyou's avatar
kaiyou committed
38
39
40
41
[cluster]
anakin ansible_host=123.123.123.1 iface=eth0 net=123.123.123.0/24 addr=123.123.123.2 gw=123.123.123.254
leia ansible_host=10.0.0.2 iface=eno1 net=10.0.0.0/24 addr=10.0.0.10 gw=10.0.0.1
vador ansible_host=10.0.0.2 iface=eno1 net=10.0.0.0/24 addr=10.0.0.11 gw=10.0.0.1
kaiyou's avatar
kaiyou committed
42
43
44

[cluster:vars]
ansible_user=root
kaiyou's avatar
kaiyou committed
45
46
47
48
master=anakin
master_address=123.123.123.2
overlay_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
cluster_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
kaiyou's avatar
kaiyou committed
49
50
```

kaiyou's avatar
kaiyou committed
51
52
53
54
The key should be generated randomly. You should be able to change it afterwards at the condition that you update all nodes.

# Apply the playbook

kaiyou's avatar
kaiyou committed
55
In order to configure hepto *pods* on your physical hosts, simply run the playbook:
kaiyou's avatar
kaiyou committed
56
57

```
kaiyou's avatar
kaiyou committed
58
ansible-playbook -i hosts.ini site.yaml
kaiyou's avatar
kaiyou committed
59
```