HomeLab – Cloning Workers and Verifying Ansible Connectivity – Day 2

DevOps, Homelab For Devops, Linux, Virtualization
Day 2 - HomeLab – Cloning Workers and Verifying Ansible Connectivity

Goal: Create two worker VMs (k3s-w1k3s-w2), set static IPs on vmnet1, update the Ansible inventory, and confirm connectivity with ansible -m ping.

Host reference: Kubuntu 25 (fullstacklab.site), user stackadmin. Network: vmnet1 Host-only 192.168.56.0/24 (DHCP off), vmnet8 NAT (DHCP on).

Step 1 — VMware networking (Host-only + NAT)

Start with your Base Template snapshot gold. Create two Full Clones: k3s-w1 and k3s-w2. Keep ens33 on vmnet1 (Host-only) with a static IP and ens34 on vmnet8 (NAT) using DHCP.

Step 2 — Configure netplan on each worker

On each worker VM, create or edit /etc/netplan/01-lab.yaml and apply a static address on ens33 for vmnet1. Keep ens34 on DHCP for Internet access via NAT.

network:
  version: 2
  ethernets:
    ens33:   # vmnet1 (Host-only)
      addresses: [192.168.56.11/24]   # on k3s-w1
      # addresses: [192.168.56.12/24] # on k3s-w2
    ens34:   # vmnet8 (NAT)
      dhcp4: true
sudo netplan apply
ip -br addr
sudo hostnamectl set-hostname k3s-w1   # or k3s-w2

Step 3 — Update the Ansible inventory and test

[k3s_master]
k3s-master ansible_host=192.168.56.10 ansible_user=stackadmin

[k3s_workers]
k3s-w1 ansible_host=192.168.56.11 ansible_user=stackadmin
k3s-w2 ansible_host=192.168.56.12 ansible_user=stackadmin

[all:vars]
ansible_become=true
ansible -i ansible/inventory/hosts.ini k3s_workers -m ping
ansible -i ansible/inventory/hosts.ini all -m ping

Handling sudo during connectivity tests

# Quick connectivity test without sudo

ansible -i ansible/inventory/hosts.ini k3s_workers -m ping -e 'ansible_become=false'

# Prompt for sudo password when needed

ansible -i ansible/inventory/hosts.ini k3s_workers -m ping -b -K

# Lab NOPASSWD (fast playbooks during practice)

echo 'mocco ALL=(ALL) NOPASSWD:ALL' | sudo tee /etc/sudoers.d/90-stackadmin-nopasswd >/dev/null
sudo chmod 0440 /etc/sudoers.d/90-stackadmin-nopasswd
sudo visudo -cf /etc/sudoers.d/90-stackadmin-nopasswd

Troubleshooting

  • No SSH? Check ~/.ssh/authorized_keys (600), systemctl status ssh, and firewall sudo nft list ruleset.
  • Wrong interface names? Use ip -br link and adapt Netplan.
  • Ping fails? Confirm hostnames/IPs; try -e 'ansible_become=false' to isolate SSH from sudo.
  • Connectivity issues? ss -lntp and journalctl -u ssh -e on workers.

What’s next (Day 3)

Install k3s (single master, two workers) with Ansible, copy kubeconfig to your user, and verify kubectl get nodes. Optionally enable metrics-server and prepare for Ingress.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.