[K8s] Установка Kubernetes с помощью Kubespray (Terraform+Ansible)

Задача: Учебная задача создать кластер K8s в AWS на обычных инстансах не используя EKS

sudo apt update
sudo apt install unzip

#terraform
wget https://releases.hashicorp.com/terraform/0.12.26/terraform_0.12.26_linux_amd64.zip
unzip terraform_0.12.26_linux_amd64.zip
sudo mv terraform /usr/local/bin/

#kubespray
git clone https://github.com/kubernetes-sigs/kubespray.git && cd kubespray
sudo apt install python3-pip
pip3 install -r requirements.txt
PATH=\$PATH:~/.local/bin && echo "PATH=\$PATH:~/.local/bin" >> ~/.bashrc

sudo apt update

sudo apt install unzip

#terraform

wget https://releases.hashicorp.com/terraform/0.12.26/terraform_0.12.26_linux_amd64.zip

unzip terraform_0.12.26_linux_amd64.zip

sudo mv terraform /usr/local/bin/

#kubespray

git clone https://github.com/kubernetes-sigs/kubespray.git && cd kubespray

sudo apt install python3-pip

pip3 install -r requirements.txt

PATH=\$PATH:~/.local/bin && echo "PATH=\$PATH:~/.local/bin" >> ~/.bashrc

Параметры подключения к AWS

cat <<EOF > ./contrib/terraform/aws/credentials.tfvars
#AWS Access Key
AWS_ACCESS_KEY_ID = ""
#AWS Secret Key
AWS_SECRET_ACCESS_KEY = ""
#EC2 SSH Key Name
AWS_SSH_KEY_NAME = "AWS-test"
#AWS Region
AWS_DEFAULT_REGION = "eu-central-1"
EOF

cat <<EOF > ./contrib/terraform/aws/credentials.tfvars

#AWS Access Key

AWS_ACCESS_KEY_ID = ""

#AWS Secret Key

AWS_SECRET_ACCESS_KEY = ""

#EC2 SSH Key Name

AWS_SSH_KEY_NAME = "AWS-test"

#AWS Region

AWS_DEFAULT_REGION = "eu-central-1"

EOF

Параметр кластера

cat <<EOF > ./contrib/terraform/aws/terraform.tfvars
#Global Vars
aws_cluster_name = "devtest"

#VPC Vars
aws_vpc_cidr_block       = "10.250.192.0/18"
aws_cidr_subnets_private = ["10.250.192.0/20", "10.250.208.0/20"]
aws_cidr_subnets_public  = ["10.250.224.0/20", "10.250.240.0/20"]

#Bastion Host
aws_bastion_size = "t2.micro"


#Kubernetes Cluster

aws_kube_master_num  = 3
aws_kube_master_size = "t2.macro"

aws_etcd_num  = 3
aws_etcd_size = "t2.micro"

aws_kube_worker_num  = 3
aws_kube_worker_size = "t2.micro"

#Settings AWS ELB

aws_elb_api_port                = 6443
k8s_secure_api_port             = 6443
kube_insecure_apiserver_address = "0.0.0.0"

default_tags = {
  #  Env = "devtest"
  #  Product = "kubernetes"
}

inventory_file = "../../../inventory/hosts"

EOF

cat <<EOF > ./contrib/terraform/aws/terraform.tfvars

#Global Vars

aws_cluster_name = "devtest"

#VPC Vars

aws_vpc_cidr_block = "10.250.192.0/18"

aws_cidr_subnets_private = ["10.250.192.0/20", "10.250.208.0/20"]

aws_cidr_subnets_public = ["10.250.224.0/20", "10.250.240.0/20"]

#Bastion Host

aws_bastion_size = "t2.micro"

#Kubernetes Cluster

aws_kube_master_num = 3

aws_kube_master_size = "t2.macro"

aws_etcd_num = 3

aws_etcd_size = "t2.micro"

aws_kube_worker_num = 3

aws_kube_worker_size = "t2.micro"

#Settings AWS ELB

aws_elb_api_port = 6443

k8s_secure_api_port = 6443

kube_insecure_apiserver_address = "0.0.0.0"

default_tags = {

# Env = "devtest"

# Product = "kubernetes"

}

inventory_file = "../../../inventory/hosts"

EOF

cd ~/kubespray/contrib/terraform/aws/

1	cd ~/kubespray/contrib/terraform/aws/

Указываем дистрибутив для виртуалок. Ищем и заменяем в файле variables.tf

vim variables.tf
data "aws_ami" "distro" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["099720109477"] #Ubuntu
}

vim variables.tf

data "aws_ami" "distro" {

most_recent = true

filter {

name = "name"

values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]

}

filter {

name = "virtualization-type"

values = ["hvm"]

}

owners = ["099720109477"] #Ubuntu

}

terraform plan -out myplan -var-file=credentials.tfvars
terraform apply "myplan"

1 2	terraform plan -out myplan -var-file=credentials.tfvars terraform apply "myplan"

Ставим K8s

cd ~/kubespray
cat inventory/hosts
ansible-playbook -i ./inventory/hosts ./cluster.yml -e ansible_user=ubuntu -b --become-user=root --flush-cache -e ansible_ssh_private_key_file=<path to EC2 SSH private key file>

cd ~/kubespray

cat inventory/hosts

ansible-playbook -i ./inventory/hosts ./cluster.yml -e ansible_user=ubuntu -b --become-user=root --flush-cache -e ansible_ssh_private_key_file=<path to EC2 SSH private key file>

Добавить комментарий Отменить ответ