ansible-kubernetes-kubeadm-ha
ansible-kubernetes-kubeadm-ha copied to clipboard
Installation of Highly Available 'Stacked Control Plane' Kubernetes cluster using Ansible and Kubeadm
Ansible Playbooks to install an HA Kubernetes (multi-master) cluster using Kubeadm.
This repository provides Ansible Playbooks to install a Kubernetes HA cluster in an airgapped environment.
- Uses recently GA'd Kubeadm HA joining features
Prerequisites:
-
Install Ansible and a forward proxy on the Ansible host
- Ansible:
for macos
brew install ansible
for linuxyum install ansible
- Ansible:
for macos
-
Setup ssh access from Ansible host to Kubernetes nodes.
ssh-copy-id -i ~/.ssh/id_rsa.pub <user@host>
Environment preparation:
Specify the Master and Workers in the inventory/*cluster*
file:
[k8s-masters] # these are all the masters
[k8s-workers] # these are all the worker nodes
Update the inventory/group_vars/*cluster*
section:
- choose the desired versions for kubernetes and docker
- setup the pod network cidr (default setup is for calico - modify in calico.yaml as well)
- specify the version of Helm to use
- specify the Local Storage Provisioner version
Install a highly available kubernetes using kubeadm
You can now run install-all.yaml playbook to get your cluster setup. You can also run the different playbooks separately for different purposes (setting up docker, masters, kubeadm, heml ...).
ansible-playbook -i inventory/cluster1-prod playbooks/install-all.yaml --private-key=~/.ssh/id_rsa -u %username% -v
Restarting the install:
If you need to restart the process using kubeadm reset, please use the uninstall.yaml playbook that deletes the state from all vms.
Upgrade a highly available kubernetes using kubeadm
To upgrade the kubernetes control plane run:
ansible-playbook -i inventory/cluster1-prod playbooks/upgrade-all.yaml --private-key=~/.ssh/id_rsa -u username -v
What install-all.yaml includes:
- Adding the required yum repositories
- Installing docker
- Installing kubeadm, kubelet and kubectl
- Initializing the first master with etcd and kubernetes-api
- Join replica master nodes to the primary master
- Adding the worker nodes to the cluster
- Installing Helm & Tiller
- Installing Local Storage Provisioner
- Enable Azure AD OIDC authentication
Restarting the install:
If you need to restart the process using kubeadm reset, please use the uninstall.yaml playbook that deletes the state from all vms.
To sequentially drain and patch the underlying OS hosts:
ansible-playbook -i inventory/cluster1-prod playbooks/os-patch-updates.yaml --private-key=~/.ssh/id_rsa -u username -v