Some optional add-ons for a kubernetes cluster

My previous writeup on kubernetes installation showed how to install a cluster. This tutorial will just show how to add on a few extras that might be useful.

Adding helm/tiller, digitalocean csi driver

Helm/Tiller allowing installing deployments/services and other resources using helm charts. With the recent release of Helm v3 Tiller is no longer used, but I am going to leave that configuration in here because the RBAC aspect was probably what tripped most people up if anything.
These instructions are once again digitalocean specific, so I show how to install their csi driver so that persistent volume claims can be used to create volumes for other containers. Note that I install v1.1.1 here, but that depending on your cluster version you may want to use a different CSI driver version. I switched to a kubernetes 1.17 cluster and changed the CSI driver to 1.2, which worked without any config changes.

1. Installing helm

This installs helm using a default rbac setup.

- name: "Check if Helm is installed"
  shell: command -v helm >/dev/null 2>&1
  register: helm_exists
  ignore_errors: yes
  tags: helm

- name: "Install Helm"
  block:
    - name: "Get Helm installer"
      get_url:
        url: https://raw.githubusercontent.com/helm/helm/master/scripts/get
        dest: "{{ dl_dir }}/get_helm.sh"
        mode: 0755

    - name: "Run the installer"
      shell: "{{ dl_dir }}/get_helm.sh"

  when: helm_exists.rc > 0

- name: "Copy yaml file"
  copy:
    src: "rbac-config.yml"
    dest: "{{ dl_dir }}/rbac-config.yml"
    mode: 0644
  tags: helm

- name: "RBAC configuration"
  shell: "kubectl apply -f {{ dl_dir }}/rbac-config.yml"
  tags: helm

- name: "Init Helm"
  shell: "helm init --service-account tiller"
  tags: helm

- name: "Update Helm repo"
  shell: "helm repo update"
  tags: helm

- name: "Clean-up"
  file:
    path: "{{ dl_dir }}"
    state: absent
  ignore_errors: yes
  tags: helm

- name: helm sanity - wait for tiller pod to be running
  shell: "kubectl get --namespace kube-system pods --no-headers | grep -w 'tiller-deploy' | grep -v -w 'Running' || true "
  register: command_result
  until: command_result.stdout == ""
  retries: 50
  delay: 3

2. Setting up the digitalocean csi driver

This is for persistent volumes, so install it if you want to use those with digitalocean as the provisioner. The secret is an access token, so you will need to set up a kubernetes secret that holds your do access token or you will install the csi driver but find you can’t use it to create volumes since it needs the access token to make volumes in your account.

---
  - name: Copy secret file to temporary directory
    copy:
      src: secret_atdo.yml
      dest: "{{ dl_dir }}/secret_atdo.yml"

  - name: Install secret for do block storage
    k8s:
      state: present
      src: "{{ dl_dir }}/secret_atdo.yml"
      # kubectl create -f "{{ tmp_dir }}/secret_atdo.yml"

  - name: download digitalocean v 1.1.1 csi configuration object file
    get_url:
      url: https://raw.githubusercontent.com/digitalocean/csi-digitalocean/master/deploy/kubernetes/releases/csi-digitalocean-v1.1.1.yaml
      dest: "{{ dl_dir }}/csi-digitalocean-v1.1.1.yaml"

  - name: Install digitalocean csi driver
    k8s:
      state: present
      src: "{{ dl_dir }}/csi-digitalocean-v1.1.1.yaml"
      # kubectl create -f "{{ tmp_dir }}/secret_atdo.yml"

  - name: Copy PVC file to temporary directory
    copy:
      src: testclaim.yml
      force: yes
      dest: "{{ dl_dir }}/testclaim.yml"

  - name: Create PVC to test if do block storage working
    k8s:
      state: present
      src: "{{ dl_dir }}/testclaim.yml"