Ansible/DevOpsLab
Template
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix: исправлено подключение kubectl к API серверу Kind
Some checks failed
Ansible Testing / lint (push) Has been cancelled
Details
Ansible Testing / test (default) (push) Has been cancelled
Details
Ansible Testing / test (minimal) (push) Has been cancelled
Details
Ansible Testing / test (performance) (push) Has been cancelled
Details
Ansible Testing / deploy-check (push) Has been cancelled
Details

Browse Source 
- Добавлен --validate=false для отключения валидации при установке аддонов
- kubectl теперь подключается напрямую к control-plane узлу
- Контейнер k8s-controller автоматически подключается к сети kind
- Все kubectl команды используют --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify
This commit is contained in:
Сергей Антропов
2025-10-26 08:34:59 +03:00
parent 591cdaf831
commit 5c8862e9bf
1 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
scripts/create_k8s_cluster.py
View File

@@ -159,6 +159,20 @@ def main():
else: else:
print(f"🚀 Создание кластера: {name}") print(f"🚀 Создание кластера: {name}")
run_cmd(f"kind create cluster --name {name} --config {config_file}") run_cmd(f"kind create cluster --name {name} --config {config_file}")
# Подключаем контейнер k8s-controller к сети kind
print(f"🔗 Подключение контейнера к сети kind...")
result = subprocess.run(f"docker network inspect kind", shell=True, capture_output=True, text=True)
if result.returncode == 0:
# Получаем имя контейнера из аргументов (второй аргумент)
controller_name = sys.argv[2] if len(sys.argv) > 2 else "k8s-controller"
result = subprocess.run(f"docker network connect kind {controller_name}", shell=True, capture_output=True, text=True)
if result.returncode == 0:
print(f"✅ Контейнер {controller_name} подключен к сети kind")
else:
print(f"⚠️ Не удалось подключить контейнер к сети kind: {result.stderr}")
else:
print(f"⚠️ Сеть kind не найдена")
# Устанавливаем аддоны # Устанавливаем аддоны
addons = cluster.get('addons', {}) addons = cluster.get('addons', {})
@@ -169,33 +183,33 @@ def main():
if addons.get('ingress_nginx'): if addons.get('ingress_nginx'):
print(" - Installing ingress-nginx") print(" - Installing ingress-nginx")
run_cmd(f"kubectl --context kind-{name} apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify apply --validate=false -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml")
run_cmd(f"kubectl --context kind-{name} -n ingress-nginx rollout status deploy/ingress-nginx-controller --timeout=180s") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify -n ingress-nginx rollout status deploy/ingress-nginx-controller --timeout=180s")
if addons.get('metrics_server'): if addons.get('metrics_server'):
print(" - Installing metrics-server") print(" - Installing metrics-server")
run_cmd(f"kubectl --context kind-{name} apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify apply --validate=false -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml")
patch_json = '{"spec":{"template":{"spec":{"containers":[{"name":"metrics-server","args":["--kubelet-insecure-tls","--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname"]}]}}}}' patch_json = '{"spec":{"template":{"spec":{"containers":[{"name":"metrics-server","args":["--kubelet-insecure-tls","--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname"]}]}}}}'
run_cmd(f"kubectl --context kind-{name} -n kube-system patch deploy metrics-server -p '{patch_json}'") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify -n kube-system patch deploy metrics-server -p '{patch_json}'")
if addons.get('istio'): if addons.get('istio'):
print(" - Installing Istio") print(" - Installing Istio")
run_cmd(f"istioctl install -y --set profile=demo --context kind-{name}") run_cmd(f"istioctl install -y --set profile=demo --context kind-{name}")
run_cmd(f"kubectl --context kind-{name} -n istio-system rollout status deploy/istiod --timeout=180s") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify -n istio-system rollout status deploy/istiod --timeout=180s")
run_cmd(f"kubectl --context kind-{name} -n istio-system rollout status deploy/istio-ingressgateway --timeout=180s") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify -n istio-system rollout status deploy/istio-ingressgateway --timeout=180s")
if addons.get('kiali'): if addons.get('kiali'):
print(" - Installing Kiali") print(" - Installing Kiali")
run_cmd(f"kubectl --context kind-{name} create ns istio-system") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify create ns istio-system")
run_cmd(f"helm upgrade --install kiali-server kiali/kiali-server --namespace istio-system --kube-context kind-{name} --set auth.strategy=anonymous --wait --timeout 180s") run_cmd(f"helm upgrade --install kiali-server kiali/kiali-server --namespace istio-system --kube-context kind-{name} --set auth.strategy=anonymous --wait --timeout 180s")
if addons.get('prometheus_stack'): if addons.get('prometheus_stack'):
print(" - Installing Prometheus Stack") print(" - Installing Prometheus Stack")
run_cmd(f"helm repo add prometheus-community https://prometheus-community.github.io/helm-charts") run_cmd(f"helm repo add prometheus-community https://prometheus-community.github.io/helm-charts")
run_cmd(f"helm repo update") run_cmd(f"helm repo update")
run_cmd(f"kubectl --context kind-{name} create ns monitoring") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify create ns monitoring")
run_cmd(f"helm upgrade --install monitoring prometheus-community/kube-prometheus-stack --namespace monitoring --kube-context kind-{name} --set grafana.adminPassword=admin --set grafana.defaultDashboardsTimezone=browser --wait --timeout 600s") run_cmd(f"helm upgrade --install monitoring prometheus-community/kube-prometheus-stack --namespace monitoring --kube-context kind-{name} --set grafana.adminPassword=admin --set grafana.defaultDashboardsTimezone=browser --wait --timeout 600s")
run_cmd(f"kubectl --context kind-{name} -n monitoring rollout status deploy/monitoring-grafana --timeout=300s") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify -n monitoring rollout status deploy/monitoring-grafana --timeout=300s")
# Настраиваем NodePort для аддонов # Настраиваем NodePort для аддонов
addon_ports = cluster.get('addon_ports', {}) addon_ports = cluster.get('addon_ports', {})
@@ -206,19 +220,19 @@ def main():
port = addon_ports['prometheus'] port = addon_ports['prometheus']
print(f" - Prometheus: {port}") print(f" - Prometheus: {port}")
patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]' patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]'
run_cmd(f"kubectl --context kind-{name} patch svc -n monitoring monitoring-kube-prom-prometheus --type='json' -p='{patch_json}'") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify patch svc -n monitoring monitoring-kube-prom-prometheus --type='json' -p='{patch_json}'")
if 'grafana' in addon_ports: if 'grafana' in addon_ports:
port = addon_ports['grafana'] port = addon_ports['grafana']
print(f" - Grafana: {port}") print(f" - Grafana: {port}")
patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]' patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]'
run_cmd(f"kubectl --context kind-{name} patch svc -n monitoring monitoring-grafana --type='json' -p='{patch_json}'") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify patch svc -n monitoring monitoring-grafana --type='json' -p='{patch_json}'")
if 'kiali' in addon_ports: if 'kiali' in addon_ports:
port = addon_ports['kiali'] port = addon_ports['kiali']
print(f" - Kiali: {port}") print(f" - Kiali: {port}")
patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]' patch_json = f'[{{"op": "replace", "path": "/spec/type", "value":"NodePort"}},{{"op": "replace", "path": "/spec/ports/0/nodePort", "value":{port}}}]'
run_cmd(f"kubectl --context kind-{name} patch svc -n istio-system kiali --type='json' -p='{patch_json}'") run_cmd(f"kubectl --server=https://{name}-control-plane:6443 --insecure-skip-tls-verify patch svc -n istio-system kiali --type='json' -p='{patch_json}'")
print(f"✅ Кластер '{name}' готов!") print(f"✅ Кластер '{name}' готов!")