π Automate Kubernetes Cluster Using Ansible
5 min readJan 13, 2022
π Launch ec2-instances on AWS Cloud eg. for master and slave.
π Create roles that will configure master node and slave node seperately.
π Launch a wordpress and mysql database connected to it in the respectine slaves.
π Expose the wordpress pod and client able hit the wordpress ip with its respective port.
STEP1: Create a dynamic inventory
yum install python3 -y
pip3 install boto
$ mkdir -p /opt/ansible/inventory
$ cd /opt/ansible/inventory
aws_ec2.yaml:
plugin: aws_ec2
aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE>
aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE>
keyed_groups:
- key: tags
prefix: tag
β
[inventory]
enable_plugins = aws_ec2
Listing and pinging the EC2 instances:
$ ansible-inventory -i /opt/ansible/inventory/aws_ec2.yaml --list
$ ansible all -m ping
STEP2: Launch one master and two slave nodes on AWS
ansible-playbook <file_name>
aws.yml:
- hosts: localhost
vars_files:
secret.yml tasks:
- name: "Creating Master Node"
ec2:
region: ap-south-1
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
vpc_subnet_id: {subnet}
count: 1
state: present
instance_type: t2.micro
key_name: redhat-key
assign_public_ip: yes
group_id: sg-xxxx
image: ami-xxxx
instance_tags:
name: master
- name: "Creating Slave Nodes"
ec2:
region: ap-south-1
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
vpc_subnet_id: subnetxxx
count: 2
state: present
instance_type: t2.micro
key_name: redhat-key
assign_public_ip: yes
group_id: sg-xxxx
image: ami-xxx
instance_tags:
name: slave
secret.yml:
aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE>
aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE>
STEP3: Create yml file for MySQL and Wordpress
apiVersion: v1
kind: Secret
metadata:
name: mysecure
data:
rootpass: xxx
userpass: xxx
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: mysql:5.6
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: rootpass
- name: MYSQL_USER
value: vd
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: userpass
- name: MYSQL_DATABASE
value: sqldb
ports:
- containerPort: 3306
name: mysql
β
apiVersion: v1
kind: Service
metadata:
name: wordpress
labels:
app: wordpress
spec:
ports:
- port: 80
selector:
app: wordpress
tier: mysql
type: LoadBalancer---apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: wordpress:latest
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-mysql
- name: WORDPRESS_DB_USER
value: vd
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: userpass
- name: WORDPRESS_DB_NAME
value: sqldb
ports:
- containerPort: 80
name: wordpress
Ansible-playbook β Master node
kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
:
- name: Adding Kubeadm repo
copy:
src: kubernetes.repo
dest: /etc/yum.repos.d
- name: Installing docker
package:
name: "docker"
state: present - name: Installing kubeadm
package:
name: "kubeadm"
state: present- name: Enabling docker service
service:
name: docker
state: started
enabled: yes- name: Pulling all kubeadm config image
command: kubeadm config images pull
ignore_errors: no- name: Changing driver cgroup to systemd
copy:
src: daemon.json
dest: /etc/docker/daemon.json- name: Removing swapfile from /etc/fstab
mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- none- name: Enabling kubelet service
service:
name: kubelet
daemon_reload: yes
state: started
enabled: yes - name: Restarting docker service
service:
name: docker
state: "restarted"- name: Installing iproute-tc
package:
name: iproute-tc
state: present
update_cache: yes- name: Initializing the kubeadm
shell: "kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=Swap --ignore-preflight-errors=NumCPU --ignore-preflight-errors=Mem --node-name=master"
register: kubeadm
ignore_errors: yes
- debug:
msg: "{{ kubeadm }}"- name: Setup kubeconfig for home user
shell: "{{ item }}"
with_items:
- "mkdir -p $HOME/.kube"
- "cp -i /etc/kubernetes/admin.conf $HOME/.kube/config"
- "chown $(id -u):$(id -g) $HOME/.kube/config"- name: Adding flannel network
shell: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml- name: Joining token
shell: "kubeadm token create --print-join-command"
register: token
- debug:
msg: "{{ token }}"
ignore_errors: yes - name: Storing token into a file
local_action: copy content={{ token.stdout_lines[0] }} dest=../slave1/token.sh- name: Copying mysql-database.yml file
copy:
src: database.yaml
dest: /root
- name: Copying wordpress.yml file
copy:
src: wordpress.yml
dest: /root- shell: "kubectl apply -f /root/database.yaml"
register: mysql - shell: "kubectl apply -f /root/wordpress.yml"
register: wordpress - debug:
msg: "{{ mysql }}- debug:
msg: "{{ wordpress }}"
daemon.json:
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
Ansible-playbook for slave node
k8s.conf file:net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
:
- name: Copying k8s.conf file
copy:
src: k8s.conf
dest: /etc/sysctl.d/k8s.conf- name: Copying token file at /root location
copy:
src: token.sh
dest: /root/token.sh - name: Joining slave node to master node
shell: "sh /root/token.sh"
register: joined - debug:
msg: "{{ joined }}"
STEP4: Wordpress & MySQL
$ kubectl get svc
Use your instance public IP
β Add your credentials
β In some cases we get like below image
β So create a wp-config.php file manually copy paste the given code and run the installation
β Give the needed information and install WordPress
β Now Login with your credentials