Skip to content

Nodes setting

Basic setting on each node

I’m going to log to my primary control node control01. The dedicated one as "control plane" for my Kubernetes cluster.

First, we should confirm that all our nodes are up:

#switch to root
sudo -s
#install nmap
apt install nmap
#scan local network range to see who is up
nmap -sP 192.168.0.1-254

This confirmed all my nodes are up and connected. I’m going to use this primary node to connect to everything within this network. However, before we can leverage some automation with Ansible, there are a couple of manual tasks to do.

First, prepare /etc/hosts file on the one control node you are on right now:

# Edit /etc/hosts with your favorite editor, mine looks like:
127.0.0.1 localhost

192.168.0.10 control01 control01.local

192.168.0.11 cube01 cube01.local
192.168.0.12 cube02 cube02.local
192.168.0.13 cube03 cube03.local
192.168.0.14 cube04 cube04.local
192.168.0.15 cube05 cube05.local
192.168.0.16 cube06 cube06.local
192.168.0.17 cube07 cube07.local

Making life easier with Ansible

I’m going to use Ansible in a very simple manner so that everybody can understand what is going on. Of course, all of the following steps can be done via playbook, that you would run and leave for coffee…

Install Ansible

apt install ansible

Next, we need to create a file /etc/ansible/hosts, and add our hosts. In essence, here we define hosts and groups of hosts that Ansible will try to manage.

# Edit file /etc/ansible/hosts
[control]
control01  ansible_connection=local

[workers]
cube01  ansible_connection=ssh
cube02  ansible_connection=ssh
cube03  ansible_connection=ssh
cube04  ansible_connection=ssh
cube05  ansible_connection=ssh
cube06  ansible_connection=ssh
cube07  ansible_connection=ssh

[cube:children]
control
workers

Above, you can see I have added 3 groups: control, workers and cube. Name of the group is the one in between [ ]. This was split so that if I want to execute some actions only on control server, I use the “control” group. Group “cube” has children. This basically means that it’s a group of groups, and when I’m using cube I’m targeting every single node from the listed groups.

Variable: ansible_connection: we are telling Ansible how to connect to that host. The primary method is ssh, but I specified “local” for control01, because this is the node that we are running Ansible from. This way, it won’t try to ssh to itself.

Lastly, we are going to make it so that user root will be able to log in to other nodes from contro01 without the password using an ssh key. This step is optional, but after this you won’t need to type the password every time you run Ansible.

# Make sure you are user root
cd
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Do not fill anything in next command just enter
ssh-keygen -t rsa
# Copy keys to each node, for example:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube01
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube02
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube03
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube04
.
.
.

After this, we are ready for some mass settings with Ansible, but that will be in the next part. I’m trying to keep them shorter so that you don’t get overwhelmed by walls of text.

Your very first Ansible command

This is the last thing before we head on to the next article; we are going to check if Ansible is working fine and can connect to all nodes:

# Run following as root user
# We are going to execute ping via ansible, the "cube" is group we specified in /etc/ansible/hosts
# And if you rememeber this will execute the command on all nodes.
# -m mean we are going to use module, in our case module: ping
ansible cube -m ping

#Result should be:
ubuntu@ubuntu:~$ ansible cube -m ping
control01 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
cube02 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
cube01 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
cube03 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
.
.
.

Last update: June 9, 2022

Comments