Skip to content

Version v0.3.0: HA Cluster Deployment & Containerized Environment on Type-II Hypervisor

Choose a tag to compare

View all tags
@csning1998 csning1998 released this 07 Sep 10:00
· 14 commits to main since this release
v0.3.0
ee2d8de
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Summary

This release introduces the capability to deploy a multi-master, High Availability (HA) Kubernetes cluster and containerizes the entire IaC execution environment for improved portability. The Ansible roles and Terraform configurations have been significantly refactored to support conditional logic for both single-master and HA deployments, laying the groundwork for more advanced configurations.

Key Features & Enhancements

  • High Availability (HA) Cluster Deployment:

    • The deployment logic can now create a multi-master HA Kubernetes cluster by simply defining multiple IPs in the master_ip_list variable.
    • Ansible playbooks now automatically configure keepalived and HAProxy for creating a stable virtual IP (controlPlaneEndpoint) before initializing the cluster.
    • A validation rule was added to Terraform to ensure the number of master nodes is odd, mitigating etcd split-brain risks.

  • Containerized Execution Environment:

    • The entire toolchain (Packer, Terraform, Ansible) is now containerized using Docker, allowing for consistent execution across different host systems.
    • The entry.sh script provides a seamless way to switch between native and docker execution strategies.

  • Upgraded Kubernetes Version:

    • The target Kubernetes version for kubeadm, kubelet, and kubectl has been upgraded to v1.32.

Refactoring and Fixes

  • Ansible Structure Overhaul:

    • The Ansible directory structure was reorganized, separating playbooks and roles for better clarity.
    • Roles for cluster provisioning were broken down into modular stages (11-ha-loadbalancer, 12-kubeadm-init-primary, etc.) for a more logical execution flow.
    • All Kubernetes network parameters are now passed from Terraform via a template, creating a single source of truth in the generated inventory.yaml.

  • Robust Network & SSH Configuration:

    • Terraform's remote-exec provisioner was improved to dynamically detect network interface names on the guest VMs instead of assuming a fixed name like ens33, making the configuration more resilient.
    • The SSH verification process in entry.sh now includes retries to handle potential race conditions where a VM is not immediately ready for connection.

  • Lifecycle and Dependency Management:

    • The entry.sh script was updated to use docker compose exec instead of run, ensuring that commands are sent to a persistent controller container, correctly managing the VM lifecycle.
    • Ansible Vault has been deprecated in preparation for the future integration of HashiCorp Vault.
Assets 2
Loading