Add example Ansible playbook to create config file

Add Jinja2 template for Kubeadm configuration file. Add Ansible playbook to create a configuration file from the Jinja2 template. Add README.md with instructions and more information.

Signed-off-by: Scott Lowe <scott.lowe@scottlowe.org>
This commit is contained in:
Scott Lowe 2018-04-19 13:28:17 -06:00
parent 3efe24bed0
commit e5c543310c
No known key found for this signature in database
GPG key ID: 949F43F6E6C11780
3 changed files with 84 additions and 0 deletions

View file

@ -0,0 +1,29 @@
# Using Ansible to Template a Kubeadm Configuration File
These files provide an example of how to use Ansible's `template` module to create a Kubeadm configuration file from a Jinja2 template. The template and Ansible playbook were tested using Ansible 2.5 on Fedora 27, but should work on any recent version of Ansible on any supported platform.
**NOTE:** At this time, the `kubeadm.conf` generated by this playbook has _not_ been verified to create a working, conformant Kubernetes cluster. It is for demonstration purposes only.
## Contents
* **kubeadm.conf.j2**: This Jinja2 template contains the framework for a Kubeadm configuration file.
* **README.md**: The file you're currently reading.
* **template.yml**: This Ansible playbook takes a series of variables along with the `kubeadm.conf.j2` Jinja2 template and generates a Kubeadm configuration file.
## Instructions
These instructions assume that you have Ansible installed and functioning correctly on your system.
1. Place the files from the `ansible/kubeadm-template` directory of this GitHub repository into a directory on your local system. You can clone the entire "learning-tools" repository (using `git clone`) or just download the specific files from the `ansible/kubeadm-template` folder.
2. (Optional) Edit `template.yml` to specify different values for the variables defined in the playbook.
3. Run `ansible-playbook -i "localhost," -c local template.yml` to generate a Kubeadm configuration file from the template. The generated file will reside in the same directory as `kubeadm.conf`.
Enjoy!
## License
This content is licensed under the MIT License.

View file

@ -0,0 +1,35 @@
apiVersion: kubeadm.k8s.io/v1alpha1
kind: MasterConfiguration
api:
advertiseAddress: {{ apiAdvertiseAddress }}
etcd:
endpoints:
- {{ etcdServer1 }}
- {{ etcdServer2 }}
- {{ etcdServer3 }}
networking:
podSubnet: {{ podSubnet }}
serviceSubnet: {{ serviceSubnet }}
kubernetesVersion: {{ k8sVersion }}
cloudProvider: {{ cloudProvider }}
token: {{ kubeadmToken }}
tokenTTL: "0"
apiServerCertSANs: [{{ apiServerCertSANs }}]
featureGates:
CoreDNS: true
DynamicKubeletConfig: true
apiServerExtraArgs:
endpoint-reconciler-type: lease
admission-control: NamespaceAutoProvision,Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,ResourceQuota,PodTolerationRestriction
cloud-provider: {{ cloudProvider }}
audit-log-path: "/var/log/kube-audit"
audit-log-maxage: "10"
audit-log-maxsize: "100"
audit-policy-file: "/etc/kubernetes/audit/audit-policy.yaml"
controllerManagerExtraArgs:
cloud-provider: {{ cloudProvider }}
configure-cloud-routes: "false"
apiServerExtraVolumes:
- name: "audit-policy"
hostPath: "/etc/kubernetes/audit"
mountPath: "/etc/kubernetes/audit"

View file

@ -0,0 +1,20 @@
---
- hosts: all
vars:
apiAdvertiseAddress: 192.168.100.100
etcdServer1: 192.168.100.200
etcdServer2: 192.168.100.201
etcdServer3: 192.168.100.202
podSubnet: 172.24.0.0/16
serviceSubnet: 10.0.0.0/16
k8sVersion: 1.9.6
cloudProvider: aws
kubeadmToken: 8fcc26.83ab1665d9142018
apiServerCertSANs: apiserver.cluster.io
tasks:
- name: Render kubeadm.conf template
local_action:
module: template
src: kubeadm.conf.j2
dest: kubeadm.conf