πŸ“Œ Automate Kubernetes Cluster Using Ansible

Sangeeth Sahana D
5 min readJan 13, 2022

--

πŸ”… Launch ec2-instances on AWS Cloud eg. for master and slave.

πŸ”… Create roles that will configure master node and slave node seperately.

πŸ”… Launch a wordpress and mysql database connected to it in the respectine slaves.

πŸ”… Expose the wordpress pod and client able hit the wordpress ip with its respective port.

STEP1: Create a dynamic inventory

yum install python3 -y

pip3 install boto

$ mkdir -p /opt/ansible/inventory
$ cd /opt/ansible/inventory

aws_ec2.yaml:

plugin: aws_ec2
aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE>
aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE>
keyed_groups:
- key: tags
prefix: tag

’

[inventory]
enable_plugins = aws_ec2

Listing and pinging the EC2 instances:

$ ansible-inventory -i /opt/ansible/inventory/aws_ec2.yaml --list
$ ansible all -m ping

STEP2: Launch one master and two slave nodes on AWS

ansible-playbook <file_name>

aws.yml:

- hosts: localhost
vars_files:
secret.yml tasks:
- name: "Creating Master Node"
ec2:
region: ap-south-1
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
vpc_subnet_id: {subnet}
count: 1
state: present
instance_type: t2.micro
key_name: redhat-key
assign_public_ip: yes
group_id: sg-xxxx
image: ami-xxxx
instance_tags:
name: master
- name: "Creating Slave Nodes"
ec2:
region: ap-south-1
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
vpc_subnet_id: subnetxxx
count: 2
state: present
instance_type: t2.micro
key_name: redhat-key
assign_public_ip: yes
group_id: sg-xxxx
image: ami-xxx
instance_tags:
name: slave

secret.yml:

aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE>
aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE>

STEP3: Create yml file for MySQL and Wordpress

apiVersion: v1
kind: Secret
metadata:
name: mysecure
data:
rootpass: xxx
userpass: xxx
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: mysql:5.6
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: rootpass
- name: MYSQL_USER
value: vd
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: userpass
- name: MYSQL_DATABASE
value: sqldb
ports:
- containerPort: 3306
name: mysql

β€˜

apiVersion: v1
kind: Service
metadata:
name: wordpress
labels:
app: wordpress
spec:
ports:
- port: 80
selector:
app: wordpress
tier: mysql
type: LoadBalancer---apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: wordpress:latest
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-mysql
- name: WORDPRESS_DB_USER
value: vd
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysecure
key: userpass
- name: WORDPRESS_DB_NAME
value: sqldb
ports:
- containerPort: 80
name: wordpress

Ansible-playbook β€” Master node

kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

:

- name: Adding Kubeadm repo
copy:
src: kubernetes.repo
dest: /etc/yum.repos.d
- name: Installing docker
package:
name: "docker"
state: present - name: Installing kubeadm
package:
name: "kubeadm"
state: present
- name: Enabling docker service
service:
name: docker
state: started
enabled: yes
- name: Pulling all kubeadm config image
command: kubeadm config images pull
ignore_errors: no
- name: Changing driver cgroup to systemd
copy:
src: daemon.json
dest: /etc/docker/daemon.json
- name: Removing swapfile from /etc/fstab
mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- none
- name: Enabling kubelet service
service:
name: kubelet
daemon_reload: yes
state: started
enabled: yes - name: Restarting docker service
service:
name: docker
state: "restarted"
- name: Installing iproute-tc
package:
name: iproute-tc
state: present
update_cache: yes
- name: Initializing the kubeadm
shell: "kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=Swap --ignore-preflight-errors=NumCPU --ignore-preflight-errors=Mem --node-name=master"

register: kubeadm
ignore_errors: yes

- debug:
msg: "{{ kubeadm }}"
- name: Setup kubeconfig for home user
shell: "{{ item }}"
with_items:
- "mkdir -p $HOME/.kube"
- "cp -i /etc/kubernetes/admin.conf $HOME/.kube/config"
- "chown $(id -u):$(id -g) $HOME/.kube/config"
- name: Adding flannel network
shell: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
- name: Joining token
shell: "kubeadm token create --print-join-command"
register: token
- debug:
msg: "{{ token }}"
ignore_errors: yes - name: Storing token into a file
local_action: copy content={{ token.stdout_lines[0] }} dest=../slave1/token.sh
- name: Copying mysql-database.yml file
copy:
src: database.yaml
dest: /root

- name: Copying wordpress.yml file
copy:
src: wordpress.yml
dest: /root
- shell: "kubectl apply -f /root/database.yaml"
register: mysql - shell: "kubectl apply -f /root/wordpress.yml"
register: wordpress - debug:
msg: "{{ mysql }}- debug:
msg: "{{ wordpress }}"

daemon.json:

{
"exec-opts": ["native.cgroupdriver=systemd"]
}

Ansible-playbook for slave node

k8s.conf file:net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

:

- name: Copying k8s.conf file
copy:
src: k8s.conf
dest: /etc/sysctl.d/k8s.conf
- name: Copying token file at /root location
copy:
src: token.sh
dest: /root/token.sh - name: Joining slave node to master node
shell: "sh /root/token.sh"
register: joined - debug:
msg: "{{ joined }}"

STEP4: Wordpress & MySQL

$ kubectl get svc

Use your instance public IP

β†’ Add your credentials

β†’ In some cases we get like below image

β†’ So create a wp-config.php file manually copy paste the given code and run the installation

β†’ Give the needed information and install WordPress

β†’ Now Login with your credentials

πŸ“Œ Task objectives are completed!

--

--