This repository provides Ansible Playbooks to install a Kubernetes HA cluster in an airgapped environment.
- Uses recently GA'd Kubeadm HA joining features
-
Install Ansible and a forward proxy on the Ansible host
- Ansible:
for macos
brew install ansiblefor linuxyum install ansible
- Ansible:
for macos
-
Setup ssh access from Ansible host to Kubernetes nodes.
ssh-copy-id -i ~/.ssh/id_rsa.pub <user@host>
Specify the Master and Workers in the inventory/*cluster* file:
[k8s-masters] # these are all the masters
[k8s-workers] # these are all the worker nodes
Update the inventory/group_vars/*cluster* section:
- choose the desired versions for kubernetes and docker
- setup the pod network cidr (default setup is for calico - modify in calico.yaml as well)
- specify the version of Helm to use
- specify the Local Storage Provisioner version
You can now run install-all.yaml playbook to get your cluster setup. You can also run the different playbooks separately for different purposes (setting up docker, masters, kubeadm, heml ...).
ansible-playbook -i inventory/cluster1-prod playbooks/install-all.yaml --private-key=~/.ssh/id_rsa -u %username% -v
If you need to restart the process using kubeadm reset, please use the uninstall.yaml playbook that deletes the state from all vms.
To upgrade the kubernetes control plane run:
ansible-playbook -i inventory/cluster1-prod playbooks/upgrade-all.yaml --private-key=~/.ssh/id_rsa -u username -v
- Adding the required yum repositories
- Installing docker
- Installing kubeadm, kubelet and kubectl
- Initializing the first master with etcd and kubernetes-api
- Join replica master nodes to the primary master
- Adding the worker nodes to the cluster
- Installing Helm & Tiller
- Installing Local Storage Provisioner
- Enable Azure AD OIDC authentication
If you need to restart the process using kubeadm reset, please use the uninstall.yaml playbook that deletes the state from all vms.
ansible-playbook -i inventory/cluster1-prod playbooks/os-patch-updates.yaml --private-key=~/.ssh/id_rsa -u username -v