Added config support for kubeadm.

`kubeadmin` can now take a --config argument instead of parsing in flags. This was required in order to increase the number of pods running on a host from 110 to 500. Can now align the pod-network-cidr with kubeadm and Calico instead of use the Calico default network of 192.168.0.0/16.
2025-08-06 13:47:31 +02:00 · 2021-01-08 16:24:57 +02:00 · 2021-01-08 16:24:57 +02:00 · ba45b91e00
commit ba45b91e00
parent 41be8a0d07
5 changed files with 82 additions and 14 deletions
--- a/README.md
+++ b/README.md
@ -24,8 +24,8 @@ Available variables are listed below, along with default values (see `defaults/m

 Kubernetes packages to be installed on the server. You can either provide a list of package names, or set `name` and `state` to have more control over whether the package is `present`, `absent`, `latest`, etc.

-    kubernetes_version: '1.17'
-    kubernetes_version_rhel_package: '1.17.2'
+    kubernetes_version: '1.19'
+    kubernetes_version_rhel_package: '1.19.0'

 The minor version of Kubernetes to install. The plain `kubernetes_version` is used to pin an apt package version on Debian, and as the Kubernetes version passed into the `kubeadm init` command (see `kubernetes_version_kubeadm`). The `kubernetes_version_rhel_package` variable must be a specific Kubernetes release, and is used to pin the version on Red Hat / CentOS servers.

--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -50,4 +50,7 @@ kubernetes_flannel_manifest_file_rbac: https://raw.githubusercontent.com/coreos/
 kubernetes_flannel_manifest_file: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

 # Calico config files
-kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.10/manifests/calico.yaml
+kubernetes_calico_manifest_file: https://docs.projectcalico.org/v3.17/manifests/calico.yaml
+
+# Kubeadm config extras
+kubernetes_kube_controller_manager_node_cidr_mask_size: 24
--- a/meta/.galaxy_install_info
+++ b/meta/.galaxy_install_info
@ -0,0 +1,2 @@
+install_date: Wed Jan  6 10:17:50 2021
+version: 5.0.1
--- a/tasks/master-setup.yml
+++ b/tasks/master-setup.yml
@ -1,12 +1,25 @@
 ---
+- name: Ensure .kube directory exists.
+  file:
+    path: ~/.kube
+    state: directory
+    mode: 0755
+
+- name: Get Kubernetes bootstrap token.
+  command: kubeadm token generate
+  register: kubernetes_bootstrap_token
+
+- name: Add Kubernetes kube controller manager extra options override file.
+  template:
+    src: kubeadm-config.j2
+    dest: ~/.kube/kubeadm-config.yml
+    mode: 0644
+
 - name: Initialize Kubernetes master with kubeadm init.
  command: >
    kubeadm init
-    --pod-network-cidr={{ kubernetes_pod_network.cidr }}
-    --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }}
-    --kubernetes-version {{ kubernetes_version_kubeadm }}
+    --config ~/.kube/kubeadm-config.yml
    --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
-    {{ kubernetes_kubeadm_init_extra_opts }}
  register: kubeadmin_init
  when: not kubernetes_init_stat.stat.exists

@ -16,12 +29,6 @@
    verbosity: 2
  when: not kubernetes_init_stat.stat.exists

- name: Ensure .kube directory exists.
-  file:
-    path: ~/.kube
-    state: directory
-    mode: 0755
-
 - name: Symlink the kubectl admin.conf to ~/.kube/conf.
  file:
    src: /etc/kubernetes/admin.conf
@ -38,10 +45,24 @@
  changed_when: "'created' in flannel_result.stdout"
  when: kubernetes_pod_network.cni == 'flannel'

+- name: Download Calico networking manifest.
+  get_url:
+    url: "{{ kubernetes_calico_manifest_file }}"
+    dest: "~/.kube/calico_manifest.yaml"
+    mode: "0644"
+  when: kubernetes_pod_network.cni == 'calico'
+
+- name: Replace Calico default CIDR network with Kuberenetes pod networking.
+  replace:
+    path: ~/.kube/calico_manifest.yaml
+    regexp: "192.168.0.0/16"
+    replace: "{{ kubernetes_pod_network.cidr }}"
+  when: kubernetes_pod_network.cni == 'calico'
+
 - name: Configure Calico networking.
  command: "{{ item }}"
  with_items:
-    - kubectl apply -f {{ kubernetes_calico_manifest_file }}
+    - kubectl apply -f ~/.kube/calico_manifest.yaml
  register: calico_result
  changed_when: "'created' in calico_result.stdout"
  when: kubernetes_pod_network.cni == 'calico'
--- a/templates/kubeadm-config.j2
+++ b/templates/kubeadm-config.j2
@ -0,0 +1,42 @@
+apiVersion: kubeadm.k8s.io/v1beta2
+kind: InitConfiguration
+bootstrapTokens:
+- groups:
+  - system:bootstrappers:kubeadm:default-node-token
+  token: {{ kubernetes_bootstrap_token.stdout }}
+  ttl: 24h0m0s
+  usages:
+  - signing
+  - authentication
+localAPIEndpoint:
+  advertiseAddress: {{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }}
+  bindPort: 6443
+nodeRegistration:
+  criSocket: /var/run/dockershim.sock
+  name: node1
+  taints:
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/master
+---
+apiVersion: kubeadm.k8s.io/v1beta2
+kind: ClusterConfiguration
+apiServer:
+  timeoutForControlPlane: 4m0s
+certificatesDir: /etc/kubernetes/pki
+clusterName: kubernetes
+controllerManager: {}
+dns:
+  type: CoreDNS
+etcd:
+  local:
+    dataDir: /var/lib/etcd
+imageRepository: k8s.gcr.io
+kubernetesVersion: v1.17.0
+networking:
+  dnsDomain: cluster.local
+  serviceSubnet: 10.96.0.0/12
+  podSubnet: {{ kubernetes_pod_network.cidr }}
+controllerManager:
+  extraArgs:
+    node-cidr-mask-size: "{{ kubernetes_kube_controller_manager_node_cidr_mask_size }}"
+scheduler: {}