ofilter/ansible_kubernetes_cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible_kubernetes_cluster/README.md
Oriol 668d66c583 Slight modifications 
Improved README.md
2023-03-13 08:32:24 +00:00

5.1 KiB
Raw Blame History

Intended for OrangePI5 (might work on other devices)

  • Tested on ARMBIAN Bullseye
  • Previously on the orangepi official Debian versions, but can't confirm still works

Files

arm_initial_setup.yaml: standalone playbook to normalize the initialization of an ARMBIAN device

run.sh: placeholder script used for testing

ksetup/:
  - playbook.yaml
  - tasks_prepare_node.yaml
  - tasks_master.yaml
  - tasks_slave.yaml
  - tasks_end.yaml
  - kubeadm-join.command

inventory.yaml: Example inventory

Inventory.yaml

Example inventory.

Contains 2 groups, masters and slaves.

Each group have the variable is_master configured.

For more info regarding Ansible Inventory, refer to their documentation regarding the topic.

arm_initial_setup.yaml

It will:

  • Set the loacale for the ROOT user
  • Set the language for the ROOT user
  • Create the wheel group
  • Add the wheel group to sudoers (using password)
  • Add a new user with its password
  • Add the new user to the wheel group
  • Change the ROOT password
  • Disable SSH login to the ROOT user
  • Executes sleep 1 && dhclient -r && dhclient && reboot. The dhclient is for my own usage so modify it if it bothers you.

Vars

A reminder that the point of this script, is to normalize the process of setting up a fresh ARMBIAN OS.

# Connect
ansible_user: User used to connect
ansible_password: Password used to connect
ansible_become_password: Password used to execute `sudo`

# New values
## Users
new_user_name: Username to create/modify
new_user_pass: Password for the used to create/modify
new_root_pass: New password for root

## Locales
new_locale: New locale desired
new_language: New language desired

ksetup

playbook.yaml

Used to "orchestrate" the process and call the rest of the task playbooks.

Vars

# Testing purposes
ansible_user: User used to connect
ansible_password: Password used to connect
ansible_become_password: Password used to execute `sudo`

# Actual vars
set_hostname: New hostname for the device, by default will obtain it's values from the variable `ansible_host` aka. the URL specified to connect to such device.
is_master: This variable determines which playbooks will run.

# Cluster shit
kubeadm_join_path: File path that will store the `kubeadm join` command to be executed by the worker nodes.
_kubeadm_join_command: Placeholder, will be populated at later stages of the script.

TASK playbooks

tasks_prepare_node.yaml

  • Changes the device hostname
  • Disables RAM usage.
  • Update -> Upgrade.
  • Uninstalls containerd.
  • Installs Docker (Debian) and Kubernetes repos.
  • Installs containerd.io, kublet, kubeadm, kubectl.
  • Sets default config for containerd with cGroups enabled.
  • Enables some iptables.
  • "Resets" /etc/hosts file

tasks_master.yaml

Will only be executed if the variable is_master is set to True
  • Executes kubeadm init aka initializes the node without further arguments assigned.
  • Sets the kubectl conf to the user specified.
  • Deploys Calico network plugin (might change in the future)
  • Removes node-role.kubernetes.io/control-plane taint to allow deploying containers in the control plane node.
  • Generates a "join cluster" command and stores it in a file LOCALLY as kubeadm-join.command, this file will be later used by the slave nodes, who will execute this file's contents.

tasks_slave.yaml

Will only be executed if the variable is_master is set to False
  • Executes the "command" stored in the file kubeadm-join.command located LOCALLY.

tasks_end.yaml

  • As per the moment, only reboots.

USAGE

Setup

On my infrastructure/environment, I use a DHCP and DNS to connect / communicate the nodes.

You might need to edit the file /etc/hosts and manually point the resources IP addresses.

So my first step is to reserve the MAC addresses and configure the DHCP server.

Afterwards update the DNS server to point to those IPs.

Set the SD card / SBC (Single Board Computer)

Beware of using the right IMG / device, as you don't want to delete the wrong drive, right?

dd if=Armbian_23.02.2_Orangepi5_bullseye_legacy_5.10.110_minimal.img of=/dev/sdg  status=progress bs=1M status=progress

arm_initial_setup.yaml

Change the values of the desired variables

# New values
## Users
new_user_name: "orangepi"
new_user_pass: "orangepi"
new_root_pass: "1234"

## Locales
new_locale: "en_US.UTF-8"
new_language: "en_US.UTF-8"

Change the connection variables (Optional)

Optional, if you are not planning to use root, the playbook might require some slight changes in order to work with a user that's not root, idk, not my problem, this playbook assumes you will be using an ARMBIAN image.

ansible_user: "root"
ansible_password: "1234"

Run (?)

License

DWTFUW

Do whatever the fuck you want license ™