Automated Kubernetes cluster deployment on metal using Ansible
Provides a fully automated method for building a highly available Kubernetes cluster on metal using Ansible. It assumes each machine is already running Ubuntu and handles all remaining configuration, including preparing controller and worker nodes, installing the container runtime, and deploying Kubernetes components. The goal is a reliable, repeatable cluster build with as few opportunities for human-induced chaos as possible.
- Security
- Background
- Install
- Usage
- Future: Drydock
- Documentation
- Repository Configuration
- Contributing
- License
This provides a vanilla Kubernetes cluster, without any security configuration. Security is configured in Kubernetes manifests, which live in kubernetes-lab-config.
Building a Kubernetes cluster on metal is a lengthy process with many opportunities for error. This ansible playbook and its roles allow us to repeat the process reliably and (relatively) quickly, using the industry standard way to configure metal hosts.
- Amend your values in inventory.yaml
cd ansible- Run the playbook
ansible-playbook playbook-build.yaml
To completely destroy and rebuild the cluster, run the rebuild playbook
ansible-playbook playbook-rebuild.yaml.
Many modern infrastructure automation tools struggle with,
- mutable infrastructure: no guarantees that repeated deployments will be exactly the same.
- idempotent-ish: tries to be idempotent, but gives you the freedom to stray from the path if you wish.
- no takesies-backsies: rollbacks can be challenging.
- drift: if something occurs outside of your code, it will not be actively detected.
- operating system provisioning: It is generally assumed that you already have an operating system in place, but if you have just purchased 3 new servers, or perhaps 300 new servers, installing an operating system on every single one is a pain.
Drydock will solve this.
We are building Drydock, a boostrapping system that takes you from bare metal to a fully functioning, highly available kubernetes cluster with (almost) zero human interaction. You'll get a cloud native experience on anything from a few Raspberry Pi's to a data centre full of HPE Cray Supercomputing EX4000 nodes.
If you happen to have an HPE Cray Supercomputing EX4000 and are willing to let us test Drydock on it, that would be amazing lol
Further documentation is in the docs directory.
Warning
This repo is controlled by OpenTofu in the estate-repos repository.
Manual configuration changes will be overwritten the next time OpenTofu runs.
If you need any help, please log an issue and one of our team will get back to you.
PRs are welcome.
All source code in this repository is licenced under the GNU Affero General Public License v3.0 (AGPL-3.0). A copy of this is provided in the LICENSE.
All non-code content in this repository, including but not limited to images, diagrams or prose documentation, is licenced under the Creative Commons Attribution-ShareAlike 4.0 International licence.