Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable HA deployments #134

Open
wants to merge 24 commits into
base: master
Choose a base branch
from
Open
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add HA support
micafer committed Oct 8, 2021
commit 444acf77b064c723699f71625b5cbc5bf1a37913
1 change: 0 additions & 1 deletion defaults/main.yml
Original file line number Diff line number Diff line change
@@ -88,7 +88,6 @@ kube_control_plane_port: 8443
kube_control_plane_peer_ip: ""
kube_control_plane_peer_iface: ""
kube_control_plane_remote_peer_list: ["{{ ansible_default_ipv4.address }}"]
kube_certificate_key: "2a22bafb08c4d49a5f8d587134bd5647cf5c0f9eeb9291c935a6495cdc59a03c"
# ETCD Peer adress
kube_etcd_peer_address: "{{ ansible_default_ipv4.address }}"
kube_etcd_peer_list: {"kubeserver.localdomain": "{{ ansible_default_ipv4.address }}"}
2 changes: 1 addition & 1 deletion tasks/control_plane.yaml
Original file line number Diff line number Diff line change
@@ -12,4 +12,4 @@
delegate_to: "{{kube_server}}"

- name: Add node to kube cluster control_plane
command: kubeadm join --control-plane --token {{kube_token}} {{kube_control_plane_ip}}:{{kube_control_plane_port}} --discovery-token-unsafe-skip-ca-verification --certificate-key={{kube_certificate_key}} --ignore-preflight-errors=all creates=/etc/kubernetes/admin.conf
command: kubeadm join --control-plane --token {{kube_token}} {{kube_control_plane_ip}}:{{kube_control_plane_port}} --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=all creates=/etc/kubernetes/admin.conf
27 changes: 21 additions & 6 deletions tasks/etcd.yaml
Original file line number Diff line number Diff line change
@@ -4,8 +4,20 @@
- name: Create /etc/kubernetes/pki/etcd file dir
file: path=/etc/kubernetes/pki/etcd state=directory mode=755 recurse=yes

- name: Create etcd CA cert
command: kubeadm init phase certs etcd-ca creates=/etc/kubernetes/pki/etcd/ca.crt
- block:

- name: Create k8s ca cert
command: kubeadm init phase certs ca creates=/etc/kubernetes/pki/ca.crt

- name: Create k8s sa cert
command: kubeadm init phase certs ca creates=/etc/kubernetes/pki/sa.crt

- name: Create k8s front-proxy-ca cert
command: kubeadm init phase certs ca creates=/etc/kubernetes/pki/front-proxy-ca.crt

- name: Create etcd CA cert
command: kubeadm init phase certs etcd-ca creates=/etc/kubernetes/pki/etcd/ca.crt

when: kube_type_of_node == "front"

- block:
@@ -15,14 +27,20 @@
path: /etc/kubernetes/pki/etcd/ca.key
delegate_to: "{{kube_server}}"

- name: Copy etcd CA files from master
- name: Copy CA files from master
synchronize:
src: "{{item}}"
dest: "{{item}}"
delegate_to: "{{kube_server}}"
with_items:
- "/etc/kubernetes/pki/etcd/ca.key"
- "/etc/kubernetes/pki/etcd/ca.crt"
- "/etc/kubernetes/pki/ca.crt"
- "/etc/kubernetes/pki/ca.key"
- "/etc/kubernetes/pki/sa.crt"
- "/etc/kubernetes/pki/sa.key"
- "/etc/kubernetes/pki/front-proxy-ca.crt"
- "/etc/kubernetes/pki/front-proxy-ca.key"

when: kube_type_of_node == "control_plane"

@@ -41,9 +59,6 @@
- name: Create etcd manifest
command: kubeadm init phase etcd local --config=/tmp/kubeadm-config-etcd.yaml creates=/etc/kubernetes/manifests/etcd.yaml

- name: Create k8s ca cert
command: kubeadm init phase certs ca creates=/etc/kubernetes/pki/ca.crt

- name: Configure kubelet
command: kubeadm init phase kubeconfig kubelet --config=/tmp/kubeadm-config-etcd.yaml creates=/etc/kubernetes/kubelet.conf

2 changes: 1 addition & 1 deletion tasks/front.yaml
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@
import_tasks: etcd.yaml

- set_fact:
init_params: "--upload-certs --ignore-preflight-errors=all"
init_params: "--ignore-preflight-errors=all"

when: kube_control_plane_ip != ""

5 changes: 1 addition & 4 deletions templates/kubeadm-config.j2
Original file line number Diff line number Diff line change
@@ -28,7 +28,4 @@ apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- token: "{{kube_token}}" # --token
description: "kubeadm bootstrap token"
ttl: "{{kube_token_ttl}}" # --token-ttl
{% if kube_control_plane_ip != "" %}
certificateKey: {{kube_certificate_key}}
{% endif %}
ttl: "{{kube_token_ttl}}" # --token-ttl