joining cluster

Readme.md

@@ -0,0 +1,48 @@
+# Kubernetes cluster setup using Ansible for Debian
+
+## Description
+
+The project configures a Kubernetes cluster on Debian machines with kubeadm.\
+It uses systemd-networkd for interface configuraition, CRI-O for containerization, Calico as a CNI plugin, and stacked etcd for control-plane database.
+
+## Configuration
+
+- General node config: [*roles/node/defaults/main.yml*](roles/node/defaults/main.yml)
+- Cluster config:
+  - [*roles/init-cluster/defaults/main.yml*](roles/init-cluster/defaults/main.yml)
+  - [*group_vars/main.yml*](group_vars/main.yml)
+
+## Usage
+
+### 1. Configure ssh on all nodes
+
+1. ssh in and enable root login by editing */etc/ssh/sshd_conf*
+2. `ssh-copy-key root@NODE`
+3. `ssh-agent $SHELL`
+4. `ssh-add`
+
+### 2. Add nodes to inventory
+
+Edit the *inventory* file.
+
+### 3. Prepare nodes
+
+`ansible-playbook -i inventory -u root node.yml`
+
+### 4. Initalize cluster
+
+Uses the `[first_master]` group from the *inventory* to select the first master.
+
+`ansible-playbook -i inventory -u root init-cluster.yml`
+
+### 5. Join other masters
+
+Uses the `[other_masters]` group from the *inventory*.
+
+`ansible-playbook -i inventory -u root join-control-plane.yml`
+
+### 6. Join workers
+
+Uses the `[workers]` group from the *inventory*.
+
+`ansible-playbook -i inventory -u root join-workers.yml`

group_vars/main.yml

@@ -0,0 +1 @@
+cluster_endpoint: cluster

init-cluster.yml

@@ -0,0 +1,6 @@
+- name: Initalize cluster
+  hosts: first_master
+  become: true
+  gather_facts: true
+  roles:
+    - init-cluster

inventory

@@ -1,7 +1,9 @@
 [nodes]
 192.168.122.79
 
-[masters]
+[first_master]
 192.168.122.79
 
+[other_masters]
+
 [workers]

join-control-plane.yml

@@ -0,0 +1,6 @@
+- name: Add more masters to the cluster
+  hosts: other_masters
+  become: true
+  gather_facts: true
+  roles:
+    - join-control-plane

join-workers.yml

@@ -0,0 +1,6 @@
+- name: Add workers to the cluster
+  hosts: workers
+  become: true
+  gather_facts: true
+  roles:
+    - worker

roles/init-cluster/defaults/main.yml

@@ -0,0 +1,2 @@
+pod_network_cidr: 172.17.0.0/24
+calico_version: v3.29.3

roles/init-cluster/tasks/main.yml

@@ -0,0 +1,32 @@
+- name: Init cluster
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm init
+        --control-plane-endpoint={{ cluster_endpoint }}
+        --pod-network-cidr={{ pod_network_cidr }}
+        --upload-certs
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_init
+  failed_when: kubeadm_init.rc != 0
+  changed_when: kubeadm_init.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_init.stdout }}"
+  when: kubeadm_init.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_init.stderr }}"
+  when: kubeadm_init.rc != 0
+
+- name: Install Calico CNI
+  ansible.builtin.command:
+    cmd: |-
+      kubectl apply -f
+        https://raw.githubusercontent.com/projectcalico/calico/{{ calico_version }}/manifests/calico.yaml
+  register: calico_install
+  changed_when: calico_install.rc == 0
+  failed_when: calico_install.rc != 0
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf

roles/join-control-plane/tasks/main.yml

@@ -0,0 +1,23 @@
+- name: Join cluster as control plane
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm join
+        {{ cluster_endpoint }}:6443
+        --token={{ token }}
+        --discovery-token-ca-cert-hash={{ token_hash }}
+        --control-plane
+        --certificate-key {{ certificate_key }}
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_join
+  failed_when: kubeadm_join.rc != 0
+  changed_when: kubeadm_join.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stdout }}"
+  when: kubeadm_join.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stderr }}"
+  when: kubeadm_join.rc != 0

roles/node/defaults/main.yml

@@ -15,8 +15,8 @@ packages:
 
 # networking
 hostnames:
-  - ip: 192.168.1.242
+  - ip: 192.168.122.79
-    name: orangepi4
+    name: cluster
 
 interface_name: lan0
 gateway: 192.168.122.1

roles/worker/tasks/main.yml

@@ -0,0 +1,21 @@
+- name: Join cluster as a worker
+  ansible.builtin.command:
+    cmd: |-
+      kubeadm join
+        {{ cluster_endpoint }}:6443
+        --token={{ token }}
+        --discovery-token-ca-cert-hash={{ token_hash }}
+        --cri-socket=unix:///var/run/crio/crio.sock
+  register: kubeadm_join
+  failed_when: kubeadm_join.rc != 0
+  changed_when: kubeadm_join.rc == 0
+
+- name: Cluster init output
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stdout }}"
+  when: kubeadm_join.rc == 0
+
+- name: Cluster init errors
+  ansible.builtin.debug:
+    msg: "{{ kubeadm_join.stderr }}"
+  when: kubeadm_join.rc != 0