summaryrefslogtreecommitdiff
path: root/roles/kubernetes
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2019-10-11 00:46:13 +0200
committerChristian Pointner <equinox@spreadspace.org>2019-10-11 00:46:13 +0200
commit901486a82273b55308576e33bcc56f88b29b855f (patch)
tree6cd5a7f0ab20cdb7c437aa07909a2c25892a141f /roles/kubernetes
parentadded role for containerd and improve kubernetes/base (diff)
added kubernetes/standalone role
Diffstat (limited to 'roles/kubernetes')
-rw-r--r--roles/kubernetes/base/tasks/main.yml3
-rw-r--r--roles/kubernetes/standalone/defaults/main.yml12
-rw-r--r--roles/kubernetes/standalone/handlers/main.yml6
-rw-r--r--roles/kubernetes/standalone/tasks/main.yml34
-rw-r--r--roles/kubernetes/standalone/templates/cni.conflist.j223
-rw-r--r--roles/kubernetes/standalone/templates/kubelet-config.yml.j224
-rw-r--r--roles/kubernetes/standalone/templates/kubelet.service.override.j29
7 files changed, 110 insertions, 1 deletions
diff --git a/roles/kubernetes/base/tasks/main.yml b/roles/kubernetes/base/tasks/main.yml
index 375bb63e..731be48b 100644
--- a/roles/kubernetes/base/tasks/main.yml
+++ b/roles/kubernetes/base/tasks/main.yml
@@ -45,7 +45,6 @@
selection: hold
- name: configure crictl to use containerd
- when: kubernetes_container_runtime == 'containerd'
loop:
- zsh
- bash
@@ -54,7 +53,9 @@
create: yes
marker: "### {mark} ANSIBLE MANAGED BLOCK for crictl ###"
content: |
+ {% if kubernetes_container_runtime == 'containerd' %}
alias crictl="crictl --runtime-endpoint unix:///run/containerd/containerd.sock"
+ {% endif %}
{% if item == 'zsh' %}
## TODO: see https://github.com/kubernetes-sigs/cri-tools/issues/435
autoload -U +X bashcompinit && bashcompinit
diff --git a/roles/kubernetes/standalone/defaults/main.yml b/roles/kubernetes/standalone/defaults/main.yml
new file mode 100644
index 00000000..fb48cf2b
--- /dev/null
+++ b/roles/kubernetes/standalone/defaults/main.yml
@@ -0,0 +1,12 @@
+---
+kubernetes_standalone_address: 127.0.0.1
+kubernetes_standalone_port: 10250
+kubernetes_standalone_readonly_port: 0
+
+kubernetes_standalone_healthz_address: 127.0.0.1
+kubernetes_standalone_healthz_port: 0
+
+kubernetes_standalone_max_pods: 10
+
+kubernetes_standalone_pod_cidr: 192.168.255.0/24
+kubernetes_standalone_resolv_conf: /etc/resolv.conf
diff --git a/roles/kubernetes/standalone/handlers/main.yml b/roles/kubernetes/standalone/handlers/main.yml
new file mode 100644
index 00000000..26438551
--- /dev/null
+++ b/roles/kubernetes/standalone/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: restart kubelet
+ systemd:
+ name: kubelet.service
+ state: restarted
+ daemon_reload: yes
diff --git a/roles/kubernetes/standalone/tasks/main.yml b/roles/kubernetes/standalone/tasks/main.yml
new file mode 100644
index 00000000..e377e4b9
--- /dev/null
+++ b/roles/kubernetes/standalone/tasks/main.yml
@@ -0,0 +1,34 @@
+---
+- name: create systemd override directory for kubelet
+ file:
+ path: /etc/systemd/system/kubelet.service.d
+ state: directory
+
+- name: install systemd override for kubelet
+ template:
+ src: kubelet.service.override.j2
+ dest: /etc/systemd/system/kubelet.service.d/standalone.conf
+ notify: restart kubelet
+
+- name: install kubelet config
+ template:
+ src: kubelet-config.yml.j2
+ dest: /etc/kubernetes/kubelet.yml
+ notify: restart kubelet
+
+- name: make sure kubelet is enabled and running
+ systemd:
+ name: kubelet.service
+ state: started
+ enabled: yes
+ daemon_reload: yes
+
+- name: create cni config directory
+ file:
+ name: /etc/cni/net.d
+ state: directory
+
+- name: install cni config
+ template:
+ src: cni.conflist.j2
+ dest: /etc/cni/net.d/kube-standalone.conflist
diff --git a/roles/kubernetes/standalone/templates/cni.conflist.j2 b/roles/kubernetes/standalone/templates/cni.conflist.j2
new file mode 100644
index 00000000..0b641097
--- /dev/null
+++ b/roles/kubernetes/standalone/templates/cni.conflist.j2
@@ -0,0 +1,23 @@
+{
+ "cniVersion": "0.3.1",
+ "name": "kube-standalone",
+ "plugins": [
+ {
+ "type": "bridge",
+ "bridge": "kube-bridge",
+ "isDefaultGateway": true,
+ "ipMasq": true,
+ "hairpinMode": false,
+ "ipam": {
+ "type": "host-local",
+ "subnet": "{{ kubernetes_standalone_pod_cidr }}"
+ }
+ }, {
+ "type": "portmap",
+ "capabilities": {
+ "portMappings": true,
+ "snat": true
+ }
+ }
+ ]
+}
diff --git a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2
new file mode 100644
index 00000000..78aec0c4
--- /dev/null
+++ b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2
@@ -0,0 +1,24 @@
+{# https://godoc.org/k8s.io/kubelet/config/v1beta1#KubeletConfiguration #}
+{# #}
+kind: KubeletConfiguration
+apiVersion: kubelet.config.k8s.io/v1beta1
+staticPodPath: /etc/kubernetes/manifests
+address: {{ kubernetes_standalone_address }}
+port: {{ kubernetes_standalone_port }}
+readOnlyPort: {{ kubernetes_standalone_readonly_port }}
+healthzBindAdress: {{ kubernetes_standalone_healthz_address }}
+healthzPort: {{ kubernetes_standalone_healthz_port }}
+authentication:
+ anonymous:
+ enabled: true
+ webhook:
+ enabled: false
+authorization:
+ mode: AlwaysAllow
+Maxpods: {{ kubernetes_standalone_max_pods }}
+makeIPTablesUtilChains: false
+hairpinMode: none
+resolvConf: {{ kubernetes_standalone_resolv_conf }}
+enableControllerAttachDetach: false
+featureGates:
+ RuntimeClass: false
diff --git a/roles/kubernetes/standalone/templates/kubelet.service.override.j2 b/roles/kubernetes/standalone/templates/kubelet.service.override.j2
new file mode 100644
index 00000000..3a88ccd2
--- /dev/null
+++ b/roles/kubernetes/standalone/templates/kubelet.service.override.j2
@@ -0,0 +1,9 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/kubelet \
+ --config=/etc/kubernetes/kubelet.yml \
+{% if kubernetes_container_runtime == 'containerd' %}
+ --container-runtime=remote \
+ --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
+{% endif %}
+ --cloud-provider=