Marzo | Notion

Inizio ad approfondire bene il progetto Kubespray → https://kubespray.io/#/docs/CSI/aws-ebs-csi

https://github.com/kubernetes-sigs/kubespray

Learning how to provision a kubespray cluster

https://kubespray.io/#/docs/getting_started/setting-up-your-first-cluster

Computing resources needed for kubespray setup on a single region

Networking: VPC network, A subnet must be provisioned with an IP address range large enough to assign a private IP address to each node in the Kubernetes cluster.
Firewall rules: Create a firewall rule that allows internal communication across all protocols and external SSH, ICMP, and HTTPS. It is important to note that the vxlan protocol has to be allowed in order for the calico (see later) networking plugin to work. It is not feasible to restrict the firewall to a specific IP address from where you are accessing the cluster as the nodes also communicate over the public internet and would otherwise run into this firewall. Technically you could limit the firewall to the (fixed) IP addresses of the cluster nodes and the remote IP addresses for accessing the cluster.
Creation of compute instances: The compute instances in this example will be provisioned using Ubuntu Server 18.04. Each compute instance will be provisioned with a fixed private IP address and a public IP address (that can be fixed - see guide). Using fixed public IP addresses has the advantage that our cluster node configuration does not need to be updated with new public IP addresses every time the machines are shut down and later on restarted. Create three compute instances which will host the Kubernetes control plane. Create three compute instances which will host the Kubernetes worker nodes. Do not forget to fix the IP addresses if you plan on re-using the cluster after temporarily shutting down the VMs.
Configuring SSH Access: Kubespray is relying on SSH to configure the controller and worker instances. Please repeat this procedure for all the controller and worker nodes, to ensure that SSH access is properly functioning for all nodes.

Kubespray setup

As Ansible is a python application, we will create a fresh virtual environment to install the dependencies for the Kubespray playbook:

python3 -m venv venv
source venv/bin/activate

Next, we will git clone the Kubespray code into our working directory:

git clone <https://github.com/kubernetes-sigs/kubespray.git>
cd kubespray
git checkout release-2.17

Now we need to install the dependencies for Ansible to run the Kubespray playbook:

pip install -r requirements.txt

Copy inventory/sample as inventory/mycluster:

cp -rfp inventory/sample inventory/mycluster

Update the sample Ansible inventory file with ip given by the cloud provider:

command