ansible-playbooks/playbook-training.yml

---
- name: Container training
  hosts: all
  become: true
  gather_facts: true

  tasks:
    - name: Install dependencies
      ansible.builtin.apt:
        name: >
          apache2-utils,
          apt-transport-https,
          ca-certificates,
          docker-compose-v2,
          fping,
          fzf,
          httping,
          python3-pip,
          tmux,
          w3m,
          yq,
          unzip
        state: present
        update_cache: true

    - name: Download kns
      ansible.builtin.get_url:
        url: https://raw.githubusercontent.com/blendle/kns/master/bin/kns
        dest: /usr/local/bin/kns
        mode: '0755'

    - name: Download kustomize
      ansible.builtin.unarchive:
        src: https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.6.0/kustomize_v5.6.0_linux_amd64.tar.gz
        dest: /usr/local/bin
        creates: /usr/local/bin/kustomize
        remote_src: true

    - name: Download tilt
      ansible.builtin.unarchive:
        src: https://github.com/tilt-dev/tilt/releases/download/v0.34.2/tilt.0.34.2.linux.x86_64.tar.gz
        dest: /usr/local/bin
        creates: /usr/local/bin/tilt
        remote_src: true

    - name: Download popeye
      ansible.builtin.unarchive:
        src: https://github.com/derailed/popeye/releases/download/v0.22.1/popeye_linux_amd64.tar.gz
        dest: /usr/local/bin
        creates: /usr/local/bin/popeye
        remote_src: true

    - name: Download stern
      ansible.builtin.unarchive:
        src: https://github.com/stern/stern/releases/download/v1.32.0/stern_1.32.0_linux_amd64.tar.gz
        dest: /usr/local/bin
        creates: /usr/local/bin/stern
        remote_src: true

    - name: Download helm
      ansible.builtin.unarchive:
        src: https://get.helm.sh/helm-v3.17.3-linux-amd64.tar.gz
        dest: /usr/local/bin/
        creates: /usr/local/bin/helm
        remote_src: true
        extra_opts: "--strip-components=1"

    - name: Fix group membership for docker
      ansible.builtin.user:
        name: ubuntu
        groups: docker
        append: true

    - name: Create docker.service.d directory
      ansible.builtin.file:
        path: /etc/systemd/system/docker.service.d
        state: directory
        mode: '0755'

    - name: Configure docker proxy
      ansible.builtin.copy:
        content: |-
          [Service]
          Environment="HTTP_PROXY=http://nemo.holmes.nl:8080/" "HTTPS_PROXY=http://nemo.holmes.nl:8080/" "NO_PROXY=172.17.53.0/24,172.17.71.0/24,10.244.0.0/16,localhost,127.0.0.1,.default,.svc,.default.svc,.holmes.nl,.dev.holmes.nl,.core.holmes.nl,registry.apps.holmes.nl,docker-registry.default.svc,harbor.holmes.nl,nexus.dev.holmes.nl,dgxstation01.holmes.nl,.repo.nfi.minjus.nl,k3d-registry.hansken.internal"
        dest: /etc/systemd/system/docker.service.d/http_proxy.conf
        mode: '0644'
      notify:
        - Restart docker

    - name: Configure docker registry-mirror
      ansible.builtin.copy:
        content: |-
          {
            "bip": "10.1.0.1/16",
            "registry-mirrors":["https://harbor.holmes.nl"]
          }
        dest: /etc/docker/daemon.json
        mode: '0644'
      notify:
        - Restart docker

    - name: Configure K3S registry-mirror
      ansible.builtin.copy:
        content: |-
          # Managed by ansible
          mirrors:
            "*":
              endpoint:
                - "https://harbor.holmes.nl"
            docker.io:
              endpoint:
                - "https://harbor.holmes.nl/"
              rewrite:
                "(.*)": "docker/$1"
        dest: /etc/rancher/k3s/registries.yaml
        mode: '0644'
      notify:
        - Restart K3S

    - name: Create .kube directory
      ansible.builtin.file:
        path: /home/ubuntu/.kube/
        state: directory
        mode: '0700'

    - name: Copy kubeconfig
      ansible.builtin.copy:
        remote_src: true
        src: /etc/rancher/k3s/k3s.yaml
        dest: /home/ubuntu/.kube/config
        owner: ubuntu
        group: ubuntu
        mode: '0400'

    - name: Configure completion for kubectl
      ansible.builtin.copy:
        content: |-
          # Managed by ansible
          source <(kubectl completion bash)

          export KUBECONFIG=~/.kube/config
        dest: /etc/profile.d/kubernetes.sh
        mode: '0644'

    - name: Reconfigure K3s environment
      ansible.builtin.copy:
        content: |-
          # Managed by ansible
          http_proxy='http://nemo.holmes.nl:8080'
          https_proxy='http://nemo.holmes.nl:8080'
          no_proxy='.dev.holmes.nl,.holmes.nl,.hansken.holmes.nl,.apps.shared.dfaas.nl,.apps.testing.dfaas.nl,.apps.platform.dfaas.nl,.apps.development.dfaas.nl,.apps.acceptance.dfaas.nl,.shared.dfaas.nl,.testing.dfaas.nl,.platform.dfaas.nl,.development.dfaas.nl,.acceptance.dfaas.nl,.dfaas.nl,.nfi.minjus.nl,repo.nfi.minjus.nl,localhost,127.0.0.1i,172.18.140.0/24'
        dest: /etc/systemd/system/k3s.service.env
        mode: '0644'
      notify:
        - Restart K3S

    - name: Clone git repo
      ansible.builtin.git:
        repo: https://github.com/jpetazzo/container.training.git
        dest: /home/ubuntu/container.training

  handlers:
    - name: Restart docker
      ansible.builtin.systemd_service:
        name: docker
        daemon_reload: true
        state: restarted

    - name: Restart K3S
      ansible.builtin.systemd_service:
        name: k3s
        daemon_reload: true
        state: restarted