joining cluster

2025-04-26 16:10:03 +02:00 · 2025-04-26 16:10:03 +02:00 · 71c8a41729
commit 71c8a41729
parent 89773a484b
11 changed files with 150 additions and 3 deletions
--- a/Readme.md
+++ b/Readme.md
@ -0,0 +1,48 @@
+# Kubernetes cluster setup using Ansible for Debian
+
+## Description
+
+The project configures a Kubernetes cluster on Debian machines with kubeadm.\
+It uses systemd-networkd for interface configuraition, CRI-O for containerization, Calico as a CNI plugin, and stacked etcd for control-plane database.
+
+## Configuration
+
+- General node config: [*roles/node/defaults/main.yml*](roles/node/defaults/main.yml)
+- Cluster config:
+  - [*roles/init-cluster/defaults/main.yml*](roles/init-cluster/defaults/main.yml)
+  - [*group_vars/main.yml*](group_vars/main.yml)
+
+## Usage
+
+### 1. Configure ssh on all nodes
+
+1. ssh in and enable root login by editing */etc/ssh/sshd_conf*
+2. `ssh-copy-key root@NODE`
+3. `ssh-agent $SHELL`
+4. `ssh-add`
+
+### 2. Add nodes to inventory
+
+Edit the *inventory* file.
+
+### 3. Prepare nodes
+
+`ansible-playbook -i inventory -u root node.yml`
+
+### 4. Initalize cluster
+
+Uses the `[first_master]` group from the *inventory* to select the first master.
+
+`ansible-playbook -i inventory -u root init-cluster.yml`
+
+### 5. Join other masters
+
+Uses the `[other_masters]` group from the *inventory*.
+
+`ansible-playbook -i inventory -u root join-control-plane.yml`
+
+### 6. Join workers
+
+Uses the `[workers]` group from the *inventory*.
+
+`ansible-playbook -i inventory -u root join-workers.yml`
--- a/group_vars/main.yml
+++ b/group_vars/main.yml
@ -0,0 +1 @@
+cluster_endpoint: cluster
--- a/init-cluster.yml
+++ b/init-cluster.yml
@ -0,0 +1,6 @@
+- name: Initalize cluster
+  hosts: first_master
+  become: true
+  gather_facts: true
+  roles:
+    - init-cluster
--- a/4
+++ b/4
@ -1,7 +1,9 @@
 [nodes]
 192.168.122.79

-[masters]
+[first_master]
 192.168.122.79

+[other_masters]
+
 [workers]
--- a/join-control-plane.yml
+++ b/join-control-plane.yml
@ -0,0 +1,6 @@
+- name: Add more masters to the cluster
+  hosts: other_masters
+  become: true
+  gather_facts: true
+  roles:
+    - join-control-plane
--- a/join-workers.yml
+++ b/join-workers.yml
@ -0,0 +1,6 @@
+- name: Add workers to the cluster
+  hosts: workers
+  become: true
+  gather_facts: true
+  roles:
+    - worker
--- a/roles/init-cluster/defaults/main.yml
+++ b/roles/init-cluster/defaults/main.yml
@ -0,0 +1,2 @@
+pod_network_cidr: 172.17.0.0/24
+calico_version: v3.29.3
--- a/roles/init-cluster/tasks/main.yml
+++ b/roles/init-cluster/tasks/main.yml
@ -0,0 +1,32 @@
+- name: Init cluster
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm init
+        --control-plane-endpoint={{ cluster_endpoint }}
+        --pod-network-cidr={{ pod_network_cidr }}
+        --upload-certs
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_init
+  failed_when: kubeadm_init.rc != 0
+  changed_when: kubeadm_init.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_init.stdout }}"
+  when: kubeadm_init.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_init.stderr }}"
+  when: kubeadm_init.rc != 0
+
+- name: Install Calico CNI
+  ansible.builtin.command:
+    cmd: |-
+      kubectl apply -f
+        https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/calico.yaml
+  register: calico_install
+  changed_when: calico_install.rc == 0
+  failed_when: calico_install.rc != 0
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
--- a/roles/join-control-plane/tasks/main.yml
+++ b/roles/join-control-plane/tasks/main.yml
@ -0,0 +1,23 @@
+- name: Join cluster as control plane
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm join
+        {{ cluster_endpoint }}:6443
+        --token={{ token }}
+        --discovery-token-ca-cert-hash={{ token_hash }}
+        --control-plane
+        --certificate-key {{ certificate_key }}
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_join
+  failed_when: kubeadm_join.rc != 0
+  changed_when: kubeadm_join.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stdout }}"
+  when: kubeadm_join.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stderr }}"
+  when: kubeadm_join.rc != 0
--- a/roles/node/defaults/main.yml
+++ b/roles/node/defaults/main.yml
@ -15,8 +15,8 @@ packages:

 # networking
 hostnames:
-  - ip: 192.168.1.242
-    name: orangepi4
+  - ip: 192.168.122.79
+    name: cluster

 interface_name: lan0
 gateway: 192.168.122.1
--- a/roles/worker/tasks/main.yml
+++ b/roles/worker/tasks/main.yml
@ -0,0 +1,21 @@
+- name: Join cluster as a worker
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm join
+        {{ cluster_endpoint }}:6443
+        --token={{ token }}
+        --discovery-token-ca-cert-hash={{ token_hash }}
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_join
+  failed_when: kubeadm_join.rc != 0
+  changed_when: kubeadm_join.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stdout }}"
+  when: kubeadm_join.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stderr }}"
+  when: kubeadm_join.rc != 0