diff --git a/README.md b/README.md index 734e10f9..1aa04754 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ Learn about Kubez Ansible by reading the documentation online [kubez-ansible](ht - [Dashboard](docs/apply/dashboard.md) - [Metrics Server](docs/apply/metrics.md) - [MetalLB](docs/apply/metallb.md) + - [Cilium&Hubble](docs/apply/cilium.md) - 日志监控 - [Loki](docs/apply/loki.md) - [Grafana](docs/apply/grafana.md) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index dd25b8e7..01e372e8 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -429,6 +429,13 @@ dashboard_namespace: "{{ kubez_namespace }}" dashboard_vip_address: "" dashboard_node_port: 30001 +################ +# Cilium Options +################ +enable_cilium: "no" +cilium_chart_version: 1.14.5 +cilium_namespace: kube-system + ########################## # Helm Chart Applications ########################## @@ -469,6 +476,8 @@ enable_charts: enabled: "{{ enable_fluentd | bool }}" - name: chaos-mesh enabled: "{{ enable_chaos_mesh | bool }}" + - name: cilium + enabled: "{{ enable_cilium | bool }}" charts: prometheus: @@ -754,3 +763,18 @@ charts: chaosDaemon.runtime: "{{ runtime }}" chart_extra_flags: - create-namespace + + cilium: + name: cilium + namespace: "{{ cilium_namespace }}" + repository: + name: cilium + url: https://helm.cilium.io/ + chart: + path: cilium/cilium + version: "{{ cilium_chart_version }}" + chart_extra_vars: + hubble.relay.enabled: 'true' + hubble.ui.enabled: 'true' + chart_extra_flags: + - reuse-values diff --git a/docs/apply/cilium.md b/docs/apply/cilium.md new file mode 100644 index 00000000..55cfee11 --- /dev/null +++ b/docs/apply/cilium.md @@ -0,0 +1,37 @@ +# Cilium & Hubble + +## 依赖条件 + +- 运行正常的 `kubernetes` ( v1.21+ )环境。安装手册参考 [高可用集群](https://github.com/gopixiu-io/kubez-ansible/blob/master/docs/install/multinode.md) 或 [单节点集群](https://github.com/gopixiu-io/kubez-ansible/blob/master/docs/install/all-in-one.md) +- Linux kernel >= 4.9.17 + +## 开启 Cilium 组件 + +1. 编辑 `/etc/kubez/globals.yml` + +2. 取消 `enable_cilium: "no"` 的注释,并设置为 `"yes"`,设置Cilium的版本 `cilium_chart_version: "1.16.1"` + + ```yaml + ################ + # Cilium Options + ################ + enable_cilium: "yes" + cilium_chart_version: "1.14.5" + ``` + +3. 执行安装命令(根据实际情况选择) + + ```shell + # 单节点集群场景 + kubez-ansible apply + # 高可用集群场景 + kubez-ansible -i multinode apply + ``` + +4. 部署完验证 + + ```shell + [root@VM-16-11-centos ~]# kubectl get pods -n Cilium-system + NAME READY STATUS RESTARTS AGE + Ciliumd-5b86c45f48-mjzsd 1/1 Running 0 2m49s + ``` \ No newline at end of file diff --git a/etc/kubez/globals.yml b/etc/kubez/globals.yml index a85198e1..ba87ae49 100644 --- a/etc/kubez/globals.yml +++ b/etc/kubez/globals.yml @@ -355,3 +355,12 @@ s3: #chaos_mesh_namespace: "{{ kubez_namespace }}" #socket_path: /var/run/docker.sock #runtime: docker + + +################ +# Cilium Options +################ +# https://docs.cilium.io/en/stable/overview/intro/ +#enable_cilium: "no" +#cilium_chart_version: 1.14.5 +#cilium_namespace: kube-system