Installing Kubernetes with Kubespray
Kubespray is a composition of Ansible playbooks, , provisioning tools, and domain knowledge for generic OS/Kubernetes clusters configuration management tasks. Kubespray provides:
- a highly available cluster
- composable attributes
- support for most popular Linux distributions
- CentOS/RHEL/Oracle Linux 7, 8
- Debian Buster, Jessie, Stretch, Wheezy
- Fedora 31, 32
- Fedora CoreOS
- openSUSE Leap 15
- Flatcar Container Linux by Kinvolk
- continuous integration tests
To choose a tool which best fits your use case, read this comparison to and kops.
Provision servers with the following :
- Ansible v2.9 and python-netaddr are installed on the machine that will run Ansible commands
- Jinja 2.11 (or newer) is required to run the Ansible Playbooks
- The target servers must have access to the Internet in order to pull docker images. Otherwise, additional configuration is required (See Offline Environment)
- The target servers are configured to allow IPv4 forwarding
- Your ssh key must be copied to all the servers in your inventory
- Firewalls are not managed by kubespray. You’ll need to implement appropriate rules as needed. You should disable your firewall in order to avoid any issues during deployment
- If kubespray is ran from a non-root user account, correct privilege escalation method should be configured in the target servers and the flag or command parameters or should be specified
Kubespray provides the following utilities to help provision your environment:
- scripts for the following cloud providers:
(2/5) Compose an inventory file
After you provision your servers, create an . You can do this manually or via a dynamic inventory script. For more information, see “Building your own inventory“.
- Choice deployment mode: kubeadm or non-kubeadm
- CNI (networking) plugins
- DNS configuration
- Choice of control plane: native/binary or containerized
- Component versions
- Calico route reflectors
- Component runtime options
- Certificate generation methods
Kubespray customizations can be made to a variable file. If you are getting started with Kubespray, consider using the Kubespray defaults to deploy your cluster and explore Kubernetes.
(4/5) Deploy a Cluster
Next, deploy your cluster:
Cluster deployment using ansible-playbook.
Large deployments (100+ nodes) may require for best results.
Kubespray provides a way to verify inter-pod connectivity and DNS resolve with Netchecker. Netchecker ensures the netchecker-agents pods can resolve DNS requests and ping each over within the default namespace. Those pods mimic similar behavior as the rest of the workloads and serve as cluster health indicators.
Scale your cluster
You can add worker nodes from your cluster by running the scale playbook. For more information, see “Adding nodes“. You can remove worker nodes from your cluster by running the remove-node playbook. For more information, see ““.
You can upgrade your cluster by running the upgrade-cluster playbook. For more information, see “Upgrades“.
You can reset your nodes and wipe out all components installed with Kubespray via the .
Caution: When running the reset playbook, be sure not to accidentally target your production cluster!
- Slack Channel: #kubespray (You can get your invite )
- GitHub Issues
Check out planned work on Kubespray’s .