As you may already heard or know, Ansible is a very powerful tool we can use for Configuration management and orchestration. Today I’m going to discuss how we can setup Ansible server setup alone with Kubernetes to test out your cluster automation.
I’m going to use one server as Ansible server, and two other servers for Kubernetes cluster which includes one master node and one worker node (It is advised to have atleast 2 worker nodes for a cluster, but since we are doing only a demonstration, I’m using only one worker node).
First I’m going to set up the Kubernetes cluster. I will start with Kubernetes Master node. We need to get the gpg keys for Docker and Kubernetes and add it to your repository.
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable”
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
sudo apt-get update
Once you have executed above in Kubernetes master, you have to run them in worker nodes as well.
After updating the repository, it is time to install the components. You have to run below command to install Docker, kubelet, kubeadm and kubectl in both the servers. It will install the mentioned component versions.
sudo apt install -y docker-ce=18.06.3~ce~3–0~ubuntu kubelet=1.18.5–00 kubeadm=1.18.5–00 kubectl=1.18.5–00
Next, we have to setup the kubernetes cluster. Following will initialize the cluster using kubeadm in master node.
sudo kubeadm init — pod-network-cidr=10.244.0.0/16
Once it is executed, it will output something like “kubeadm join 172.31.6.2:6443 — token pczgka.q9affhe4xxxxxxx \
— discovery-token-ca-cert-hash sha256:6xxxxxxxxxxxxxxxxx”. Keep that copied since we need it when connecting worker node with master node. To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
In master node, then we run below in order to apply fannel.
Next we login to worker node and run following command to join the worker node to the cluster.
kubeadm join 172.31.6.2:6443 — token pczgka.q9affhe4xxxxxxx \
— discovery-token-ca-cert-hash sha256:6xxxxxxxxxxxxxxxxx
Now kubernetes installation is complete. You can view the available namespaces, pods and services.
As the next step, we are going to install Ansible in to the dedicated server. Inside the server, it is best if we could install ansible to a virtual environment. Install virtual environment first. And then create a new virtual environment and activate it.
sudo apt-get install python3-venv
python3 -m venv ansible
Install ansible in virtual environment.
sudo python -m pip install ansible
Once installation is done verify the correct version is installed.
(ansible) user@navoda2c:~$ ansible — version
config file = /etc/ansible/ansible.cfg
configured module search path = [‘/home/cloud_user/.ansible/plugins/modules’, ‘/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Jan 26 2021, 15:33:00) [GCC 8.4.0]
Then we have to have ssh connection with both Ansible server and Kubernetes master server. We are using ssl certificate exchange connection. So I’m going to generate the necessary certificates in Ansible server and will share the key with Kubernetes server.
cat mykey >> /home/user/.ssh/id_rsa
sudo chmod 400 /home/user/.ssh/id_rsa
sudo ssh-copy-id -i ~/.ssh/mykey kube_user@navoda3
Test the connection with logging in to Kubernetes server within Ansible server. Once connection tested, you will need to install openshift client in Kubernetes master node.
sudo pip install openshift
At last execute below to install the kubernetes collection in Ansible node.
ansible-galaxy collection install kubernetes.core
Now you are ready roll on. Let’s write a sample playbook and test if it is running. Initially you need to create file which include target host details. Let’s call it as host.ini. This file includes the group name and the server IPs or hostnames.
Then we will write the playbook as a yaml file. Here we are creating a new namespace called “myapp”.
- hosts: kube_server
— name: Ensure the myapp Namespace exists.
And at last we will run the playbook.
$ ansible-playbook -i host.ini test.yml
You can go to Kubernetes server and verify whether there is a namespace named as “myapp”.