avinetworks.avicontroller_gke

Panoramica Versioni Approfondimenti

avinetworks.avicontroller_gke

Ansible role for setting up an Avi Controller on Google GKE. We will only install one controller cluster with either 1 or 3 controllers in each namespace.

Warning:

  • This role will replace any existing configurations (if a value is different from the Kubernetes config, it will be replaced)

Requirements

  • GKE Cluster
  • GKE Node Pool with Labels if you are using affinity or nodeSelector

Required OS Packages

  • python >= 2.7

Required Python Libraries

  • openshift >= 0.6
  • PyYAML >= 3.11
  • requests >= 2.18.4
  • google-auth >= 1.3.0

Required Environment Variables

When using GKE and Kubernetes, we found that some variables need to be set at the environment level for proper authentication to GKE.

K8S_AUTH_KUBECONFIG=/location/of/.kubeconfig
# GOOGLE_APPLICATION_CREDENTIALS is necessary to authenticate with K8s
GOOGLE_APPLICATION_CREDENTIALS=/location/of/service_account_file.json

Required Steps

  1. Set your current cluster using gcloud to configure the correct .kube/config data. Run the following command

    gcloud container clusters get-credentials <cluster-name> --region=<region> --zone=<zone>

  2. Check if you are in the correct context by typing

    kubectl config current-context

    It should return something like this:

    gke_{{ gke_project }}_{{ region }}_{{ cluster_name }}

Role Variables

Here you can describe the variables you can set for this role, including variables that are in defaults/main.yml, vars/main.yml, and any variables that can/can't be set through parameters to the role. Any variables that come from other roles or the global scope (like hostvars, group vars, etc.) should also be mentioned.

Variables

Variable Required Default Comments
avi_namespace Yes Namespace for the controller
avi_controller_state No present State of the deployment. e.g. present, absent, suspended, resume
avi_force_state No false Allows overriding the deployment state. true, false
avi_controller_count No 1 Number of controllers to create. e.g. 1 or 3
avi_controller_prefix No avi-controller Prefix for the controller and related assets
avi_controller_username Yes (for absent state) admin Required only when state is absent to check for existing services
avi_controller_password Yes (for absent state) None Required only when state is absent to check for existing services
avi_gcp_region No GCP region for the controller deployment
avi_gcp_project No GCP project for the controller deployment
avi_gcp_auth_kind No Type of authentication for GCP
avi_gcp_service_account_file No Location of the service account file when using service account
avi_k8s_auth_kubeconfig No {{ ansible_env.HOME }}/.kube/config Location of the kubeconfig file
avi_controller_storage_class_name No {{ avi_controller_prefix }}-regionalpd-storageclass-ssd Name of the storage class for the controller disk
avi_controller_req_cpu No {{ avi_controller_cpu_count // 2 }} Initial requested CPU needed to run the controller.
avi_controller_req_mem No {{ avi_controller_memory_size // 2 }} Initial requested memory needed to run the controller.
avi_controller_cpu_count Yes 8 CPU count for the controller
avi_controller_memory_size Yes 27 Memory size in GB for the controller
avi_controller_disk_size No 64 SSD disk size in GB for the controller
avi_controller_version No 18.2.3-9063-20190501.224326 Avi version to use on the pod
avi_controller_container_image No avinetworks/controller:{{ avi_controller_version }} Image used to create the controller pod
avi_controller_namespace_labels No None K8s labels for the namespace
avi_gcp_compute_addresses No Auto-generated List of compute addresses created by the role for controllers
avi_controller_affinity No None Sets the k8s affinity for the controller pod
avi_controller_nodeselector No None Sets the nodeSelector for the controller pod
avi_setup_yaml No None Setup file sent to the controller via K8s ConfigMap

Advanced variables

These values are optional and mainly for advanced users, update only if necessary.

Default Variables

Variable Comments
avi_controller_k8s_namespace Namespace definition
avi_controller_k8s_external_service Ensures the external service exists
avi_controller_k8s_service Ensures the service exists
avi_controller_k8s_statefulset Ensures the statefulset exists
avi_controller_k8s_storage_class Ensures the StorageClass exists

Dependencies

A list of other roles available on Galaxy and any specific parameters that may need to be set for them should be included here.

Usage

Please note that when resuming a deployment, it is the same as "present". Use deployment_state: present when resuming a suspended deployment.

Example Playbook

Creating a controller cluster

Here is an example of how to use this role (e.g., with parameters passed in):

- hosts: servers
  roles:
    - role: avinetworks.avicontroller_gke
      avi_controller_count: 3
      avi_controller_version: 18.2.3-9063-20190501.224326
      avi_controller_prefix: deployment-address
      avi_gcp_project: my-project
      avi_gcp_region: us-west1
      avi_gcp_auth_kind: serviceaccount
      avi_gcp_service_account_file: ~/service_account_file.json
      avi_namespace: 26abc3b9d1fc4cfc8f42ad86d9606fb9
      avi_controller_disk_size: 64
      avi_controller_container_image: "gcr.io/{{ avi_gcp_project }}/controller:{{ avi_controller_version }}"
      avi_controller_storage_class_name: regionalpd-storageclass-ssd
      avi_controller_affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
              - matchExpressions:
                  - key: node_label
                    operator: In
                    values:
                      - label_value

- hosts: servers
  roles:
    - role: avinetworks.avicontroller_gke
      avi_controller_count: 3
      avi_controller_version: 18.2.3-9063-20190501.224326
      avi_controller_prefix: deployment-address
      avi_gcp_project: my-project
      avi_gcp_region: us-west1
      avi_gcp_auth_kind: serviceaccount
      avi_gcp_service_account_file: ~/service_account_file.json
      avi_namespace: 26abc3b9d1fc4cfc8f42ad86d9606fb9
      avi_controller_disk_size: 64
      avi_controller_container_image: "gcr.io/{{ avi_gcp_project }}/controller:{{ avi_controller_version }}"
      avi_controller_storage_class_name: regionalpd-storageclass-ssd
      avi_controller_nodeselector:
        node_label: label_value

Deleting a controller cluster

When deleting a controller cluster, we check for existing Virtual Services or Service Engines to prevent orphaned service engines.

- hosts: servers
  roles:
    - role: avinetworks.avicontroller_gke
      avi_controller_state: absent
      avi_controller_count: 3
      avi_controller_version: 18.2.3-9063-20190501.224326
      avi_controller_prefix: deployment-address
      avi_gcp_project: my-project
      avi_gcp_region: us-west1
      avi_gcp_auth_kind: serviceaccount
      avi_gcp_service_account_file: ~/service_account_file.json
      avi_namespace: 26abc3b9d1fc4cfc8f42ad86d9606fb9
      avi_controller_disk_size: 64
      avi_controller_container_image: "gcr.io/{{ avi_gcp_project }}/controller:{{ avi_controller_version }}"
      avi_controller_storage_class_name: regionalpd-storageclass-ssd
      avi_controller_nodeselector:
        node_label: label_value

License

Apache 2.0

Author Information

Eric Anderson

Avi Networks

Informazioni sul progetto

Ansible role to deploy the Avi Controller on GKE

role avi avinetworks deployment gcp gke google kubernetes
Installa
ansible-galaxy install avinetworks.avicontroller_gke
GitHub repository
0 stelle
3 fork
0 problemi aperti
Licenza
apache-2.0
Download
2.2k
Proprietario