This Ansible collection provides Ansible playbooks and roles for the deployment and configuration of an Kubernetes environment.
Ansible Collection for Kubernetes
Ansible Collection for Kubernetes.
This Ansible collection provides Ansible playbooks and roles for the deployment and configuration of a Certified Kubernetes environment.
Requirements
This collection require Ansible community package 4.10 or higher.
This collection was designed for:
Quick Start Bootstrap Ansible and Roles
Start by cloning the repository, checkout the corresponding branch, and
init with git submodule
, then install Ansible (see
https://software.opensuse.org/download/package?package=ansible&project=home%3Aalvistack):
# GIT checkout development branch
mkdir -p /opt/ansible-collection-kubernetes
cd /opt/ansible-collection-kubernetes
git init
git remote add upstream https://github.com/alvistack/ansible-collection-kubernetes.git
git fetch --all --prune
git checkout upstream/develop -- .
git submodule sync --recursive
git submodule update --init --recursive
Bootstrap Ansible
echo 'deb http://downloadcontent.opensuse.org/repositories/home:/alvistack/xUbuntu_22.04/ /' | tee /etc/apt/sources.list.d/home:alvistack.list
curl -fsSL https://downloadcontent.opensuse.org/repositories/home:alvistack/xUbuntu_22.04/Release.key | gpg --dearmor | tee /etc/apt/trusted.gpg.d/home_alvistack.gpg > /dev/null
apt update
apt install ansible
Confirm the version of Ansible
ansible --version
AIO
All-in-one (AIO) build is a great way to perform an Kubernetes build for:
Simply execule our default Molecule test case and it will deploy all default components into your localhost:
# Run Molecule test case
molecule test -s default
Confirm the version and status of Kubernetes
kubectl version --output=yaml
kubectl get node --output=yaml
kubectl get pod --all-namespaces
Production
In order to avoid Single Point of Failure, at least 3 instances for Kubernetes is recommended.
For production environment we should backed with Ceph File
System for Kubernetes
Persistent
Volumes
with ReadWriteMany
support. Corresponding dynamic provisioning could
be handled by using CSI CephFS.
Traditionally we could use Docker or containerd as Kubernetes container runtime (CRI). Now a day, this collection is default with the modern CRI-O implementation.
Moreover, we are using Cilium as Kubernetes network plugin (CNI) so we could support Kubernetes Network Policies.
This deployment will setup the follow components:
Start by copying the default inventory for customization:
# Copy default inventory
mkdir -p /etc/ansible
rsync -av /opt/ansible-collection-kubernetes/inventory/default/ /etc/ansible
You should update the following files as per your production environment:
/etc/ansible/hosts
/etc/ansible/group_vars/all/*.yml
*_release
and *_version
if you hope to pin the
deployment into any legacy supported versionOnce update now run the playbooks:
# Run playbooks
cd /opt/ansible-collection-kubernetes
ansible-playbook playbooks/converge.yml
ansible-playbook playbooks/50-kube-verify.yml
ansible-playbook playbooks/60-kube_cilium-install.yml
ansible-playbook playbooks/70-kube_csi_cephfs-install.yml
ansible-playbook playbooks/70-kube_csi_cephfs-verify.yml
ansible-playbook playbooks/80-kube_dashboard-install.yml
ansible-playbook playbooks/80-kube_ingress_nginx-install.yml
ansible-playbook playbooks/80-kube_cert_manager-install.yml
Confirm the version and status of Kubernetes
kubectl version --output=yaml
kubectl get node --output=yaml
kubectl get pod --all-namespaces
Molecule
You could also run our Molecule test cases if you have Vagrant and Libvirt installed, e.g.
# Run Molecule on Ubuntu 22.04
molecule converge -s ubuntu-22.04
Please refer to .gitlab-ci.yml for more information on running Molecule.
Versioning
YYYYMMDD.Y.Z
Release tags could be find from GitHub Release of this repository. Thus using these tags will ensure you are running the most up to date stable version of this image.
YYYYMMDD.0.0
Version tags ended with .0.0
are rolling release rebuild by GitLab
pipeline
in weekly basis. Thus using these tags will ensure you are running the
latest packages provided by the base image project.
License
Author Information
Twice a month we will interview people behind open source businesses. We will talk about how they are building a business on top of open source projects.
We'll never share your email with anyone else.