by Anish
Posted on Sunday July 8, 2018
In this example we will learn how to install kubernetes using ansible
This demo utilizes the kubernetes official ansible playbook
Clone the official Ansible kubernetes repository in the ansible controller node
git clone https://github.com/kubernetes/contrib.git
Hostname definitions
| masters | etc | minion |
|------------------- |------------------- |----------------------------- |
| kube-master-node1 | kube-master-node1 | kube-minion-1 & kube-minion-2 |
Kubernetes Addon provided by the playbook by default
| Name | Descriptions |
|---------------------- |----------------------------- |
| DNS | kubedns |
| cluster monitoring | Grafana, Heapster, InfluxDB |
| cluster logging | Kibana, ElasticSearch |
| Kubernetes dashboard | UI |
| Kubernetes dash | dash UI |
Lab Setup
[ansible@kube-master ~]# cat /etc/hosts
192.168.1.126 kube-master kube-master-node1
192.168.1.127 node1 kube-minion-1
192.168.1.128 node2 kube-minion-2
Step-1 Install the required dependency
yum -y install python-netaddr
Step-2 Install Ansible & setup required Ansible Keys in* all targeted nodes * make sure it has sudo access to the targeted node
ansible ALL=(ALL) NOPASSWD: ALL
[ansible@kube-master ~]ssh-keygen
[ansible@kube-master ~]ssh-copy-id kube-master-node1
[ansible@kube-master ~]ssh-copy-id kube-minion-1
[ansible@kube-master ~]ssh-copy-id kube-minion-1
Step-3 Go to ansible directory
[ansible@kube-master ~]# cd contrib/ansible
Step-4 Create the Inventory file and add masters,nodes & etcd hostgroup definitions
[ansible@kube-master ansible]# cat inventory/inventory
[masters]
kube-master-node1
[nodes]
kube-minion-1
kube-minion-2
[etcd:children]
masters
Step-5 Check all the configured options inventory/group_vars/all.yml and adjust the records of your running enviroment, if you are unclear leave the default ones
cluster_name: cluster.mydns
master_cluster_hostname: kube-master
ansible_ssh_user: ansible
networking: flannel
ansible_ssh_user: DO CONFIGURE YOUR SSH Identity Logins
etcd_url_scheme: "https"
etcd_client_cert_auth: true
Step-6 To deploy the cluster run the script, this will install all the addons by default
[ansible@kube-master contrib]cd scripts/ && ./deploy-cluster.sh
Wait for ansible-playbook Installation to complete
PLAY RECAP ******************************************************************************************************************************
kube-master-node1 : ok=215 changed=30 unreachable=0 failed=0
kube-minion-1 : ok=115 changed=40 unreachable=0 failed=0
kube-minion-2 : ok=111 changed=40 unreachable=0 failed=0
[ansible@kube-master ~]# kubectl cluster-info
Kubernetes master is running at http://localhost:8080
Elasticsearch is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Heapster is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/heapster
Kibana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kube-dns
Grafana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-grafana
InfluxDB is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb
View the available scripts
[ansible@kube-master scripts]# ls -ltr
total 60
-rw-r--r--. 1 root root 54 Jul 8 03:14 ansible.cfg
-rwxr-xr-x. 1 root root 817 Jul 8 03:14 update-node.sh
-rwxr-xr-x. 1 root root 819 Jul 8 03:14 update-master.sh
-rwxr-xr-x. 1 root root 817 Jul 8 03:14 update-etcd.sh
-rwxr-xr-x. 1 root root 823 Jul 8 03:14 restart-node.sh
-rwxr-xr-x. 1 root root 886 Jul 8 03:14 restart-master.sh
-rwxr-xr-x. 1 root root 800 Jul 8 03:14 restart-etcd.sh
-rwxr-xr-x. 1 root root 733 Jul 8 03:14 deploy-node.sh
-rwxr-xr-x. 1 root root 735 Jul 8 03:14 deploy-master.sh
-rwxr-xr-x. 1 root root 1441 Jul 8 03:14 deploy-local-cluster.sh
-rwxr-xr-x. 1 root root 733 Jul 8 03:14 deploy-etcd.sh
-rwxr-xr-x. 1 root root 735 Jul 8 03:14 deploy-docker.sh
-rwxr-xr-x. 1 root root 735 Jul 8 03:14 deploy-addons.sh
-rwxr-xr-x. 1 root root 736 Jul 8 03:31 deploy-cluster.sh
-rwxr-xr-x. 1 root root 1036 Jul 8 03:39 init.sh
Targeted Runs can be used to deploy the specific service present in the inventory file
Etcd Deployment
[ansible@kube-master scripts]./deploy-cluster.sh --tags=etcd
or
[ansible@kube-master scripts]./deploy-etcd.sh
Masters Deployment
[ansible@kube-master scripts]./deploy-cluster.sh --tags=masters
or
[ansible@kube-master scripts]./deploy-master
Nodes Deployment
[ansible@kube-master scripts]./deploy-cluster.sh --tags=nodes
or
[ansible@kube-master scripts]./deploy-node.sh
Check if the cluster is in a Ready state:
[ansible@kube-master ~]# kubectl get nodes
NAME STATUS AGE
kube-minion-1 Ready 1h
kube-minion-2 Ready 1h
[root@kube-master ~]#
Check if all the pods are running:
[ansible@kube-master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system elasticsearch-logging-v1-gzfnj 1/1 Running 0 1h
kube-system elasticsearch-logging-v1-w9gjd 1/1 Running 0 1h
kube-system fluentd-es-v1.20-4n77d 1/1 Running 0 1h
kube-system fluentd-es-v1.20-bvcln 1/1 Running 0 1h
kube-system heapster-v1.2.0-3740427991-m4nrr 4/4 Running 0 1h
kube-system kibana-logging-3645747194-0kf5s 1/1 Running 0 1h
kube-system kube-dns-v20-f27tg 3/3 Running 0 1h
kube-system monitoring-influxdb-grafana-v3-bv79x 2/2 Running 0 1h
Check the service IP address and ports the sample apps are running:
[ansible@kube-master ~]# kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1h
Thanku for reading !!! Give a Share for Support
Instead of directly asking for donations, I'm thrilled to offer you all nine of my books for just $9 on leanpub By grabbing this bundle you not only help cover my coffee, beer, and Amazon bills but also play a crucial role in advancing and refining this project. Your contribution is indispensable, and I'm genuinely grateful for your involvement in this journey!
Any private key value that you enter or we generate is not stored on this site, this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen, for extra security run this software on your network, no cloud dependency