BestHub
Sign in
Cloud Native 10 min read

Deploy a Highly Available Kubernetes 1.12.5 Cluster with Kubespray

This guide walks through setting up password‑less SSH, downloading a specific Kubespray tag, customizing image repositories, configuring Docker mirrors, adjusting DNS and network plugins, and finally running Ansible playbooks to provision a HA Kubernetes 1.12.5 cluster.

ITPUB
ITPUB
ITPUB
Deploy a Highly Available Kubernetes 1.12.5 Cluster with Kubespray

Overview

The article demonstrates how to build a highly‑available Kubernetes cluster (v1.12.5) using Kubespray (tag v2.8.3), which is driven by Ansible.

Prerequisites

Kubespray source code: https://github.com/kubernetes-sigs/kubespray. Use the released tag v2.8.3 rather than the master branch.

Step 1 Set up password‑less SSH

ssh-keygen -t rsa
scp ~/.ssh/id_rsa.pub root@IP:/root/.ssh
ssh root@IP
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

Step 2 Download Kubespray

wget https://github.com/kubernetes-sigs/kubespray/archive/v2.8.3.tar.gz
tar -xvf v2.8.3.tar.gz
cd kubespray-v2.8.3

Step 3 Configuration adjustments

3.1 Private image registry

Define custom image repositories in inventory/testcluster/group_vars/k8s-cluster/k8s-cluster.yml:

# kubernetes image repo define
kube_image_repo: "10.0.0.183:5000/google_containers"
etcd_image_repo: "10.0.0.183:5000/coreos/etcd"
coredns_image_repo: "10.0.0.183:5000/coredns"
calicoctl_image_repo: "10.0.0.183:5000/calico/ctl"
calico_node_image_repo: "10.0.0.183:5000/calico/node"
calico_cni_image_repo: "10.0.0.183:5000/calico/cni"
calico_policy_image_repo: "10.0.0.183:5000/calico/kube-controllers"
hyperkube_image_repo: "{{ kube_image_repo }}/hyperkube-{{ image_arch }}"
pod_infra_image_repo: "{{ kube_image_repo }}/pause-{{ image_arch }}"
dashboard_image_repo: "{{ kube_image_repo }}/kubernetes-dashboard-{{ image_arch }}"

Add the insecure registry entry (the private registry does not use HTTPS) in inventory/testcluster/group_vars/all/docker.yml:

docker_insecure_registries:
  - 10.0.0.183:5000

3.2 Docker CE source mirror

Replace the default Docker CE repository with Alibaba Cloud mirrors by adding the following variables to inventory/testcluster/group_vars/k8s-cluster/k8s-cluster.yml:

# CentOS/RedHat docker‑ce repo
docker_rh_repo_base_url: 'https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable'
docker_rh_repo_gpgkey: 'https://mirrors.aliyun.com/docker-ce/linux/centos/gpg'
dockerproject_rh_repo_base_url: 'https://mirrors.aliyun.com/docker-engine/yum/repo/main/centos/7'
dockerproject_rh_repo_gpgkey: 'https://mirrors.aliyun.com/docker-engine/yum/gpg'

3.3 Pre‑download required binaries

Binary URLs are defined in roles/download/defaults/main.yml. Example URLs for Kubernetes v1.12.5:

kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/linux/amd64/kubeadm"
hyperkube_download_url: "https://storage.googleapis.com/kubernetes-release/release/v1.12.5/bin/linux/amd64/hyperkube"
cni_download_url: "https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz"

After downloading, make the files executable and copy them to each node (e.g., node1):

chmod 755 cni-plugins-amd64-v0.6.0.tgz hyperkube kubeadm
scp cni-plugins-amd64-v0.6.0.tgz hyperkube kubeadm root@node1:/tmp/releases

3.4 DNS and network plugin selection

Use coredns as the DNS provider. Set resolvconf_mode: docker_dns so that containers using host networking can resolve cluster DNS: resolvconf_mode: docker_dns Select Calico as the CNI plugin and enable IPVS mode for kube-proxy. The following diagram shows the network topology (image retained for technical reference):

Step 4 Run the Ansible playbook

sudo pip install -r requirements.txt
cp -rfp inventory/sample inventory/mycluster
declare -a IPS=(10.10.1.3 10.10.1.4 10.10.1.5)
CONFIG_FILE=inventory/mycluster/hosts.ini python3 contrib/inventory_builder/inventory.py ${IPS[@]}
# optional: review variables
cat inventory/mycluster/group_vars/all/all.yml
cat inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml
ansible-playbook -i inventory/mycluster/hosts.ini --become --become-user=root cluster.yml

After the playbook completes, verify the cluster from a master node:

kubectl cluster-info
kubectl get node
kubectl get pods --all-namespaces

References

Kubespray getting‑started guide: https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md

Community write‑ups: https://xdatk.github.io/2018/04/16/kubespray2/ and https://jicki.me/kubernetes/docker/2018/12/21/k8s-1.13.1-kubespray/

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

DockerKubernetesHAAnsiblePrivate Registrykubespray
ITPUB
Written by

ITPUB

Official ITPUB account sharing technical insights, community news, and exciting events.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment