AlmaLinux使用Ansible自动部署k8s集群

一、环境准备

1. 节点规划（最低要求）

   • 1台Master节点（4核/8GB内存）
   • 2台Worker节点（2核/4GB内存）
   • 1台Ansible控制机（可复用Master节点）

2. 系统配置

   # 所有节点执行
   sudo hostnamectl set-hostname master  # 主节点
   sudo hostnamectl set-hostname worker1 # 工作节点
   sudo hostnamectl set-hostname worker2
   
   # 配置/etc/hosts（所有节点）
   echo "192.168.1.10 master
   192.168.1.11 worker1
   192.168.1.12 worker2" | sudo tee -a /etc/hosts
   
   # 关闭SELinux和防火墙
   sudo setenforce 0
   sudo sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
   sudo systemctl stop firewalld && sudo systemctl disable firewalld
   

3. SSH免密登录

   # 在Ansible控制机生成密钥并分发
   ssh-keygen -t rsa
   ssh-copy-id root@master
   ssh-copy-id root@worker1
   ssh-copy-id root@worker2
   

二、Ansible配置

1. 安装Ansible

   # 在控制机安装Ansible
   sudo dnf install epel-release -y
   sudo dnf install ansible sshpass -y
   

2. 配置Inventory文件
   创建hosts文件：

   [master]
   master ansible_host=192.168.1.10
   
   [workers]
   worker1 ansible_host=192.168.1.11
   worker2 ansible_host=192.168.1.12
   
   [k8s_cluster:children]
   master
   workers
   

三、编写Ansible Playbook

创建k8s-cluster.yml，内容如下：

- name: Deploy Kubernetes Cluster
  hosts: k8s_cluster
  become: yes
  tasks:
    - name: Install containerd
      yum:
        name: containerd.io
        state: present

    - name: Configure containerd
      copy:
        src: containerd-config.toml
        dest: /etc/containerd/config.toml
      notify: restart containerd

    - name: Enable kernel modules
      shell: |
        modprobe overlay
        modprobe br_netfilter
        echo "overlay" >> /etc/modules-load.d/k8s.conf
        echo "br_netfilter" >> /etc/modules-load.d/k8s.conf

    - name: Configure sysctl
      sysctl:
        name: "{{ item.key }}"
        value: "{{ item.value }}"
        state: present
        reload: yes
      with_items:
        - { key: net.bridge.bridge-nf-call-ip6tables, value: 1 }
        - { key: net.bridge.bridge-nf-call-iptables, value: 1 }
        - { key: net.ipv4.ip_forward, value: 1 }

    - name: Install kubeadm/kubelet/kubectl
      yum:
        name: "{{ item }}"
        state: present
      with_items:
        - kubeadm-1.24.2
        - kubelet-1.24.2
        - kubectl-1.24.2

    - name: Enable kubelet
      systemd:
        name: kubelet
        enabled: yes
        state: started

- name: Initialize Kubernetes Master
  hosts: master
  become: yes
  tasks:
    - name: Initialize cluster
      shell: kubeadm init --pod-network-cidr=10.244.0.0/16
      register: init_output

    - name: Save join command
      copy:
        content: "{{ init_output.stdout }}"
        dest: /root/join-command.sh

- name: Join Workers
  hosts: workers
  become: yes
  tasks:
    - name: Copy join command
      fetch:
        src: /root/join-command.sh
        dest: /tmp/join-command.sh
        flat: yes

    - name: Join cluster
      shell: "sh /tmp/join-command.sh"

四、执行部署

# 运行Playbook
ansible-playbook -i hosts k8s-cluster.yml

五、验证集群

# 在Master节点执行
kubectl get nodes  # 应显示所有节点状态为Ready
kubectl apply -f   # 安装网络插件

注意事项

1. 离线部署：若环境无外网，需提前下载所有依赖包（如containerd、kubeadm二进制文件）并配置本地仓库。
2. 架构支持：AlmaLinux默认支持x86_64，若需ARM64需调整镜像源和软件包。
3. 证书配置：建议使用cfssl工具生成自定义证书，避免默认证书过期问题。

通过以上步骤，您可以在AlmaLinux上快速完成Kubernetes集群的自动化部署。若需更复杂的配置（如多Master高可用），可参考中的负载均衡方案。