Multicontrol still not working

Ansible/README.md

@@ -97,6 +97,66 @@ From here, you may proceed to "other nodes" or "deploying workloads"
 
 ## MetallB
 
+local:
+```
+scp -r ~/monkeybox_kubernetes k8s1:
+```
+
+On k8s1:
+```
+kubectl edit configmap -n kube-system kube-proxy
+# search for `ipvs`, and set `strictARP` to true. See note [1]
+cd monkeybox_kubernetes/Workloads/metallb/
+kubectl apply -f 001*
+kubectl apply -f 002*
+kubectl apply -f 003*
+kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
+kubectl get pods -n metallb-system
+```
+
+note [1]: They helpfully give the following shell code to help with automation.
+```
+kubectl get configmap kube-proxy -n kube-system -o yaml | \
+sed -e "s/strictARP: false/strictARP: true/" | \
+kubectl apply -f - -n kube-system
+```
+
+## nfs-provisioning
+
+On k8s1:
+```
+cd ~/monkeybox_kubernetes/Workloads/nfs-provisioning
+kubectl apply -f 001*
+kubectl apply -f 002*
+kubectl apply -f 003*
+```
+
+## ingress-nginx
+
+```
+cd ~/monkeybox_kubernetes/Workloads/ingress-nginx
+htpasswd -c auth fdamstra
+kubectl create secret generic basic-auth --from-file=auth
+kubectl apply -f ingress-nginx-controller-v0.45.0.yaml
+```
+
+## cert-manager
+
+1. log into the aws console
+2. iam->users->`letsencrypt-wildcard`->security credentials
+3. 'create access key'
+4. Copy the secret into a file called `password.txt` in `~/monkeybox_kubernetes/Workloads/cert-manager`
+5. Copy teh access key id into `~/monkeybox_kubernetes/Workloads/cert-manager/wildcard*` 
+```
+cd ~/monkeybox_kubernetes/Workloads/cert-manager
+kubectl create secret generic aws-route53-creds --from-file=password.txt -n default
+kubectl apply -f cert-manager.yaml
+kubectl apply -f staging_issuer.yaml
+kubectl apply -f prod_issuer.yaml
+kubectl apply -f wildcard_staging_issuer.yaml
+kubectl apply -f wildcard_prod_issuer.yaml
+```
+
 
 ## Other Nodes
 
@@ -114,3 +174,7 @@ ansible-playbook -u ubuntu tasks/initial_users.yml --limit=k8s3
 ansible-playbook site.yml
 ```
 
+## Other workloasd
+
+You just kinda work throught he
+You just kinda work through them.

Ansible/inventory.ini

@@ -10,7 +10,7 @@ k8snode
 
 [k8scontrol]
 k8s1
+k8s2
 k8s3
 
 [k8snode]
-k8s2

Ansible/roles/common/tasks/base_packages.yml

@@ -14,3 +14,4 @@
       - nfs-common
       - dbus
       - avahi-daemon
+      - apache2-utils

Workloads/index.yaml

@@ -15,6 +15,29 @@ spec:
 # Uncomment the following if you wnat to expose an IP
 #status:
 #  loadBalancer: {}
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: index
+spec:
+  capacity:
+    storage: 5Mi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain # Keep 4eva
+  storageClassName: default
+  mountOptions:
+    - hard
+    - nfsvers=3
+  nfs:
+    path: /mnt/DroboFS/Shares/Kubernetes/volumes/static/index
+    server: 10.42.42.10
+  claimRef:
+    name: index
+    namespace: default
+
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -23,9 +46,9 @@ metadata:
   annotations:
     nfs.io/storage-path: "index"
 spec:
-  storageClassName: managed-nfs-storage
+  storageClassName: default
   accessModes:
-    - ReadOnlyMany
+    - ReadWriteOnce
   resources:
     requests:
       storage: 5Mi