kubernetes installation using ansible

Posted on Sunday July 8, 2018

8gwifi.org

In this example we will learn how to install kubernetes using ansible

This demo utilizes the kubernetes official ansible playbook

Clone the official Ansible kubernetes repository in the ansible controller node

git clone https://github.com/kubernetes/contrib.git

Kubernetes Cluster Configuration

masters
etc
minion

Hostname definitions


| masters               | etc                   | minion                        |
|-------------------    |-------------------    |-----------------------------  |
| kube-master-node1     | kube-master-node1     | kube-minion-1 & kube-minion-2     |

Kubernetes Addon provided by the playbook by default


| Name                     | Descriptions                  |
|----------------------    |-----------------------------  |
| DNS                      | kubedns                       |
| cluster monitoring       | Grafana, Heapster, InfluxDB   |
| cluster logging          | Kibana, ElasticSearch         |
| Kubernetes dashboard     | UI                            |
| Kubernetes dash          | dash UI                       |

Lab Setup

[ansible@kube-master ~]# cat /etc/hosts
192.168.1.126 kube-master kube-master-node1
192.168.1.127 node1 kube-minion-1
192.168.1.128 node2 kube-minion-2

kubernetes installation started

Step-1 Install the required dependency yum -y install python-netaddr

Step-2 Install Ansible & setup required Ansible Keys in* all targeted nodes * make sure it has sudo access to the targeted node

ansible ALL=(ALL) NOPASSWD: ALL

[ansible@kube-master ~]ssh-keygen
[ansible@kube-master ~]ssh-copy-id kube-master-node1
[ansible@kube-master ~]ssh-copy-id kube-minion-1
[ansible@kube-master ~]ssh-copy-id kube-minion-1

Step-3 Go to ansible directory

[ansible@kube-master ~]# cd contrib/ansible

Step-4 Create the Inventory file and add masters,nodes & etcd hostgroup definitions

[ansible@kube-master ansible]# cat inventory/inventory
[masters]
kube-master-node1
[nodes]
kube-minion-1
kube-minion-2
[etcd:children]
masters

Configure Cluster options

Step-5 Check all the configured options inventory/group_vars/all.yml and adjust the records of your running enviroment, if you are unclear leave the default ones

cluster_name: cluster.mydns
master_cluster_hostname: kube-master
ansible_ssh_user: ansible
networking: flannel
ansible_ssh_user: DO CONFIGURE YOUR SSH Identity Logins 
etcd_url_scheme: "https"
etcd_client_cert_auth: true

Deploy the Cluster

Step-6 To deploy the cluster run the script, this will install all the addons by default

[ansible@kube-master contrib]cd scripts/ && ./deploy-cluster.sh

Wait for ansible-playbook Installation to complete

PLAY RECAP ******************************************************************************************************************************
kube-master-node1          : ok=215  changed=30   unreachable=0    failed=0   
kube-minion-1              : ok=115  changed=40   unreachable=0    failed=0   
kube-minion-2              : ok=111  changed=40   unreachable=0    failed=0

Discovering builtin services

[ansible@kube-master ~]# kubectl cluster-info
Kubernetes master is running at http://localhost:8080
Elasticsearch is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Heapster is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/heapster
Kibana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kube-dns
Grafana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-grafana
InfluxDB is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb

Ansible Playbook Target Run

View the available scripts

[ansible@kube-master scripts]# ls -ltr 
total 60
-rw-r--r--. 1 root root   54 Jul  8 03:14 ansible.cfg
-rwxr-xr-x. 1 root root  817 Jul  8 03:14 update-node.sh
-rwxr-xr-x. 1 root root  819 Jul  8 03:14 update-master.sh
-rwxr-xr-x. 1 root root  817 Jul  8 03:14 update-etcd.sh
-rwxr-xr-x. 1 root root  823 Jul  8 03:14 restart-node.sh
-rwxr-xr-x. 1 root root  886 Jul  8 03:14 restart-master.sh
-rwxr-xr-x. 1 root root  800 Jul  8 03:14 restart-etcd.sh
-rwxr-xr-x. 1 root root  733 Jul  8 03:14 deploy-node.sh
-rwxr-xr-x. 1 root root  735 Jul  8 03:14 deploy-master.sh
-rwxr-xr-x. 1 root root 1441 Jul  8 03:14 deploy-local-cluster.sh
-rwxr-xr-x. 1 root root  733 Jul  8 03:14 deploy-etcd.sh
-rwxr-xr-x. 1 root root  735 Jul  8 03:14 deploy-docker.sh
-rwxr-xr-x. 1 root root  735 Jul  8 03:14 deploy-addons.sh
-rwxr-xr-x. 1 root root  736 Jul  8 03:31 deploy-cluster.sh
-rwxr-xr-x. 1 root root 1036 Jul  8 03:39 init.sh

Targeted Runs can be used to deploy the specific service present in the inventory file
Etcd Deployment

[ansible@kube-master scripts]./deploy-cluster.sh --tags=etcd

or

[ansible@kube-master scripts]./deploy-etcd.sh

Masters Deployment

[ansible@kube-master scripts]./deploy-cluster.sh --tags=masters

or

[ansible@kube-master scripts]./deploy-master

Nodes Deployment

[ansible@kube-master scripts]./deploy-cluster.sh --tags=nodes

or

[ansible@kube-master scripts]./deploy-node.sh

Check if the cluster is in a Ready state:

[ansible@kube-master ~]# kubectl get nodes
NAME            STATUS    AGE
kube-minion-1   Ready     1h
kube-minion-2   Ready     1h
[root@kube-master ~]#

Check if all the pods are running:

[ansible@kube-master ~]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                   READY     STATUS    RESTARTS   AGE
kube-system   elasticsearch-logging-v1-gzfnj         1/1       Running   0          1h
kube-system   elasticsearch-logging-v1-w9gjd         1/1       Running   0          1h
kube-system   fluentd-es-v1.20-4n77d                 1/1       Running   0          1h
kube-system   fluentd-es-v1.20-bvcln                 1/1       Running   0          1h
kube-system   heapster-v1.2.0-3740427991-m4nrr       4/4       Running   0          1h
kube-system   kibana-logging-3645747194-0kf5s        1/1       Running   0          1h
kube-system   kube-dns-v20-f27tg                     3/3       Running   0          1h
kube-system   monitoring-influxdb-grafana-v3-bv79x   2/2       Running   0          1h

Check the service IP address and ports the sample apps are running:

[ansible@kube-master ~]# kubectl get svc
NAME         CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   10.254.0.1   <none>        443/TCP   1h

Thanku for reading !!! Give a Share for Support

Asking for donation sound bad to me, so i'm raising fund from by offering all my Nine book for just $9

Kubernetes Related Topics

kubernetes (pod/deployment/svc) YAML/JSON Generator

Docker compose to kubernetes Generator

kubernetes to Docker Compose Generator

Docker compose Generator

Docker run to compose Generator

Docker compose to docker run Generator

kubernetes install on using ansible

kube install on in centos7/ubuntu7

kubernetes Dashbaord Setup

Pod,Cluster,Deploy,ReplicaSet Light Dive

kubernetes secure nginx deployment

kubernetes Port, Targetport and NodePort

kubernetes Namespace

kubenetes Auth,Authorization,Admission

kubernetes Role-Based Access Control

Kubernetes Privilege Escalation Vulnerability

Upgrading kubernetes cluster

Prometheus Dashboard Access

Kubernetes mysql installation

Kubernetes Jenkins installation

Podman Jenkins installation

Kubernetes mariadb installation

Kubernetes wordpress installation

Kubernetes drupal installation

Kubernetes traefik installation

Kubernetes Ingress traefik

kubernetes service external ip pending ?

Service Mesh With Istio

Access SVC in Another Namespaces

kubernetes Java client example

kubernetes letsencrypt deploy wild card certificate

Right Way to Install Docker

Docker Private repo with SSL and AUTH

Creating Docker Base Image

Container Runtime (RUNC,RKT,CRI-O,Conatinerd)

Podman Install on Ubuntu/Debian

Ansible Related Topics

Manage System users (sudo/Non sudo)

Ansible Variables Explained in Roles

Pass sudo/ssh password without prompt

Ansible Windows Commands

Linux Related Topics

What's New RHEL8/Centos8

Auto-mounting an NFS share using autofs

Linux Mount&Unmout revisit

Add Ipv6 Support to ECS Instances

IPtables Must Known Stuff

How to Monitor All executed Commands

Top ps command for Monitor/Troubleshoot

Detecting Linux distribution name

Overview of Linux namespace

Overview of CGroup

Exploring Alibaba cloud Free Trial

Productivity HTTPIE, WGET, CURL

LAMP Stack on Centos8/RH8

Openstack Articles

Applied Cryptography Topics

PKI in Nutshell

OCSP in Nutshell

TLSv1.3 in Nutshell

Secure Nginx Configuration

Java Keytool/Keystore in Nutshell

Twenty Steps of SSH hardening

SSH MFA with Google Authenticator

Apache TLS Configuration

Web Crypto API Topics

Web Cryptography Algorithms

How to generate random Numbers

How to digest/hash a message

AES importKey/encrypt/decrypt

AES-GCM - generateKey/Encrypt/Decrypt

AES (CTR/CBC/GCM) ExportKey in JWK format

PBKDF2 Derive Keys

PBKDF2,HMAC Digital Signature (sign/Verify)

RSA-OAEP generateKey/Encrypt/Decrypt

RSASSA-PKCS1-v1_5 generateKey/sign/verify

RSA-PSS generateKey/sign/verify

ECDSA generateKey/Sign/Verify

ECDH generateKey/Encrypt/Decrypt

python Cryptography Topics

RSA Cryptography

PHP Cryptography Topics

openssl_get_cipher_methods

openssl_get_md_methods

openssl_cipher_iv_length

openssl_encrypt/decrypt

openssl_pkey_new/(rsa/dsa/ec)

openssl_get_curve_names

Topics

For Coffee/ Beer/ Amazon Bill and further development of the project Support by Purchasing, The Modern Cryptography CookBook for Just $9 Coupon Price

Kubernetes for DevOps

Hello Dockerfile

Cryptography for Python Developers

Cryptography for JavaScript Developers

Go lang ryptography for Developers

Here