kubernetes-cluster-kubeadm-containerd-ansible.html

<!DOCTYPE html>
<html lang="en" itemscope itemtype="http://schema.org/Article">
  <head>
    <title>Create Kubernetes cluster using kubeadm and containerd with Ansible</title>
    

    <meta charset="utf-8">
    <meta property="og:title" content="Create Kubernetes cluster using kubeadm and containerd with Ansible">
    <meta property="og:site_name" content="Modesto Mas | Blog">
    <meta property="og:image" content="https://mmas.github.io/images/profile.jpg">
    <meta property="og:image:width" content="200">
    <meta property="og:image:height" content="200">
    <meta property="og:url" content="https://mmas.github.io/kubernetes-cluster-kubeadm-containerd-ansible">
    <meta property="og:locale" content="en_GB">
    <meta name="twitter:image" content="https://mmas.github.io/images/profile.jpg">
    <meta name="twitter:url" content="https://mmas.github.io/kubernetes-cluster-kubeadm-containerd-ansible">
    <meta name="twitter:card" content="summary">
    <meta name="twitter:domain" content="mmas.github.io">
    <meta name="twitter:title" content="Create Kubernetes cluster using kubeadm and containerd with Ansible">
    <meta name="description" content="In this article we will create a Kubernetes cluster with master and worker machines using Ansible. We will use containerd as container runtime and fla...">
    <meta name="twitter:description" content="In this article we will create a Kubernetes cluster with master and worker machines using Ansible. We will use containerd as container runtime and fla...">
    <meta property="og:description" content="In this article we will create a Kubernetes cluster with master and worker machines using Ansible. We will use containerd as container runtime and fla...">
    <meta name="keywords" content="ansible,homelab,kubernetes">
    <meta property="og:type" content="blog">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    
<meta property="og:type" content="article">
<meta property="article:author" content="https://github.com/mmas">
<meta property="article:section" content="ansible">
<meta property="article:tag" content="ansible,homelab,kubernetes">
<meta property="article:published_time" content="2023-04-04">
<meta property="article:modified_time" content="2023-04-04">

    <link rel="stylesheet" type="text/css" href="/css/main.css">
    <script type="text/x-mathjax-config">
    MathJax.Hub.Config({
        CommonHTML: {
            scale: 93,
            showMathMenu: false
        },
        tex2jax: {
            "inlineMath": [["$","$"], ["\\(","\\)"]]
        }
    });
    </script>
    <script type="text/javascript" async src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-MML-AM_CHTML"></script>
  </head>
  <body class="entry-detail">

    
    <header>
  <div>
    <img src="https://mmas.github.io/images/profile.jpg">
    <a class="brand" href="/">Modesto Mas</a>
    <span>Data/Python/DevOps Engineer</span>
    <nav>
      <ul>
        <li><a href="/tags">Tags</a></li>
        <li><a href="https://github.com/mmas/mmas.github.io/issues" target="_blank">Issues</a></li>
      </ul>
    </nav>
  </div>
</header>
    

    <section id="content" role="main">
    

<article>
  
<header>
  <h1><a href="/kubernetes-cluster-kubeadm-containerd-ansible">Create Kubernetes cluster using kubeadm and containerd with Ansible</a></h1>
  <time datetime="2023-04-04">Apr 04, 2023</time>
  
  <a class="tag" href="/tags?tag=ansible">ansible</a>
  
  <a class="tag" href="/tags?tag=homelab">homelab</a>
  
  <a class="tag" href="/tags?tag=kubernetes">kubernetes</a>
  
</header>

  <aside id="article-nav"></aside>
  <section class="body">
    <p>In this article we will create a Kubernetes cluster with master and
worker machines using Ansible. We will use <a target="_blank" href="https://containerd.io/">containerd</a> as container runtime and <a target="_blank" href="https://github.com/flannel-io/flannel">flannel</a> as CNI
plugin.</p>
<h2 id="prerequisites">Prerequisites</h2>
<ul>
<li>Ansible</li>
<li>At least a host for kubernetes masters, and a host for kubernetes
workers</li>
</ul>
<p>We will use Ubuntu machines and name <code>kmasters</code> as our
kubernetes master hosts and <code>kworkers</code> for our worker hosts
in this example.</p>
<p>Some basic packages are expected to be installed in all hosts, you
can also install them using a task:</p>
<div class="sourceCode" id="cb1"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb1-1"><a target="_blank" href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> install apt packages</span></span>
<span id="cb1-2"><a target="_blank" href="#cb1-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">apt</span><span class="kw">:</span></span>
<span id="cb1-3"><a target="_blank" href="#cb1-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span></span>
<span id="cb1-4"><a target="_blank" href="#cb1-4" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> apt-transport-https</span></span>
<span id="cb1-5"><a target="_blank" href="#cb1-5" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> ca-certificates</span></span>
<span id="cb1-6"><a target="_blank" href="#cb1-6" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> curl</span></span>
<span id="cb1-7"><a target="_blank" href="#cb1-7" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> python3-pip</span></span>
<span id="cb1-8"><a target="_blank" href="#cb1-8" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">update_cache</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<h2 id="install-containerd">Install containerd</h2>
<p>The following tasks will run in all the hosts as root:</p>
<div class="sourceCode" id="cb2"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb2-1"><a target="_blank" href="#cb2-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">hosts</span><span class="kw">:</span><span class="at"> kmasters, kworkers</span></span>
<span id="cb2-2"><a target="_blank" href="#cb2-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>Load the required kernel modules and install containerd:</p>
<div class="sourceCode" id="cb3"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb3-1"><a target="_blank" href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> add modules required by containerd</span></span>
<span id="cb3-2"><a target="_blank" href="#cb3-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">modprobe</span><span class="kw">:</span></span>
<span id="cb3-3"><a target="_blank" href="#cb3-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ item }}&quot;</span></span>
<span id="cb3-4"><a target="_blank" href="#cb3-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> present</span></span>
<span id="cb3-5"><a target="_blank" href="#cb3-5" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">persistent</span><span class="kw">:</span><span class="at"> present</span></span>
<span id="cb3-6"><a target="_blank" href="#cb3-6" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">loop</span><span class="kw">:</span></span>
<span id="cb3-7"><a target="_blank" href="#cb3-7" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> overlay</span></span>
<span id="cb3-8"><a target="_blank" href="#cb3-8" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> br_netfilter</span></span>
<span id="cb3-9"><a target="_blank" href="#cb3-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb3-10"><a target="_blank" href="#cb3-10" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> install containerd</span></span>
<span id="cb3-11"><a target="_blank" href="#cb3-11" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">apt</span><span class="kw">:</span></span>
<span id="cb3-12"><a target="_blank" href="#cb3-12" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> containerd</span></span></code></pre></div>
<p>Configure and enable containerd:</p>
<div class="sourceCode" id="cb4"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb4-1"><a target="_blank" href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> create containerd directory</span></span>
<span id="cb4-2"><a target="_blank" href="#cb4-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">file</span><span class="kw">:</span></span>
<span id="cb4-3"><a target="_blank" href="#cb4-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">path</span><span class="kw">:</span><span class="at"> /etc/containerd</span></span>
<span id="cb4-4"><a target="_blank" href="#cb4-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> directory</span></span>
<span id="cb4-5"><a target="_blank" href="#cb4-5" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb4-6"><a target="_blank" href="#cb4-6" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> create containerd config</span></span>
<span id="cb4-7"><a target="_blank" href="#cb4-7" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> containerd config default &gt; /etc/containerd/config.toml</span></span>
<span id="cb4-8"><a target="_blank" href="#cb4-8" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">notify</span><span class="kw">:</span></span>
<span id="cb4-9"><a target="_blank" href="#cb4-9" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> restart containerd</span></span>
<span id="cb4-10"><a target="_blank" href="#cb4-10" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb4-11"><a target="_blank" href="#cb4-11" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> use systemd as cgroup driver</span></span>
<span id="cb4-12"><a target="_blank" href="#cb4-12" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">lineinfile</span><span class="kw">:</span></span>
<span id="cb4-13"><a target="_blank" href="#cb4-13" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> /etc/containerd/config.toml</span></span>
<span id="cb4-14"><a target="_blank" href="#cb4-14" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">regexp</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;(\s+SystemdCgroup) = false&#39;</span></span>
<span id="cb4-15"><a target="_blank" href="#cb4-15" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">line</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;\1 = true&#39;</span></span>
<span id="cb4-16"><a target="_blank" href="#cb4-16" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">backrefs</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb4-17"><a target="_blank" href="#cb4-17" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> present</span></span>
<span id="cb4-18"><a target="_blank" href="#cb4-18" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">notify</span><span class="kw">:</span></span>
<span id="cb4-19"><a target="_blank" href="#cb4-19" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> restart containerd</span></span>
<span id="cb4-20"><a target="_blank" href="#cb4-20" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb4-21"><a target="_blank" href="#cb4-21" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> enable containerd</span></span>
<span id="cb4-22"><a target="_blank" href="#cb4-22" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">service</span><span class="kw">:</span></span>
<span id="cb4-23"><a target="_blank" href="#cb4-23" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> containerd</span></span>
<span id="cb4-24"><a target="_blank" href="#cb4-24" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">enabled</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>When changing the configuration, the handler
<code>restart containerd</code> will be triggered:</p>
<div class="sourceCode" id="cb5"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb5-1"><a target="_blank" href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> restart containerd</span></span>
<span id="cb5-2"><a target="_blank" href="#cb5-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">service</span><span class="kw">:</span></span>
<span id="cb5-3"><a target="_blank" href="#cb5-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> containerd</span></span>
<span id="cb5-4"><a target="_blank" href="#cb5-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> restarted</span></span></code></pre></div>
<h2 id="install-kubernetes">Install kubernetes</h2>
<p>As the installation of containerd, the installation of kubernetes
will run in all the hosts as root.</p>
<p>Configure networking and disable swap:</p>
<div class="sourceCode" id="cb6"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb6-1"><a target="_blank" href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> configure kubernetes networking</span></span>
<span id="cb6-2"><a target="_blank" href="#cb6-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">sysctl</span><span class="kw">:</span></span>
<span id="cb6-3"><a target="_blank" href="#cb6-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">sysctl_file</span><span class="kw">:</span><span class="at"> /etc/sysctl.d/99-kubernetes-cri.conf</span></span>
<span id="cb6-4"><a target="_blank" href="#cb6-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ item.name }}&quot;</span></span>
<span id="cb6-5"><a target="_blank" href="#cb6-5" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">value</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ item.value }}&quot;</span></span>
<span id="cb6-6"><a target="_blank" href="#cb6-6" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">loop</span><span class="kw">:</span></span>
<span id="cb6-7"><a target="_blank" href="#cb6-7" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="kw">{</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;net.ipv4.ip_forward&#39;</span><span class="kw">,</span><span class="at"> </span><span class="fu">value</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;1&#39;</span><span class="kw">}</span></span>
<span id="cb6-8"><a target="_blank" href="#cb6-8" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="kw">{</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;net.bridge.bridge-nf-call-iptables&#39;</span><span class="kw">,</span><span class="at"> </span><span class="fu">value</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;1&#39;</span><span class="kw">}</span></span>
<span id="cb6-9"><a target="_blank" href="#cb6-9" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="kw">{</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;net.bridge.bridge-nf-call-ip6tables&#39;</span><span class="kw">,</span><span class="at"> </span><span class="fu">value</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;1&#39;</span><span class="kw">}</span></span>
<span id="cb6-10"><a target="_blank" href="#cb6-10" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb6-11"><a target="_blank" href="#cb6-11" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> disable swap</span></span>
<span id="cb6-12"><a target="_blank" href="#cb6-12" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">command</span><span class="kw">:</span><span class="at"> swapoff -a</span></span>
<span id="cb6-13"><a target="_blank" href="#cb6-13" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb6-14"><a target="_blank" href="#cb6-14" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> permamently disable swap</span></span>
<span id="cb6-15"><a target="_blank" href="#cb6-15" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">lineinfile</span><span class="kw">:</span></span>
<span id="cb6-16"><a target="_blank" href="#cb6-16" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> /etc/fstab</span></span>
<span id="cb6-17"><a target="_blank" href="#cb6-17" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">regexp</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;^(/swap.*)&#39;</span></span>
<span id="cb6-18"><a target="_blank" href="#cb6-18" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">line</span><span class="kw">:</span><span class="at"> </span><span class="st">&#39;# \1&#39;</span></span>
<span id="cb6-19"><a target="_blank" href="#cb6-19" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">backrefs</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb6-20"><a target="_blank" href="#cb6-20" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> present</span></span></code></pre></div>
<p>For simplicity we will disable the firewall, but we could also allow
the ports required (at least, the TCP ports 4149, 6443, 10250, 10255 and
10256):</p>
<div class="sourceCode" id="cb7"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb7-1"><a target="_blank" href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> disable ufw</span></span>
<span id="cb7-2"><a target="_blank" href="#cb7-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">ufw</span><span class="kw">:</span></span>
<span id="cb7-3"><a target="_blank" href="#cb7-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> disabled</span></span></code></pre></div>
<p>Install kubernetes:</p>
<div class="sourceCode" id="cb8"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb8-1"><a target="_blank" href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> add kubernetes apt key</span></span>
<span id="cb8-2"><a target="_blank" href="#cb8-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">apt_key</span><span class="kw">:</span></span>
<span id="cb8-3"><a target="_blank" href="#cb8-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">url</span><span class="kw">:</span><span class="at"> https://packages.cloud.google.com/apt/doc/apt-key.gpg</span></span>
<span id="cb8-4"><a target="_blank" href="#cb8-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> present</span></span>
<span id="cb8-5"><a target="_blank" href="#cb8-5" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb8-6"><a target="_blank" href="#cb8-6" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> add kubernetes repository</span></span>
<span id="cb8-7"><a target="_blank" href="#cb8-7" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">apt_repository</span><span class="kw">:</span></span>
<span id="cb8-8"><a target="_blank" href="#cb8-8" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">repo</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;deb http://apt.kubernetes.io/ kubernetes-xenial main&quot;</span></span>
<span id="cb8-9"><a target="_blank" href="#cb8-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb8-10"><a target="_blank" href="#cb8-10" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> install kubernetes</span></span>
<span id="cb8-11"><a target="_blank" href="#cb8-11" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">apt</span><span class="kw">:</span></span>
<span id="cb8-12"><a target="_blank" href="#cb8-12" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span></span>
<span id="cb8-13"><a target="_blank" href="#cb8-13" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> kubeadm</span></span>
<span id="cb8-14"><a target="_blank" href="#cb8-14" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> kubelet</span></span>
<span id="cb8-15"><a target="_blank" href="#cb8-15" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> kubectl</span></span>
<span id="cb8-16"><a target="_blank" href="#cb8-16" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="kw">-</span><span class="at"> kubernetes-cni</span></span>
<span id="cb8-17"><a target="_blank" href="#cb8-17" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">update_cache</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb8-18"><a target="_blank" href="#cb8-18" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> latest</span></span>
<span id="cb8-19"><a target="_blank" href="#cb8-19" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb8-20"><a target="_blank" href="#cb8-20" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> enable kubelet</span></span>
<span id="cb8-21"><a target="_blank" href="#cb8-21" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">service</span><span class="kw">:</span></span>
<span id="cb8-22"><a target="_blank" href="#cb8-22" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> kubelet</span></span>
<span id="cb8-23"><a target="_blank" href="#cb8-23" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">enabled</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>If we are not running the playbook with <code>kube</code> user as our
<code>ansible_user</code>, create it with sudo permissions and no
password required:</p>
<div class="sourceCode" id="cb9"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb9-1"><a target="_blank" href="#cb9-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> create the kube user</span></span>
<span id="cb9-2"><a target="_blank" href="#cb9-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">user</span><span class="kw">:</span></span>
<span id="cb9-3"><a target="_blank" href="#cb9-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> kube</span></span>
<span id="cb9-4"><a target="_blank" href="#cb9-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> /bin/bash</span></span>
<span id="cb9-5"><a target="_blank" href="#cb9-5" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">generate_ssh_key</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb9-6"><a target="_blank" href="#cb9-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb9-7"><a target="_blank" href="#cb9-7" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> add kube to sudoers with no password</span></span>
<span id="cb9-8"><a target="_blank" href="#cb9-8" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">community.general.sudoers</span><span class="kw">:</span></span>
<span id="cb9-9"><a target="_blank" href="#cb9-9" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> kube</span></span>
<span id="cb9-10"><a target="_blank" href="#cb9-10" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">user</span><span class="kw">:</span><span class="at"> kube</span></span>
<span id="cb9-11"><a target="_blank" href="#cb9-11" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">commands</span><span class="kw">:</span><span class="at"> ALL</span></span>
<span id="cb9-12"><a target="_blank" href="#cb9-12" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">runas</span><span class="kw">:</span><span class="at"> ALL</span></span></code></pre></div>
<p>We can also add our SSH key to the authorized keys for
<code>kube</code> if we don’t want to create a new one:</p>
<div class="sourceCode" id="cb10"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb10-1"><a target="_blank" href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> authorize current ssh user to connect as kube</span></span>
<span id="cb10-2"><a target="_blank" href="#cb10-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">authorized_key</span><span class="kw">:</span></span>
<span id="cb10-3"><a target="_blank" href="#cb10-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">user</span><span class="kw">:</span><span class="at"> kube</span></span>
<span id="cb10-4"><a target="_blank" href="#cb10-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">key</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ lookup(&#39;file&#39;, lookup(&#39;env&#39;,&#39;HOME&#39;) + &#39;/.ssh/id_rsa.pub&#39;) }}&quot;</span></span>
<span id="cb10-5"><a target="_blank" href="#cb10-5" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">ignore_errors</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<h2 id="configure-master-nodes">Configure master nodes</h2>
<p>The following tasks will run in the kubernetes master hosts as user
<code>kube</code>:</p>
<div class="sourceCode" id="cb11"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb11-1"><a target="_blank" href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">hosts</span><span class="kw">:</span><span class="at"> kmasters</span></span>
<span id="cb11-2"><a target="_blank" href="#cb11-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">remote_user</span><span class="kw">:</span><span class="at"> kube</span></span></code></pre></div>
<p>To make the playbook idempotent, we check if we already initialized
kubernetes:</p>
<div class="sourceCode" id="cb12"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb12-1"><a target="_blank" href="#cb12-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">stat</span><span class="kw">:</span></span>
<span id="cb12-2"><a target="_blank" href="#cb12-2" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">path</span><span class="kw">:</span><span class="at"> .kube/config</span></span>
<span id="cb12-3"><a target="_blank" href="#cb12-3" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">register</span><span class="kw">:</span><span class="at"> kube_config</span></span>
<span id="cb12-4"><a target="_blank" href="#cb12-4" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb12-5"><a target="_blank" href="#cb12-5" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">set_fact</span><span class="kw">:</span></span>
<span id="cb12-6"><a target="_blank" href="#cb12-6" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">kube_initialized</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ kube_config.stat.exists }}&quot;</span></span></code></pre></div>
<p>Running the playbook multiple times won’t create a cluster in the
machines where kubernetes cluster is configured. To recreate a cluster,
we will need to <code>sudo kubeadm reset</code> and remove the
configuration folder <code>~/.kube</code>.</p>
<p>Create the .kube directory and stop kubelet prior installation:</p>
<div class="sourceCode" id="cb13"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb13-1"><a target="_blank" href="#cb13-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> create .kube directory</span></span>
<span id="cb13-2"><a target="_blank" href="#cb13-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">file</span><span class="kw">:</span></span>
<span id="cb13-3"><a target="_blank" href="#cb13-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">path</span><span class="kw">:</span><span class="at"> .kube</span></span>
<span id="cb13-4"><a target="_blank" href="#cb13-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> directory</span></span>
<span id="cb13-5"><a target="_blank" href="#cb13-5" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">mode</span><span class="kw">:</span><span class="at"> </span><span class="dv">0755</span></span>
<span id="cb13-6"><a target="_blank" href="#cb13-6" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">recurse</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb13-7"><a target="_blank" href="#cb13-7" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">when</span><span class="kw">:</span><span class="at"> not kube_initialized</span></span>
<span id="cb13-8"><a target="_blank" href="#cb13-8" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb13-9"><a target="_blank" href="#cb13-9" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> stop kubelet</span></span>
<span id="cb13-10"><a target="_blank" href="#cb13-10" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">service</span><span class="kw">:</span></span>
<span id="cb13-11"><a target="_blank" href="#cb13-11" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">name</span><span class="kw">:</span><span class="at"> kubelet</span></span>
<span id="cb13-12"><a target="_blank" href="#cb13-12" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> stopped</span></span>
<span id="cb13-13"><a target="_blank" href="#cb13-13" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">when</span><span class="kw">:</span><span class="at"> not kube_initialized</span></span>
<span id="cb13-14"><a target="_blank" href="#cb13-14" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>Initialize the cluster, configure kubernetes, and install CNI
(flannel). Note that if any of the tasks fail, the configuration will be
removed (if created) and the cluster reset (if initialized). Hence,
these tasks won’t be skipped in the next playbook run:</p>
<div class="sourceCode" id="cb14"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb14-1"><a target="_blank" href="#cb14-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">block</span><span class="kw">:</span></span>
<span id="cb14-2"><a target="_blank" href="#cb14-2" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> init kubernetes cluster</span></span>
<span id="cb14-3"><a target="_blank" href="#cb14-3" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> kubeadm init --pod-network-cidr=10.244.0.0/16 --cri-socket /run/containerd/containerd.sock</span></span>
<span id="cb14-4"><a target="_blank" href="#cb14-4" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb14-5"><a target="_blank" href="#cb14-5" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb14-6"><a target="_blank" href="#cb14-6" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> copy kubernetes conf</span></span>
<span id="cb14-7"><a target="_blank" href="#cb14-7" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">copy</span><span class="kw">:</span></span>
<span id="cb14-8"><a target="_blank" href="#cb14-8" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">src</span><span class="kw">:</span><span class="at"> /etc/kubernetes/admin.conf</span></span>
<span id="cb14-9"><a target="_blank" href="#cb14-9" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> .kube/config</span></span>
<span id="cb14-10"><a target="_blank" href="#cb14-10" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">remote_src</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb14-11"><a target="_blank" href="#cb14-11" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">owner</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ ansible_user }}&quot;</span></span>
<span id="cb14-12"><a target="_blank" href="#cb14-12" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb14-13"><a target="_blank" href="#cb14-13" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb14-14"><a target="_blank" href="#cb14-14" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> install pod network (flannel)</span></span>
<span id="cb14-15"><a target="_blank" href="#cb14-15" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml</span></span>
<span id="cb14-16"><a target="_blank" href="#cb14-16" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb14-17"><a target="_blank" href="#cb14-17" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">rescue</span><span class="kw">:</span></span>
<span id="cb14-18"><a target="_blank" href="#cb14-18" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> remove .kube dir on error</span></span>
<span id="cb14-19"><a target="_blank" href="#cb14-19" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">file</span><span class="kw">:</span></span>
<span id="cb14-20"><a target="_blank" href="#cb14-20" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">name</span><span class="kw">:</span><span class="at"> .kube/config</span></span>
<span id="cb14-21"><a target="_blank" href="#cb14-21" aria-hidden="true" tabindex="-1"></a><span class="at">        </span><span class="fu">state</span><span class="kw">:</span><span class="at"> absent</span></span>
<span id="cb14-22"><a target="_blank" href="#cb14-22" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb14-23"><a target="_blank" href="#cb14-23" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> reset kubernetes on error</span></span>
<span id="cb14-24"><a target="_blank" href="#cb14-24" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> kubeadm reset -f</span></span>
<span id="cb14-25"><a target="_blank" href="#cb14-25" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb14-26"><a target="_blank" href="#cb14-26" aria-hidden="true" tabindex="-1"></a><span class="at">      </span><span class="fu">ignore_errors</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb14-27"><a target="_blank" href="#cb14-27" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb14-28"><a target="_blank" href="#cb14-28" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">when</span><span class="kw">:</span><span class="at"> not kube_initialized</span></span></code></pre></div>
<p>Configure flannel:</p>
<div class="sourceCode" id="cb15"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb15-1"><a target="_blank" href="#cb15-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> create flannel run dir</span></span>
<span id="cb15-2"><a target="_blank" href="#cb15-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">file</span><span class="kw">:</span></span>
<span id="cb15-3"><a target="_blank" href="#cb15-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">path</span><span class="kw">:</span><span class="at"> /run/flannel/</span></span>
<span id="cb15-4"><a target="_blank" href="#cb15-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">state</span><span class="kw">:</span><span class="at"> directory</span></span>
<span id="cb15-5"><a target="_blank" href="#cb15-5" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span>
<span id="cb15-6"><a target="_blank" href="#cb15-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb15-7"><a target="_blank" href="#cb15-7" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> setup flannel</span></span>
<span id="cb15-8"><a target="_blank" href="#cb15-8" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">copy</span><span class="kw">:</span></span>
<span id="cb15-9"><a target="_blank" href="#cb15-9" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> /run/flannel/subnet.env</span></span>
<span id="cb15-10"><a target="_blank" href="#cb15-10" aria-hidden="true" tabindex="-1"></a><span class="fu">    content</span><span class="kw">: </span><span class="ch">|</span></span>
<span id="cb15-11"><a target="_blank" href="#cb15-11" aria-hidden="true" tabindex="-1"></a>      FLANNEL_NETWORK=10.244.0.0/16</span>
<span id="cb15-12"><a target="_blank" href="#cb15-12" aria-hidden="true" tabindex="-1"></a>      FLANNEL_SUBNET=10.244.0.1/24</span>
<span id="cb15-13"><a target="_blank" href="#cb15-13" aria-hidden="true" tabindex="-1"></a>      FLANNEL_MTU=1450</span>
<span id="cb15-14"><a target="_blank" href="#cb15-14" aria-hidden="true" tabindex="-1"></a>      FLANNEL_IPMASQ=true</span>
<span id="cb15-15"><a target="_blank" href="#cb15-15" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>Download the join command to the local machine to use in the
kubernetes worker tasks:</p>
<div class="sourceCode" id="cb16"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb16-1"><a target="_blank" href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> get join command</span></span>
<span id="cb16-2"><a target="_blank" href="#cb16-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> kubeadm token create  --print-join-command &gt; /tmp/join_kubernetes.sh</span></span>
<span id="cb16-3"><a target="_blank" href="#cb16-3" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb16-4"><a target="_blank" href="#cb16-4" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> download join command</span></span>
<span id="cb16-5"><a target="_blank" href="#cb16-5" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">fetch</span><span class="kw">:</span></span>
<span id="cb16-6"><a target="_blank" href="#cb16-6" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">src</span><span class="kw">:</span><span class="at"> /tmp/join_kubernetes.sh</span></span>
<span id="cb16-7"><a target="_blank" href="#cb16-7" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> /tmp/</span></span>
<span id="cb16-8"><a target="_blank" href="#cb16-8" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">flat</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<h2 id="configure-worker-nodes">Configure worker nodes</h2>
<p>The following tasks will run in the kubernetes worker hosts as
root:</p>
<div class="sourceCode" id="cb17"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb17-1"><a target="_blank" href="#cb17-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">hosts</span><span class="kw">:</span><span class="at"> kworkers</span></span>
<span id="cb17-2"><a target="_blank" href="#cb17-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">become</span><span class="kw">:</span><span class="at"> </span><span class="ch">yes</span></span></code></pre></div>
<p>To make the following tasks idempotent, check the status of the
node:</p>
<div class="sourceCode" id="cb18"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb18-1"><a target="_blank" href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="pp">---</span></span>
<span id="cb18-2"><a target="_blank" href="#cb18-2" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">shell</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;curl http://localhost:10248/healthz || true&quot;</span></span>
<span id="cb18-3"><a target="_blank" href="#cb18-3" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">register</span><span class="kw">:</span><span class="at"> health</span></span>
<span id="cb18-4"><a target="_blank" href="#cb18-4" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb18-5"><a target="_blank" href="#cb18-5" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">set_fact</span><span class="kw">:</span></span>
<span id="cb18-6"><a target="_blank" href="#cb18-6" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">kube_joined</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;{{ health.stdout == &#39;ok&#39; }}&quot;</span></span></code></pre></div>
<p>Upload and run the join command:</p>
<div class="sourceCode" id="cb19"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb19-1"><a target="_blank" href="#cb19-1" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> get join command</span></span>
<span id="cb19-2"><a target="_blank" href="#cb19-2" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">copy</span><span class="kw">:</span></span>
<span id="cb19-3"><a target="_blank" href="#cb19-3" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">src</span><span class="kw">:</span><span class="at"> /tmp/join_kubernetes.sh</span></span>
<span id="cb19-4"><a target="_blank" href="#cb19-4" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">dest</span><span class="kw">:</span><span class="at"> /tmp/join_kubernetes.sh</span></span>
<span id="cb19-5"><a target="_blank" href="#cb19-5" aria-hidden="true" tabindex="-1"></a><span class="at">    </span><span class="fu">mode</span><span class="kw">:</span><span class="at"> </span><span class="dv">0777</span></span>
<span id="cb19-6"><a target="_blank" href="#cb19-6" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">when</span><span class="kw">:</span><span class="at"> not kube_joined</span></span>
<span id="cb19-7"><a target="_blank" href="#cb19-7" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb19-8"><a target="_blank" href="#cb19-8" aria-hidden="true" tabindex="-1"></a><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> join kubernetes cluster</span></span>
<span id="cb19-9"><a target="_blank" href="#cb19-9" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">command</span><span class="kw">:</span><span class="at"> sh /tmp/join_kubernetes.sh</span></span>
<span id="cb19-10"><a target="_blank" href="#cb19-10" aria-hidden="true" tabindex="-1"></a><span class="at">  </span><span class="fu">when</span><span class="kw">:</span><span class="at"> not kube_joined</span></span></code></pre></div>
<p>From a worker node, we can check the nodes status with
<code>kubectl</code>:</p>
<div class="sourceCode" id="cb20"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb20-1"><a target="_blank" href="#cb20-1" aria-hidden="true" tabindex="-1"></a><span class="ex">kubectl</span> get nodes</span></code></pre></div>
  </section>
</article>


    </section>
    <footer></footer>

    
<script type="text/javascript" src="/js/article.js"></script>

  </body>
</html>