init cluster
This commit is contained in:
parent
f4d635c335
commit
c9e0cbea4e
|
@ -1,6 +1,12 @@
|
|||
# Setup up k8s cluster
|
||||
|
||||
currently only supports single master, stacked etcd cluster with three to six worker nodes.
|
||||
|
||||
run:
|
||||
|
||||
* adapt IPs in inventory.yaml
|
||||
|
||||
* add host keys `./trust-hosts.sh`
|
||||
* add host keys to your ssh config `./trust-hosts.sh`
|
||||
|
||||
* change wg encryption keys in host\_vars: `./generate-keys.sh`
|
||||
* requires wireguard-tools, yq
|
||||
|
@ -8,3 +14,5 @@
|
|||
* run play for the first time `ansible-playbook -i inventory.yaml -u root -t initial setup.yaml` - this will upgrade all packages and reboot the system
|
||||
|
||||
* run play again, without the tag
|
||||
|
||||
now you have an empty cluster with canal networking plugin
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
tags: ['initial', 'never']
|
||||
- name: install deps
|
||||
apt:
|
||||
name: ['aptitude', 'sudo', 'nfs-common', 'apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common']
|
||||
name: ['aptitude', 'sudo', 'nfs-common', 'apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'linux-headers-amd64']
|
||||
state: present
|
||||
- name: import docker gpg key
|
||||
apt_key:
|
||||
|
@ -29,6 +29,11 @@
|
|||
update_cache: yes
|
||||
name: ['docker-ce', 'python-pip', 'python-setuptools']
|
||||
state: present
|
||||
- name: configure docker
|
||||
template:
|
||||
src: templates/daemon.json
|
||||
dest: /etc/docker/daemon.json
|
||||
notify: restart docker
|
||||
- name: enable & start docker
|
||||
systemd:
|
||||
name: docker
|
||||
|
@ -51,10 +56,6 @@
|
|||
update_cache: yes
|
||||
name: wireguard
|
||||
state: present
|
||||
#- name: generate wireguard keys
|
||||
# shell: wg genkey | tee wg-private.key | wg pubkey > wg-public.key
|
||||
# args:
|
||||
# creates: wg-private.key
|
||||
- name: configure wireguard interface
|
||||
template:
|
||||
src: templates/wireguard.cfg
|
||||
|
@ -79,12 +80,6 @@
|
|||
update_cache: yes
|
||||
name: ["kubelet", "kubeadm", "kubectl"]
|
||||
state: present
|
||||
#- name: init kubeadm
|
||||
# command: kubeadm init --apiserver-advertise-address 10.42.23.11 --pod-network-cidr=10.244.0.0/16 > kubeadm.log
|
||||
# args:
|
||||
# creates: kubeadm.log
|
||||
#kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/rbac.yaml
|
||||
#kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/canal.yaml
|
||||
- name: restart system
|
||||
command: reboot
|
||||
tags: ['initial', 'never']
|
||||
|
@ -97,6 +92,10 @@
|
|||
state: absent
|
||||
- name: restart wireguard
|
||||
shell: ifdown wg-k8s; ifup wg-k8s
|
||||
- name: restart docker
|
||||
service:
|
||||
name: docker
|
||||
state: restarted
|
||||
|
||||
- hosts: master
|
||||
tasks:
|
||||
|
@ -120,3 +119,40 @@
|
|||
service:
|
||||
name: haproxy
|
||||
state: restarted
|
||||
|
||||
- hosts: cluster-master01
|
||||
tasks:
|
||||
- name: init kubeadm
|
||||
shell: kubeadm init --apiserver-advertise-address 10.42.23.11 --pod-network-cidr=10.244.0.0/16 > kubeadm.log
|
||||
args:
|
||||
creates: kubeadm.log
|
||||
- name: fetch kubeadm.log from master
|
||||
fetch:
|
||||
src: kubeadm.log
|
||||
dest: kubeadm-{{ inventory_hostname }}.log
|
||||
flat: yes
|
||||
- name: configure kubectl
|
||||
shell: mkdir .kube; cp /etc/kubernetes/admin.conf $HOME/.kube/config
|
||||
args:
|
||||
creates: .kube/config
|
||||
- name: setup networking
|
||||
shell: kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/rbac.yaml > canal.log && kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/canal.yaml >> canal.log
|
||||
args:
|
||||
creates: canal.log
|
||||
|
||||
- hosts: worker
|
||||
tasks:
|
||||
- name: fetch join command
|
||||
command: tail -2 kubeadm-cluster-master01.log
|
||||
register: joincommand
|
||||
delegate_to: localhost
|
||||
|
||||
- name: join cluster
|
||||
shell: "{{ joincommand.stdout }} > kubeadm.log"
|
||||
args:
|
||||
creates: kubeadm.log
|
||||
- name: fetch kubeadm.log
|
||||
fetch:
|
||||
src: kubeadm.log
|
||||
dest: kubeadm-{{ inventory_hostname }}.log
|
||||
flat: yes
|
||||
|
|
Loading…
Reference in New Issue