Kubespray: Ansible-based Kubernetes cluster deployment
Production-grade Kubernetes deployment via Ansible playbooks.
Learn more about Kubespray
Kubespray is a deployment tool built on Ansible that provisions and configures Kubernetes clusters from scratch. It uses Ansible playbooks to orchestrate cluster setup across bare metal, cloud providers (AWS, GCE, Azure, OpenStack, vSphere, Equinix Metal), and other infrastructure platforms. The tool supports multiple Linux distributions including Debian, Ubuntu, CentOS/RHEL, Fedora, and others, with configurable components for container runtimes (Docker, containerd, CRI-O) and networking solutions. Common deployment scenarios include setting up highly available production clusters, air-gapped installations, and multi-node Kubernetes environments across heterogeneous infrastructure.
Infrastructure-Agnostic Deployment
Single Ansible playbook set deploys across bare metal, AWS, GCE, Azure, OpenStack, and vSphere without infrastructure-specific tooling. Eliminates the need to maintain separate deployment pipelines for heterogeneous environments.
Composable Component Architecture
Configure network plugins, container runtimes, and cluster components through Ansible variables without modifying core playbooks. Swap between containerd, CRI-O, or Docker and choose from multiple CNI providers using declarative configuration.
Broad OS Compatibility
Deploys Kubernetes clusters on multiple Linux distributions including Ubuntu, CentOS, Rocky Linux, and Debian. Unified playbooks adapt to distribution-specific package managers and init systems automatically.
from ansible import context
from ansible.executor.playbook_executor import PlaybookExecutor
from ansible.inventory.manager import InventoryManager
from ansible.parsing.dataloader import DataLoader
from ansible.vars.manager import VariableManager
loader = DataLoader()
inventory = InventoryManager(loader=loader, sources='inventory/mycluster/inventory.ini')
variable_manager = VariableManager(loader=loader, inventory=inventory)
executor = PlaybookExecutor(playbooks=['cluster.yml'], inventory=inventory, variable_manager=variable_manager, loader=loader, passwords={})
executor.run()Final version supporting Ingress NGINX before removal, adds RockyLinux 10 support and improves container runtime configuration.
- –Ingress NGINX is sunset. This is the final version supporting Ingress NGINX
- –Removed deprecated runtimeengine and runtimeroot keys from containerd configuration
- –Crio: add option pullprogresstimeout
- –Fixed kubevipversion variable for managing kube-vip version instead of kubevipimage_tag
- –RockyLinux 10 support (experimental)
Fixes Calico RBAC permissions, Cilium load balancer rendering, and external etcd member removal issues.
- –Fix Calico apiserver RBAC permissions for Kubernetes 1.33+
- –Fix Cilium loadBalancer.mode rendering in Kubespray values template
- –Fix Calico: Add missed rbac verb watch for hostendpoints
- –Removing external etcd member now works without erroring out
- –kubernetes 1.33.7
Changes cluster host management, adds Cilium configuration options, and improves OpenStack load balancer support.
- –/etc/hosts/ is no longer populated with all cluster nodes
- –A new sysctl_ignoreerrors value allows ignoring errors about unknown keys
- –Add ciliuminstallextra_flags variable
- –Add externalopenstacklbaasmembersubnet_id to define specific member-subnet-id for OpenStack load balancers
- –Add support for containerdextraruntime_args variable for additional runtime configuration
Top in Cloud & DevOps
Related Repositories
Discover similar tools and frameworks used by developers
Azure CLI
Cross-platform CLI for managing Azure resources through commands and automation scripts.
cAdvisor
Daemon for monitoring container resource usage and metrics.
AWX
Django-based control plane for centralized Ansible management.
Portainer
Web-based management platform for multi-orchestrator container environments.
Blackbox Exporter
Prometheus exporter for blackbox probing of network endpoints over HTTP, TCP, DNS, ICMP, and gRPC protocols.