anmoel.kubernetes
Ansible Role: Kubernetes
- Introduction
- Requirements
- Dependencies
- Variables
- Example Playbooks
- License
- Contributors
- Author Information
Introduction
This is an Ansible Role for installing Kubernetes on Linux systems.
Requirements
- You need Docker; for installation, it's recommended to use the role:
geerlingguy.docker. - A Load Balancer or keepalived for high availability; for keepalived installations, you can use the role:
evrardjp.keepalived.
Dependencies
- Python's Docker library is required.
Variables
Common
| Name | Default | Description |
|---|---|---|
| kubernetes_cluster_name | "kubernetes" | Name of the Kubernetes cluster. |
| kubernetes_master_version | "v1.13.2" | Version of the Kubernetes master components. |
| kubernetes_version_rhel_package | '1.13.2' | Version for Red Hat's kubectl, kubeadm, and kubelet packages. |
| kubernetes_yum_arch | x86_64 | Architecture for Red Hat packages. |
| kubernetes_apt_repo_url | http://apt.kubernetes.io/ | Kubernetes repository for Debian systems. |
| kubernetes_apt_repo_pool | kubernetes-xenial | Repository pool for Debian systems. |
| kubernetes_useHyperKubeImage | "false" | Change control-plane Docker image to hyperkube. |
| kubernetes_dns_type | "CoreDNS" | DNS plugin for Kubernetes (options: "kube-dns" or "CoreDNS"). |
| kubernetes_imageRepository | "k8s.gcr.io" | Docker registry for Kubernetes master components. |
| kubernetes_config_dir | "/etc/kubernetes" | Configuration path. |
| kubernetes_certs_dir | "{{ kubernetes_config_dir }}/pki" | Folder for certificates. |
| kubernetes_pod_manifest_path | Absolute path for static pod manifests | "{{ kubernetes_config_dir }}/manifests". |
| kubernetes_log_dir | "{{ kubernetes_log_dir }}/audit" | Folder for logs. |
| kubernetes_audit_log_dir | "/var/log/kubernetes/audit" | Folder for audit logs. |
| kubernetes_log_age | 2 | Maximum age of log files. |
| kubernetes_authorization_mode | "Node,RBAC" | Authorization mode for Kubernetes. |
| kubernetes_enable_admission_plugins | "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota" | Enabled admission plugins in Kubernetes. |
| kubernetes_dns_domain | "cluster.local" | Internal DNS domain for the Kubernetes cluster. |
| kubernetes_pod_subnet | "10.244.0.0/16" | IPv4 subnet for pods (must be in CIDR format). |
| kubernetes_service_subnet | "10.96.0.0/16" | IPv4 subnet for services (must be in CIDR format). |
| kubernetes_kubelet_extra_args | "" | Extra arguments for the kubelet daemon. |
| kubernetes_packages | false | Defines the Kubernetes packages to install: kubelet, kubectl, kubeadm, kubernetes-cni. |
| kubernetes_version_kubeadm | 'stable-{{ kubernetes_version }}' | Version of kubeadm. |
API server
| Name | Default | Description |
|---|---|---|
| kubernetes_apiserver_dns | "" |
DNS name for the Kubernetes API server. |
| kubernetes_apiserver_ip | - | Virtual IP address for the API server load balancer. |
| kubernetes_apiserver_port | 6443 |
Port for the Kubernetes API server. |
| kubernetes_apiserver_manifest_file | '{{ kubernetes_pod_manifest_path }}/kube-apiserver.yaml' |
Path to the API server manifest file. |
Etcd
| Name | Description | Default |
|---|---|---|
| kubernetes_etcd_certs_dir | Path to store Etcd certificates | '{{ kubernetes_certs_dir }}/etcd' |
| kubernetes_etcd_ca_cert_file | Etcd CA certificate file | '{{ kubernetes_etcd_certs_dir }}/ca.crt' |
| kubernetes_etcd_ca_key_file | Etcd CA key file | '{{ kubernetes_etcd_certs_dir }}/ca.key' |
| kubernetes_etcd_server_cert_file | Etcd server certificate file | '{{ kubernetes_etcd_certs_dir }}/server.crt' |
| kubernetes_etcd_server_key_file | Etcd server key file | '{{ kubernetes_etcd_certs_dir }}/server.key' |
| kubernetes_etcd_peer_cert_file | '{{ kubernetes_etcd_certs_dir }}/peer.crt' |
|
| kubernetes_etcd_peer_key_file | '{{ kubernetes_etcd_certs_dir }}/peer.key' |
|
| kubernetes_etcd_healthcheck_client_cert_file | '{{ kubernetes_etcd_certs_dir }}/healthcheck-client.crt' |
|
| kubernetes_etcd_healthcheck_client_key_file | '{{ kubernetes_etcd_certs_dir }}/healthcheck-client.key' |
|
| kubernetes_etcd_apiserver_client_cert_file | '{{ kubernetes_certs_dir }}/apiserver-etcd-client.crt' |
|
| kubernetes_etcd_apiserver_client_key_file | '{{ kubernetes_certs_dir }}/apiserver-etcd-client.key' |
|
| kubernetes_etcd_manifest_file | '{{ kubernetes_pod_manifest_path }}/etcd.yaml' |
|
| kubernetes_etcd_data_dir | Folder for etcd data | /var/etcd |
| kubernetes_etcd_server_port | Port for server communication | 2380 |
| kubernetes_etcd_client_port | Port for client communication | 2379 |
Controller Manager
| Name | Description | Default |
|---|---|---|
| kubernetes_controller_manager_manifest_file | Path to the manifest file | '{{ kubernetes_pod_manifest_path }}/kube-controller-manager.yaml' |
kubeadm
| Name | Description | Default |
|---|---|---|
| kubernetes_kubeadm_config_file_path | Path for kubeadm config file | '{{ kubernetes_config_dir }}/kubeadm' |
| kubernetes_kubeadm_config_file_name | Name of the kubeadm config file | clusterconfig.yaml |
Scheduler
| Name | Description | Default |
|---|---|---|
| kubernetes_scheduler_manifest_file | Path to the scheduler manifest file | '{{ kubernetes_pod_manifest_path }}/kube-scheduler.yaml' |
Cloud Provider
| Name | Description | Default |
|---|---|---|
| kubernetes_cloud_provider | Choose cloud provider (options: "" or "vsphere") | "" |
| kubernetes_cloud_config_file | Path for cloud config file | "{{ kubernetes_config_dir }}/{{ kubernetes_cloud_provider }}.conf" |
| kubernetes_cloud_vsphere_workspace_server | Server in the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_workspace_datacenter | Datacenter in the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_workspace_default_datastore | Default datastore in the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_workspace_folder | Folder in the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_default_user | User for the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_default_password | Password for the config file (for vsphere only) | "" |
| kubernetes_cloud_vsphere_datacenters | List of datacenters with attributes: server, datacenters, username, password (for vsphere only) | [] |
| kubernetes_cloud_vsphere_network_options | Network options in the config file (for vsphere only) | [] |
| kubernetes_cloud_vsphere_disk_options | Disk options in the config file (for vsphere only) | [] |
Example Playbooks
A Vagrantfile is provided to create all servers for various scenarios: Vagrantfile servers.yml (needed for the Vagrantfile)
All-in-One
Single Master Cluster
Separated etcd, Single Master Cluster
HA Master Cluster
Separated etcd, HA Master Cluster
License
Apache 2.0
Contributors
Author Information
Created in 2018 by André Möller
Informazioni sul progetto
this role install an high available / non high available kubernetes cluster with kubeadm.
Installa
ansible-galaxy install anmoel.kubernetesLicenza
apache-2.0
Download
3k
Proprietario