Skip to content
This repository has been archived by the owner on Oct 1, 2020. It is now read-only.
/ ansible-ha-k3s Public archive

Ansible playbook for an HA K3s cluster running etcd

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

clrxbl/ansible-ha-k3s

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
inventory
inventory
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
add-worker.yml
add-worker.yml
 
 
ansible.cfg.example
ansible.cfg.example
 
 
create-cluster.yml
create-cluster.yml
 
 
requirements.yml
requirements.yml
 
 
update-cluster.yml
update-cluster.yml
 
 

Repository files navigation

ansible-ha-k3s

No longer maintained. Feel free to do anything what you want with it.

Ansible playbook for an HA K3s cluster running etcd, nginx as load balancer & optionally Calico as CNI.

CAUTION: This is the first time I've used Ansible. Potential issues may arise here and there, improvement PRs are very welcome. No support is given.

Requirements

Target machines are expected to run Debian. This Ansible playbook was tested on Debian 10.4 Needs ansible & python-jmespath install the required roles using the command below.

ansible-galaxy install -r requirements.yml

Usage

Modify inventory/hosts.ini with your hosts & hostnames. Make sure you have access to the root user via SSH. With the example configuration used in this repository, it is expected that there is a load balancer, in this case located at lb.ansible.iptables.sh for ports 2379 (etcd) & 6443 (k8s). It is also expecting a minimum of 2 masters, however this can be overriden by setting the variable k3s_use_unsupported_config to true.

ansible-playbook create-cluster.yml

Unsupported config:
ansible-playbook create-cluster.yml --extra-vars "k3s_use_unsupported_config=true"

After a few minutes, you should be able to SSH into any one of the servers and run kubectl get nodes to confirm that all nodes are working.

Calico Usage

Same instructions as above HOWEVER, you need to uncomment the Calico things in all.yml, making sure 192.168.0.0/24 is available for your cluster CIDR and modify templates/opt/calico.yaml on line 3553, set this to your private network ethernet interface.

Updating your cluster

K3s can handle auto-updating by itself. It is recommend to follow Rancher's guide for automated updates over here: https://rancher.com/docs/k3s/latest/en/upgrades/automated/

unattended-upgrades is installed during cluster creation which handles Debian's security updates.

To manually update all packages, upgrade packages & reboot the server upon kernel update, run:

For all servers in the hosts file:
ansible-playbook update-cluster.yml

For 1 specific FQDN / IP address:
ansible-playbook -i 192.168.0.55, update-cluster.yml

Adding a worker

You don't want to run create-cluster.yml after you've already ran it, since this will essentially wipe the current etcd & k3s installations. To add a new worker, use the add-worker.yml workbook. Make sure to add your new workers into the [new_worker] group in hosts.ini Before you run the playbook, you will also need to extract the NODE_TOKEN from /var/lib/rancher/k3s/server/node_token and place it in the inventory/group_vars/new_worker file.

ansible-playbook add-worker.yml

About

Ansible playbook for an HA K3s cluster running etcd

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages