- Ansible 2.5.x installed
- Python package "netaddr" is installed
- Git installed
- Kubernetes: v1.30.2
- Single node cluster
- kubelet,kube-proxy, kube-apiserver, kube-controller-manager, kube-scheduler, and etcd are managed by systemd (i.e. not containerized)
- kubelet and kube-proxy run as root, and the rest run as non-root
- Communication between k8s components is encrypted by TLS
- Authentication by x509 client certificates
- TLS Bootstrapping
- Bootstrap token
- Auto approval for CSRs
- Certificate Rotation is enabled
- etcd 3.5.14
- Calico 3.28.0
- CoreDNS 1.11.1
- Service cluster IP range: 10.0.0.0/16
- Cluster CIDR: 10.32.0.0/16
- Proxy mode: ipvs
- Using KubeletConfiguration, KubeProxyConfiguration, and KubeSchedulerConfiguration
- Tools
- Helm 3.15.2
$ su -
# git clone https://github.com/kaitoy/ansible-k8s.git
# cd ansible-k8s
# sh play.sh