-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkubernetes-auf-proxmox-mit-ansible-und-terraform-teil-2.html
490 lines (435 loc) · 110 KB
/
kubernetes-auf-proxmox-mit-ansible-und-terraform-teil-2.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
<!DOCTYPE html><html lang="de-ch"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Kubernetes auf Proxmox mit Ansible und Terraform (Teil 2) - Finecloud</title><meta name="description" content="Dieser Post wurde aus dem Original (https://datastrophic.io/kubernetes-homelab-with-proxmox-kubeadm-calico-openebs-and-metallb/)auf Deutsch übersetzt und leicht angepasst. Nachdem wir im ersten Teil mit Terraform die VMs für unseren K8s Cluster deployed haben, werden wir nun mit Ansible die folgenden K8s Komponenten in den worker Nodes und dem Controller installieren: Die…"><meta name="generator" content="Publii Open-Source CMS for Static Site"><link rel="stylesheet" href="https://www.finecloud.ch/media/plugins/syntaxHighlighter/prism-black.css"><link rel="canonical" href="https://www.finecloud.ch/kubernetes-auf-proxmox-mit-ansible-und-terraform-teil-2.html"><link rel="alternate" type="application/atom+xml" href="https://www.finecloud.ch/feed.xml"><link rel="alternate" type="application/json" href="https://www.finecloud.ch/feed.json"><meta property="og:title" content="Kubernetes auf Proxmox mit Ansible und Terraform (Teil 2)"><meta property="og:site_name" content="Finecloud"><meta property="og:description" content="Dieser Post wurde aus dem Original (https://datastrophic.io/kubernetes-homelab-with-proxmox-kubeadm-calico-openebs-and-metallb/)auf Deutsch übersetzt und leicht angepasst. Nachdem wir im ersten Teil mit Terraform die VMs für unseren K8s Cluster deployed haben, werden wir nun mit Ansible die folgenden K8s Komponenten in den worker Nodes und dem Controller installieren: Die…"><meta property="og:url" content="https://www.finecloud.ch/kubernetes-auf-proxmox-mit-ansible-und-terraform-teil-2.html"><meta property="og:type" content="article"><link rel="shortcut icon" href="https://www.finecloud.ch/media/website/finecloud.png" type="image/png"><link rel="stylesheet" href="https://www.finecloud.ch/assets/css/style.css?v=39da73365516a098a9b73b721fc970e2"><script type="application/ld+json">{"@context":"http://schema.org","@type":"Article","mainEntityOfPage":{"@type":"WebPage","@id":"https://www.finecloud.ch/kubernetes-auf-proxmox-mit-ansible-und-terraform-teil-2.html"},"headline":"Kubernetes auf Proxmox mit Ansible und Terraform (Teil 2)","datePublished":"2022-07-02T17:34","dateModified":"2022-07-05T14:44","description":"Dieser Post wurde aus dem Original (https://datastrophic.io/kubernetes-homelab-with-proxmox-kubeadm-calico-openebs-and-metallb/)auf Deutsch übersetzt und leicht angepasst. Nachdem wir im ersten Teil mit Terraform die VMs für unseren K8s Cluster deployed haben, werden wir nun mit Ansible die folgenden K8s Komponenten in den worker Nodes und dem Controller installieren: Die…","author":{"@type":"Person","name":"Finecloud","url":"https://www.finecloud.ch/authors/finecloud/"},"publisher":{"@type":"Organization","name":"Finecloud"}}</script><meta name="google-site-verification" content="seFY9U12uiEq5U3_MyZiX6XWzk0AVFl9zITr2ZKsytY"></head><body><div class="site-container"><header class="top" id="js-header"><a class="logo" href="https://www.finecloud.ch/">Finecloud</a><nav class="navbar js-navbar"><button class="navbar__toggle js-toggle" aria-label="Menu" aria-haspopup="true" aria-expanded="false"><span class="navbar__toggle-box"><span class="navbar__toggle-inner">Menu</span></span></button><ul class="navbar__menu"><li><a href="https://www.finecloud.ch/" target="_self">Blog</a></li><li><a href="https://www.finecloud.ch/tags/" target="_self">Tags</a></li></ul></nav><div class="search"><div class="search__overlay js-search-overlay"><div class="search__overlay-inner"><form action="https://www.finecloud.ch/search.html" class="search__form"><input class="search__input js-search-input" type="search" name="q" placeholder="search..." aria-label="search..." autofocus="autofocus"></form><button class="search__close js-search-close" aria-label="Close">Close</button></div></div><button class="search__btn js-search-btn" aria-label="Search"><svg role="presentation" focusable="false"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#search"/></svg></button></div></header><main><article class="post"><div class="hero"><figure class="hero__image hero__image--overlay"><img src="https://www.finecloud.ch/media/website/download.jpg" srcset="https://www.finecloud.ch/media/website/responsive/download-xs.jpg 300w, https://www.finecloud.ch/media/website/responsive/download-sm.jpg 480w, https://www.finecloud.ch/media/website/responsive/download-md.jpg 768w, https://www.finecloud.ch/media/website/responsive/download-lg.jpg 1024w, https://www.finecloud.ch/media/website/responsive/download-xl.jpg 1360w, https://www.finecloud.ch/media/website/responsive/download-2xl.jpg 1600w" sizes="100vw" loading="eager" alt=""></figure><header class="hero__content"><div class="wrapper"><div class="post__meta"><time datetime="2022-07-02T17:34">Juli 2, 2022</time></div><h1>Kubernetes auf Proxmox mit Ansible und Terraform (Teil 2)</h1></div></header></div><div class="wrapper post__entry"><div class="post__toc"><h3>Table of Contents</h3><ul><li><a href="#mcetoc_1g6umq8onb0g">Einleitung</a></li><li><a href="#mcetoc_1g6umq8onb0h">Voraussetzungen</a></li><li><a href="#mcetoc_1g6umq8onb0i">Vorbereitungen</a></li><li><a href="#mcetoc_1g6uqq0ncb8i">Notwendige Software</a><ul><li><a href="#mcetoc_1g6uqq0ncb8j">Volume Provisioning mit OpenEBS</a></li><li><a href="#mcetoc_1g6uqq0ncb8k">LoadBalancer mit MetalLB</a></li></ul></li><li><a href="#mcetoc_1g6uqq0ncb8l">Installation überprüfen</a></li><li><a href="#kubernetes-dashboard">Kubernetes Dashboard</a></li></ul></div><p>Dieser Post wurde aus dem Original (<a href="https://datastrophic.io/kubernetes-homelab-with-proxmox-kubeadm-calico-openebs-and-metallb/">https://datastrophic.io/kubernetes-homelab-with-proxmox-kubeadm-calico-openebs-and-metallb/</a>)auf Deutsch übersetzt und leicht angepasst.</p><h2 id="mcetoc_1g6umq8onb0g">Einleitung</h2><p>Nachdem wir im ersten Teil mit Terraform die VMs für unseren K8s Cluster deployed haben, werden wir nun mit Ansible die folgenden K8s Komponenten in den worker Nodes und dem Controller installieren:</p><ul dir="auto"><li><code>kubeadm</code> für das Kubernetes Cluster bootstrapping</li><li><code>containerd</code> als container runtime</li><li><code>Calico</code> für das Pod networking</li><li><code>MetalLB</code> verwenden wir als <code>LoadBalancer</code> service type</li><li><code>OpenEBS</code> für das Volume provisioning</li><li><code>Istio</code> für ingress und traffic management</li></ul><p>Die Kubernetes-Distribution der Wahl ist in diesem Fall Vanilla Open Source Kubernetes, das mit dem kubeadm-Tool für Cluster-Bootstrapping geliefert wird. Vanilla Kubernetes hat einen grösseren Fussabdruck im Vergleich zu k3s und eignet sich deshalb nicht gut für Umgebungen mit eingeschränkten Ressourcen. Es ist jedoch herstellerunabhängig und vollständig Open-Source, hat keine Modifikationen und sowohl die API-Änderungen als auch die Tools haben die gleiche Release-Kadenz, sodass das Risiko von Inkompatibilitäten oder Verzögerungen geringer ist.</p><h2 id="mcetoc_1g6umq8onb0h">Voraussetzungen</h2><ul><li>Cluster VMs sollten bereits provisioniert und erreichbar sein via SSH</li><li>empfohlen ist Ubuntu 20.04 als Cluster OS zu verwenden</li><li>der Benutzer (in unserem Fall <em>ubuntu</em>) sollte Superuser Berechtigungen haben auf den Cluster Nodes</li><li>Ansible ist lokal bei dir installiert</li></ul><h2 id="mcetoc_1g6umq8onb0i">Vorbereitungen</h2><p class="msg--info msg">Lade dir die Terraform und Ansible Files von <a href="https://github.com/datastrophic/kubernetes-deployment/tree/master/proxmox/" rel="nofollow">diesem Git Repo</a> herunter.</p><p>Die Variablen in <code>ansible/group_vars/all</code> sollten noch überprüft werden:</p><div><ul><li><code>pod_subnet</code></li><li><code>service_subnet</code></li><li><code>dns</code></li><li><code>metallb_address_range</code></li></ul></div><p>Weiter musst du die IPs deiner VMs in dieser Datei nachtragen: <code>ansible/inventory.yaml</code></p><p>Vor der Bereitstellung von Kubernetes selbst müssen die Cluster-Knoten zusätzlich konfiguriert und Software installiert werden:</p><ul><li>Knoten müssen Swap deaktiviert, iptables aktiviert haben und Weiterleitung und überbrückten Datenverkehr gemäss Bootstrapping-Clustern mit kubeadm zulassen.</li><li>Auf den Knoten muss die Containerlaufzeit installiert sein. Die gängigste Containerlaufzeit, die in verschiedenen Cloud- und Anbieter-Kubernetes-Distributionen verwendet wird, ist containerd, also werden wir sie verwenden.</li><li>Weitere Informationen darüber, warum wir Docker nicht verwenden werden, findest du in <a href="https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/" rel="nofollow">Don’t Panic: Kubernetes and Docker</a>.</li><li>Auf Knoten müssen die folgenden Pakete installiert sein: kubelet, kubectl und kubeadm. Diese können über den Standard-Paketmanager wie apt installiert werden.</li></ul><p>Es gibt ein dediziertes Playbook zum Bootstrapping der Knoten mit allen erforderlichen Konfigurationen und Abhängigkeiten, die unter ansible/bootstrap.yaml verfügbar sind. Überprüfe die Standardeinstellungen und führe das Playbook wie folgt aus:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-section" style="color: #ffc66d;">#~$ ansible-playbook -i ansible/inventory.yaml ansible/bootstrap.yaml -u ubuntu</span>
[<span class="hljs-symbol" style="color: #6897bb;">WARNING</span>]: <span class="hljs-link" style="color: #629755;">Invalid characters were found in group names but not replaced, use -vvvv to see details</span>
PLAY [Bootstrapping hosts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
ok: [control-plane-0.k8s.cluster]
ok: [worker-1.k8s.cluster]
ok: [worker-0.k8s.cluster]
ok: [worker-2.k8s.cluster]
TASK [commons : install common packages] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [worker-0.k8s.cluster]
TASK [commons : disable swap] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
TASK [commons : disable swap in fstab] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>*
ok: [worker-2.k8s.cluster]
ok: [control-plane-0.k8s.cluster]
ok: [worker-0.k8s.cluster]
ok: [worker-1.k8s.cluster]
TASK [commons : enable br_netfilter] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
TASK [commons : ensure iptables enabled] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [worker-1.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
TASK [commons : enable port forward] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
TASK [container-runtime : create config and data dirs] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [worker-2.k8s.cluster] => (item=/etc/containerd)
changed: [control-plane-0.k8s.cluster] => (item=/etc/containerd)
changed: [worker-1.k8s.cluster] => (item=/etc/containerd)
changed: [worker-0.k8s.cluster] => (item=/etc/containerd)
changed: [control-plane-0.k8s.cluster] => (item=/tmp/containerd)
changed: [worker-2.k8s.cluster] => (item=/tmp/containerd)
changed: [worker-1.k8s.cluster] => (item=/tmp/containerd)
changed: [worker-0.k8s.cluster] => (item=/tmp/containerd)
TASK [container-runtime : download and install runc] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
changed: [worker-1.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
TASK [container-runtime : download and install crictl] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [worker-1.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-0.k8s.cluster]
TASK [container-runtime : download containerd] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [worker-0.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
TASK [container-runtime : copy containerd binaries] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
TASK [container-runtime : copy containerd config] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
TASK [container-runtime : create containerd systemd service] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [worker-2.k8s.cluster]
TASK [container-runtime : reload systemd] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
ok: [worker-1.k8s.cluster]
ok: [worker-0.k8s.cluster]
ok: [worker-2.k8s.cluster]
ok: [control-plane-0.k8s.cluster]
TASK [container-runtime : enable containerd systemd service] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
TASK [container-runtime : start containerd service] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [worker-0.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
TASK [kubernetes-packages : adding Kubernetes repository apt key] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
TASK [kubernetes-packages : adding Kubernetes deb repository] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [worker-1.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [control-plane-0.k8s.cluster]
TASK [kubernetes-packages : installing Kubernetes packages] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [control-plane-0.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-0.k8s.cluster]
changed: [worker-1.k8s.cluster]
TASK [kubernetes-packages : hold kubeadm, kubectl, kubelet] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [worker-0.k8s.cluster] => (item=kubeadm)
changed: [worker-1.k8s.cluster] => (item=kubeadm)
changed: [control-plane-0.k8s.cluster] => (item=kubeadm)
changed: [worker-2.k8s.cluster] => (item=kubeadm)
changed: [worker-0.k8s.cluster] => (item=kubectl)
changed: [worker-1.k8s.cluster] => (item=kubectl)
changed: [worker-2.k8s.cluster] => (item=kubectl)
changed: [control-plane-0.k8s.cluster] => (item=kubectl)
changed: [worker-0.k8s.cluster] => (item=kubelet)
changed: [worker-1.k8s.cluster] => (item=kubelet)
changed: [worker-2.k8s.cluster] => (item=kubelet)
changed: [control-plane-0.k8s.cluster] => (item=kubelet)
PLAY RECAP <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
control-plane-0.k8s.cluster : ok=21 changed=18 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-0.k8s.cluster : ok=21 changed=18 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-1.k8s.cluster : ok=21 changed=18 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-2.k8s.cluster : ok=21 changed=18 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 </pre><p>Sobald alle Voraussetzungen erfüllt sind, können wir kubeadm für das Cluster-Bootstrapping verwenden. Die Installation des Kubernetes-Clusters besteht aus zwei Hauptschritten: Bootstrapping der Steuerungsebene und Joining zu den Worker-Knoten. Wir können dies tun, indem wir das Playbook ansible/kubernetes-install.yaml ausführen:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-section" style="color: #ffc66d;">#~$ ansible-playbook -i ansible/inventory.yaml ansible/kubernetes-install.yaml -u ubuntu</span>
[<span class="hljs-symbol" style="color: #6897bb;">WARNING</span>]: <span class="hljs-link" style="color: #629755;">Invalid characters were found in group names but not replaced, use -vvvv to see details</span>
PLAY [Bootstrap Kubernetes Control Plane] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
ok: [control-plane-0.k8s.cluster]
TASK [kubeadm-init : copy kubeadm init config] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
TASK [kubeadm-init : running kubeadm init] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
changed: [control-plane-0.k8s.cluster]
TASK [calico : copy Calico manifests] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
changed: [control-plane-0.k8s.cluster]
TASK [calico : install Calico] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
PLAY [Retrieve join token and certificate hash] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
ok: [control-plane-0.k8s.cluster]
TASK [kubeadm-join-config : create local dir for token and cert hash] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [control-plane-0.k8s.cluster -> localhost]
TASK [kubeadm-join-config : kubeadm token generate] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
TASK [kubeadm-join-config : generate cert hash] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
changed: [control-plane-0.k8s.cluster]
TASK [kubeadm-join-config : persist token locally] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster -> localhost]
TASK [kubeadm-join-config : persist cert hash locally] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [control-plane-0.k8s.cluster -> localhost]
PLAY [Join Kubernetes worker nodes] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
ok: [worker-1.k8s.cluster]
ok: [worker-2.k8s.cluster]
ok: [worker-0.k8s.cluster]
TASK [kubeadm-join : copy kubeadm join config] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [worker-0.k8s.cluster]
changed: [worker-1.k8s.cluster]
changed: [worker-2.k8s.cluster]
TASK [kubeadm-join : running kubeadm join] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
changed: [worker-1.k8s.cluster]
changed: [worker-2.k8s.cluster]
changed: [worker-0.k8s.cluster]
PLAY [Copy kubeconfig from remote] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
ok: [control-plane-0.k8s.cluster]
TASK [fetching] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
PLAY RECAP <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
control-plane-0.k8s.cluster : ok=13 changed=10 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-0.k8s.cluster : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-1.k8s.cluster : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
worker-2.k8s.cluster : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 </pre><p>Das Playbook führt kubeadm init auf den Knoten der Steuerungsebene aus und verwendet eine deklarative Clusterkonfiguration, die die bevorzugte Methode zum Konfigurieren von kubeadm ist. Die Konfigurationsvorlage ist unter ansible/roles/kubeadm-init/templates/kubeadm.yaml verfügbar. Sobald der Bootstrap der Steuerungsebene abgeschlossen ist, ruft Ansible ein Token und einen Zertifikat-Hash ab, die für die Authentifizierung der Worker-Knoten beim API-Server erforderlich sind, und führt kubeadm join auf den Worker-Knoten aus.<br><br>Das Playbook stellt Calico für die Clusternetzwerke bereit. Die Wahl von Calico ist motiviert, weil es die am weitesten verbreitete Netzwerk- und Sicherheitslösung für Kubernetes ist (zum Zeitpunkt des Schreibens).<br><br>Sobald die Playbook-Ausführung abgeschlossen ist, wird eine kubeconfig-Datei admin.conf in das aktuelle Verzeichnis geholt. Um zu überprüfen, ob der Cluster gebootet und verbunden ist, führe Folgendes aus:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-comment" style="color: grey;">#~$ kubectl --kubeconfig=admin.conf get nodes</span>
NAME STATUS ROLES AGE VERSION
control-plane-0.k8s.cluster Ready control-plane,master 3m30s v1.21.6
worker-0 Ready <none> 2m54s v1.21.6
worker-1 Ready <none> 2m55s v1.21.6
worker-2 Ready <none> 2m55s v1.21.6</pre><blockquote><p>es ist empfohlen die Location der admin.conf Datei als env. Variabel zu exportieren, damit man die Datei nicht jedesmal mit --kubeconfig mitgeben muss:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">export KUBECONFIG=<span class="hljs-variable" style="color: #629755;">$(pwd)</span>/<span class="hljs-literal" style="color: #6897bb;">admin</span>.conf</pre></blockquote><h2 id="mcetoc_1g6uqq0ncb8i">Notwendige Software</h2><p>Wenn der Kubernetes-Cluster eingerichtet und ausgeführt wird, können wir jetzt Container darauf bereitstellen und ausführen. Ein paar wesentliche Teile des voll funktionsfähigen Clusters fehlen jedoch noch: die dynamische Volume-Bereitstellung und die Unterstützung für Dienste welche einen LoadBalancer benötigen.</p><h3 id="mcetoc_1g6uqq0ncb8j">Volume Provisioning mit OpenEBS</h3><p>Die Volume Provisioner-Lösung ist sowohl in Situationen nützlich, in denen Anwendungen von Drittanbietern eine Standard-StorageClass zum Bereitstellen von PersistentVolumes benötigen, als auch in Situationen, in denen eine Datenreplikation für Hochverfügbarkeitsgarantien erforderlich ist.<br><br>Die Verwendung von OpenEBS für das Home-Lab-Setup erscheint vernünftig, da es lokale Engines für die Bereitstellung von PersistentVolumes bereitstellt, die direkt von den lokalen Festplatten auf Hosts unterstützt werden. Wenn eine Datenreplikation erforderlich ist, verfügt OpenEBS über mehrere Replicated Engines, deren Leistung jedoch unterschiedlich ist.<br><br>Um eine minimale Installation mit hostlokalen PersistentVolumes bereitzustellen, bietet OpenEBS eine „Lite“-Version:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-comment" style="color: grey;">#~$ kubectl apply -f https://openebs.github.io/charts/openebs-operator-lite.yaml</span>
namespace/openebs created
serviceaccount/openebs-maya-operator created
clusterrole.rbac.authorization.k8s.io/openebs-maya-operator created
clusterrolebinding.rbac.authorization.k8s.io/openebs-maya-operator created
customresourcedefinition.apiextensions.k8s.io/blockdevices.openebs.io created
customresourcedefinition.apiextensions.k8s.io/blockdeviceclaims.openebs.io created
configmap/openebs-ndm-config created
daemonset.apps/openebs-ndm created
deployment.apps/openebs-ndm-operator created
deployment.apps/openebs-ndm-cluster-exporter created
service/openebs-ndm-cluster-exporter-service created
daemonset.apps/openebs-ndm-node-exporter created
service/openebs-ndm-node-exporter-service created
deployment.apps/openebs-localpv-provisioner created</pre><p>Sobald der Operator installiert ist, erstellen wir eine StorageClass und setzen diese als Standard. Das ermöglicht die Verwendung von OpenEBS für die Volume-Bereitstellung, ohne dass jedes Mal die StorageClass für PersistentVolumes angegeben werden muss:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl apply <span class="hljs-_">-f</span> https://openebs.github.io/charts/openebs-operator-lite.yaml
namespace/openebs created
serviceaccount/openebs-maya-operator created
clusterrole.rbac.authorization.k8s.io/openebs-maya-operator created
clusterrolebinding.rbac.authorization.k8s.io/openebs-maya-operator created
customresourcedefinition.apiextensions.k8s.io/blockdevices.openebs.io created
customresourcedefinition.apiextensions.k8s.io/blockdeviceclaims.openebs.io created
configmap/openebs-ndm-config created
daemonset.apps/openebs-ndm created
deployment.apps/openebs-ndm-operator created
deployment.apps/openebs-ndm-cluster-exporter created
service/openebs-ndm-cluster-exporter-service created
daemonset.apps/openebs-ndm-node-exporter created
service/openebs-ndm-node-exporter-service created
deployment.apps/openebs-localpv-provisioner created
Dave@ChuckNorris[08:37:02]~/github/homelab$ kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: openebs-hostpath
annotations:
storageclass.kubernetes.io/is-default-class: <span class="hljs-string" style="color: #6a8759;">"true"</span>
openebs.io/cas-type: <span class="hljs-built_in">local</span>
cas.openebs.io/config: |
- name: StorageType
value: <span class="hljs-string" style="color: #6a8759;">"hostpath"</span>
- name: BasePath
value: <span class="hljs-string" style="color: #6a8759;">"/var/openebs/local/"</span>
provisioner: openebs.io/<span class="hljs-built_in">local</span>
volumeBindingMode: WaitForFirstConsumer
reclaimPolicy: Delete
EOF
storageclass.storage.k8s.io/openebs-hostpath created</pre><h3 id="mcetoc_1g6uqq0ncb8k">LoadBalancer mit MetalLB</h3><p>Eine letzte fehlende Funktionalität im bereitgestellten Cluster ist die Möglichkeit, Dienste vom Typ LoadBalancer für das lokale Netzwerk verfügbar zu machen. Bei der Ausführung in der Cloud wird diese Funktionalität von den Kubernetes-Integrationen mit Cloud-Anbietern bereitgestellt, und entsprechende netzwerkseitige Load Balancer werden über den Infrastrukturanbieter bereitgestellt. Bei der Ausführung auf Bare Metal ist eine solche Integration in Kubernetes standardmässig nicht verfügbar.<br><br>MetalLB ist die am weitesten verbreitete Lösung für den NetzwerkLB.<br><br>Die MetalLB-Installation wird über eine ConfigMap konfiguriert und kann mehrere Adresspools enthalten:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-attr">apiVersion:</span> v1
<span class="hljs-attr">kind:</span> ConfigMap
<span class="hljs-attr">metadata:</span>
<span class="hljs-attr"> namespace:</span> metallb-system
<span class="hljs-attr"> name:</span> config
<span class="hljs-attr">data:</span>
<span class="hljs-attr"> config:</span> <span class="hljs-string" style="color: #6a8759;">|
</span><span class="hljs-attr"> address-pools:</span>
<span class="hljs-attr"> - name:</span> default
<span class="hljs-attr"> protocol:</span> layer2
<span class="hljs-attr"> addresses:</span>
<span class="hljs-bullet" style="color: #6897bb;"> -</span> <span class="hljs-string" style="color: #6a8759;">"<span class="hljs-template-variable" style="color: #629755;">{{ lab.metallb_address_range }}</span>"</span> </pre><p>Die obere Vorlage ist Teil des Ansible-Playbooks <code>ansible/metallb.yaml</code>, das die MetalLB installiert und konfiguriert, um Adressen aus der in <code>group_vars</code> angegebenen Variable <code>lab.metallb_address_range</code> zuzuweisen. Der Adressbereich muss für die Zielumgebung relevant sein (Teil des reservierten statischen Adressbereichs, der im Abschnitt zum Bereitstellungslayout beschrieben ist, damit die Adressen zugewiesen werden können. Um MetalLB zu installieren, führe Folgendes aus:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ ansible-playbook -i ansible/inventory.yaml ansible/metallb.yaml -u ubuntu
[<span class="hljs-symbol" style="color: #6897bb;">WARNING</span>]: <span class="hljs-link" style="color: #629755;">Invalid characters were found in group names but not replaced, use -vvvv to see details</span>
PLAY [Install MetalLB] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
TASK [Gathering Facts] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
ok: [control-plane-0.k8s.cluster]
TASK [metallb : copy MetalLB manifests] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
TASK [metallb : copy MetalLB config] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>*
changed: [control-plane-0.k8s.cluster]
TASK [metallb : create namespace] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>*
changed: [control-plane-0.k8s.cluster]
TASK [metallb : install MetalLB config] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-emphasis" style="font-style: italic;">***</span>
changed: [control-plane-0.k8s.cluster]
TASK [metallb : install MetalLB] <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>
changed: [control-plane-0.k8s.cluster]
PLAY RECAP <span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span><span class="hljs-strong" style="font-weight: bold;">*****</span>**
control-plane-0.k8s.cluster : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 </pre><h2 id="mcetoc_1g6uqq0ncb8l">Installation überprüfen</h2><p>Um die Installation zu überprüfen, erstellen wir eine MinIO-Bereitstellung mit einem PersistentVolume für die Speicherung und stellen die Bereitstellung dem lokalen Netzwerk über den LoadBalancer-Diensttyp zur Verfügung. Das Beispiel basiert auf den Kubernetes-Speicherbeispielen.</p><ol><li>Erstellen ein PersistentVolumeClaim:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: minio-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
EOF
persistentvolumeclaim/minio-pv-claim created</pre></li><li>Erstelle ein Deployment:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: minio-deployment
spec:
selector:
matchLabels:
app: minio
strategy:
<span class="hljs-built_in">type</span>: Recreate
template:
metadata:
labels:
app: minio
spec:
volumes:
- name: storage
EOF mountPath: <span class="hljs-string" style="color: #6a8759;">"/storage"</span>Ytim
deployment.apps/minio-deployment created</pre></li><li>Überprüfe ob der PersistentVolumeClaim an das PersistentVolume gebunden ist und dies erstellt wurde:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
minio-pv-claim Bound pvc-8cb55047-43b6-4ab8<span class="hljs-_">-a</span>8cb-20dc1ecf1979 1Gi RWO openebs-hostpath 3m4s</pre><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-8cb55047-43b6-4ab8<span class="hljs-_">-a</span>8cb-20dc1ecf1979 1Gi RWO Delete Bound default/minio-pv-claim openebs-hostpath 28s</pre></li><li>Überprüfe, ob das Deployment erfolgreich war:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl describe deployment minio-deployment
Name: minio-deployment
Namespace: default
CreationTimestamp: Sat, 02 Jul 2022 08:54:36 +0200
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=minio
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: Recreate
M<span class="hljs-keyword" style="color: #cc7832;">in</span>ReadySeconds: 0
Pod Template:
Labels: app=minio
Containers:
minio:
Image: minio/minio:latest
Ports: 9000/TCP, 9001/TCP
Host Ports: 9000/TCP, 9001/TCP
Args:
server
/storage
--console-address
:9001
Environment:
MINIO_ACCESS_KEY: minio
MINIO_SECRET_KEY: minio123
Mounts:
/storage from storage (rw)
Volumes:
storage:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim <span class="hljs-keyword" style="color: #cc7832;">in</span> the same namespace)
ClaimName: minio-pv-claim
ReadOnly: <span class="hljs-literal" style="color: #6897bb;">false</span>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: minio-deployment-59659f9655 (1/1 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 56s deployment-controller Scaled up replica <span class="hljs-built_in">set</span> minio-deployment-59659f9655 to 1</pre></li><li>Stelle das Deployment via Service vom Typ LoadBalancer zur Verfügung:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: v1
kind: Service
metadata:
name: minio
spec:
ports:
- name: http
port: 9000
protocol: TCP
targetPort: 9000
- name: http-ui
port: 9001
protocol: TCP
targetPort: 9001
selector:
app: minio
<span class="hljs-built_in">type</span>: LoadBalancer
EOF</pre></li><li>Überprüfe, ob der Service erstellt wurde und eine Externe IP erhalten hat:<br><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl get service minio
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio LoadBalancer 10.97.129.247 192.168.30.150 9000:31713/TCP,9001:32327/TCP 10s</pre></li></ol><p>Die externe IP Adresse sollte in dem Anfangs definierten lokalen Subnetz Range sein. Du kannst nun via Browser die MinIO Konsole öffnen (in meinem Fall war die URL: <a href="http://192.168.30.150:9001/login">http://192.168.30.150:9001/login</a>) und dich mit Benutzer <em>minio</em> und Passwort <em>minio123</em> einloggen. Erstelle anschliessend ein Test Bucket, damit wir später auch überprüfen können ob die Daten persistent im Volume gespeichert werden:</p><figure class="post__image"><img loading="lazy" src="https://www.finecloud.ch/media/posts/44/Screenshot-2022-07-02-at-17.03.04.png" alt="" width="680" height="637" sizes="100vw" srcset="https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-xs.png 300w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-sm.png 480w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-md.png 768w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-lg.png 1024w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-xl.png 1360w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.03.04-2xl.png 1600w"></figure><p>Nun können wir direkt überprüfen, ob das Test-Bucket (testsetsetsgsdgfsdgagbadfg) im PersistentVolume gespeichert wurde:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl <span class="hljs-built_in">exec</span> deploy/minio-deployment -- bash -c <span class="hljs-string" style="color: #6a8759;">"ls -la /storage"</span>
drwxrwxrwx 4 root root 4096 Jul 2 06:59 .
drwxr-xr-x 1 root root 4096 Jul 2 06:54 ..
drwxr-xr-x 8 root root 4096 Jul 2 06:54 .minio.sys
drwxr-xr-x 5 root root 4096 Jul 2 15:06 testsetsetsgsdgfsdgagbadfg</pre><p>Damit können wir sicher sein, dass die Daten im Testbucket im PersistentVolume landen.</p><p>Als letzter Schritt werden wir das Kubernetes Dashboard deployen, damit kann man den Gesamten K8s Cluster als WebUI bedienen.</p><h2 id="kubernetes-dashboard">Kubernetes Dashboard</h2><p>Das Kubernetes-Dashboard ist die unverzichtbare Mindestlösung für die Beobachtbarkeit. Das Kubernetes-Dashboard verfügt über eine entsprechende Installationsanleitung, und hier konzentrieren wir uns auf die entsprechenden RBAC-Berechtigungen für den verwendeten ServiceAccount.<br><br>Zuerst installieren wir das Kubernetes Dashboard:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">#~$ kubectl apply <span class="hljs-_">-f</span> https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created</pre><p>Während das Kubernetes-Dashboard das Erstellen neuer Ressourcen und das Bearbeiten vorhandener Ressourcen ermöglicht, ist die Verwendung im schreibgeschützten Modus sicherer und würde keine Sicherheitsrisiken mit sich bringen, falls jemand Zugriff auf die Benutzeroberfläche erhält. Der Sichtbarkeitsbereich des Dashboards wird über RBAC der darauf zugreifenden Benutzer gesteuert.<br><br>Der konservativste Ansatz wäre, eine Aggregated ClusterRole basierend auf der Standard-Viewer-Rolle zu verwenden und sie bei Bedarf mit zusätzlichen Regeln zu erweitern:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dashboard-viewer
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.authorization.k8s.io/aggregate-to-view: <span class="hljs-string" style="color: #6a8759;">"true"</span>
- matchLabels:
rbac.homelab.k8s.io/aggregate-to-view: <span class="hljs-string" style="color: #6a8759;">"true"</span>
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dashboard-extended-view
labels:
rbac.homelab.k8s.io/aggregate-to-view: <span class="hljs-string" style="color: #6a8759;">"true"</span>
rules:
- apiGroups:
- <span class="hljs-string" style="color: #6a8759;">""</span>
resources:
- nodes
- extensions
- apps
- batch
- storage
- networking
verbs:
- get
- list
- watch
EOF</pre><p>Die ClusterRole bietet erweiterte Anzeigeberechtigungen, erlaubt aber immer noch nicht das Anzeigen von Secrets und Ressourcen aus der API-Gruppe rbac.authorization.k8s.io. Wir erstellen uns nun ein dedizierter ServiceAccount und binden den Account an die erstellte ClusterRole:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">kubectl apply <span class="hljs-_">-f</span> - <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-viewer
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-viewer
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: dashboard-viewer
subjects:
- kind: ServiceAccount
name: dashboard-viewer
namespace: kubernetes-dashboard
EOF
</pre><p>Auf das Dashboard kann entweder über den kubectl-Proxy oder über die Portweiterleitung zugegriffen werden:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">kubectl -n kubernetes-dashboard port-forward service/kubernetes-dashboard 8443:443</pre><p>Das Dashboard kann nun unter dieser URL erreicht werden: <a href="https://localhost:8443/">https://localhost:8443/</a> :</p><figure class="post__image"><img loading="lazy" src="https://www.finecloud.ch/media/posts/44/Screenshot-2022-07-02-at-17.25.57.png" alt="" width="1474" height="380" sizes="100vw" srcset="https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-xs.png 300w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-sm.png 480w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-md.png 768w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-lg.png 1024w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-xl.png 1360w, https://www.finecloud.ch/media/posts/44/responsive/Screenshot-2022-07-02-at-17.25.57-2xl.png 1600w"></figure><p>Um das ServiceAccount-Token für den Zugriff auf das Dashboard zu ermitteln, führen wir Folgendes aus:</p><pre class="hljs" style="color: #a9b7c6; background: #282b2e none repeat scroll 0% 0%; display: block; overflow-x: auto; padding: 0.5em;">kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/dashboard-viewer -o jsonpath=<span class="hljs-string" style="color: #6a8759;">"{.secrets[0].name}"</span>) -o go-template=<span class="hljs-string" style="color: #6a8759;">"{{.data.token | base64decode}}"</span></pre><p> </p></div><footer class="wrapper post__footer"><p class="post__last-updated">This article was updated on Juli 5, 2022</p><ul class="post__tag"><li><a href="https://www.finecloud.ch/tags/ansible/">ansible</a></li><li><a href="https://www.finecloud.ch/tags/container/">container</a></li><li><a href="https://www.finecloud.ch/tags/containerd/">containerd</a></li><li><a href="https://www.finecloud.ch/tags/k8s/">k8s</a></li><li><a href="https://www.finecloud.ch/tags/kubernetes/">kubernetes</a></li><li><a href="https://www.finecloud.ch/tags/proxmox/">proxmox</a></li><li><a href="https://www.finecloud.ch/tags/terraform/">terraform</a></li></ul><div class="post__share"></div></footer></article><nav class="post__nav"><div class="post__nav-inner"><div class="post__nav-prev"><svg width="1.041em" height="0.416em" aria-hidden="true"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#arrow-prev"/></svg> <a href="https://www.finecloud.ch/kubernetes-auf-proxmox-mit-ansible-und-terraform.html" class="post__nav-link" rel="prev"><span>Previous</span> Kubernetes auf Proxmox mit Ansible und Terraform (Teil 1)</a></div><div class="post__nav-next"><a href="https://www.finecloud.ch/guis-mit-javafx.html" class="post__nav-link" rel="next"><span>Next</span> GUIs mit JavaFX </a><svg width="1.041em" height="0.416em" aria-hidden="true"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#arrow-next"/></svg></div></div></nav><div class="post__related related"><div class="wrapper"><h2 class="h5 related__title">You should also read:</h2><article class="related__item"><div class="feed__meta"><time datetime="2022-07-23T05:56" class="feed__date">Juli 23, 2022</time></div><h3 class="h1"><a href="https://www.finecloud.ch/monitor-proxmox-mit-grafana-und-prometheus.html">Monitor Proxmox mit Grafana und Prometheus</a></h3></article><article class="related__item"><div class="feed__meta"><time datetime="2022-07-08T15:47" class="feed__date">Juli 8, 2022</time></div><h3 class="h1"><a href="https://www.finecloud.ch/citrix-adc-backup-mit-ansible.html">Citrix ADC (NetScaler) Backup mit Ansible</a></h3></article><article class="related__item"><div class="feed__meta"><time datetime="2022-07-01T18:59" class="feed__date">Juli 1, 2022</time></div><h3 class="h1"><a href="https://www.finecloud.ch/kubernetes-auf-proxmox-mit-ansible-und-terraform.html">Kubernetes auf Proxmox mit Ansible und Terraform (Teil 1)</a></h3></article></div></div></main><footer class="footer"><div class="footer__copyright"><p>Powered by Publii</p></div><button onclick="backToTopFunction()" id="backToTop" class="footer__bttop" aria-label="Back to top" title="Back to top"><svg><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#toparrow"/></svg></button></footer></div><script>window.publiiThemeMenuConfig = {
mobileMenuMode: 'sidebar',
animationSpeed: 300,
submenuWidth: 'auto',
doubleClickTime: 500,
mobileMenuExpandableSubmenus: true,
relatedContainerForOverlayMenuSelector: '.top',
};</script><script defer="defer" src="https://www.finecloud.ch/assets/js/scripts.min.js?v=6ca8b60e6534a3888de1205e82df8528"></script><script>var images = document.querySelectorAll('img[loading]');
for (var i = 0; i < images.length; i++) {
if (images[i].complete) {
images[i].classList.add('is-loaded');
} else {
images[i].addEventListener('load', function () {
this.classList.add('is-loaded');
}, false);
}
}</script><script defer="defer" src="https://www.finecloud.ch/media/plugins/syntaxHighlighter/prism.js"></script></body></html>