Running Kubernetes on OpenStack with kubeadm
and terraform
Create a main.tf
with the following content (obviously set the variables to your real values):
module "my_cluster" {
source = "git::https://github.com/johscheuer/kubernetes-on-openstack.git?ref=v0.0.2"
auth_url = "auth_url"
cluster_name = "cluster_name"
username = "username"
password = "password"
domain_name = "domain_name"
project_id = "project_id"
image_name = "image_name"
}
Fetch the module, initialize the folder and run plan
:
terraform get --update
terraform init
terraform plan
Now you can create the cluster:
terraform apply
The Kubernetes cluster will use Keystone authentication (over a WebHook). For more information have a look here. After running terraform apply
there will be output how to authenticate against the newly created cluster. In order to actually authenticate with KeyStone you need to perform the following steps described here. The --insecure-skip-tls-verify=true
is needed because we use the auto-generated certificates of kubeadm. There are possible workarounds to remove the flag (e.g. fetch the ca from the Kubernetes master).
Keep in mind: As a default all users in the (OpenStack) project will have cluster-admin
rights.
- Docs
- image (architecture)
- LB for API server
- OpenStack integration (testing)
- Authentication over OpenStack (keystone)
- Create a module
- HA control plane (https://kubernetes.io/docs/setup/independent/high-availability)
- Add extra disks to master and worker
- Use Clear Containers