Continuing from the previous article, use kuberspay to install a production-level Kubernetes cluster without pits . After kubespray
installation kubernetes之
, we need to configure kubectl on our client computer. How to configure the cluster configuration information locally? We use the following script and put it in scripts\copy-kubeconfig.yaml
Below, the content is:
Source address: http://www.wisely.top/2017/07/04/kubespray-kubectl-config/
---
- hosts: kube-master[0]
gather_facts: no
become: yes
tasks:
- fetch:
src: "/etc/kubernetes/ssl/{{ item }}.pem"
dest: "{{ playbook_dir }}/kubectl/{{ item }}.pem"
flat: True
with_items:
- admin-{{ inventory_hostname }}-key
- admin-{{ inventory_hostname }}
- ca
- name: export hostname
set_fact:
kubectl_name: "{{ inventory_hostname }}"
- hosts: localhost
connection: local
vars:
kubectl_name: "{{ hostvars[groups['kube-master'][0]].kubectl_name }}"
cluster_name: "{{ hostvars[groups['kube-master'][0]].cluster_name }}"
kube_apiserver_port: "{{ hostvars[groups['kube-master'][0]].kube_apiserver_port }}"
system_namespace: "{{ hostvars[groups['kube-master'][0]].system_namespace }}"
tasks:
- name: "check if context admin@{{ cluster_name }} exists"
command: kubectl config get-contexts admin@{{ cluster_name }}
register: kctl
failed_when: kctl.rc == 0
- block:
- name: "create cluster {{ cluster_name }}"
command: >
kubectl config set-cluster {{ cluster_name }}
--server=https://{{ kubectl_name }}:{{ kube_apiserver_port }}
--certificate-authority={{ playbook_dir }}/kubectl/ca.pem
--embed-certs
- name: "create credentials admin"
command: >
kubectl config set-credentials admin
--certificate-authority={{ playbook_dir }}/kubectl/ca.pem
--client-key={{ playbook_dir }}/kubectl/admin-{{ kubectl_name }}-key.pem
--client-certificate={{ playbook_dir }}/kubectl/admin-{{ kubectl_name }}.pem
--embed-certs
- name: "create context admin@{{ cluster_name }}"
command: >
kubectl config set-context admin@{{ cluster_name }}
--cluster={{ cluster_name }}
--namespace={{ system_namespace }}
--user=admin
- name: "use context admin@{{ cluster_name }}"
command: kubectl config use-context admin@{{ cluster_name }}
when: kctl.rc != 0
- name: "clean up fetched certificates"
file:
state: absent
path: "{{ playbook_dir }}/kubectl"
Execute in the kubespray
root directory:
ansible-playbook -i inventory/inventory.cfg scripts/copy-kubeconfig.yaml
After the execution is completed, if your local hosts
file has been configured with the node1
corresponding ip, the configuration has been completed; if there is no configuration, edit vi /Users/wangyunfei/.kube/config
it and it will be node1
modified to 192.168.1.130
. Execute again at this time:
wangyunfeideMBP:kubespray wangyunfei$ kubectl get node
NAME STATUS AGE VERSION
node1 Ready,SchedulingDisabled 3d v1.6.1+coreos.0
node2 Ready 3d v1.6.1+coreos.0
node3 Ready 3d v1.6.1+coreos.0