/ansible-k8s

Ansible Playbook to setup Kubernetes Cluster

Primary LanguageJinjaMIT LicenseMIT

Ansible Playbook to setup Kubernetes Cluster

Prerequisites for Ansible Controller

  • Ansible 2.5.x installed
  • Git installed

Kubernetes Cluster to setup

  • OS: Oracle Linux 7.5.0 Minimal Install
  • Kubernetes: v1.13.0
    • Single node cluster
    • kubelet,kube-proxy, kube-apiserver, kube-controller-manager, kube-scheduler, and etcd are managed by systemd (i.e. not containerized)
      • kubelet and kube-proxy run as root, and the rest run as non-root
    • Communication between k8s components is encrypted by TLS
    • Authentication by x509 client certificates
    • TLS Bootstrapping
      • Bootstrap token
      • Auto approval for CSRs
    • Certificate Rotation is enabled
    • etcd 3.3.10
    • Weave Net 2.5.0
    • CoreDNS 1.2.6
    • Service cluster IP range: 10.0.0.0/16
    • Cluster CIDR: 10.32.0.0/16
    • Proxy mode: ipvs
    • PodSecurityPolicy is enabled
    • Using KubeletConfiguration, KubeProxyConfiguration, and KubeSchedulerConfiguration
  • Tools

How to use

$ su -
# git clone https://github.com/kaitoy/ansible-k8s.git
# cd ansible-k8s
# sh play.sh