LAUNCH THE KUBERNETES CLUSTER BY ANSIBLE PLAYBOOK
Nishant Singh
Senior Software Engineer@HCL Tech | Red Hat Certified System Administrator | AWS Certified Solution Architect-Associate | AWS Certified Developer Associate | AWS Cloud Practitioner Certified
What is Ansible?
Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intraservice orchestration, and provisioning. Automation is crucial these days, with IT environments that are too complex and often need to scale too quickly for system administrators and developers to keep up if they had to do everything manually. Automation simplifies complex tasks, not just making developers’ jobs more manageable but allowing them to focus attention on other tasks that add value to an organization. In other words, it frees up time and increases efficiency. And Ansible, as noted above, is rapidly rising to the top in the world of automation tools.
Advantages of Ansible:
- Free: Ansible is an open-source tool.
- Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
- Powerful: Ansible lets you model even highly complex IT workflows.
- Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
- Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
- Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.
What is Docker?
Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and deploy it as one package. By doing so, thanks to the container, the developer can rest assured that the application will run on any other Linux machine regardless of any customized settings that machine might have that could differ from the machine used for writing and testing the code.
What is Kubernetes?
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available.
The name Kubernetes originates from Greek, meaning helmsman or pilot. Google open-sourced the Kubernetes project in 2014. Kubernetes combines over 15 years of google's experience running production workloads at scale with best-of-breed ideas and practices from the community.
Why you need Kubernetes and what it can do?
Containers are a good way to bundle and run your applications. In a production environment, you need to manage the containers that run the applications and ensure that there is no downtime. For example, if a container goes down, another container needs to start.
Kubernetes provides you with:
1) Service discovery and load balancing
Kubernetes can expose a container using the DNS name or using their own IP address. If traffic to a container is high, Kubernetes is able to load balance and distribute the network traffic so that the deployment is stable.
2) Storage orchestration
Kubernetes allows you to automatically mount a storage system of your choice, such as local storages, public cloud providers, and more.
3) Automated rollouts and rollbacks
You can describe the desired state for your deployed containers using Kubernetes, and it can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, remove existing containers and adopt all their resources to the new container.
4) Automatic bin packing
You provide Kubernetes with a cluster of nodes that it can use to run containerized tasks. You tell Kubernetes how much CPU and memory (RAM) each container needs. Kubernetes can fit containers onto your nodes to make the best use of your resources.
5) Self-healing
Kubernetes restarts containers that fail, replaces containers, kills containers that don’t respond to your user-defined health check, and doesn’t advertise them to clients until they are ready to serve.
6) Secret and configuration management
Kubernetes lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images, and without exposing secrets in your stack configuration.
Problem Statement:
Write an Ansible PlayBook that does the following operations in the managed nodes:
?? Configure a Kubernetes Cluster having master and slave nodes.
?? Configure the web server using httpd image as Deployment in the Kubernetes Cluster.
Solution:
Before doing the task you have to download and configure the inventory of ansible. Type this command in your vm it will download the ansible for you.
pip3 install ansible
Now we have to make random name file in my case i make a file named /etc/myhosts.txt and write your other virtual machine ip (vm in which you want to configure and setup the docker) and other things like root and password etc...
Now check the ansible version.
ansible --version
Acoording to above image ansible see its repository in /etc/ansible/ansible.conf file so configure this file.
See all the hosts by typing ansible all --list-hosts.
ansible all --list-hosts
Ping to the host to see there is ssh connectivity between both the virtual machine or not.
ansible all -m ping
1) Firstly you need to share the ISO file at /opt folder which is already copied in my case.
-hosts: all
vars:
- repo_mount_path: "/dvd"
tasks:
- name: Mount the ISO file
command: mount /dev/cdrom /dvd
2) Now we have to configure the yum.
i) Setup AppStream repository.
- name: Add repository
yum_repository:
name: dvd1
description: AppStream repository
baseurl: "file://{{repo_mount_path}}/AppStream"
enabled: yes
gpgcheck: no
ii) Setup BaseOS repository.
- name: Add_repository
yum_repository:
name: dvd2
description: BaseOS repository
baseurl: "file://{{repo_mount_path}}/BaseOS"
enabled: yes
gpgcheck: no
3) Setup the docker repository.
- name: Add_repository
yum_repository:
name: docker
description: Docker repo
baseurl: "https://download.docker.com/linux/centos/7/x86_64/stable/"
gpgcheck: no
4) Now install the docker software.
- name: Install Docker
package:
name: "docker-ce-18.06.3.ce-3.el7.x86_64"
state: present
5) Start the docker service.
- name: Start the Docker service
service:
name: "docker"
state: started
6) Stop the firewall
- name: Stop the firewalld permanently command: "systemctl stop firewalld"
7) Stop the SELinux permanently
- name: Ensure SELinux is set to enforcing mode
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=permissive
8) Mount the ISO file permanently
- name: Make the mount permanent
lineinfile:
dest: /etc/rc.d/rc.local
line: mount /dev/cdrom /dvd
state: present
create: yes
9) Make this file(/etc/rc.d/rc.local) executable
- name: Make firewall file executable command: chmod +x /etc/rc.d/rc.local
10) Configure the kubernetes repository
- name: Configure kubernetes repo
shell: |
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
args:
executable: /bin/bash
11) Install kubelet, kubeadm and kubectl software.
- name: Install kubelet, kubeadm and kubectl command: yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
12) Now change the driver from cgroups to systemd because for kubenetes cluster cgroups is not supported. So for this we have to add some text in /etc/docker/daemon.json file.
- name: For change the driver of docker(cgroup ---> systemd)
copy:
src: 'daemon.json'
dest: '/etc/docker/daemon.json'
13) After changing the docker driver we have to restart the docker service.
- name: Relaod the Docker service(daemon)
service:
name: "docker"
state: restarted
Now when you type docker info command you see the difference.
14) We have to off all types of swap because it is not supported by kubernetes cluster.
- name: For Off all types of swap command: swapoff -a
Also swap off by using /etc/fstab file.
- name: For comment the swap in /etc/fstab file. replace: path: /etc/fstab regexp: '/dev/mapper/rhel-swap swap swap defaults 0 0' replace: '#/dev/mapper/rhel-swap swap swap defaults 0 0'
15) Set the iptables and ip6tables entry
- name: long shell script
shell: |
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
args:
executable: /bin/bash
16) Install the iproute-tc software
- name: Install iproute-tc
package:
name: "iproute-tc"
state: present
17) Start the kubelet service
- name: Start kubelet
service:
name: "kubelet"
state: started
enabled: yes
Note: At that movement the kubelet service will not be started.
18) Copy the content at all the nodes in /etc/hosts file.
- name: Write the content in /etc/hosts file.
blockinfile:
path: /etc/hosts
block: |
192.168.225.150 master
192.168.225.157 slave
19) Set the Hostname from localhost to slave
- hosts: slave
vars:
- host: "slave"
tasks:
- name: "Change Hostname"
hostname:
name: "{{host}}"
20) Set the Hostname from localhost to master
- hosts: master
vars:
- host: "master"
tasks:
- name: "Change Hostname"
hostname:
name: "{{host}}"
My complete ansible playbook
- hosts: all
vars:
repo_mount_path: "/dvd"
tasks:
- name: Add repository
yum_repository:
name: dvd1
description: AppStream repository
baseurl: "file://{{repo_mount_path}}/AppStream"
enabled: yes
gpgcheck: no
- name: Add_repository
yum_repository:
name: dvd2
description: BaseOS repository
baseurl: "file://{{repo_mount_path}}/BaseOS"
enabled: yes
gpgcheck: no
- name: Add_repository
yum_repository:
name: docker
description: Docker repo
baseurl: "https://download.docker.com/linux/centos/7/x86_64/stable/"
gpgcheck: no
- name: Install Docker
package:
name: "docker-ce-18.06.3.ce-3.el7.x86_64"
state: present
- name: Start the Docker service
service:
name: "docker"
state: started
- name: Stop the firewalld permanently
command: "systemctl stop firewalld"
- name: Ensure SELinux is set to enforcing mode
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=permissive
- name: Make the mount permanent
lineinfile:
dest: /etc/rc.d/rc.local
line: mount /dev/cdrom /dvd
state: present
create: yes
- name: Make firewall file executable
command: chmod +x /etc/rc.d/rc.local
- name: Configure kubernetes repo
shell: |
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
args:
executable: /bin/bash
- name: Install kubelet, kubeadm and kubectl
command: yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
- name: For change the driver of docker(cgroup ---> systemd)
copy:
src: 'daemon.json'
dest: '/etc/docker/daemon.json'
- name: Relaod the Docker service(daemon)
service:
name: "docker"
state: restarted
- name: For Off all types of swap
command: swapoff -a
- name: For comment the swap in /etc/fstab file.
replace:
path: /etc/fstab
regexp: '/dev/mapper/rhel-swap swap swap defaults 0 0'
replace: '#/dev/mapper/rhel-swap swap swap defaults 0 0'
- name: long shell script
shell: |
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
args:
executable: /bin/bash
- name: Install iproute-tc
package:
name: "iproute-tc"
state: present
- name: Start kubelet
service:
name: "kubelet"
state: started
enabled: yes
- name: copy the content at all the nodes in /etc/hosts file
blockinfile:
path: /etc/hosts
block: |
192.168.225.150 master
192.168.225.157 slave
- hosts: slave
vars:
- host: "slave"
tasks:
- name: "Change Hostname"
hostname:
name: "{{host}}"
- hosts: master
vars:
- host: "master"
tasks:
- name: "Change Hostname"
hostname:
name: "{{host}}"
When I run this playbook by typing ansible-playbook task1.yml so the outputs come like this.
21) To make master node we have to run
kubeadm -init --pod-network-cidr=10.10.1.0/16 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
After typing this command we get the output like this
when you run this kubeadm init --pod-network-cidr=10.10.0.1/16 it will give some link for making any node as slave.
kubeadm join 192.168.225.150:6443 --token d7wj0p.coswofe17rjy1lh9 \ --discovery-token-ca-cert-hash sha256:8f1a3713a84238770d10d979a687580fafbefe5f0b6d233703eb2ef6a6c42a76
Now see the docker images and container running for this process in both the virtual machines (master as well as slave)
In master node:
In slave node:
Now see the config view of master:
Now share the config file in windows by using winscp.
Now launch replica set for the httpd image also expose it.
my replica set file(rs1.yml)
apiVersion: apps/v1 kind: ReplicaSet metadata: name: myweb-rs spec: replicas: 3 selector: matchLabels: env: production template: metadata: name: myweb-pod labels: env: production spec: containers: - name: myweb-con image: httpd
Now create this by running these commands
kubectl create -f rs1.yml --kubeconfig config kubectl expose rs myweb-rs --type=NodePort --port=80 --kubeconfig config
Now we get the final output:
For Reference:
Github url:
Thanks for Reading!!!
?