-
Michael Stötzer authoredMichael Stötzer authored
AWS
To deploy kubespray on AWS uncomment the cloud_provider option in group_vars/all.yml and set it to 'aws'. Refer to the Kubespray Configuration for customizing the provider.
Prior to creating your instances, you must ensure that you have created IAM roles and policies for both "kubernetes-master" and "kubernetes-node". You can find the IAM policies here. See the IAM Documentation if guidance is needed on how to set these up. When you bring your instances online, associate them with the respective IAM role. Nodes that are only to be used for Etcd do not need a role.
You would also need to tag the resources in your VPC accordingly for the aws provider to utilize them. Tag the subnets, route tables and all instances that kubernetes will be run on with key kubernetes.io/cluster/$cluster_name ($cluster_name must be a unique identifier for the cluster). Tag the subnets that must be targeted by external ELBs with the key kubernetes.io/role/elb and internal ELBs with the key kubernetes.io/role/internal-elb.
Make sure your VPC has both DNS Hostnames support and Private DNS enabled.
The next step is to make sure the hostnames in your inventory file are identical to your internal hostnames in AWS. This may look something like ip-111-222-333-444.us-west-2.compute.internal. You can then specify how Ansible connects to these instances with ansible_ssh_host and ansible_ssh_user.
You can now create your cluster!
Dynamic Inventory
There is also a dynamic inventory script for AWS that can be used if desired. However, be aware that it makes some certain assumptions about how you'll create your inventory. It also does not handle all use cases and groups that we may use as part of more advanced deployments. Additions welcome.
This will produce an inventory that is passed into Ansible that looks like the following: