more stuff

README.md

@@ -0,0 +1,17 @@
+# vmlab
+
+## create debian vms
+
+```
+./init.sh
+
+sudo ./create-vm.sh debian-k8s-00
+sudo ./create-vm.sh debian-k8s-01
+sudo ./create-vm.sh debian-k8s-02
+sudo ./create-vm.sh debian-k8s-03
+sudo ./create-vm.sh debian-k8s-04
+```
+
+```
+./install-vms-ansible.sh
+```

ansible/debian.yml

@@ -4,3 +4,5 @@
   become: true
   roles:
    - update
+   - base-config
+   - k8s-base

ansible/roles/base-config/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Change hostname
+  ansible.builtin.hostname:
+    name: "{{ hostname }}"
+- name: Install core packages
+  ansible.builtin.apt:
+    state: present
+    name: "{{ item }}"
+  with_items:
+    - gpg

ansible/roles/k8s-base/defaults/main.yml

@@ -0,0 +1 @@
+cni_plugins_version: "v1.4.0"

ansible/roles/k8s-base/files/containerd-config.toml

@@ -0,0 +1,3 @@
+[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+    SystemdCgroup = true

ansible/roles/k8s-base/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: "Containerd config changed"
+  ansible.builtin.service:
+    name: containerd
+    state: reloaded

ansible/roles/k8s-base/tasks/main.yml

@@ -0,0 +1,62 @@
+# ====================
+# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
+- name: Add K8s key
+  ansible.builtin.apt_key:
+    url: "https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key"
+    keyring: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+- name: Add K8s apt repo
+  ansible.builtin.apt_repository:
+    repo: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /"
+    filename: kubernetes
+- name: Install K8s tools
+  ansible.builtin.apt:
+    name:
+      - kubelet
+      - kubeadm
+      - kubectl
+- name: Hold kubeadm
+  ansible.builtin.dpkg_selections:
+    name: "{{ item  }}"
+    selection: hold
+  loop:
+    - kubelet
+    - kubeadm
+    - kubectl
+# ====================
+# https://github.com/containerd/containerd/blob/main/docs/getting-started.md
+# https://docs.docker.com/engine/install/ubuntu/
+- name: Add docker key
+  ansible.builtin.command:
+    cmd: "curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc"
+    creates: /etc/apt/keyrings/docker.asc
+- name: Add Docker apt repo
+  ansible.builtin.apt_repository:
+    repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu jammy stable"
+    filename: docker
+- name: Install containerd/runc
+  ansible.builtin.apt:
+    name: containerd.io
+- name: Configure containerd to use systemd cgroups
+  ansible.builtin.copy:
+    src: "containerd-config.toml"
+    dest: "/etc/containerd/config.toml"
+    mode: "u=r,g=r,o=r"
+  notify:
+    - "Containerd config changed"
+- name: Create /opt/cni/bin
+  ansible.builtin.file:
+    path: /opt/cni/bin
+    state: directory
+    mode: "u=rwx,g=rx,o=rx"
+- name: Download CNI plugins
+  ansible.builtin.get_url:
+    url: "https://github.com/containernetworking/plugins/releases/download/{{ cni_plugins_version }}/cni-plugins-linux-amd64-{{ cni_plugins_version }}.tgz"
+    dest: "/tmp/cni-plugins-linux-amd64-{{ cni_plugins_version }}.tgz"
+- name: Install CNI plugins
+  ansible.builtin.command:
+    cmd: "tar Cxzvf /opt/cni/bin /tmp/cni-plugins-linux-amd64-{{ cni_plugins_version }}.tgz"
+    creates: /opt/cni/bin/tap
+- name: Start contained
+  ansible.builtin.service:
+    state: started
+    name: containerd

create-vm.sh

@@ -1,18 +1,34 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 
 set -eu
 
-NAME="$1"
+NAME="${1:?Must pass the name}"
+
+if [ "$(whoami)" != "root" ]; then
+    echo "script must be run as root!"
+fi
 
 mkdir -p tmp
 mkdir -p vm-state
 
 # https://mop.koeln/blog/creating-a-local-debian-vm-using-cloud-init-and-libvirt/
 # > DO NOT DOWNLOAD THE GENERICCLOUD IMAGE
-IMG=debian-12-generic-amd64.qcow2
+IMG_DOWNLOADED=debian-12-generic-amd64.qcow2
+IMG=debian-12-generic-amd64-bigger.qcow2
+
+if ! [ -f "tmp/$IMG_DOWNLOADED" ]; then
+    curl -L -o "tmp/$IMG_DOWNLOADED" https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2
+fi
 
 if ! [ -f "tmp/$IMG" ]; then
-    curl -L -o "tmp/$IMG" https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2
+    cp "tmp/$IMG_DOWNLOADED" "tmp/$IMG"
+    echo "INCREASE THE SIZE OF THE IMAGE!!!"
+    echo "sudo qemu-img resize tmp/$IMG 30G"
+    echo "sudo modprobe nbd max_part=10"
+    echo "sudo qemu-nbd -c /dev/nbd0 tmp/$IMG_DOWNLOADED"
+    echo "sudo gparted /dev/nbd0"
+    echo "sudo qemu-nbd -d /dev/nbd0"
+    exit 1
 fi
 
 DISK="vm-state/$NAME.qcow2"
@@ -47,4 +63,4 @@ ip=$(virsh domifaddr "$NAME" | grep ipv4 | awk '{print $4}' | cut -d/ -f1)
 
 echo "IP: $ip"
 
-echo "$ip" >> vm-state/inventory.ini
+echo "$ip hostname=$NAME" >> vm-state/inventory.ini

debian-image/create_image.sh

@@ -1,78 +0,0 @@
-#!/usr/bin/env bash
-
-set -eu
-
-# https://mvallim.github.io/kubernetes-under-the-hood/documentation/create-linux-image.html
-
-SCRIPT=$(dirname "$0")
-BUILD="$SCRIPT/build"
-IMAGE="$BUILD/debian-image.raw"
-
-mkdir -p "$BUILD"
-
-if ! [ -f "$IMAGE" ]; then
-  # Create a 30GB disk
-  dd \
-    if=/dev/zero \
-    of="$IMAGE" \
-    bs=1 \
-    count=0 \
-    seek=32212254720 \
-    status=progress
-
-  sed -e 's/\s*\([\+0-9a-zA-Z]*\).*/\1/' << EOF | sudo fdisk "$IMAGE"
-o # clear the in memory partition table
-n # new partition
-p # primary partition
-1 # partition number 1 
-    # default - start at beginning of disk
-+512M # 512 MB boot parttion
-n # new partition
-p # primary partition
-2 # partion number 2
-    # default, start immediately after preceding partition
-    # default, extend partition to end of disk
-a # make a partition bootable
-1 # bootable partition is partition 1 -- /dev/loop0p1
-p # print the in-memory partition table
-w # write the partition table
-q # and we're done
-EOF
-else
-  echo "INFO: Skipping disk creation"
-fi
-
-if ! [ -e "/dev/loop0" ]; then
-  sudo losetup -fP "$IMAGE"
-  sudo losetup -a
-
-  sudo fdisk -l /dev/loop0
-  sudo mkfs.ext4 /dev/loop0p1 # /boot
-  sudo mkfs.ext4 /dev/loop0p2 # /
-else
-  echo "INFO: Skipping loop device setup"
-fi
-
-
-mkdir -p "$BUILD/chroot"
-sudo mount /dev/loop0p2 "$BUILD/chroot/"
-
-if ! [ -d "$BUILD/chroot/bin" ]; then
-  sudo debootstrap \
-    --arch=amd64 \
-    --variant=minbase \
-    --components "main" \
-    --include "ca-certificates,cron,iptables,isc-dhcp-client,libnss-myhostname,ntp,ntpdate,rsyslog,ssh,sudo,dialog,whiptail,man-db,curl,dosfstools,e2fsck-static" \
-    bullseye \
-    "$BUILD/chroot" \
-    http://deb.debian.org/debian/
-else
-  echo "INFO: Skipping debian bootstrap"
-fi
-
-sudo mount --bind /dev "$BUILD/chroot/dev"
-sudo mount --bind /run "$BUILD/chroot/run"
-
-sudo cp "$SCRIPT/setup.sh" "$BUILD/chroot/usr/local/bin"
-
-sudo chroot "$BUILD/chroot" /usr/local/bin/setup.sh

debian-image/reset.sh

@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-
-set -eu
-
-SCRIPT=$(dirname "$0")
-BUILD="$SCRIPT/build"
-
-sudo umount "$BUILD/chroot" || true
-
-sudo umount "$BUILD/chroot/dev/pts" || true
-sudo umount "$BUILD/chroot/dev" || true
-sudo umount "$BUILD/chroot/sys" || true
-sudo umount "$BUILD/chroot/proc" || true
-sudo umount "$BUILD/chroot/run" || true
-
-sudo rm -rf "$BUILD"

debian-image/setup.sh

@@ -1,48 +0,0 @@
-#!/bin/bash
-# ^^ not compatible on purpose, this only runs inside debian
-
-function info {
-    echo "INFO DEB:" "$@"
-}
-
-export PATH="/usr/local/bin:/usr/bin:/bin"
-export HOME=/root
-export LC_ALL=C
-
-info "Hello from debian!"
-
-info "Setting up mounts"
-
-mount none -t proc /proc
-mount none -t sysfs /sys
-mount none -t devpts /dev/pts
-
-info "Configuring the system"
-
-echo "debian-image" > /etc/hostname
-cat <<EOF > /etc/apt/sources.list
-deb http://deb.debian.org/debian/ bullseye main contrib non-free
-deb-src http://deb.debian.org/debian/ bullseye main contrib non-free
-
-deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free
-deb-src http://deb.debian.org/debian/ bullseye-updates main contrib non-free
-
-deb http://deb.debian.org/debian-security bullseye-security main
-deb-src http://deb.debian.org/debian-security bullseye-security main
-EOF
-
-cat <<EOF > /etc/fstab
-# /etc/fstab: static file system information.
-#
-# Use 'blkid' to print the universally unique identifier for a
-# device; this may be used with UUID= as a more robust way to name devices
-# that works even if disks are added and removed. See fstab(5).
-#
-# <file system>         <mount point>   <type>  <options>                       <dump>  <pass>
-/dev/sda2               /               ext4    errors=remount-ro               0       1
-/dev/sda1               /boot           ext4    defaults                        0       2
-EOF
-
-apt-get update
-apt-get install -y apt-utils
-apt-get install -y systemd-sysv

init-vm.sh

@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-
-ssh-keygen -A

init.sh

@@ -2,6 +2,6 @@
 
 mkdir -p vm-state
 
-cat >vm-state/inventory-ini <<EOF
+cat >vm-state/inventory.ini <<EOF
 [myhosts]
-EOF
+EOF

shell.nix

@@ -1,3 +1,3 @@
 { pkgs ? import <nixpkgs> { } }: pkgs.mkShell {
-  packages = with pkgs; [ debootstrap ansible ansible-lint ];
+  packages = with pkgs; [ debootstrap ansible ansible-lint gparted ];
 }