Provision k8s Cluster (SDC)
Pre requisites:
Below Servers are to be provided by the SDC team.
One Bastion machine to run Kubespray.
HA-PROXY machine which acts as load balancer.
Three machines which act as master nodes.
Four machines which act as worker nodes.
One machine for database configuration.
All the machines should be in the same network with ubuntu or centos installed.
Key Generation:
ssh key should be generated form Bastion machine and must be copied to all the servers part of your inventory.
Generate ssh-keygen
#Copy the key to all the nodes
ssh-copy-id root@IP of node
Kubespray:
Install git
git clone GitHub - kubernetes-sigs/kubespray: Deploy a Production Ready Kubernetes Cluster
install python
apt-get update && apt-get install python3-pip -y
cd kubespray
# Install dependencies from ``requirements.txt``
sudo pip3 install -r requirements.txt
# Copy ``inventory/sample`` as ``inventory/mycluster``
cp -rfp inventory/sample inventory/mycluster
# Update Ansible inventory file with inventory builder
declare -a IPS=(10.67.53.158 10.67.53.159 10.67.53.160 10.67.53.161 10.67.53.162 10.67.53.163 10.67.53.164)
CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]}
# Review and change parameters under ``inventory/mycluster/group_vars``
cat inventory/mycluster/group_vars/all/all.yml
cat inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml
# Deploy Kubespray with Ansible Playbook - run the playbook as root
# The option `--become` is required, as for example writing SSL keys in /etc/,
# installing packages and interacting with various systemd daemons.
# Without --become the playbook will fail to run!
ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root cluster.yml
Kubernetes cluster will be created with three masters and four nodes with the above process.
Kube config will be generated in .Kubefolder. Cluster can be accessible via kubeconfig.
HA-Proxy:
Install haproxy for the machine that was allocated for proxy
sudo apt-get install haproxy -y
IPs need to be whitelisted as per the requirements in config.
sudo vi /etc/haproxy/haproxy.cfg
Volumes:
Iscsi volumes will be provided by SDC team as per the requisition and the same can be used for statefulsets.
sudo iscsiadm -m discovery -t sendtargets -p 10.67.49.8:3260