Install a Multi-Master Kubernetes Cluster with Ansible

We are going to build a highly available Kubernetes homelab cluster with three control plane nodes and three worker nodes using Ansible.


Ansible playbooks are based on the Kubernetes homelab deployment that has been covered in this article.

Ansible Homelab Update Log

May 2024

Ansible version has been upgraded to 9.3. Python has been upgraded to 3.11

August 2023

Ansible version has been upgraded to 8.2.

Introduction of Ansible-lint pre-commit hook.

March 2022

Ansible code has been migrated from lisenet/kubernetes-homelab to its own GitHub repository lisenet/homelab-ansible.

March 2021

Initial release that uses Ansible 2.9.

Download Files from GitHub

Ansible configuration files used in this article are hosted on GitHub. Clone the following repository:

$ git clone

Note that this homelab project is under development, therefore please refer to GitHub for any source code changes.

Configure SSH Access to Ansible Managed Hosts

Add your public SSH key to the following file ./roles/hl.users/files/

Configure passwordless root SSH authentication from some device where Ansible is installed (e.g. your laptop) to all managed nodes:

$ for i in $(seq 1 6);do ssh-copy-id -f -i ./roles/hl.users/files/ [email protected]${i};done

Create Ansible Vault to Store User Password

Create a file vault.key to store your Ansible vault secret. See ansible.cfg for vault_password_file. Use Ansible vault to create an encrypted file ./roles/hl.users/defaults/secure.yml to store your user password:

$ ansible-vault create ./roles/hl.users/defaults/secure.yml

The variable for user password is “user_password”.

Use Ansible to Install Kubernetes

Run the playbook to configure Kubernetes hosts:

$ ansible-playbook ./playbooks/configure-k8s-hosts.yml

Run the playbook to configure Kubernetes cluster:

$ ansible-playbook ./playbooks/configure-k8s-cluster.yml

4 thoughts on “Install a Multi-Master Kubernetes Cluster with Ansible

  1. i keep getting this erro :/(

    tried everything just about
    failed: [] (item={‘name’: ‘ansible’, ‘password’: ‘defined in secure.yml as user_password’}) => changed=false
    ansible_loop_var: item
    name: ansible
    password: defined in secure.yml as user_password
    msg: |-
    useradd: Permission denied.
    useradd: cannot lock /etc/passwd; try again later.
    name: ansible

Leave a Reply

Your email address will not be published. Required fields are marked *