Quick Start
This guide will help you quickly launch a KOMSOS cluster with default options.
New to Kubernetes? The official Kubernetes docs already have some great tutorials outlining the basics here.
Prerequisites
-
Make sure your environment fulfills the requirements.
-
If the host kernel supports AppArmor, the AppArmor tools (usually available via the
apparmor-parserpackage) must also be present prior to installing.
Ubuntu 22 LTS install
Auto Mode (Prebuild ISO, Redfish, iPXE)
iDRAC/iLO (manual mode)
Take a look at ironlight project.
Orchestrator (Kubernetes)
Ansible inventory (for manual mode with already provisoned os)
For this mode Ansible version >= 2.10.8 must be avaiblable on the installation node.
inventory.yaml (see samples in kosmos/kube-provisioner/os-provided)
all:
vars:
kosmos_domain: kosmos.wip
external_registry: kosmos-registry.kosmos.wip
# set to "" for no hardening
hardening_profile: "cis"
# endpoint used by cilium pods to reach controllers for direct routing mode
kube_endpoint: 192.168.100.163
# "" mean autodetect
mtu: ""
# will switch to airgap provisioning mode (need external registry, see external_registry.md and air-gap.sh)
airgap: true
# activate peer to peer embedded registry
embedded_registry: true
external_registry_ip: 127.0.0.1
# set to none (vxlan as last resort)
kube_cni_encapsulation: none
kube_cni_encryption: "false"
# 2 for Production/HA
cni_operator_replicas: 1
# cilium observability
hubble: "false"
# cilium ui
hubble_ui: "false"
controllers:
vars:
controller: true
hosts:
ubuntu0:
node_ip: 192.168.100.163
interface: enp2s0
# will create kosmosvg volume group
lvm_disk: /dev/vdb
kube.yaml (kosmos/kube-provisioner/os-provided)
- name: controllers bootstrap
hosts: controllers
tasks:
- name: copy rke2 assets for airgap and embedded registry
ansible.builtin.copy:
src: "{{ item }}"
dest: "~"
with_fileglob:
- "../{{ kube_version | default('v1.32.3') }}/release-cert-manager.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/release-lvm-csi.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/release-oci-registry.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/rke2-images-cilium.linux-amd64.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/rke2-images-core.linux-amd64.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/rke2.linux-amd64.tar.gz"
- "../{{ kube_version | default('v1.32.3') }}/sha256sum-amd64.txt"
when:
- embedded_registry is defined and embedded_registry == true
- airgap == true
- name: copy bootstrap.sh
ansible.builtin.template:
src: bootstrap.sh
dest: bootstrap.sh
mode: +x
- name: copy rke.sh
ansible.builtin.copy:
src: rke2.sh
dest: rke2.sh
mode: +x
- name: copy config.toml.tmpl
ansible.builtin.copy:
src: config.toml.tmpl
dest: config.toml.tmpl
- name: execute bootstrap.sh
become: true
command: ./bootstrap.sh
- name: workers bootstrap
hosts: workers
tasks:
- name: copy rke2 assets for airgap
ansible.builtin.copy:
src: "{{ item }}"
dest: "~"
with_fileglob:
- "../{{ kube_version | default('v1.32.3') }}/rke2-runtime.tar.zst"
- "../{{ kube_version | default('v1.32.3') }}/rke2.linux-amd64.tar.gz"
- "../{{ kube_version | default('v1.32.3') }}/sha256sum-amd64.txt"
when:
- embedded_registry is defined and embedded_registry == true
- airgap == true
- name: copy bootstrap.sh
ansible.builtin.template:
src: bootstrap.sh
dest: bootstrap.sh
mode: +x
- name: copy rke.sh
ansible.builtin.copy:
src: rke2.sh
dest: rke2.sh
mode: +x
- name: copy config.toml.tmpl
ansible.builtin.copy:
src: config.toml.tmpl
dest: config.toml.tmpl
- name: execute bootstrap.sh
become: true
command: ./bootstrap.sh
Launch it using:
ansible-playbook -i inventory.yaml kube.yaml -u athea
Retrieve kube config
mkdir ~/.kube
ssh <node ip> sudo cat /etc/rancher/rke2/rke2.yaml | sed -e "s/127.0.0.1/<node ip>/" > ~/.kube/config
eq:
ssh 192.168.100.163 sudo cat /etc/rancher/rke2/rke2.yaml | sed -e "s/127.0.0.1/192.168.100.163/" > ~/.kube/config
ssh 192.168.56.128 sudo cat /etc/rancher/rke2/rke2.yaml | sed -e "s/127.0.0.1/192.168.56.128/" > ~/.kube/config