Okay, here’s a comprehensive article on Ansible and Kubernetes, focusing on getting started with integrating the two:

Ansible and Kubernetes: Getting Started – A Comprehensive Guide

This article provides a deep dive into using Ansible to manage and automate Kubernetes deployments and operations. We’ll cover the fundamentals of both technologies, explore the benefits of combining them, walk through installation and configuration, and demonstrate practical examples to get you started.

Table of Contents

Introduction: The Power of Synergy
- 1.1 What is Ansible?
- 1.2 What is Kubernetes?
- 1.3 Why Combine Ansible and Kubernetes?
Understanding Ansible Fundamentals
- 2.1 Core Concepts
  - 2.1.1 Control Node
  - 2.1.2 Managed Nodes (Hosts)
  - 2.1.3 Inventory
  - 2.1.4 Modules
  - 2.1.5 Tasks
  - 2.1.6 Playbooks
  - 2.1.7 Roles
  - 2.1.8 Variables
  - 2.1.9 Handlers
  - 2.1.10 Templates (Jinja2)
- 2.2 Ansible Architecture: Agentless Simplicity
- 2.3 Idempotency: A Key Principle
Understanding Kubernetes Fundamentals
- 3.1 Core Concepts
  - 3.1.1 Cluster
  - 3.1.2 Nodes (Master and Worker)
  - 3.1.3 Pods
  - 3.1.4 Services
  - 3.1.5 Deployments
  - 3.1.6 ReplicaSets
  - 3.1.7 Namespaces
  - 3.1.8 ConfigMaps
  - 3.1.9 Secrets
  - 3.1.10 Ingress
  - 3.1.11 Persistent Volumes (PVs) and Persistent Volume Claims (PVCs)
- 3.2 Kubernetes Architecture: Control Plane and Data Plane
- 3.3 Declarative Configuration: Defining the Desired State
Setting Up Your Environment
- 4.1 Installing Ansible
  - 4.1.1 Using Package Managers (apt, yum, dnf, brew)
  - 4.1.2 Using pip (Python Package Installer)
  - 4.1.3 Verifying the Installation
- 4.2 Setting up a Kubernetes Cluster
  - 4.2.1 Minikube (for local development)
  - 4.2.2 Kind (Kubernetes in Docker)
  - 4.2.3 Managed Kubernetes Services (GKE, EKS, AKS)
  - 4.2.4 Self-Hosted Kubernetes (kubeadm) – (Brief overview, as this is more advanced)
- 4.3 Installing kubectl
- 4.4 Configuring Ansible to Connect to Kubernetes
- 4.4.1 Using the k8s Connection Plugin
- 4.4.2 Authentication Methods (kubeconfig, Service Account Tokens)
- 4.4.3 Setting up the Inventory
Ansible Modules for Kubernetes
- 5.1 The k8s Module: The Core of Kubernetes Management
  - 5.1.1 state parameter: present, absent, latest
  - 5.1.2 definition parameter: Defining Kubernetes Resources using YAML
  - 5.1.3 src parameter: referencing external YAML files.
  - 5.1.4 wait parameter: Waiting for resource readiness
  - 5.1.5 wait_timeout parameter
  - 5.1.6 validate option: Checking the validity of configurations before deployment
- 5.2 Other Relevant Modules
  - 5.2.1 k8s_info: Gathering Information about Kubernetes Resources
  - 5.2.2 k8s_scale: Scaling Deployments and StatefulSets
  - 5.2.3 k8s_exec: Executing Commands inside Pods
  - 5.2.4 template: Templating Kubernetes manifests
  - 5.2.5 helm: Managing Helm Charts
  - 5.2.6 openshift_* modules (for OpenShift, Red Hat’s Kubernetes distribution)
  - 5.2.7 kubectl command from shell.
Practical Examples: Building Your First Playbooks
- 6.1 Example 1: Deploying a Simple Nginx Pod
- 6.2 Example 2: Creating a Kubernetes Service
- 6.3 Example 3: Deploying a Complete Application (Deployment, Service, ConfigMap)
- 6.4 Example 4: Scaling a Deployment
- 6.5 Example 5: Rolling Updates with Ansible
- 6.6 Example 6: Using Templates to Parameterize Deployments
- 6.7 Example 7: Managing Secrets
- 6.8 Example 8: Using Handlers for Post-Deployment Tasks
- 6.9 Example 9: Using Roles to Organize Complex Deployments
- 6.10 Example 10: Gathering information about a pod.
Advanced Topics and Best Practices
- 7.1 Using Ansible Vault for Sensitive Data
- 7.2 Dynamic Inventories with Kubernetes
  - 7.2.1 Using the k8s Inventory Plugin
- 7.3 Integrating with CI/CD Pipelines
  - 7.3.1 Example: Using Ansible with Jenkins
  - 7.3.2 Example: Using Ansible with GitLab CI
- 7.4 Error Handling and Debugging
  - 7.4.1 Using the failed_when condition
  - 7.4.2 Using the debug module
  - 7.4.3 Verbose Mode (-v, -vv, -vvv)
- 7.5 Testing Ansible Playbooks (Molecule) – (Brief Introduction)
- 7.6 Managing Kubernetes Cluster Configuration (kubeadm upgrades, etc.) – (High-Level Overview)
- 7.7. Combining with Helm.
Conclusion: Embracing Automation for Kubernetes

1. Introduction: The Power of Synergy

In the modern world of DevOps and cloud-native applications, automation is paramount. Two key technologies that have revolutionized infrastructure and application management are Ansible and Kubernetes. While powerful on their own, their combined capabilities unlock a new level of efficiency and scalability. This article explores how to leverage Ansible to manage and automate Kubernetes, enabling you to streamline your deployments, operations, and overall cloud infrastructure.

1.1 What is Ansible?

Ansible is an open-source automation tool that simplifies IT tasks such as configuration management, application deployment, orchestration, and cloud provisioning. It uses a simple, human-readable language (YAML) to define automation tasks, making it easy to learn and use. Key features of Ansible include:

Agentless: Ansible doesn’t require any agents to be installed on the managed nodes. It uses SSH (for Linux/Unix) or WinRM (for Windows) to connect and execute commands.
Idempotent: Ansible ensures that the system is in the desired state, regardless of its initial state. If a task has already been completed successfully, Ansible will skip it, preventing unintended changes.
Modular: Ansible uses modules, which are small, reusable units of code that perform specific tasks (e.g., installing a package, creating a file, starting a service).
Extensible: You can write your own custom modules or use community-contributed modules to extend Ansible’s functionality.

1.2 What is Kubernetes?

Kubernetes (often abbreviated as K8s) is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It provides a robust and resilient framework for running distributed applications across a cluster of machines. Key features of Kubernetes include:

Container Orchestration: Kubernetes manages the lifecycle of containers, ensuring they are running as expected, handling restarts, and scaling them based on demand.
Automated Rollouts and Rollbacks: Kubernetes allows you to deploy new versions of your application with minimal downtime and provides mechanisms for rolling back to previous versions if issues arise.
Service Discovery and Load Balancing: Kubernetes provides built-in mechanisms for services to discover each other and for distributing traffic across multiple instances of an application.
Self-Healing: Kubernetes automatically restarts failed containers, replaces unhealthy nodes, and ensures the desired state of your application is maintained.
Resource Management: Kubernetes efficiently allocates resources (CPU, memory) to containers and manages the overall utilization of the cluster.

1.3 Why Combine Ansible and Kubernetes?

While Kubernetes excels at managing containerized applications, it doesn’t handle all aspects of infrastructure automation. This is where Ansible comes in. Combining Ansible and Kubernetes offers several significant advantages:

Infrastructure Provisioning: Ansible can be used to provision the underlying infrastructure for your Kubernetes cluster, including virtual machines, networks, storage, and load balancers.
Cluster Configuration: Ansible can configure and manage the Kubernetes control plane and worker nodes, including installing and updating Kubernetes components.
Application Deployment: Ansible can streamline the deployment of applications to Kubernetes, automating tasks such as creating deployments, services, and config maps.
Operational Tasks: Ansible can automate routine operational tasks, such as scaling applications, performing rolling updates, and managing secrets.
Pre- and Post-Deployment Tasks: Ansible can handle tasks that need to be performed before or after a Kubernetes deployment, such as database migrations, backups, or notifications.
Unified Automation: Ansible provides a single, consistent tool for managing both your infrastructure and your Kubernetes deployments, simplifying your automation workflows.
Idempotency: The ability to safely repeat a Playbook and not make changes unless needed.
Extending Kubernetes Functionality: Ansible can be used to manage external resources and integrate with other tools and services that interact with your Kubernetes cluster.

2. Understanding Ansible Fundamentals

Before diving into Kubernetes integration, let’s establish a solid understanding of Ansible’s core concepts and architecture.

2.1 Core Concepts

2.1.1 Control Node: The machine where Ansible is installed and from which you run Ansible commands. This machine manages the execution of playbooks.
2.1.2 Managed Nodes (Hosts): The servers, virtual machines, or other devices that Ansible manages. Ansible connects to these nodes to execute tasks.
2.1.3 Inventory: A file (usually in INI or YAML format) that lists the managed nodes and groups them logically. It defines how Ansible connects to these nodes (e.g., IP address, SSH keys).

“`ini
[webservers]
web1.example.com
web2.example.com

[databases]
db1.example.com
db2.example.com

[kubernetes:children]
webservers
databases

[kubernetes:vars]
ansible_user=ubuntu
ansible_ssh_private_key_file=~/.ssh/id_rsa
“`
2.1.4 Modules: Self-contained units of code that perform specific tasks. Ansible comes with a vast library of built-in modules, and you can also create your own. Examples include apt (for managing packages on Debian/Ubuntu), yum (for managing packages on Red Hat/CentOS), copy (for copying files), service (for managing services), and k8s (for interacting with Kubernetes).
2.1.5 Tasks: Individual actions that Ansible performs on managed nodes. Each task uses a specific module and may include parameters to customize its behavior.

yaml - name: Install Nginx apt: name: nginx state: present
2.1.6 Playbooks: YAML files that define a series of tasks to be executed on a set of hosts. Playbooks are the core of Ansible automation, allowing you to orchestrate complex workflows.

“`yaml
– hosts: webservers
become: true # Run tasks with sudo
tasks:
– name: Install Nginx
apt:
name: nginx
state: present
```
- name: Start Nginx service
  service:
    name: nginx
    state: started
    enabled: yes
```
“`
2.1.7 Roles: A way to organize and reuse Ansible code. Roles group together tasks, variables, handlers, and other Ansible components into a self-contained unit. This promotes code reusability and maintainability.
2.1.8 Variables: Used to store values that can be reused throughout playbooks and roles. Variables can be defined in various places, including the inventory, playbooks, roles, and command-line arguments. They allow you to make your playbooks more dynamic and flexible.
2.1.9 Handlers: Special tasks that are triggered only when notified by another task. Handlers are typically used to restart services or perform other actions that should only happen when a change has occurred.

“`yaml
– hosts: webservers
become: true
tasks:
– name: Install Nginx
apt:
name: nginx
state: present
notify: Restart Nginx # Notify the handler

handlers:
– name: Restart Nginx
service:
name: nginx
state: restarted
“`
2.1.10 Templates (Jinja2): Ansible uses the Jinja2 templating engine to create dynamic files. Templates allow you to generate configuration files or other text-based files based on variables and other data.

“`yaml

templates/nginx.conf.j2

server {
listen {{ nginx_port }};
server_name {{ server_name }};
```
location / {
    root /var/www/html;
}
```
}
yaml
– name: Copy Nginx configuration file
template:
src: templates/nginx.conf.j2
dest: /etc/nginx/nginx.conf
vars:
nginx_port: 80
server_name: example.com
notify: Restart Nginx

“`

2.2 Ansible Architecture: Agentless Simplicity

Ansible’s agentless architecture is a key differentiator. Instead of requiring agents to be installed on managed nodes, Ansible uses existing remote management protocols:

SSH (Secure Shell): The primary protocol used for managing Linux and Unix systems. Ansible uses SSH to connect to managed nodes, execute commands, and transfer files.
WinRM (Windows Remote Management): Used for managing Windows systems.

This agentless approach offers several benefits:

Simplified Setup: No need to install and maintain agents on every managed node.
Reduced Overhead: No agent processes consuming resources on managed nodes.
Security: Leverages existing secure protocols (SSH, WinRM).
Flexibility: Can manage a wide variety of devices and systems, as long as they support SSH or WinRM.

2.3 Idempotency: A Key Principle

Idempotency is a fundamental principle of Ansible. An idempotent operation is one that can be executed multiple times without changing the result beyond the initial application. This means that Ansible playbooks can be run repeatedly without causing unintended side effects.

Ansible modules are designed to be idempotent. For example, the apt module will only install a package if it’s not already installed. The service module will only start a service if it’s not already running. This idempotency ensures that your system converges to the desired state, regardless of its current state.

3. Understanding Kubernetes Fundamentals

Now, let’s shift our focus to Kubernetes, the container orchestration platform we’ll be managing with Ansible.

3.1 Core Concepts

3.1.1 Cluster: A set of machines (physical or virtual) that work together to run containerized applications. A Kubernetes cluster consists of a control plane and one or more worker nodes.
3.1.2 Nodes (Master and Worker):
- Master Node(s) (Control Plane): The brain of the Kubernetes cluster. The master node runs the components that manage the cluster, including the API server, scheduler, controller manager, and etcd.
- Worker Nodes: The machines where your containerized applications actually run. Worker nodes run the kubelet (an agent that communicates with the control plane), the container runtime (e.g., Docker, containerd), and the kube-proxy (which handles networking).
3.1.3 Pods: The smallest deployable units in Kubernetes. A pod represents a single instance of an application and contains one or more containers that share the same network namespace and storage volumes. Pods are ephemeral; they can be created, destroyed, and rescheduled as needed.
3.1.4 Services: An abstraction that defines a logical set of pods and a policy by which to access them. Services provide a stable IP address and DNS name for accessing your application, even if the underlying pods change. Common service types include:
- ClusterIP: Exposes the service on a cluster-internal IP address.
- NodePort: Exposes the service on each node’s IP address at a static port.
- LoadBalancer: Exposes the service externally using a cloud provider’s load balancer.
- ExternalName: Maps the service to a DNS name.
3.1.5 Deployments: A higher-level abstraction that manages the desired state of your application. Deployments define how many replicas of a pod should be running, how updates should be rolled out, and how to handle rollbacks.
3.1.6 ReplicaSets: Ensure that a specified number of pod replicas are running at any given time. Deployments typically use ReplicaSets to manage the desired state of pods.
3.1.7 Namespaces: Virtual clusters within a Kubernetes cluster. Namespaces provide a way to isolate resources and organize applications. They are useful for multi-tenant environments or for separating different stages of development (e.g., development, staging, production).
3.1.8 ConfigMaps: Used to store non-confidential configuration data as key-value pairs. ConfigMaps allow you to decouple configuration from your application code, making it easier to manage and update.
3.1.9 Secrets: Used to store sensitive information, such as passwords, API keys, and TLS certificates. Secrets are similar to ConfigMaps, but they are stored more securely.
3.1.10 Ingress: An API object that manages external access to services in a cluster, typically HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting.
3.1.11 Persistent Volumes (PVs) and Persistent Volume Claims (PVCs): Used to manage persistent storage for your applications.
- PersistentVolume (PV): A piece of storage in the cluster that has been provisioned by an administrator.
- PersistentVolumeClaim (PVC): A request for storage by a user. Kubernetes binds PVCs to available PVs.

3.2 Kubernetes Architecture: Control Plane and Data Plane

The Kubernetes architecture is divided into two main parts:

Control Plane (Master Node(s)):
- API Server (kube-apiserver): The front end for the Kubernetes control plane. It exposes the Kubernetes API, which is used by clients (e.g., kubectl, Ansible) to interact with the cluster.
- Scheduler (kube-scheduler): Watches for newly created pods and assigns them to worker nodes based on resource availability, constraints, and other factors.
- Controller Manager (kube-controller-manager): Runs various controller processes that regulate the state of the cluster, such as the node controller, replication controller, and endpoint controller.
- etcd: A distributed key-value store that stores the configuration data for the Kubernetes cluster. etcd is critical for the reliability and consistency of the cluster.
Data Plane (Worker Nodes):
- kubelet: An agent that runs on each worker node and communicates with the control plane. The kubelet ensures that containers are running as expected in pods.
- Container Runtime: The software responsible for running containers (e.g., Docker, containerd, CRI-O).
- kube-proxy: A network proxy that runs on each worker node and maintains network rules to allow communication to pods.

3.3 Declarative Configuration: Defining the Desired State

Kubernetes uses a declarative configuration model. Instead of specifying a series of steps to perform (imperative), you define the desired state of your application and infrastructure using YAML files. Kubernetes then takes care of making the actual state match the desired state.

For example, a Deployment manifest specifies the desired number of replicas, the container image to use, and other configuration details. Kubernetes will automatically create or update pods to match this desired state.

This declarative approach makes Kubernetes robust and resilient. If a pod fails, Kubernetes will automatically create a new one to maintain the desired number of replicas.

4. Setting Up Your Environment

Now that we’ve covered the fundamentals of Ansible and Kubernetes, let’s set up our environment for managing Kubernetes with Ansible.

4.1 Installing Ansible

There are several ways to install Ansible, depending on your operating system.

4.1.1 Using Package Managers:
- Debian/Ubuntu:
  bash sudo apt update sudo apt install ansible
- Red Hat/CentOS/Fedora:
  bash sudo yum install ansible # Or sudo dnf install ansible
- macOS (using Homebrew):
  bash brew install ansible
4.1.2 Using pip (Python Package Installer):

This method is recommended if you need a specific version of Ansible or if you want to use a virtual environment.

bash python3 -m venv .venv # Create a virtual environment (optional) source .venv/bin/activate # Activate the virtual environment (optional) pip install ansible
4.1.3 Verifying the Installation:

After installing Ansible, verify the installation by running:

bash ansible --version
This command should display the Ansible version and other information.

4.2 Setting up a Kubernetes Cluster

You’ll need a Kubernetes cluster to manage with Ansible. Several options are available, ranging from local development clusters to production-ready managed services.

4.2.1 Minikube (for local development):

Minikube is a lightweight tool that creates a single-node Kubernetes cluster inside a virtual machine on your local machine. It’s ideal for development and testing.
1. Install Minikube: Follow the instructions on the official Minikube website (https://minikube.sigs.k8s.io/docs/start/).
2. Start the cluster:
  bash minikube start
4.2.2 Kind (Kubernetes in Docker):

Kind is another tool for running local Kubernetes clusters. It uses Docker containers to simulate nodes, making it very fast and lightweight.
1. Install Kind: Follow the instructions on the official Kind website (https://kind.sigs.k8s.io/docs/user/quick-start/).
2. Create a cluster:
  bash kind create cluster
4.2.3 Managed Kubernetes Services (GKE, EKS, AKS):

If you need a production-ready cluster, consider using a managed Kubernetes service from a cloud provider:
- Google Kubernetes Engine (GKE): Google Cloud’s managed Kubernetes service.
- Amazon Elastic Kubernetes Service (EKS): Amazon Web Services’ managed Kubernetes service.
- Azure Kubernetes Service (AKS): Microsoft Azure’s managed Kubernetes service.
These services handle the management of the Kubernetes control plane, making it easier to deploy and manage your applications. Follow the documentation for your chosen cloud provider to create a cluster.
4.2.4 Self-Hosted Kubernetes (kubeadm) – (Brief Overview):

For advanced users, you can create a self-hosted Kubernetes cluster using kubeadm. This gives you full control over the cluster configuration, but it requires more manual setup and maintenance. This approach is generally not recommended for beginners.

4.3 Installing kubectl

kubectl is the command-line tool for interacting with Kubernetes clusters. You’ll need it to verify your cluster setup and to interact with Kubernetes directly.

Installation: Follow the instructions on the official Kubernetes website (https://kubernetes.io/docs/tasks/tools/) for your operating system.
Verify the installation:
bash kubectl version --client

4.4 Configuring Ansible to Connect to Kubernetes

To manage Kubernetes resources with Ansible, you need to configure Ansible to connect to your Kubernetes cluster.

4.4.1 Using the k8s Connection Plugin:

Ansible’s k8s connection plugin allows you to interact with Kubernetes clusters directly, without needing to rely on kubectl for every operation. This plugin is the recommended way to connect to Kubernetes.
4.4.2 Authentication Methods (kubeconfig, Service Account Tokens):

Ansible supports several authentication methods for connecting to Kubernetes:
- kubeconfig: The standard way to configure access to a Kubernetes cluster. kubectl uses a kubeconfig file (typically located at ~/.kube/config) to store cluster connection information, including the API server address, user credentials, and certificates. Ansible can use this same kubeconfig file.
- Service Account Tokens: You can create a service account in Kubernetes and use its token to authenticate Ansible. This is a more secure approach, especially for automated deployments.
4.4.3 Setting up the Inventory:
While technically not absolutely required, it’s good practice to have an inventory.

You can specify Kubernetes connection details in your Ansible inventory. Here’s an example of an inventory file (inventory.ini):

“`ini
[kubernetes]
localhost # We can use localhost because Ansible runs locally and uses the kubeconfig

[kubernetes:vars]
ansible_connection=k8s

No need to specify kubeconfig_path if it’s in the default location (~/.kube/config)

ansible_kubeconfig_path=/path/to/your/kubeconfig

“`

Alternatively, you can define the connection details directly within your playbook:

yaml - hosts: localhost # We can use localhost connection: k8s # Use the k8s connection plugin gather_facts: false # No need to gather facts from localhost in this case tasks: # ... your Kubernetes tasks ...

If you’re using a service account token, you can specify it in your inventory or playbook:

ini [kubernetes:vars] ansible_connection=k8s ansible_k8s_token=YOUR_SERVICE_ACCOUNT_TOKEN

Or in your playbook:

yaml - hosts: localhost connection: k8s gather_facts: false vars: k8s_token: YOUR_SERVICE_ACCOUNT_TOKEN tasks: # ...

5. Ansible Modules for Kubernetes

Ansible provides several modules specifically designed for managing Kubernetes resources.

5.1 The k8s Module: The Core of Kubernetes Management

The k8s module is the primary module for interacting with the Kubernetes API. It allows you to create, update, delete, and manage various Kubernetes resources, such as pods, services, deployments, config maps, secrets, and more.

5.1.1 state parameter: present, absent, latest

The state parameter specifies the desired state of the resource:
- present: Ensures that the resource exists. If it doesn’t exist, Ansible will create it. If it exists but doesn’t match the specified configuration, Ansible will update it.
- absent: Ensures that the resource does not exist. If it exists, Ansible will delete it.
- latest: similar to present, but it will ensure to update resource to the latest state defined.
5.1.2 definition parameter: Defining Kubernetes Resources using YAML

The definition parameter allows you to define the Kubernetes resource directly within your Ansible task using YAML. This is similar to how you would define a resource in a YAML file for kubectl.

yaml - name: Create a simple Nginx pod k8s: state: present definition: apiVersion: v1 kind: Pod metadata: name: my-nginx-pod labels: app: nginx spec: containers: - name: nginx image: nginx:latest ports: - containerPort: 80
5.1.3 src parameter: referencing external YAML files.
The src parameter allows referencing external YAML files containing Kubernetes resources.

yaml - name: Create a simple Nginx pod from file k8s: state: present src: nginx-pod.yaml
Where nginx-pod.yaml contains the same pod definition as in the previous example.
5.1.4 wait parameter: Waiting for resource readiness

The wait parameter (boolean, defaults to false) tells Ansible to wait for the resource to be in a ready state before proceeding to the next task. This is useful for ensuring that deployments are fully rolled out or that services are available before performing subsequent operations.
5.1.5 wait_timeout parameter

Specifies the maximum amount of time (in seconds) to wait for the resource to become ready. The default timeout is 120 seconds.
5.1.6 validate option: Checking the validity of configurations before deployment
The validate option (added in more recent Ansible versions) allows Ansible to validate the Kubernetes resource definition against the Kubernetes API schema before attempting to apply it. This helps catch errors early on. You can set validate: true to enable validation.

5.2 Other Relevant Modules

Besides the core k8s module, Ansible offers several other modules that are useful for managing Kubernetes:

5.2.1 k8s_info: Gathering Information about Kubernetes Resources

The k8s_info module retrieves information about Kubernetes resources. You can use it to query the status of pods, services, deployments, and other objects.

“`yaml
– name: Get information about a pod
k8s_info:
kind: Pod
name: my-nginx-pod
namespace: default
register: pod_info
- debug:
  var: pod_info
  “`
5.2.2 k8s_scale: Scaling Deployments and StatefulSets

The k8s_scale module allows you to scale deployments and statefulsets by changing the number of replicas.

yaml - name: Scale a deployment k8s_scale: kind: Deployment name: my-nginx-deployment namespace: default replicas: 3
5.2.3 k8s_exec: Executing Commands inside Pods

The k8s_exec module allows you to execute commands inside a running pod, similar to kubectl exec.

“`yaml
– name: Execute a command inside a pod
k8s_exec:
namespace: default
pod: my-nginx-pod
container: nginx
command: /bin/sh -c “echo Hello from inside the pod”
register: command_output
- debug:
  var: command_output.stdout
  “`
5.2.4 template: Templating Kubernetes manifests

The core template module is crucial for parameterizing Kubernetes manifests. You can create Jinja2 templates for your YAML files and use Ansible variables to populate them.
5.2.5 helm: Managing Helm Charts

Ansible has a helm module for managing Helm charts. Helm is a package manager for Kubernetes that simplifies the deployment and management of applications. This is a more advanced topic, but Ansible can automate the installation, upgrade, and deletion of Helm charts.
5.2.6 openshift_* modules (for OpenShift, Red Hat’s Kubernetes distribution)

If you’re using OpenShift, Ansible provides a set of openshift_* modules that are specifically designed for interacting with OpenShift’s extended features and API.
5.2.7 kubectl command from shell.

In some cases, it may be necessary or convenient to use the kubectl command directly within an Ansible task using shell module. For example, some newer Kubernetes features may not yet have dedicated Ansible modules.

yaml - name: Apply a custom resource definition shell: kubectl apply -f my-crd.yaml args: chdir: /path/to/your/manifests # optional change to manifest directory.

6. Practical Examples: Building Your First Playbooks

Let’s put our knowledge into practice with some concrete examples. These examples will demonstrate how to use Ansible to deploy and manage Kubernetes resources.

Prerequisites:

You have Ansible installed and configured.
You have a Kubernetes cluster running (Minikube, Kind, or a managed cluster).
You have kubectl installed and configured to connect to your cluster.

6.1 Example 1: Deploying a Simple Nginx Pod

This playbook creates a simple Nginx pod in the default namespace.

“`yaml

playbook_nginx_pod.yaml

hosts: localhost
connection: k8s
gather_facts: false
tasks:
- name: Create an Nginx Pod
  k8s:
  state: present
  definition:
  apiVersion: v1
  kind: Pod
  metadata:
  name: my-nginx-pod
  labels:
  app: nginx
  spec:
  containers:
  – name: nginx
  image: nginx:latest
  ports:
  – containerPort: 80
  “`

To run this playbook:

bash ansible-playbook playbook_nginx_pod.yaml

Verify the pod creation using kubectl:

bash kubectl get pods

6.2 Example 2: Creating a Kubernetes Service

This playbook creates a Kubernetes service to expose the Nginx pod.

“`yaml

playbook_nginx_service.yaml

hosts: localhost
connection: k8s
gather_facts: false
tasks:

templates/nginx.conf.j2

No need to specify kubeconfig_path if it’s in the default location (~/.kube/config)

ansible_kubeconfig_path=/path/to/your/kubeconfig

playbook_nginx_pod.yaml

playbook_nginx_service.yaml

Leave a Comment Cancel Reply