Versions
kubespray | ansible | python | terraform |
---|---|---|---|
this fork | 2.7.0 | 3.6.1 | 0.11.8 |
⚠️ Warning! Use this fork: https://github.com/kubernetes-incubator/kubespray/pull/3486.
Motivation
This post serves as documentation for creating a kubernetes cluster from nothing using kubespray on aws with ubuntu images behind a bastion host. I could not find all the documentation that puts all of this together and wanted to write it down for myself the next time I need to do this.
Steps
- Clone kubespray and set up some default files
git clone https://github.com/bartlaarhoven/kubespray
cd kubespray
virtualenv ks && . ks/bin/activate
pip install -r requirements.txt
cp -Rp inventory/sample/ inventory/mycluster
- Create an IAM user with admin privileges in some account (TODO probably scope this down?)
- Create an EC2 key pair
- Copy the terraform environment file to
credentials.tfvars
and modify it with the user's key and secret along with the ssh key pair name and the region you'd like the infrastructure to exist in. - Customize the terraform file with the architecture you'd like, I used 1 master, 1 worker, 1 etcd and left bastions as default. Also modify the inventory file to be
../../../inventory/mycluster/hosts.ini
. - Modify the variables.tf to be
data "aws_ami" "distro" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
owners = ["099720109477"]
}
- Run terraform
terraform apply --var-file credentials.tfvars
- Modify the ansible.cfg file to use a bastion host by changing the
ssh_args
value to
ssh_args = -F ssh-bastion.conf
- Modify the hosts.ini file. Use the internal DNS names as the
ansible_host
for each of the instances in the private subnet and include theansible_user
to beubuntu
, for example:
kubernetes-devtest-master0 ansible_host=ip-10-250-205-127.us-west-2.compute.internal ansible_user=ubuntu
- Modify the bastion lines to be the public DNS names as the
ansible_host
and include theansible_user
to beubuntu
, for example:
bastion-0 ansible_host=ec2-22-222-22-22.us-east-2.compute.amazonaws.com ansible_user=ubuntu
- Run ansible-playbook
ansible-playbook -i ./inventory/mycluster/hosts.ini ./cluster.yml -b --become-user=root --flush-cache
If you'd like more logs add -v
or -vv
up to -vvvvv
. I also like to pipe this to tee and write the logs to disk or inspection later in case of failure.
Enjoy your new cluster~!
P.S. if anyone knows how to get the code as part of the item so the bulleted stuff works please comment, I'd love to fix the numbering.
Top comments (2)
I find kubespray more for like baremetal and yeah its nice to have it for aws, however wouldn't something like KOPS be better to standup a cluster?
Yes, probably! I was trying to reproduce a very specific bug which is why I was using this particular architecture