WARNING: This project is no longer developed as I have moved to using QEMU instead. https://github.com/zimmertr/Bootstrap-Kubernetes-with-QEMU
Build a 4 node Kubernetes cluster on a Proxmox cluster using Ansible and LXC.
Approximate deployment time: 20 minutes.
WARNING: See problems section before using this repository.
- Proxmox server
- DNS Server
- Ansible 2.7.0+. Known incompatibility with a previous build.
- Modify the
vars.yml
file with values specific to your environment. - Provision DNS A records for the IP Addresses & Hostnames you defined for your nodes in the
vars.yml
file. - Modify the
inventory.ini
file to reflect your chosen DNS records and the location of the SSH keys used to connect to the nodes. - Run the deployment:
ansible-playbook -e @vars.yml -i inventory.ini site.yml
- After deployment, a
~/.kube
directory will be created on your workstation. Within yourconfig
and anauthentication_token
file can be be found. This token is used to authenticate against the Kubernetes API and Dashboard using your account. To connect to the dashboard, installkubectl
on your workstation and runkubectl proxy
then navigate to the Dashboard Endpoint in your browser.
- You can rollback the entire deployment with:
ansible-playbook -e @vars.yml -i inventory.ini delete_all_resources.yml
- If your LXC instances fail to install
openssh-server
and throw a longyum
related error, it's likely that they do not have a properly configured network. You can troubleshoot this by using thelxc-attach
command to connect to them from Promxox without SSH. - See this repository to do this with QEMU instead. Benefits of using QEMU include:
* More security since the compute resources aren't sharing kernel space with your server.
* Not at the mercy of the Proxmox kernel for compatibility with necessary Kubernetes kernel modules.
- Add better support for multi-node Proxmox clusters.
- Add support for VLAN Tags & IDs.
- Perform security audit and enhance if necessary.
- Rewrite
deploy_lxc_containers.yml
to deploy one instance and clone rather than four separate instances to reduce duration.
- There is a bug in either the
4.15.18
Linux kernel or in thebr_netfilter
module. Preventing the LXC strategy from being a viable solution due to pod networking never being able to work. More information can be found here: https://github.com/lxc/lxd/issues/5193#issuecomment-431872713A A cluster can still be provisioned without pod networking, for what it is worth.
- The
k8s
module does not support applying Kubernetes Deployments from URL. Instead of usingget_url
to download them first, and then apply them withk8s
, I just useshell
to run akubectl apply -f
. Feature Request here.