Merge pull request #119 from NethunRanasinghe/main

Install K8s
This commit is contained in:
Christian Lempa 2023-09-12 11:07:08 +02:00 committed by GitHub
commit 04a33f6a6e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 368 additions and 0 deletions

View File

@ -0,0 +1,46 @@
# Kubernetes (K8s) Installation Script
- Introduction
- Prerequisites
- Execution Instructions
## Introduction
> The objective of this playbook is to automate the installation and setup of a kubernetes instance. The playbook consist of 3 main plays. For both controller and nodes, for controller only and for nodes only. It will ask user confirmation before moving on to each stage. By the end of the playbook two files will be created on the controller node named **worker_conn_string** and locally inside the playbook directory with the name **Remote_Files/worker_conn_string**. This will have the **connection string**. (Note:- If you want to join controllers or nodes manually later. For controllers use **--control-plane** flag)
### References
**Documentation** - https://kubernetes.io/docs/setup/
## Prerequisites
- Atleast 2 VMs (1 For Control Node and 1 For Worker Node).
- Static IPs should be set along with unique host names.
- Inventory should be in this format
```ini
[controllers]
host_name ansible_ssh_host=<IP> ansible_user='<USERNAME>' ansible_become_pass='<PASSWORD>'
[nodes]
[instance:children]
controllers
nodes
```
(If you want to change this, don't forget to change the `inst-k8s` as well)
## Execution Instructions
```bash
ansible-playbook -i <INVENTORY> <PLAYBOOK>
```
### Optional Flags
| Flag | Use Case |
|-------|-----------|
| --ask-vault-pass | If the vault is encrypted |
| --start-at-task | If you want to start from a specific task|
| --tags | If you want to only run a specific group of tasks|

View File

@ -0,0 +1,2 @@
[defaults]
timeout = 25

View File

@ -0,0 +1,319 @@
---
- name: Setup Prerequisites To Install Kubernetes
hosts: instance
become: true
vars:
kube_prereq_packages: [curl, ca-certificates, apt-transport-https]
kube_packages: [kubeadm, kubectl, kubelet]
tasks:
- name: Test Reacheability
ansible.builtin.ping:
- name: Update Cache
ansible.builtin.apt:
update_cache: true
autoclean: true
- name: 1. Upgrade All the Packages to the latest
ansible.builtin.apt:
upgrade: "full"
- name: 2. Install Qemu-Guest-Agent
ansible.builtin.apt:
name:
- qemu-guest-agent
state: present
- name: 3. Setup a Container Runtime
ansible.builtin.apt:
name:
- containerd
state: present
- name: 4. Start Containerd If Stopped
ansible.builtin.service:
name: containerd
state: started
- name: 5. Create Containerd Directory
ansible.builtin.file:
path: /etc/containerd
state: directory
mode: '0755'
- name: 6. Check config.toml Exists
ansible.builtin.stat:
path: /etc/containerd/config.toml
register: pre_file_exist_result
- name: 6.1 Delete config.toml Exists
ansible.builtin.file:
path: /etc/containerd/config.toml
state: absent
when: pre_file_exist_result.stat.exists
- name: 7. Place Default Containerd Config Inside It
ansible.builtin.shell: |
set -o pipefail
containerd config default | sudo tee /etc/containerd/config.toml
register: output
changed_when: output.rc != 0
args:
executable: /bin/bash
tags:
- containerd_config
- name: 7.1 Check If New config.toml Exists Now
ansible.builtin.stat:
path: /etc/containerd/config.toml
register: post_file_exist_result
tags:
- containerd_config
- name: 7.2 Exit The Play If config.toml Does Not Exist
ansible.builtin.meta: end_play
when: not post_file_exist_result.stat.exists
tags:
- containerd_config
- name: 8.1 Disable Swap
ansible.builtin.command: sudo swapoff -a
register: output
changed_when: output.rc != 0
tags:
- disable_swap
- name: 8.2 Disable Swap permanently
ansible.builtin.replace:
path: /etc/fstab
regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
replace: '# \1'
tags:
- disable_swap
- name: 9. Edit config.toml
ansible.builtin.replace:
path: /etc/containerd/config.toml
after: \[plugins\."io\.containerd\.grpc\.v1\.cri"\.containerd\.runtimes\.runc\.options\]
regexp: SystemdCgroup = false
replace: SystemdCgroup = true
- name: 10. Enable Ipv4 Bridging
ansible.builtin.replace:
path: /etc/sysctl.conf
regexp: ^#net\.ipv4\.ip_forward=1$
replace: net.ipv4.ip_forward=1
- name: 11.1 Delete k8s Config If Exists
ansible.builtin.file:
path: /etc/modules-load.d/k8s.conf
state: absent
tags:
- kube_config
- name: 11.2 Add k8s.config and Edit It
ansible.builtin.lineinfile:
path: /etc/modules-load.d/k8s.conf
line: br_netfilter
create: true
mode: '0755'
tags:
- kube_config
- name: 12.1 Reboot
ansible.builtin.reboot:
register: system_reboot
- name: 12.2 Verify Reboot Success
ansible.builtin.ping:
when: system_reboot.rebooted
- name: 13.1 Update Cache
ansible.builtin.apt:
update_cache: true
autoclean: true
tags:
- install_pre_kube_packages
- name: 13.2 Remove apt lock file
ansible.builtin.file:
state: absent
path: "/var/lib/dpkg/lock"
tags:
- install_pre_kube_packages
- name: 13.3 Install Prerequisite Packages
ansible.builtin.apt:
name: '{{ kube_prereq_packages }}'
tags:
- install_pre_kube_packages
- name: 13.4 Remove GPG Keys If They Exist
ansible.builtin.file:
path: "{{ item }}"
state: absent
with_items:
- /usr/share/keyrings/kubernetes-apt-keyring.gpg
- /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored
tags:
- install_pre_kube_packages
- name: 13.5 Download Kubernetes APT Key
ansible.builtin.get_url:
url: https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key
dest: /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored
mode: '0755'
tags:
- install_pre_kube_packages
- name: 13.6 De-Armor Kubernetes APT Key
ansible.builtin.shell: gpg --dearmor < /usr/share/keyrings/kubernetes-apt-keyring.gpg_armored > /etc/apt/keyrings/kubernetes-apt-keyring.gpg
no_log: true
args:
creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
tags:
- install_pre_kube_packages
- name: 13.7 Add Kubernetes APT Key
ansible.builtin.shell: |
set -o pipefail
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' \
| sudo tee /etc/apt/sources.list.d/kubernetes.list
register: apt_output
changed_when: apt_output.rc != 0
args:
executable: /bin/bash
tags:
- install_pre_kube_packages
- name: 14.1 Update Cache
ansible.builtin.apt:
update_cache: true
autoclean: true
tags:
- install_kube_packages
- name: 14.2 Remove apt lock file
ansible.builtin.file:
state: absent
path: "/var/lib/dpkg/lock"
tags:
- install_kube_packages
- name: 14.3 Install Required Packages
ansible.builtin.apt:
name: '{{ kube_packages }}'
tags:
- install_kube_packages
- name: 14.4 Hold Packages
ansible.builtin.dpkg_selections:
name: '{{ item }}'
selection: hold
with_items: '{{ kube_packages }}'
tags:
- install_kube_packages
- name: Prompt To Continue On To Configuring Control Nodes
ansible.builtin.pause:
prompt: Press RETURN when you want to continue configuring the Control nodes!
- name: Setup Controller Nodes
gather_facts: true
hosts: controllers
become: true
tasks:
- name: 1. Initialize Cluster
ansible.builtin.shell: |
set -o pipefail
sudo kubeadm init --control-plane-endpoint={{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} --pod-network-cidr=10.244.0.0/16
register: init_cluster_output
changed_when: init_cluster_output.rc != 0
args:
executable: /bin/bash
- name: 2.1 Create .kube Directory
ansible.builtin.file:
path: .kube
state: directory
mode: '0755'
tags:
- kube_admin_config
- name: 2.2 Copy Kubernetes Admin Config
ansible.builtin.copy:
remote_src: true
src: /etc/kubernetes/admin.conf
dest: .kube/config
mode: '0755'
tags:
- kube_admin_config
- name: 2.3 Change Config File Permission
ansible.builtin.command: chown {{ ansible_env.USER }}:{{ ansible_env.USER }} ".kube/config"
changed_when: false
when: not ansible_env.HOME is undefined
tags:
- kube_admin_config
- name: 3. Install An Overlay Network
ansible.builtin.shell: |
set -o pipefail
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
register: init_cluster_output
become: false
changed_when: init_cluster_output.rc != 0
args:
executable: /bin/bash
- name: 4.1 Execute Join String Generation Command
ansible.builtin.command: kubeadm token create --print-join-command
become: false
register: join_output
changed_when: false
tags:
- join_string
- name: 4.2 Display Join String
ansible.builtin.debug:
msg: 'Join Command : {{ join_output.stdout }}'
tags:
- join_string
- name: Copy Connection String To A Remote File
ansible.builtin.template:
src: k8s_worker_node_connection.j2
dest: worker_conn_string
mode: '0755'
- name: Check Connection String File Exists
ansible.builtin.stat:
path: worker_conn_string
register: conn_file_path_remote
- name: Fetch The Remote File
ansible.builtin.fetch:
src: worker_conn_string
dest: Remote_Files/worker_conn_string
flat: true
when: conn_file_path_remote.stat.exists
- name: Prompt To Continue On To Configuring Worker Nodes
ansible.builtin.pause:
prompt: Press RETURN when you want to continue configuring the Worker nodes!
- name: Join Worker Nodes
gather_facts: true
hosts: nodes
become: true
vars:
node_conn_string: "{{ lookup('ansible.builtin.file', 'Remote_Files/worker_conn_string') }}"
tasks:
- name: 1. Add Worker Nodes To The Controller
ansible.builtin.command: '{{ node_conn_string }}'
changed_when: false
throttle: 1

View File

@ -0,0 +1 @@
{{ join_output.stdout }}