Now templating the Kubernetes cluster name - and also using it correc…

…tly inside the external node configuration and describing it correctly in the docs.
jonashackt · Sep 4, 2018 · cbe34d0 · cbe34d0
1 parent 59383fd
commit cbe34d0
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -271,7 +271,7 @@ If you´re using [Proxy-mode: iptables](https://kubernetes.io/docs/concepts/serv
 If you want to interact with your k8s cluster, you need to setup your CLI for the specific cluster (`config set-cluster`), user (`config set-credentials`) and context (`config set-context`). All three are applied by a subsequent `config use-context`. For our `kubernetes-the-ansible-way` cluster, using the `admin` user, this is the following:
 
 ```
-kubectl config set-cluster kubernetes-the-hard-way \
+kubectl config set-cluster kubernetes-the-ansible-way \
       --certificate-authority=certificates/ca.pem \
       --embed-certs=true \
       --server=https://external.k8s:6443
@@ -280,11 +280,11 @@ kubectl config set-credentials admin \
       --client-certificate=certificates/admin.pem \
       --client-key=certificates/admin-key.pem
 
-kubectl config set-context kubernetes-the-hard-way \
+kubectl config set-context cluster-access \
       --cluster=kubernetes-the-hard-way \
       --user=admin
 
-kubectl config use-context kubernetes-the-hard-way
+kubectl config use-context cluster-access
 ```
 
 Review the successful configuration by a `kubectl cluster-info`. This should give something like:
@@ -297,6 +297,8 @@ KubeDNS is running at https://external.k8s:6443/api/v1/namespaces/kube-system/se
 To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
 ```
 
+or have a look at your configuration with `kubectl config view` (see https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-for-the-first-time-with-kubectl).
+
 ###### Authentication
 
 See https://kubernetes.io/docs/reference/access-authn-authz/authentication/. 

diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -5,6 +5,7 @@ etcd_version: v3.3.5
 # Kubernetes & Dashboard versions must be compatible! see https://github.com/kubernetes/dashboard/wiki/Compatibility-matrix
 kubernetes_dashboard_version: v1.10.0
 
+kubernetes_cluster_name: kubernetes-the-ansible-way
 kubernetes_cluster_cidr: 10.200.0.0/16
 kubernetes_cluster_iprange: 10.32.0.0/24
 kubernetes_cluster_dns: 10.32.0.10

diff --git a/roles/configurationfiles/templates/kubeconfig.yaml.j2 b/roles/configurationfiles/templates/kubeconfig.yaml.j2
@@ -3,10 +3,10 @@ clusters:
 - cluster:
     certificate-authority-data: {{ lookup('file', 'certificates/ca.pem') | b64encode }}
     server: https://{{ item.server }}:6443
-  name: kubernetes-the-ansible-way
+  name: {{ kubernetes_cluster_name }}
 contexts:
 - context:
-    cluster: kubernetes-the-ansible-way
+    cluster: {{ kubernetes_cluster_name }}
     user: {{ item.prefix }}{{ item.name }}
   name: default
 current-context: default

diff --git a/roles/k8s-master/templates/kube-controller-manager.service.j2 b/roles/k8s-master/templates/kube-controller-manager.service.j2
@@ -7,7 +7,7 @@ ExecStart=/usr/local/bin/kube-controller-manager \
   --address=0.0.0.0 \
   --cluster-cidr={{ kubernetes_cluster_cidr }} \
   --allocate-node-cidrs=true \
-  --cluster-name=kubernetes-the-ansible-way \
+  --cluster-name={{ kubernetes_cluster_name }} \
   --cluster-signing-cert-file=/var/lib/kubernetes/ca.pem \
   --cluster-signing-key-file=/var/lib/kubernetes/ca-key.pem \
   --kubeconfig=/var/lib/kubernetes/kube-controller-manager.kubeconfig \

diff --git a/roles/kubectl-remote-access/tasks/main.yml b/roles/kubectl-remote-access/tasks/main.yml
@@ -4,7 +4,7 @@
 
 - name: Configuring kubectl for Remote Access - kubectl config set-cluster
   shell: |
-    kubectl config set-cluster kubernetes-the-hard-way \
+    kubectl config set-cluster {{ kubernetes_cluster_name }} \
       --certificate-authority=/vagrant/certificates/ca.pem \
       --embed-certs=true \
       --server=https://external.k8s:6443
@@ -17,12 +17,12 @@
 
 - name: Configuring kubectl for Remote Access - kubectl config set-context
   shell: |
-    kubectl config set-context kubernetes-the-hard-way \
-      --cluster=kubernetes-the-hard-way \
+    kubectl config set-context cluster-access \
+      --cluster={{ kubernetes_cluster_name }} \
       --user=admin
 
 - name: Configuring kubectl for Remote Access - kubectl config use-context
-  shell: kubectl config use-context kubernetes-the-hard-way
+  shell: kubectl config use-context cluster-access
 
 - name: Verify, if we are able to access the k8s cluster state
   shell: kubectl get componentstatuses