richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
334 Commits
29 Branches
80 Tags
156 MiB
Tree: 6163fe166e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6163fe166e'
${ noResults }
kubespray/README.md

318 lines
8.7 KiB
Raw Normal View History

Build status
8 years ago
Readme, first ver
9 years ago
update README
8 years ago
README : typo
8 years ago
update README
8 years ago
Readme, first ver
9 years ago
Flannel running as pod
8 years ago
Readme v2
9 years ago
Flannel running as pod
8 years ago
update submodules and documentation
8 years ago
update README
8 years ago
Drop ansible 1.9 support
8 years ago
README: ansible basics docs link
8 years ago
Readme v2
9 years ago
README : update versions
8 years ago
etcd directly in host fix etcd configuration for nodes fix wrong calico checksums using a var name etcd_bin_dir fix etcd handlers for sysvinit using a var name etcd_bin_dir sysvinit script review etcd configuration
8 years ago
README : update versions
8 years ago
Update README with the latest version and simply inventory
8 years ago
Update README, new versions
8 years ago
Readme v2
9 years ago
Quickstart documentation
8 years ago
update README with multi-master notes
8 years ago
Quickstart documentation
8 years ago
update submodules and documentation
8 years ago
Quickstart documentation
8 years ago
etcd can run on a distinct cluster
8 years ago
update submodules and documentation
8 years ago
etcd can run on a distinct cluster
8 years ago
Quickstart documentation
8 years ago
update submodules and documentation
8 years ago
Quickstart documentation
8 years ago
Update README
8 years ago
Quickstart documentation
8 years ago
update README with multi-master notes
8 years ago
Readme, first ver
9 years ago
Readme v2
9 years ago
Update README
8 years ago
Readme v2
9 years ago
Calico is not a network overlay
9 years ago
change docker version in the README
9 years ago
Calico is not a network overlay
9 years ago
update submodules and documentation
8 years ago
README, update inventory
8 years ago
Calico is not a network overlay
9 years ago
update submodules and documentation
8 years ago
Calico is not a network overlay
9 years ago
etcd can run on a distinct cluster
8 years ago
update submodules and documentation
8 years ago
etcd can run on a distinct cluster
8 years ago
Calico is not a network overlay
9 years ago
update submodules and documentation
8 years ago
Calico is not a network overlay
9 years ago
Readme v2
9 years ago
update README with multi-master notes
8 years ago
Fix download reference in cluster.ml
8 years ago
Updated README
8 years ago
Readme v2
9 years ago
Updated README
8 years ago
Readme v2
9 years ago
update README with multi-master notes
8 years ago
Readme v2
9 years ago
Readme, first ver
9 years ago
Update README
8 years ago
Readme, first ver
9 years ago
update README with multi-master notes
8 years ago
update README
8 years ago
update README with multi-master notes
8 years ago
Update README
8 years ago
BGP peering and loadbalancing vars are managed in a group_vars file
8 years ago
README, Fix http links
8 years ago
update README
8 years ago
Readme v2
9 years ago
Calico is not a network overlay
9 years ago
README.md v 3
9 years ago
README, Fix http links
8 years ago
README.md v 3
9 years ago
README, Fix http links
8 years ago
README.md v 2
9 years ago
Calico is not a network overlay
9 years ago
Readme v2
9 years ago
Readme, first ver
9 years ago
README.md v 2
9 years ago
README.md v 4
9 years ago
Update README
8 years ago
README.md v 4
9 years ago
Update README
8 years ago
README.md v 4
9 years ago
Update README
8 years ago
README.md v 2
9 years ago
Update README
9 years ago
use ansible-galaxy
9 years ago
update readme
9 years ago
update submodules and documentation
8 years ago
use ansible-galaxy
9 years ago
Addon Fabric8
9 years ago
Update README with the latest version and simply inventory
8 years ago
update README
8 years ago
README, Fix http links
8 years ago
Procedure for addons installation
9 years ago
use ansible-galaxy
9 years ago
renaming role k8s-skydns to k8s-kubedns
9 years ago
use ansible-galaxy
9 years ago
Procedure for addons installation
9 years ago
use ansible-galaxy
9 years ago
update readme
9 years ago
missing ansible-galaxy command in the README
9 years ago
Update README with the latest version and simply inventory
8 years ago
Procedure for addons installation
9 years ago
renaming role k8s-skydns to k8s-kubedns
9 years ago
Procedure for addons installation
9 years ago
Update README with the latest version and simply inventory
8 years ago
update README, local connection
8 years ago
Update README with the latest version and simply inventory
8 years ago
update README
8 years ago
Addon Fabric8
9 years ago
README : Networking title
8 years ago
etcd directly in host fix etcd configuration for nodes fix wrong calico checksums using a var name etcd_bin_dir fix etcd handlers for sysvinit using a var name etcd_bin_dir sysvinit script review etcd configuration
8 years ago
README.md v 2
9 years ago
README.md v 4
9 years ago
README.md v 2
9 years ago
Flannel running as pod
8 years ago
update submodules and documentation
8 years ago
etcd directly in host fix etcd configuration for nodes fix wrong calico checksums using a var name etcd_bin_dir fix etcd handlers for sysvinit using a var name etcd_bin_dir sysvinit script review etcd configuration
8 years ago
README.md v 2
9 years ago
Flannel running as pod
8 years ago
Update README with the latest version and simply inventory
8 years ago
  1. [![Build Status](https://travis-ci.org/ansibl8s/setup-kubernetes.svg)](https://travis-ci.org/ansibl8s/setup-kubernetes)
  2. kubernetes-ansible
  3. ========
  5. This project allows to
  6. - Install and configure a **Multi-Master/HA kubernetes** cluster.
  7. - Choose the **network plugin** to be used within the cluster
  8. - A **set of roles** in order to install applications over the k8s cluster
  9. - A **flexible method** which helps to create new roles for apps.
  11. Linux distributions tested:
  12. * **Debian** Wheezy, Jessie
  13. * **Ubuntu** 14.10, 15.04, 15.10
  14. * **Fedora** 23
  15. * **CentOS** 7 (Currently with flannel only)
  17. ### Requirements
  18. * The target servers must have **access to the Internet** in order to pull docker imaqes.
  19. * The **firewalls are not managed**, you'll need to implement your own rules the way you used to.
  20. in order to avoid any issue during deployment you should disable your firewall
  21. * **Copy your ssh keys** to all the servers part of your inventory.
  22. * **Ansible v2.x and python-netaddr**
  23. * Base knowledge on Ansible. Please refer to [Ansible documentation](http://www.ansible.com/how-ansible-works)
  25. ### Components
  26. * [kubernetes](https://github.com/kubernetes/kubernetes/releases) v1.1.4
  27. * [etcd](https://github.com/coreos/etcd/releases) v2.2.4
  28. * [calicoctl](https://github.com/projectcalico/calico-docker/releases) v0.14.0
  29. * [flanneld](https://github.com/coreos/flannel/releases) v0.5.5
  30. * [docker](https://www.docker.com/) v1.9.1
  32. Quickstart
  33. -------------------------
  34. The following steps will quickly setup a kubernetes cluster with default configuration.
  35. These defaults are good for tests purposes.
  37. Edit the inventory according to the number of servers
  38. ```
  39. [kube-master]
  40. node1
  41. node2
  43. [etcd]
  44. node1
  45. node2
  46. node3
  48. [kube-node]
  49. node2
  50. node3
  51. node4
  52. node5
  53. node6
  55. [k8s-cluster:children]
  56. kube-node
  57. kube-master
  58. ```
  60. Run the playbook
  61. ```
  62. ansible-playbook -i inventory/inventory.cfg cluster.yml -u root
  63. ```
  65. You can jump directly to "*Available apps, installation procedure*"
  68. Ansible
  69. -------------------------
  70. ### Variables
  71. The main variables to change are located in the directory ```inventory/group_vars/all.yml```.
  73. ### Inventory
  74. Below is an example of an inventory.
  76. ```
  77. ## Configure 'ip' variable to bind kubernetes services on a
  78. ## different ip than the default iface
  79. node1 ansible_ssh_host=95.54.0.12 # ip=10.3.0.1
  80. node2 ansible_ssh_host=95.54.0.13 # ip=10.3.0.2
  81. node3 ansible_ssh_host=95.54.0.14 # ip=10.3.0.3
  82. node4 ansible_ssh_host=95.54.0.15 # ip=10.3.0.4
  83. node5 ansible_ssh_host=95.54.0.16 # ip=10.3.0.5
  84. node6 ansible_ssh_host=95.54.0.17 # ip=10.3.0.6
  86. [kube-master]
  87. node1
  88. node2
  90. [etcd]
  91. node1
  92. node2
  93. node3
  95. [kube-node]
  96. node2
  97. node3
  98. node4
  99. node5
  100. node6
  102. [k8s-cluster:children]
  103. kube-node
  104. kube-master
  105. ```
  107. ### Playbook
  108. ```
  109. ---
  111. - hosts: k8s-cluster
  112. roles:
  113. - { role: download, tags: download }
  114. - { role: kubernetes/preinstall, tags: preinstall }
  115. - { role: docker, tags: docker }
  116. - { role: kubernetes/node, tags: node }
  117. - { role: etcd, tags: etcd }
  118. - { role: dnsmasq, tags: dnsmasq }
  119. - { role: network_plugin, tags: ['calico', 'flannel', 'network'] }
  121. - hosts: kube-master
  122. roles:
  123. - { role: kubernetes/master, tags: master }
  125. ```
  127. ### Run
  128. It is possible to define variables for different environments.
  129. For instance, in order to deploy the cluster on 'dev' environment run the following command.
  130. ```
  131. ansible-playbook -i inventory/dev/inventory.cfg cluster.yml -u root
  132. ```
  134. Kubernetes
  135. -------------------------
  136. ### Multi master notes
  137. * You can choose where to install the master components. If you want your master node to act both as master (api,scheduler,controller) and node (e.g. accept workloads, create pods ...),
  138. the server address has to be present on both groups 'kube-master' and 'kube-node'.
  140. * For safety reasons, you should have at least two master nodes and 3 etcd servers
  142. * Kube-proxy doesn't support multiple apiservers on startup ([Issue 18174](https://github.com/kubernetes/kubernetes/issues/18174)). An external loadbalancer needs to be configured.
  143. In order to do so, some variables have to be used '**loadbalancer_apiserver**' and '**apiserver_loadbalancer_domain_name**'
  146. ### Network Overlay
  147. You can choose between 2 network plugins. Only one must be chosen.
  149. * **flannel**: gre/vxlan (layer 2) networking. ([official docs](https://github.com/coreos/flannel))
  151. * **calico**: bgp (layer 3) networking. ([official docs](http://docs.projectcalico.org/en/0.13/))
  153. The choice is defined with the variable '**kube_network_plugin**'
  156. ### Check cluster status
  158. #### Kubernetes components
  160. * Check the status of the processes
  161. ```
  162. systemctl status kubelet
  163. ```
  165. * Check the logs
  166. ```
  167. journalctl -ae -u kubelet
  168. ```
  170. * Check the NAT rules
  171. ```
  172. iptables -nLv -t nat
  173. ```
  175. For the master nodes you'll have to see the docker logs for the apiserver
  176. ```
  177. docker logs [apiserver docker id]
  178. ```
  181. ### Available apps, installation procedure
  183. There are two ways of installing new apps
  185. #### Ansible galaxy
  187. Additionnal apps can be installed with ```ansible-galaxy```.
  189. you'll need to edit the file '*requirements.yml*' in order to chose needed apps.
  190. The list of available apps are available [there](https://github.com/ansibl8s)
  192. For instance it is **strongly recommanded** to install a dns server which resolves kubernetes service names.
  193. In order to use this role you'll need the following entries in the file '*requirements.yml*'
  194. Please refer to the [k8s-kubedns readme](https://github.com/ansibl8s/k8s-kubedns) for additionnal info.
  195. ```
  196. - src: https://github.com/ansibl8s/k8s-common.git
  197. path: roles/apps
  198. # version: v1.0
  200. - src: https://github.com/ansibl8s/k8s-kubedns.git
  201. path: roles/apps
  202. # version: v1.0
  203. ```
  204. **Note**: the role common is required by all the apps and provides the tasks and libraries needed.
  206. And empty the apps directory
  207. ```
  208. rm -rf roles/apps/*
  209. ```
  211. Then download the roles with ansible-galaxy
  212. ```
  213. ansible-galaxy install -r requirements.yml
  214. ```
  216. Finally update the playbook ```apps.yml``` with the chosen roles, and run it
  217. ```
  218. ...
  219. - hosts: kube-master
  220. roles:
  221. - { role: apps/k8s-kubedns, tags: ['kubedns', 'apps'] }
  222. ...
  223. ```
  225. ```
  226. ansible-playbook -i inventory/inventory.cfg apps.yml -u root
  227. ```
  229. #### Git submodules
  230. Alternatively the roles can be installed as git submodules.
  231. That way is easier if you want to do some changes and commit them.
  234. ### Networking
  236. #### Calico
  237. Check if the calico-node container is running
  238. ```
  239. docker ps | grep calico
  240. ```
  242. The **calicoctl** command allows to check the status of the network workloads.
  243. * Check the status of Calico nodes
  244. ```
  245. calicoctl status
  246. ```
  248. * Show the configured network subnet for containers
  249. ```
  250. calicoctl pool show
  251. ```
  253. * Show the workloads (ip addresses of containers and their located)
  254. ```
  255. calicoctl endpoint show --detail
  256. ```
  258. ##### Optionnal : BGP Peering with border routers
  260. In some cases you may want to route the pods subnet and so NAT is not needed on the nodes.
  261. For instance if you have a cluster spread on different locations and you want your pods to talk each other no matter where they are located.
  262. The following variables need to be set:
  263. **peer_with_router** enable the peering with border router of the datacenter (default value: false).
  264. you'll need to edit the inventory and add a and a hostvar **local_as** by node.
  265. ```
  266. node1 ansible_ssh_host=95.54.0.12 local_as=xxxxxx
  267. ```
  270. #### Flannel
  272. * Flannel configuration file should have been created there
  273. ```
  274. cat /run/flannel/subnet.env
  275. FLANNEL_NETWORK=10.233.0.0/18
  276. FLANNEL_SUBNET=10.233.16.1/24
  277. FLANNEL_MTU=1450
  278. FLANNEL_IPMASQ=false
  279. ```
  281. * Check if the network interface has been created
  282. ```
  283. ip a show dev flannel.1
  284. 4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
  285. link/ether e2:f3:a7:0f:bf:cb brd ff:ff:ff:ff:ff:ff
  286. inet 10.233.16.0/18 scope global flannel.1
  287. valid_lft forever preferred_lft forever
  288. inet6 fe80::e0f3:a7ff:fe0f:bfcb/64 scope link
  289. valid_lft forever preferred_lft forever
  290. ```
  292. * Docker must be configured with a bridge ip in the flannel subnet.
  293. ```
  294. ps aux | grep docker
  295. root 20196 1.7 2.7 1260616 56840 ? Ssl 10:18 0:07 /usr/bin/docker daemon --bip=10.233.16.1/24 --mtu=1450
  296. ```
  298. * Try to run a container and check its ip address
  299. ```
  300. kubectl run test --image=busybox --command -- tail -f /dev/null
  301. replicationcontroller "test" created
  303. kubectl describe po test-34ozs | grep ^IP
  304. IP: 10.233.16.2
  305. ```
  307. ```
  308. kubectl exec test-34ozs -- ip a show dev eth0
  309. 8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
  310. link/ether 02:42:0a:e9:2b:03 brd ff:ff:ff:ff:ff:ff
  311. inet 10.233.16.2/24 scope global eth0
  312. valid_lft forever preferred_lft forever
  313. inet6 fe80::42:aff:fee9:2b03/64 scope link tentative flags 08
  314. valid_lft forever preferred_lft forever
  315. ```
  318. Congrats ! now you can walk through [kubernetes basics](http://kubernetes.io/v1.1/basicstutorials.html)