scholzj / aws-k8s-kops-ansible Goto Github PK

Add network ACLs to limit the network access across pods / networks.

The different applications should have their own service accounts with limited access rights.

Hello,

I am trying to integrate Contrail SDN solution with Kubernetes.
so while provision kubernetes cluster using your repo, I need to provision contrail node also using this yml file. https://raw.githubusercontent.com/savithruml/opencontrail/master/kubernetes/roles/master/templates/contrail-installer.j2

kubectl apply -f /tmp/contrail-installer.yml

I don't want use kubernetes internal dns solutions (kube-dns).

Could you assist me how do i achieve this integrations. Where I have to skip kube-dns part while i provision kubernetes using your repo.

Thanks in advance.

The current setup creates its own custom VPC. An alternative should be prepare to setup the cluster into existing VPC.

The software is currently using MongoDB database. A playbook for setting up MongoDB database as a replica set should be created. It should also create the database user, database and set limited access rights.

Add role / playbook for installing Kops on Linux / MacOS.

When I deploy this micros service demo application using this repo https://github.com/microservices-demo/microservices-demo , end-pint isn't creating for accessing the sock shop front end ui.

steps:

git clone https://github.com/microservices-demo/microservices-demo.git
cd deploy/kubernetes
kubectl apply -f manifests/sock-shop-ns.yaml -f complete-demo.yaml

I couldn't access the sock shop ui using nodeip:30001 and not creating end points to access it.

Thanks for sharing this useful repo! It's worked great for launching a Kubernetes cluster for me.

May I request you choose an open source license for it?
https://github.com/blog/1530-choosing-an-open-source-license

The lambda for tagging created in #1 should be automatically setup using Ansible during the cluster setup (and removed during the cluster deletion).

Since Kops 1.5 is still in alpha, the stable channel is Kubernetes 1.4.7. Lets test the 1.5.2 setup from the alpha channel.

Hi, Jakub

I would like to stoping K8S temporaly.
But any pods were deleted after stoped K8S, you know.
Do you have any idea for keeping node at stop K8S?

best regards,

Usually we can do the following way,
docker save <image>|ssh <node> import -

But all of node does not reply after ping or ssh.
Is it different the way?
I used node name.
Is it right?

Currently, the lambda from #1 expects to be triggered periodically and goes through all resources. We should have another mode build in, which would read the event stream when new instances / volumes are created and tag them "on the fly". That will allow the periodical tagging to be switched off (or run less often).

Create a Python script which would go through the different AWS resources and attach proper tags to them.

Unless I'm mistaken, per http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#VPC_Sizing,
172.35.0.0/16 is not an allocatable private CIDR block.

Cureently, the create.yaml playbook cannot deal with a setup which does not have HA masters, since it is waiting to have 3 masters + X nodes available. With non-HA setup, this never happens, as there is only 1 master + X nodes.

Hello,

Could you bit explain how should i want initiate this playbook for create Kubernate cluster in AWS?

Should I want manually create one instance in AWS and provide instance ip address in ansible inventory for install kops,cubectl or your playbook will automatically take care to create that base instance also?
ideally master node and worker node will be create during cluster create

Since I am not seeing any where you were define about aws access key and secret key for access AWS